10 Steps to Identify and Manage Tariff Risks and Opportunities

by Jonny Frank and Laura Greenman

Jonny Frank and Laura Greenman (photos courtesy of StoneTurn Group, LLP)

This article builds on Tariffs Meet COSO: A Two-Way Street to Risk & Opportunity Management,which introduces the COSO Integrated Internal Control Framework and explains how to use it to meet tariff operations, reporting and compliance objectives. Here, we present a 10-step process for using COSO’s risk assessment component to avoid tariff under- and overpayments, mitigate legal and reputational harm and identify potential opportunities for operational efficiencies.

Continue reading

The Federal Financial Institution Regulators’ New Guidance on Filing Suspicious Activity Reports

by Jonathan J. Rusch

photo of the author

Photo courtesy of the author

Under the Bank Secrecy Act and regulations thereunder, financial institutions have long been required to file Suspicious Activity Reports (SARs) on a wide range of possible criminal activities with federal financial institution regulators.  Over the past two decades, criminal and civil enforcement authorities have imposed BSA-related financial penalties in numerous cases for failure to file or untimely filing SARs.[1]  At the same time, many in the financial sector have complained about the burdensomeness and questioned the value of SAR preparation.[2]

On October 9, the five federal financial institutions regulators (i.e., the Financial Crimes Enforcement Network, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, the National Credit Union Administration, and the Office of the Comptroller of the Currency) jointly issued a document titled “Frequently Asked Questions Regarding Suspicious Activity Reporting Requirements” (SAR FAQs).[3]  The SAR FAQs stated that “[t]he answers to these FAQs clarify regulatory requirements related to SARs to assist financial institutions with their compliance obligations while enabling institutions to focus resources on activities that produce the greatest value to law enforcement agencies and other authorized government users of Bank Secrecy Act (BSA) reporting.”[4]

Continue reading

No Good Deed: Privilege is at Risk When the Government Directs Your Company’s Internal Investigation

by Jeffrey P. Schomig

Photo courtesy of Wilmer Cutler Pickering Hale and Dorr LLP.

It is a familiar scene in corporate governance:  A company learns of potential malfeasance within its ranks.  Its board forms a special committee and hires outside counsel to conduct an internal review.  Outside counsel interviews key employees and prepares a detailed account of events which it presents to the board. The board then decides whether to part ways with any employees who breached company policy or broke the law. 

A key additional decision facing the company is whether to cooperate with government authorities, some of whom may already be investigating the incident.  For many (if not most) companies, this is a decision in theory only.  Failure to cooperate can result in reputational harm among the public and stockholders, massive fines or even indictment of the company – an event that many company counsel and their boards fear could be a mortal blow.[1] 

Continue reading

Federal AI Contracts and the New Era of False Claims Act Enforcement

by Henry Fina and Matthew P. Suzor 

Left to right: Henry Fina and Matthew P. Suzor (photos courtesy of Miller Shah LLP)

The explosion of the Artificial Intelligence market has drawn capital investment from almost every corner of the economy. The federal government is no exception. Between FY 2022 and 2023, the potential value of federal AI contracts increased from approximately $356 million to $4.6 billion. In July 2025, the Trump Administration released its AI Action Plan, outlining government initiatives to aggressively deploy AI in the health and defense sectors. Accordingly, the Department of Health and Human Services (HHS) and Department of Defense (DoD) have increased funding allocations toward AI contracts. As contractors compete for increasingly valuable awards with limited oversight, the potential for misrepresented capabilities and compliance gaps grows. While the industry’s strong tailwinds may translate into lucrative opportunities for investors and entrepreneurs, for qui tam litigators, the expansion of publicly contracted AI services signals a new frontier for False Claims Act (FCA) enforcement. In turn, the FCA will be essential in ensuring accountability as federal agencies gradually adjust oversight mechanisms to handle the inconsistent reliability and limited technological opacity of AI models.

Continue reading

SEC Chairman Announces Reforms to Wells Process and Settlement Procedures

by Courtney Andrews, Darryl Lew, Tami Stark, and Olivia Hussey

Photos of authors.

Courtney Andrews, Darryl Lew, Tami Stark, and Olivia Hussey (Photos courtesy of White & Case)

On October 7, 2025, U.S. Securities and Exchange Commission (“SEC” or “Commission”) Chairman Paul S. Atkins announced procedural reforms aimed at enhancing fairness and transparency in the agency’s enforcement program.[1] Chairman Atkins emphasized that the reforms focus on the SEC’s three-part mission: to protect investors; to maintain fair, orderly, and efficient markets; and to facilitate capital formation. These changes will have implications for companies and individuals facing potential enforcement actions.

Continue reading

From Peanuts to Elephant-Sized Penalties:  A Fresh Look at Recent U.S. Export Controls Enforcement Developments & Future Trends

by Brent Carlson

Photo courtesy of the author

Export controls penalties that were previously peanuts compared to FCPA penalties are now becoming more like elephants, with the “high probability” standard driving the stampede.

On July 28, 2025, DOJ and BIS announced a $140 million resolution with an electronic design automation (“EDA”) exporter via a guilty plea[1] and BIS settlement[2] over exports to China.

The BIS settlement turned on what the exporter had “reason to know, including awareness of a high probability” (aka the “high probability” standard), and not just actual knowledge—an escalation in BIS’s use of the full definition of “knowledge” under the U.S. Export Administration Regulations (“EAR”).[3] Recent BIS guidance in July 2024, October 2024, and May 2025 foreshadowed this shift,[4] as did an August 15, 2025, $5.8 million settlement.[5]

For practical guidance on the “high probability” standard, see prior “Fresh Looks” posts.[6]

This recent case also warrants an update of the November 14, 2023, comparison of export controls and FCPA enforcement, which likewise leveraged the “high probability” standard.[7]

Continue reading

Sixth Circuit Reaffirms Privilege and Work-Product Protections in Internal Investigations

by David B. Anders, Randall W. Jackson, and Michael W. Holt

PHOTOS OF AUTHORS

Left to right: David B. Anders, Randall W. Jackson, and Michael W. Holt (photos courtesy of Wachtell, Lipton, Rosen & Katz)

Conducting an internal investigation in a disciplined and organized way is essential to protecting privilege.  A recent decision of the U.S. Court of Appeals for the Sixth Circuit, In re FirstEnergy Corporation, No. 24-3654 (Oct. 3, 2025), underscores that courts will uphold attorney-client privilege and work-product protections where counsel directs the investigation and its legal purpose is clear—even when the resulting work also informs a company’s business decisions.  Continue reading

Do the Enforcement Choices Match the “America First” Antitrust Rhetoric?

by Bilal Sayyed

Bilal Sayyed (photo courtesy of Cadwalader, Wickersham & Taft LLP)

Gail Slater, the Assistant Attorney General for the Antitrust Division, Department of Justice, suggests that the antitrust leadership of both political parties “underenforced our century-old antitrust laws for several decades,” accepting “false economic theories of self-correction” of markets negatively impacted by anticompetitive conduct and dominant firms.  Gail Slater, The Conservative Roots of America First Enforcement (Apr. 28, 2025).  Federal Trade Commission Commissioner Mark Meador recently criticized “the monstrously swollen firms who’ve hollowed out communities, raised prices, distorted labor markets, corrupted the public square, or otherwise degraded quality across [the] economy.” “Antitrust enforcement is,” according to Meador, “one of the most powerful, economy-wide tools available for addressing” a “dehumanization of economic life” associated with “the size and power of the largest companies” that have “ballooned to unprecedented levels.” Mark Meador, Antitrust’s Populist Soul (Sept. 15, 2025). “Big is bad.” Mark Meador, Antitrust Policy for the Conservative (May 1, 2025).

Continue reading

Shareholder Activism: Ten Trends for 2026

by David Katz, Elina Tetelbaum, and Loren Braswell

Photos of authors

From left to right: David Katz, Elina Tetelbaum, and Loren Braswell (photos courtesy of Wachtell, Lipton, Rosen & Katz)

Shareholder activism is at record levels and is no longer limited to the “proxy season.” Dozens of U.S. activist situations are underway for 2026 annual meetings, well before the windows for nominations open at most targeted companies. Activists are preparing for the fall conference circuit at which they will debut many of their 2026 campaigns, already working behind the scenes at companies by contacting their management, directors, investors, employees, sell-side analysts, and other key constituencies. Here are ten trends to expect for the year ahead.

Continue reading

The Newest Form of the Romance Scam: Corporate Insider Fraud Through Outsider Threat – How AI is Allowing Scammers to Make it Appear that Authorized Employees are Conducting Authorized Activity When the Opposite is True

by Tom Melvin, Rich Kando, and Kevin Madura

Left to right: Tom Melvin, Rich Kando, and Kevin Madura (photos courtesy of AlixPartners LLP)

Today’s most-concerning corporate romance is not on Coldplay’s kiss cam. Artificial-intelligence (AI)-enabled document creation, synthetic IDs, face swapping, and impersonated voice overlays have made online scams more dangerous and more ubiquitous than ever. Armed with those new tools, scammers once used them primarily to defraud individuals, with an estimated loss of $75 billion[1] is targeting corporate bank accounts and data repositories. Enter the corporate romance scam as a direct threat to two of a company’s most highly valuable assets: cash and data.

Continue reading