Category Archives: Corporate Civil Liability

Global Magnitsky Sanctions Target Human Rights Abusers and Government Corruption Around the World

by David S. Cohen, Kimberly A. Parker, Jay Holtmeier, Ronald I. Meltzer, David M. Horn, Lillian Howard Potter, and Michael Romais

On December 20, 2017, President Trump issued a new Executive Order (EO) targeting corruption and human rights abuses around the world.

The EO implements last year’s Global Magnitsky Human Rights Accountability Act (the Global Magnitsky Act), which authorized the president to impose sanctions against human rights abusers and those who facilitate government corruption.[1] The US Department of the Treasury’s Office of Foreign Assets Control (OFAC), which will administer the EO, also added 15 individuals and 37 entities to its Specially Designated Nationals and Blocked Persons List (SDN List). Continue reading

Securities Fraud Class Action Suits following Cyber Breaches: The Trickle Before the Wave

by Michael S. Flynn, Avi Gesser, Joseph A. Hall, Edmund Polubinski III, Neal A. Potischman, Brian S. Weinstein, Peter Starr and Jessica L. Turner

Overview

Large-scale data breaches can give rise to a host of legal problems for the breached entity, ranging from consumer class action litigation to congressional inquiries and state attorneys general investigations.  Increasingly, issuers are also facing the specter of federal securities fraud litigation.[1]

The existence of securities fraud litigation following a cyber breach is, to some extent, not surprising.  Lawyer-driven securities litigation often follows stock price declines, even declines that are ostensibly unrelated to any prior public disclosure by an issuer.  Until recently, significant declines in stock price following disclosures of cyber breaches were rare.  But that is changing.  The recent securities fraud class actions brought against Yahoo! and Equifax demonstrate this point; in both of those cases, significant stock price declines followed the disclosure of the breach.  Similar cases can be expected whenever stock price declines follow cyber breach disclosures.  Continue reading

The Enforcement Outcomes of the Australian Securities and Investments Commission

By Ian Ramsay and Miranda Webster

The following post provides an overview of the key findings from our research on the enforcement outcomes of the Australian Securities and Investments Commission (ASIC) for the five-year period from 1 July 2011 to 30 June 2016. The full journal article can be accessed here.

ASIC is Australia’s corporate, markets, financial services and consumer credit regulator. This government organization regulates Australian companies, financial markets, financial services organisations and professionals who deal and advise in investments, superannuation, insurance, deposit taking and credit. ASIC dedicates a significant amount of resources (around 70%) to surveillance and enforcement activity, reflecting its view that enforcement is an important part of its regulatory role. Continue reading

Behind the Annual SEC Enforcement Report: 2017 and Beyond, Part II

by Urska Velikonja

The following is the second post in a series of three on recent SEC enforcement. The full report can be accessed here. A note of caution to the readers: the SEC does not share enforcement data. All three posts are based on a database of SEC enforcement actions I have put together along with several research assistants, covering the period between 2007 and 2017. The data was collected by hand, and reviewed at least once. Entries were compared with SEC releases and reports, but the chance of error remains.

I. Enforcement Against Entities

The first post observed that enforcement against individual defendants remained largely unchanged in the second half of the 2017 fiscal year. Enforcement against entities, on the other hand, has changed quite substantially. Fewer entities were targeted in actions brought in the second half of FY 2017: 34% of defendants (165 of 488) in standalone actions in the second half were entities, compared with 47% (201 of 427) in the first half of the year. Continue reading

Admitting Wrongdoing to the SEC: An Empirical Study of Admissions in SEC Settlements

by Verity Winship and Jennifer K. Robbennolt

What is the connection between what the SEC actually does and what it says it will do? In 2013, the SEC unveiled a new policy requiring some enforcement targets to admit wrongdoing when they settled with the agency. In An Empirical Study of Admissions in SEC Settlements, we analyze settlements from before and after the introduction of this policy to determine how the SEC’s practice lines up with its new approach to admissions. We find an uptick of admissions following the policy announcement, with the highest number in FY2016.  Using an inclusive definition of admissions, we identify fewer than one hundred settlements containing admissions that were announced during the seven years of our study (FY2011-FY2017). Continue reading

U.S. Buyer Of Looted Antiquities Pays Steep Price To U.S. Government: Hobby Lobby Forfeits Thousands of Ancient Iraqi Artifacts, Pays $3M, and Admits Fault To Settle Civil Forfeiture Action

by David W. Bowker, Sharon Cohen Levin, Michael D. Gottesman, Laura M. Goodall, Kelsey M. McGregor, and Aleksandr Sverdlik

The U.S. government’s settlement with Hobby Lobby on July 5, 2017 is part of its broader effort to combat trafficking in looted antiquities from the war-torn Middle East and to reduce market demand for such objects by punishing participants in the black market.  Having scored this high-profile settlement in an early test case, the U.S. government likely will try to build on this success with additional investigations and enforcement actions. Continue reading

Denials and Admissions in Civil Enforcement – Looking Beyond the SEC

by Verity Winship and Jennifer K. Robbennolt

Should agencies require admissions of guilt from the targets of civil enforcement?  The SEC’s policy of letting enforcement targets settle while neither admitting nor denying allegations provoked judicial rebukes and a public debate. But the SEC is only the tip of the iceberg. Administrative agencies rely heavily on settlement as a key enforcement tool.  Admissions of guilt—or, more commonly, declarations that nothing is admitted—form part of these settlement agreements and the underlying negotiations.

Our recent article, Admissions of Guilt in Civil Enforcement, uses the explicit debate over the SEC’s practices to draw attention to the high (and mostly unexamined) stakes of admissions for civil enforcement throughout the administrative system. Continue reading

SEC Private Equity Enforcement:  A More Aggressive Approach

by Andrew J. Lichtman and Howard S. Suskin

Over the last several years, the Securities and Exchange Commission (“SEC”) has targeted private equity funds for various fee allocation arrangements and conflicts of interest.  Rather than describing the fee practices as fraudulent, which would require a showing of scienter, the SEC has concluded that the private equity advisers committed disclosure violations.  However, a recent proceeding in which the SEC secured a settlement based on both breach of fiduciary duty and fraud may foreshadow a more aggressive approach.  Some context first. Continue reading

Third Circuit Finds FCRA Violation Alone Confers Standing for Data Breach Suit

by Thomas P. Kurland and Michael F. Buchanan

The United States Court of Appeals for the Third Circuit recently ruled that a data breach class action may proceed on the basis of a Fair Credit Reporting Act (FCRA) violation alone, even where the putative class members do not allege that they were actually harmed by the breach.  The ruling, which both relies on and distinguishes the Supreme Court’s recent analysis of FCRA standing in Spokeo v. Robins, suggests that at least in the Third Circuit, “injury” from a data breach may be presumed from the fact of the breach itself.  This, in turn, could have the effect of expanding potential liability for any consumer-facing entity that suffers a breach.

The case, In re: Horizon Healthcare Services Inc. Data Breach Litigation, stems from a theft of two laptop computers in November 2013 from Horizon, a New Jersey health insurer with over 3.7 million members.   Continue reading

Beyond Caremark: Individual and Corporate Liability Considerations

by Michael W. Peregrine

Delaware court interpretations of the Caremark standard provide a daunting pleading barrier to derivative actions based on alleged breach of compliance oversight responsibilities. The Chancery Court’s October 18 decision in Reiter v. Fairbank is particularly notable for its thoughtful analysis of the duty of oversight. But corporate leadership should recognize that these decisions may not provide impenetrable protection to them, and to the corporation, from compliance-based liability exposure, especially in the current individual accountability environment. Continue reading