Second Circuit Holds that Term Loan Is Not a Security

by Josh A. Feltman, Emil A. Kleinhaus, Michael H. Cassel, and Mitchell S. Levy

From left to right: Josh A. Feltman, Emil A. Kleinhaus, Michael H. Cassel, and Mitchell S. Levy. Photos courtesy of Wachtell, Lipton, Rosen & Katz.

From left to right: Josh A. Feltman, Emil A. Kleinhaus, Michael H. Cassel, and Mitchell S. Levy. Photos courtesy of Wachtell, Lipton, Rosen & Katz.

The Second Circuit issued a highly-anticipated opinion recently in Kirschner v. JP Morgan Chase Bank N.A. in which it held that a syndicated bank loan was not a security under state securities law.

Kirschner concerned a $1.775 billion term loan to Millennium Health LLC (“Millennium”), which was made by a small group of banks (the “Initial Lenders”) and then syndicated to a larger group of lenders in April 2014. Continue reading

Meeting (and Not Breaching) DOJ And SEC Corporate Settlement Agreements

by Jonny Frank, Laura Greenman, Chris Hoyle, Michele Edwards, and Ksenia Ioffe 

From left to right: Jonny Frank, Laura Greenman, Chris Hoyle, Michele Edwards, and Ksenia Ioffe. (Photos provided by the authors).

No Longer Just a Matter of Paying the Fine and Moving On

Corporate settlement agreements used to be straightforward—pay the penalty and move on.

Now, these resolutions rival complex business transactions, including months of negotiations and multi-year post-resolution obligations. Satisfying post-settlement commitments is a business imperative, not just a legal obligation. Meeting, if not exceeding obligations, helps restore brand value and improves employee and investor stakeholder confidence.

Continue reading

CFPB Report Highlights Role of Big Tech Firms in Mobile Payments

by the Consumer Financial Protection Bureau

CFPB Logo

Apple and Google set regulations on “tap-to-pay” which can impact innovation and competition

The Consumer Financial Protection Bureau (CFPB) published a new issue spotlight highlighting the impacts of Big Tech companies’ policies and practices that govern tap-to-pay on mobile devices like smartphones and watches. Apple currently forbids banks and payment apps from accessing the tap-to-pay functionality on Apple iOS devices and imposes fees through Apple Pay. Google’s Android operating system does not currently have such a policy. The issue spotlight explains how regulations imposed by mobile operating systems can have a significant impact on innovation, consumer choice, and the growth of open and decentralized banking and payments in the U.S.

“Regulations imposed by Big Tech firms have a big impact on whether consumers and businesses can make payments using third-party apps,” said CFPB Director Rohit Chopra. “We are carefully evaluating Big Tech’s role in our banking and payments system.”

Continue reading

U.S. District Court Tosses FIFA Bribery Convictions, Finding Honest Services Statute Does Not Reach Foreign Commercial Bribery

 by Victor L. Hou, Joon H. Kim, Jonathan S. Kolodner, Rahul Mukhi, Hannah Rogge, Lisa Vicens, David A. Last, Matthew C. Solomon, and Jennifer Kennedy Park.

Photos of the authors

Top left to right: Victor L. Hou, Joon H. Kim, Jonathan S. Kolodner, Rahul Mukhi, and Hannah Rogge.
Bottom left to right: Lisa Vicens, David A. Last, Matthew C. Solomon, and Jennifer Kennedy Park.
(Photos courtesy of Cleary Gottlieb Steen & Hamilton LLP).

On September 1, 2023, U.S. District Judge Pamela K. Chen of the Eastern District of New York granted a judgment of acquittal in the latest FIFA bribery prosecution, holding that the federal honest services statute, 18 U.S.C. § 1346, does not cover foreign commercial bribery in light of recent Supreme Court precedent.

The decision comes after a jury convicted two defendants of honest services wire fraud and money laundering arising from the U.S. Department of Justice (“DOJ”)’s multi-year pursuit of alleged corruption in FIFA and the international soccer media industry.  Judge Chen based her ruling on the Supreme Court’s recent decisions in Ciminelli v. United States and Percoco v. United States, which cabined the reach of honest services mail and wire fraud in domestic corruption prosecutions.  Applying the principles articulated by these two decisions—which were issued by the Supreme Court two months after the verdict in the latest FIFA trial—Judge Chen held that honest services did not cover the foreign commercial bribery that was the object of the charged conspiracy.  The DOJ may appeal, and U.S. prosecutors may still reach similar conduct under different federal statutes, like the Foreign Corrupt Practices Act (“FCPA”), the federal programs bribery statute, anti-money laundering laws, and the Travel Act, albeit with some limitations.  However, the decision continues a trend of U.S. courts rejecting an overly broad reading of federal fraud and corruption statutes. 

Continue reading

Delaware’s New Personal Data Privacy Act

by Michael T. Borgia, Benjamin Robbins, and Patrick J. Austin

Photos of the authors.

From left to right: Michael T. Borgia, Benjamin Robbins, and Patrick J. Austin. Photos courtesy of Davis Wright Tremaine LLP.

The Delaware Personal Data Privacy Act (DPDPA or Act) became law on September 11, 2023, making Delaware the 13th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, Montana, Florida, Texas, and Oregon. The DPDPA will become effective on January 1, 2025. We highlight key aspects of the DPDPA below.

Continue reading

SEC Targets NFTs as Securities for the First Time

by Ghaith Mahmood, Nima H. Mohebbi, Stephen P. Wink, Douglas K. Yatter, Adam Zuckerman, and Deric Behar

Top left to right: Ghaith Mahmood, Nima H. Mohebbi, and Stephen P. Wink.
Bottom left to right: Douglas K. Yatter, Adam Zuckerman, and Deric Behar.
(Photos courtesy of Latham & Watkins LLP)

In its first enforcement action involving NFTs, the SEC focused on issuer marketing that promises outsized returns on investment and platform building.

On August 28, 2023, the Securities and Exchange Commission (SEC) issued a cease-and-desist order (the Order) against a Los Angeles media and entertainment company (the Company) for an unregistered securities offering relating to its sale of $29.9 million worth of non-fungible tokens (NFTs)[1]. The company agreed to a settlement that includes disgorging $5 million, paying another $1 million in fees and penalties, and ceasing and desisting from violating the Securities Act of 1933. Notably, the settlement does not include fraud charges.

Continue reading

Protecting the Privacy of Health Information: A Baker’s Dozen of Takeaways from FTC Cases

by Elisa Jillson

Photo of the author

Photo courtesy of the author

In the past few months, the FTC has announced case after case involving consumers’ sensitive health data, alleging violations of both Section 5 of the FTC Act and the FTC’s Health Breach Notification Rule. The privacy of health information is top of mind for consumers – and so it’s top of mind for the FTC. Companies collecting or using health data, listen up. There are a number of key messages from BetterHelpGoodRxPremomVitagene, and other FTC matters that you need to hear.

Continue reading

CPPA Issues Draft CPRA Regulations on Risk Assessment and Cybersecurity Audit

by Lisa Sotto and Sam Grogan 

Photos of the authors

Lisa Sotto and Sam Grogan (photos courtesy of the authors)

On August 29, 2023, the California Privacy Protection Agency (“CPPA”) Board issued draft regulations on Risk Assessment and Cybersecurity Audit (the “Draft Regulations”). The CPPA Board will discuss the Draft Regulations during a public meeting on September 8, 2023.

In issuing the Draft Regulations, the CPPA Board makes clear that it has not yet started the formal rulemaking process for cybersecurity audits, risk assessments or automated decision-making technology, and that these Draft Regulations are intended to facilitate Board and public discussion and are subject to further changes. Nevertheless, the Draft Regulations provide insights into the type of requirements companies may be expected to comply with in the future.

Continue reading

SEC Proposes Rule to Eliminate or Neutralize Conflicts in the Use of “Predictive Data Analytics” Technologies

by Andrew J. Ceresney, Charu A. Chandrasekhar, Avi Gesser, Jeff Robins, Matt Kelly, Gary E. Murphy, Jarrett Lewis, Robert B. Kaplan, Marc Ponchione, Sheena Paul, Catherine Morrison, Julie M. Riewe, Kristin A. Snyder, and Mengyi Xu

Photos of the authors

Top left to right: Andrew J. Ceresney, Charu A. Chandrasekhar, Avi Gesser, Jeff Robins, Matt Kelly, Gary E. Murphy, and Jarrett Lewis.
Bottom left to right: Robert B. Kaplan, Marc Ponchione, Sheena Paul, Catherine Morrison, Julie M. Riewe, Kristin A. Snyder, and Mengyi Xu.
(Photos courtesy of Debevoise & Plimpton LLP)

On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) issued proposed rules (the “Proposed Rules”) that would require broker-dealers and investment advisers (collectively, “firms”) to evaluate their use of predictive data analytics (“PDA”) and other covered technologies in connection with investor interactions and to eliminate or neutralize certain conflicts of interest associated with such use. The Proposed Rules also contain amendments to rules under the Securities Exchange Act of 1934[1] (“Exchange Act”) and the Investment Advisers Act of 1940[2] (“Advisers Act”) that would require firms to have policies and procedures to achieve compliance with the rules and to make and maintain related records.

In this memorandum, we first discuss the scope of the Proposed Rules and provide a summary of key provisions. We also discuss some key implications regarding the scope and application of the rules if adopted as proposed. The full text of the proposal is available here.

Continue reading

When Loopholes Create Liability Pitfalls: A Fresh Look at Export Controls

by Brent Carlson

Photo of the author

Photo courtesy of the author

Export controls have been around for decades, but the pace of change has accelerated dramatically in recent years propelled by powerful geopolitical and national security drivers. The US Department of Justice (“DOJ”) has made it clear that sanctions and export controls constitute a new top enforcement priority.[1] With twenty-five new dedicated prosecutors on the DOJ roster, increasingly it will not just be the Department of Commerce’s Bureau of Industry and Security (“BIS”) knocking on the door anymore.

The rapid pace of change has left many companies struggling to catch up with new risk management challenges. Certain assumptions and practices around export controls, which may have been widely accepted in the past, have become not only obsolete but increasingly landmines leading to disastrous potential criminal liability.

In addition to administrative penalties which are on the rise, the criminal penalties are steep, up to one million dollars and twenty years imprisonment per violation.[2]  However, by adopting a white collar enforcement perspective to export controls compliance, companies and individuals may avoid creating unnecessary potential criminal liability pitfalls.

Continue reading