On September 15, 2022, Deputy Attorney General Lisa O. Monaco (“DAG Monaco”) announced further changes to the enforcement policies and practices of the Department of Justice (“DOJ” or the “Department”) at an event at New York University Law School[1], in particular building on previously announced revisions relating to individual misconduct and corporate recidivism.
Continue Reading U.S. Department of Justice Announces Changes to Corporate Criminal Enforcement Policies
Cleary Gottlieb
2021 Cybersecurity and Privacy Developments in the United States
Cybersecurity and data privacy continue to be among the most significant legal risks that businesses face today.
Last year brought a series of high-profile cyberattacks on major companies and U.S. infrastructure targets, continuing the trend seen in recent years. Regulators also brought a number of cybersecurity enforcement actions and announced new rules, guidance, and initiatives on ransomware and other cyber-related issues. In addition, after many years of debate, Congress made some progress in crafting legislation that would require certain companies to report significant cyberattacks and ransomware payments to the U.S. federal government. Companies should expect the demands of cybersecurity risk management and oversight to intensify as we enter 2022.
Continue Reading 2021 Cybersecurity and Privacy Developments in the United States
What to Expect From the Biden Administration
Over the weekend, former Vice President Joseph R. Biden, Jr. was declared the winner of the U.S. presidential election. Although President Trump has yet to concede and press reports suggest he will continue to make his case in court, thoughts have turned to what the Biden administration will mean for federal regulation of business and finance.
In many ways, the future will depend on whether the centrist, coalition-building Biden of yesteryear will show up, or if he will embrace the more progressive wing of the Democratic party that has since grown in influence. Below we lay out our initial reactions on how the Biden presidency is likely to reshape the corporate landscape.
If you have any questions, please feel free to contact the authors listed below or your regular contacts at the firm.
Continue Reading What to Expect From the Biden Administration
U.S. Regulatory Challenges For Chinese Companies: The COSCO Case Study
Cleary Gottlieb and Tiantong & Partners 天同律师事务所 continue their collaboration to produce joint analyses regarding some of the current U.S. regulatory challenges for Chinese companies. This fourth analysis is based on a case study of U.S. sanctions imposed against China Ocean Shipping Company (COSCO), one of the world’s largest shipping companies, and considers sanctions risk…
U.S. Regulatory Challenges for Chinese Companies: The Bank of China Case Study
Cleary Gottlieb and Tiantong & Partners 天同律师事务所 continue their collaboration to produce joint analyses regarding some of the current U.S. regulatory challenges for Chinese companies. In light of renewed interest in China on the topic of U.S. long-arm jurisdiction, this third analysis reviews lessons learned on civil personal jurisdiction from cases involving the Bank of…
U.S. Regulatory Challenges for Chinese Companies: The Huawei Case Study
Cleary Gottlieb and Tiantong & Partners 天同律师事务所 are continuing their collaboration to produce joint analyses regarding some of the current U.S. regulatory challenges for Chinese companies. This second analysis is based on a case study of U.S. efforts to extradite Huawei’s CFO, Meng Wanzhou, from Canada, and considers risk mitigation for Chinese corporate executives travelling…
U.S. Regulatory Challenges For Chinese Companies: The TikTok Case Study
Cleary Gottlieb and TianTong Law Firm recently produced a joint analysis regarding some of the current U.S. regulatory challenges for Chinese companies. The analysis is based on a case study of the national security review concerning the video sharing network TikTok, and an analysis of the Chinese government’s powers under Chinese law to obtain and…

Be Prepared: How to Proactively Account for Data Privacy
Have the right policies in place
– Ensure clear, readily accessible, and (where necessary) country-specific policies are in place indicating the permitted uses of company devices and other IT equipment, including messaging services. If you allow employees to use their own devices to perform work, make sure your policies adequately address issues of access in the context of investigations.
Continue Reading Be Prepared: How to Proactively Account for Data Privacy

Incorporating Data Privacy Considerations Into Investigations
Many investigations, particularly those that are cross-border in nature, are likely to present data privacy issues, and managing these issues is frequently a key consideration in an investigation. By keeping data privacy laws in mind as soon as an investigation starts, an organization will avoid the risk that it has failed to satisfy certain requirements, thereby exposing itself to the possibility of a fine or sanction from a regulator.
Continue Reading Incorporating Data Privacy Considerations Into Investigations

Best Practices for Negotiating the Scope of an Investigative Request
When a company receives a request for information from an investigating authority, one initial issue is whether to cooperate with the request or to assume an adversarial (or at least non-cooperative) position. Even if the company ultimately decides to contest the authority’s characterization of the conduct, it is often in the company’s best interest to agree to cooperate with the investigation and the authority’s requests (to the extent they are reasonable and lawful). In this vein, there are three important ways to establish and maintain a cooperative posture with an investigating authority, while also protecting the company’s interests in the process.
Continue Reading Best Practices for Negotiating the Scope of an Investigative Request