Category Archives: Compliance

What Employers Need To Know About California’s New #Metoo Laws

by Elizabeth A. Ising, Stewart L. McDowell, Jason C. Schwartz, Katherine V.A. Smith, Lori Zyskowski, Sean Sullivan, Elizabeth A. Dooley, Alice YN Ha, Jordan E. Johnson, Dustin G. May, Arturo Pena Miranda, and Matthew T. Sessions

On September 30, 2018, Governor Edmund G. Brown signed several new workplace laws, and vetoed others, that arose out of the #MeToo movement.  We briefly review the newly signed legislation and also highlight bills that Governor Brown rejected.  Unless otherwise indicated, these new laws will take effect on January 1, 2019.  Continue reading

New York Office Of The Attorney General Publishes Report On Virtual Currency Platforms And Their Potential Risks

by Arthur S. Long, Carl E. Kennedy, and Jeffrey L. Steiner

This post reviews the New York State Office of the Attorney General’s (the “OAG”) Virtual Markets Integrity Initiative Report (the “Report”), which was published on September 18, 2018.[1]  The publication of the OAG’s 42-page Report brings to a close its six-month fact-finding inquiry of several virtual currency platforms.[2]  The OAG sent out detailed letters and questionnaires to a number of virtual currency platforms seeking information from the platforms across a wide-range of issues, including trading operations, fees charged to customers, the existence of robust policies and procedures, and the use of risk controls.  Continue reading

Court Of Appeal In London Overturns Widely Criticised High Court Judgment In SFO V ENRC

by Patrick Doris, Sacha Harber-Kelly, Richard Grime, and Steve Melrose

I. Introduction

Today the Court of Appeal of England and Wales issued its judgment in The Director of the Serious Fraud Office and Eurasian Natural Resources Corporation Limited[1] regarding the privileged nature of documents created in the context of an internal investigation.

The Court of Appeal reversed the High Court’s decision and found that all of the interviews conducted by ENRC’s external lawyers were covered by litigation privilege, and so too was the work conducted by the forensic accountancy advisors for the books and records review. The Court of Appeal found that ENRC did in fact reasonably contemplate prosecution when the documents were created. Moreover, while determining that it did not have to decide the issue, the Court of Appeal also stated that it may also have departed from the existing narrow definition of “client” for legal advice privilege purposes in the context of corporate investigations. Continue reading

You Want What?: Responding to Individual Requests Under the GDPR

 by Jeremy Feigelson, Jane Shvets, and Christopher Garrett

With the EU General Data Protection Regulation (“GDPR”) in force for less than two months, many companies are already experiencing an increase in requests from individuals seeking to obtain a copy, or request correction or erasure, of their personal data under Articles 15 to 17 of the GDPR.

Do we have to respond?

Yes. A response is required even if the response is that the company will not honour the request because a relevant exemption applies. Continue reading

Department of Justice Offers Incentive for Antitrust-Based Corporate Compliance

by Michael W. Peregrine and Mary N. Strimel

Board-level audit and compliance committees should support efforts to revise the organizational compliance plan to incorporate specific provisions focused on antitrust law-related guidelines.  This is especially important given the Department of Justice’s (“DOJ”) plans to credit pre-existing compliance programs that incorporate such provisions.  A company’s General Counsel, perhaps teaming with the Chief Compliance Officer, can support the committee in this initiative.

In a recent speech,[1] Principal Deputy Assistant Attorney General (“DAAG”) Andrew Finch stated that the Antitrust Division is examining whether, and to what extent, to recognize and credit pre-existing compliance programs, potentially during charging or at sentencing.  This consideration might mirror the approach taken by the Canadian Competition Bureau, which announced last month that it would recommend fine discounts of up to 20% for companies that have a “credible and effective” compliance program.[2]  Continue reading

Potholes in Compliance: Hidden Risks Under Rule 506(d)’s Bad Actor Disqualification

by Joshua Pirutinsky

I. Introduction

Sometimes the unexpected happens. But preparing for the unexpected is the essence of the compliance function. The failure to effectively prepare for risks unrelated to your core business can be disastrous.  A seemingly innocuous compliance breach could disqualify your firm from participating in a private offering of securities under Rule 506(d), known as the “Bad Actor” Disqualification.   Being a Bad Actor can have detrimental, if not fatal, consequences for your firm – hence the critical importance of making known certain unknowns. Continue reading

Extending the “Failure to Prevent” Model of Corporate Criminal Liability in the UK

by Liz Campbell

Prosecuting corporate criminality is not straightforward. As a result of these difficulties, the UK Parliament is turning to an indirect form of corporate criminal liability: the Bribery Act 2010 introduced the corporate offence of failure to prevent bribery (FtPB), and this provision has been emulated with respect to the failure to prevent the facilitation of tax evasion in the Criminal Finances Act 2017.  

In brief, a relevant commercial organisation (C) is guilty of FtPB if a person associated with C bribes another person with the intention of obtaining or retaining business or an advantage for C.  An ‘associated’ person is an individual or body who ‘performs services’ for or on behalf of the organisation, and this definition was framed broadly intentionally.[1]  Crucially, the corporate entity can rely on the section 7(2) defence that it had “adequate procedures” in place designed to prevent persons associated with it from bribing. Continue reading

Repeat Corporate Misconduct

by Veronica Root

But for other more salacious political concerns, the biggest story of the last couple weeks likely would have been Mark Zuckerberg’s testimony before Congress.  Zuckerberg spent two days answering hundreds of questions from lawmakers.[1]  Much of the questioning was concerned with Facebook’s protection, or alleged lack thereof, of its users’ privacy.  The testimony, however, once again raises questions about how companies that engage in repeated instances of misconduct should be sanctioned. Continue reading

The Evolving First Line of Defense

by Michael Held

Keynote Address

Good morning.  It’s an honor to join you at the 1LoD Summit.  The views I express today are my own, not necessarily those of the Federal Reserve Bank of New York or the Federal Reserve System.[1]

I’ve heard it said that being in the risk control business can be, and often is, a thankless task. We get all the blame when something goes wrong, and none of the glory when things go right.  So, I want to start my remarks with a word of gratitude to you, my fellow travelers in the world of risk controls.  Thank you—not just for the invitation to speak today, but also for the work you perform each day at your firms. 

The growing sophistication and stature of the first line of defense is, in my view, an unqualified improvement in corporate governance—especially at financial firms.  Let’s begin with what you are defending.  Continue reading

FinCEN Releases Frequently Asked Questions Regarding Customer Due Diligence and Beneficial Ownership Requirements

by David S. Cohen, Franca Harris Gutierrez, Sharon Cohen Levin, Jeremy Dresner and Michael Romais

Last week the Financial Crimes Enforcement Network (FinCEN) issued much-anticipated Frequently Asked Questions (PDF: 387 KB) (FAQs) that provide additional guidance to financial institutions relating to the implementation of the new Customer Due Diligence Rule (CDD Rule), set to go into effect on May 11, 2018.[1] In general, the FAQs clarify certain issues that have caused implementation challenges for financial institutions. While FinCEN’s earlier guidance provided a general overview of the CDD Rule—including the purpose of the rule, the institutions to which it is applicable, and some relevant definitions—the new FAQs provide greater detail for financial institutions seeking to comply with the CDD Rule. The FAQs are meant to assist covered financial institutions in understanding the scope of their customer due diligence (CDD) obligations, as well as the rule’s impact on their broader anti-money laundering (AML) compliance. While the guidance is helpful in clarifying some of FinCEN’s expectations, the implementation challenge lies in applying the CDD Rule to a financial institution’s specific products and services.

As financial institutions work to meet the CDD Rule’s fast-approaching May 11 compliance deadline, they should pay special attention to the following key areas summarized below. Continue reading