2019

On June 17, 2019, in a decision interpreting the Fifth Amendment’s Double Jeopardy Clause, the United States Supreme Court in Gamble v. United States upheld the doctrine of dual-sovereignty.[1]  In doing so, the Court confirmed that one sovereign may prosecute a defendant under its laws even if another sovereign has already prosecuted the defendant for the same conduct, notwithstanding the Fifth Amendment’s prohibition against multiple prosecutions for the “same offence.”[2]  While Gamble does not represent a shift in the law, the Court’s opinion has implications for companies facing parallel investigations by the Department of Justice (“DOJ”) and other prosecutors, whether state or foreign authorities.
Continue Reading Supreme Court Upholds Dual-Sovereignty Doctrine Allowing Parallel Criminal Prosecutions At Home and Abroad

Choices made at the outset of a crisis can play a critical role in a company’s ability to maintain future privilege claims. Recent cases highlight the risks of:

1. Sharing privileged communications with third-party consultants;
2. Conducting witness interviews through non-lawyers; and
3. Discussing the crisis with a former employee.
Continue Reading Preserving Privilege in a Crisis

In the past year, members of the U.S. Congress and Senate on both sides of the aisle have proposed data privacy bills that would impose nationwide standards on companies who collect and/or share consumers’ personal information. Currently, all 50 states have separate, but often overlapping, data privacy regimes—each subjecting companies to various combinations of recordkeeping standards, data sharing restrictions, and data breach reporting requirements—creating a patchwork of state laws that can generate substantial uncertainty for corporations.
Continue Reading Legislators Propose Differing Approaches to Federalizing Corporate Responsibility for Data Breaches

On June 5, 2019, the Securities and Exchange Commission (“SEC”) finalized Regulation Best Interest (“Reg BI” or the “Final Rule”) under the Securities Exchange Act of 1934 (“Exchange Act”) to establish a new “best interest” standard of conduct for broker-dealers when making a recommendation of any transaction or investment strategy involving securities to a retail

A company faced with a crisis needs to act quickly to assess and determine the scope of any potential liability in order to guide its first response and frame the forthcoming investigation.  Issues overlooked in the early phases of an investigation could prove very costly down the road, limiting options or potentially subjecting a company to greater penalties.
Continue Reading Assessing Risks and Potential Liability in Responding to a Crisis

On May 15, 2019, the U.S. Securities and Exchange Commission (“SEC”) and the U.S. Commodity Futures Trading Commission (“CFTC”) announced that they entered into an Enhanced Multilateral Memorandum of Understanding Concerning Consultation and the Exchange of Information (“Enhanced MMoU”) under the auspices of the International Organization of Securities Commissions (“IOSCO”), along with nine other international financial regulators.[1]  Both the SEC and CFTC are already signatories to IOSCO’s predecessor memorandum of understanding with 121 other signatories.  However, the Enhanced MMoU provides for significant enhancements in cross-border enforcement cooperation—including the ability to compel testimony outside of the United States—that, if widely adopted, could increase the signatory regulators’ abilities to undertake (and coordinate) multilateral cross-border investigations.
Continue Reading SEC and CFTC Chairs Sign Enhanced Multilateral Memorandum of Understanding Expanding Cross-Border Enforcement Cooperation

On May 6, 2019, the Financial Industry Regulatory Authority (“FINRA”) issued Regulatory Notice 19-18, addressing members’[1] anti-money laundering (“AML”) compliance programs.  This notice focused extensively on members’ monitoring for suspicious activities and subsequent suspicious activity report (“SAR”) filing obligations, providing 97 examples of “money laundering red flags” to securities industry market participants.  Where applicable to a members’ business operations, FINRA encouraged broker-dealers to take a “risk-based approach” to AML compliance and incorporate these red flags into their AML programs, even though the organization noted that merely doing so will not satisfy all obligations.  Where any red flags are detected, FINRA encouraged firms to consider whether “additional investigation, customer due diligence measures or a SAR filing may be warranted.”
Continue Reading FINRA Publishes AML Red Flags to Help Broker-Dealers Satisfy Suspicious Activity Monitoring and Reporting Requirements

On April 16, 2019, the U.S. Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert addressing all registered broker-dealers and investment advisers’ (together, “Firms”)[1] privacy-related obligations under Regulation S-P (“Reg S-P”).  The Risk Alert set out the most frequent Reg S-P deficiencies OCIE identified during examinations over the past two years, and encouraged registrants to review their written privacy policies and procedures as well as the consistency with which these policies and procedures have been implemented.  The Alert is the latest in a series of recent privacy and cybersecurity guidance documents issued by the SEC, including the February 2018 Commission Statement and Guidance on Public Company Cybersecurity Disclosures and October 2018 Report of Investigation on cyber-related frauds and public company accounting controls.

This Risk Alert is consistent with the SEC’s approach of seeking to influence the conduct of registrants by providing guidance on specific compliance issues, followed by Risk Alerts noting common exam deficiencies, prior to pursuing enforcement actions.  Investment advisers and broker-dealers should  take this as a prompt to review their relevant policies and procedures to ensure they are appropriate and being followed in practice.
Continue Reading SEC Privacy Risk Alert may Foreshadow Upcoming Reg S-P Enforcement Against Broker-Dealers, Investment Advisers

On May 13, 2019, the Supreme Court issued its opinion in Cochise Consultancy, Inc. v. United States ex rel. Hunt with respect to the applicable statute of limitations in a FCA action in which the Government has declined to intervene.  The FCA sets forth two limitation periods applicable to FCA actions and provides that an action must be brought within the longer of either (i) within 6 years after the date on which the violation occurred; or (ii) within three years of the date when facts material to the right of action are known or reasonably should have been known by a relevant official of the United States.  In no event may an action be brought more than 10 years after the date on which the violation was committed.  The issues in Cochise Consultancy were whether the second, alternative, limitations period applies to an action in which the government has intervened and whether, if so, the relevant official includes the private relator.  These issues are important because, if the longer period applies, a relator can bring an action long after (and more than 3 years after) she learned of the FCA violation.
Continue Reading Supreme Court Rules in Favor of Longer Time Limits for Non-intervened FCA Actions

On May 8, 2019, the Division of Enforcement of the Commodity Futures Trading Commission released an Enforcement Manual – the first public document of its kind from the Division.

Though the Manual does not reveal any significant shifts in policy, it will undoubtedly serve as an important resource for individuals and entities dealing with CFTC