Category Archives: Risk Management

What Could Go Wrong? Crisis Communications Preparedness for Board Directors

by Cari Robinson and Amelia Fogg

Left to right: Cari Robinson and Amelia Fogg (photos courtesy of the authors)

It is essential for board directors to understand and test whether their companies are prepared to handle unexpected and critical situations. In most cases, it falls to management to run point during a crisis, but boards are responsible for overseeing the company’s response, monitoring the situation, providing guidance and support, and making key decisions throughout the crisis. In addition to ensuring response plans are in place, directors must also understand how vital effective communication is for navigating and recovering from a crisis, as a company’s response to a crisis (or lack thereof) often defines reputational impact more than the issue itself. Clear, credible, and timely communication helps control the narrative, demonstrates accountability, and builds trust. However, saying the wrong thing in a crisis can erode trust, inflame the situation and subject the board and the company to unnecessary risk and liability.

Continue reading

CPPA Adopts Long Awaited Rulemaking Package

by Avi Gesser, Johanna N. Skrzypczyk, HJ Brehmer, and Melyssa Eigen

Left to right: Avi Gesser, Johanna N. Skrzypczyk, HJ Brehmer, and Melyssa Eigen (photos courtesy of Debevoise & Plimpton LLP)

The California Privacy Protection Agency (the “CPPA”) Board met on July 24, 2025, to decide whether to adopt its comprehensive rulemaking package covering cybersecurity audits, automated decision-making technology, and other adjustments to its existing regulations (collectively, the “Draft Regulations”). We have written about these topics in December 2024, February 2025, and May 2025 respectively. Ultimately, after its initial 45-day comment period and additional revisions, the Board decided to finalize the text of the rulemaking package (the “Regulations”).

Continue reading

Second Circuit Reinstates FIFA Bribery Convictions, Reviving Honest Services Fraud Prosecutions for Foreign Commercial Bribery

by David A. Last, Rahul Mukhi, Victor L. Hou, Lisa Vicens, Matthew M. Yelovich, and Sarah Pyun

From left to right:  David A. Last, Rahul Mukhi, Victor L. Hou, Lisa Vicens, Matthew M. Yelovich, and Sarah Pyun (photos courtesy of Cleary Gottlieb Steen & Hamilton LLP)

In a significant decision with broad implications for companies and individuals operating internationally, the U.S. Court of Appeals for the Second Circuit has reversed the acquittal of a former media executive and a sports marketing company in the long-running FIFA bribery investigation.[1]  The ruling reinstates jury convictions for honest services wire fraud and money laundering conspiracy, holding that the federal honest services fraud statute, 18 U.S.C. § 1346, can apply to foreign commercial bribery schemes.[2]

Continue reading

Board Priorities in a Geopolitical Landscape: Risk, Compliance, and Supply Chain Resilience

This post comes from a webinar with Bets Lillo, Edward Knight, Will A. Clarke, and Jana del-Cerro delivered on May 22, 2025. They offered a clear-eyed view of how boards and executive management must adapt to effectively lead amid a world where national security, economic policy, and supply chain resilience are deeply intertwined. Five key takeaways from their discussion are outlined below, alongside practical implications for boardroom oversight and planning.

Photos of the authors

From left to right: Bets Lillo, Edward Knight, Will A. Clarke, and Jana del-Cerro (photos courtesy of authors).

As the impact of global interdependencies becomes increasingly complex, boards and executive management are guiding and governing their companies in an unpredictable environment. That was the central theme of the recent May 2025 webinar, Geopolitical Issues Impacting Global Supply Chains and National Security, hosted by the Nasdaq Center for Board Excellence and the Program on Corporate Compliance and Enforcement at NYU School of Law

Continue reading

Retheorizing Compliance: Moving from Defense to Offense in Uncertain Times

by Todd Haugh and Suneal Bedi

Left to right: Todd Haugh and Suneal Bedi (photos courtesy of the authors)

The Trump administration—Trump 2.0, as some are calling it—is moving at unprecedented speeds to remake how government regulates business. In the administration’s first 100 days alone budgets and personnel have been downsized at the IRS, EPA, CFPB, and FTC, among other agencies. Enforcement of the FCPA has been paused, more than a dozen inspector generals have been removed from their posts, and the newly confirmed Attorney General and FBI Director are expected to work in tandem to drastically refocus civil and criminal enforcement.   

Continue reading

European Union, United Kingdom Competition and Markets Authority Impose More Than €549 Million in Fines on Major Car Manufacturers for 15-Year Cartel Involving Vehicle Recycling

by Jonathan J. Rusch

photo of author

Photo courtesy of the author

On April 1, the European Commission (EC) and the United Kingdom Competition and Markets Authority (CMA) simultaneously announced that they had imposed fines collectively totaling more than €549 million against a total of 17 leading car manufacturers and two trade groups, the European Automobiles Manufacturers’ Association (ACEA) and the Society of Motor Manufacturers & Traders (SMMT), for conducting a more than 15-year cartel pertaining to “end-of-life” vehicle recycling.[1]

Continue reading

Lessons Learned: One Year of Form 8-K Material Cybersecurity Incident Reporting

by Charu A. ChandrasekharErez LiebermannBenjamin R. Pedersen, Paul M. RodelMatt Kelly, Anna Moody, John Jacob, and Talia Lorch 

Photos of authors.

Top (left to right): Charu A. Chandrasekhar, Erez Liebermann, Benjamin R. Pedersen, and Paul M. Rodel. Bottom (left to right): Matt Kelly, Anna Moody, John Jacob, and Talia Lorch. (Photos of courtesy of Debevoise & Plimpton LLP)

On December 18, 2023, the Securities and Exchange Commission’s (the “SEC”) rule requiring disclosure of material cybersecurity incidents became effective. To date, 26 companies have reported a cybersecurity incident under the new Item 1.05 of Form 8-K (“Item 1.05”). After over a year of mandatory cybersecurity incident reporting, we examine the key trends and takeaways.

Key Takeaways from a Year of Cybersecurity Incident Reporting on Form 8-K

In early 2024, companies filed a flurry of Forms 8-K under Item 1.05, which stated that the relevant cybersecurity incidents did not have material impacts on the companies’ financial conditions or results of operations. These disclosures were in response to the SEC’s rules requiring that cybersecurity incident disclosures include a description of “the material aspects of the nature, scope, and timing of the incident, and the material impact or reasonably likely material impact on the issuer, including its financial condition and results of operations.” Following these disclosures, the SEC clarified its expectations for cybersecurity incident reporting in a statement issued by the Director of the SEC’s Division of Corporation Finance (the “Statement”), as well as through several comment letters issued by the Staff of the SEC (the “Staff”) to companies which filed Item 1.05 Forms 8-K.

Continue reading

For AI Innovators Seeking to Mitigate the Risks of Regulatory Uncertainty, It Pays to Remember the Fundamentals

by Charles V. Senatore

Photo of the author.

Photo courtesy of the author

For many years, regulatory uncertainty in the United States has been part of the landscape for innovators, particularly with the rise of emerging technologies such as cryptocurrencies, blockchain, and artificial intelligence.  It can, unfortunately, thwart the progress of responsible innovation and place our innovators at a competitive disadvantage. 

We recently have seen a dramatic example of regulatory uncertainty in the artificial intelligence space. 

Continue reading

President Trump Imposes Additional Tariffs on China, Delays Tariffs on Canada and Mexico

by Chase D. Kaniecki, Catherine Johnson, and Alexi T. Stocker

Photos of the authors

Chase D. Kaniecki and Alexi T. Stocker. Not pictured: Catherine Johnson. (Photos courtesy of Cleary Gottlieb Steen & Hamilton LLP)

On February 1, President Trump issued executive orders imposing sweeping tariffs on products of Canadian, Mexican, and Chinese origin pursuant to his authority under the International Emergency Economic Powers Act, 50 U.S.C. 1701, et seq. (IEEPA), after expanding previously-declared national emergencies to respond to the “extraordinary threat posed by illegal aliens and drugs, including deadly fentanyl.”  

Continue reading

Thoughts for Boards: Key Issues in Corporate Governance for 2025

by Martin Lipton, Steven A. Rosenblum, Karessa L. Cain, Elina Tetelbaum, and Hannah Clark

Photos of the authors

Left to right: Martin Lipton, Steven A. Rosenblum, Karessa L. Cain, Elina Tetelbaum, and Hannah Clark (photos courtesy of Wachtell, Lipton, Rosen & Katz)

As we look ahead to the challenges and opportunities facing boards of directors in this new year, it is illuminating to reflect on how much has changed in corporate governance. Over the last five decades, we have been on the front lines with our clients as the evolution of corporate governance has been propelled by multiple crises and systemic shocks—including the Enron and WorldCom scandals and ensuing Sarbanes-Oxley legislation, which prompted incremental layers of disclosure and regulations, followed by the financial crisis and subsequent Dodd-Frank reforms, and most recently the Covid pandemic, which intensified the spotlight on ESG and stakeholder governance. In the private ordering arena, ISS and shareholder activists were remarkably successful in changing the status quo for once-common governance features like staggered board structures, and we saw the shelving of poison pills—a defense we originated and subsequently defended in Moran, Airgas and other cases. These trends have, in turn, increased the prevalence and omnipresent threat of proxy fights. And as the corporate governance debates have continued to evolve, we have seen institutional investors become increasingly active participants, with detailed and often diverging policies setting forth their priorities, preferences and perspectives on issues ranging from climate disclosures to DEI to over-boarded directors. The compounding effect is that boards today are expected to navigate a corporate governance landscape that has become much more complex and nuanced, with an expanding set of expectations for their oversight role and responsibilities.

Continue reading