In this three-part series, we first discuss the outlook for whistleblower programs in the United States under the new administration. Second, we review initiatives relating to whistleblower reports in other jurisdictions over the past year. Third, we address emerging issues and considerations for companies regarding whistleblower reports.Continue Reading Whistleblowing in Focus: Recent Developments, Emerging Issues, and Considerations for Companies (Part Three: Looking Ahead)
On May 12, 2025, the Criminal Division of the Department of Justice (“DOJ”) announced several policy changes related to its approach to white collar criminal enforcement. Matthew R. Galeotti, the current head of the Criminal Division, noted that DOJ would be “turning a new page on white-collar and corporate enforcement” and emphasizing the principles of “focus, fairness and efficiency” in its investigations and prosecutions. As part of this policy roll-out, DOJ issued a new White Collar Enforcement Plan (the “Enforcement Plan”) and key revisions to the Corporate Enforcement and Voluntary Self-Disclosure Policy (“CEP”), Monitor Selection Policy, and Whistleblower Awards Pilot Program.[1] Continue Reading DOJ Criminal Division Announces White Collar Enforcement Plan and Revisions to Three Key Policies
On November 14, 2024, the U.S. Department of Justice (“DOJ”) Antitrust Division (the “Division”) released guidance for the Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations (the “Guidance”). The Guidance will be used by the Division in assessing the adequacy and effectiveness of a company’s antitrust compliance program when making a charging or resolution decision.[1]Continue Reading DOJ Antitrust Creates Guidance for Evaluating Antitrust Compliance Programs
On October 22, 2024, the SEC announced settled enforcement actions charging four companies with making materially misleading disclosures regarding cybersecurity risks and intrusions. These cases mark the first to bring charges against companies who were downstream victims of the well-known cyber-attack on software company SolarWinds. The four companies were providers of IT services and digital communications products and settled the charges for amounts ranging from $990,000 to $4 million.Continue Reading SEC Charges Four Companies Impacted by Data Breach with Misleading Cyber Disclosures
September 23, 2024, Principal Deputy Assistant Attorney General Nicole M. Argentieri announced revisions to the Department of Justice (“DOJ”), Criminal Division’s compliance guidance, known as the Evaluation of Corporate Compliance Programs (“ECCP”), which is used by DOJ prosecutors to assess the effectiveness of a company’s compliance program in the context of a corporate investigation.[1] The updated compliance guidance incorporates changes that will focus on a company’s use of Artificial Intelligence (“AI”)[2] and other technologies, its use of data analytics as part of the compliance function, the incorporation of “lessons learned” to continuously enhance corporate compliance programs, and whistleblower reporting.[3] Continue Reading DOJ Announces Revisions to Compliance Guidance Focused on AI, Whistleblower Reporting, and Other Areas
On January 10, 2024, the U.S. Attorney’s Office for the Southern District of New York (“SDNY”) announced the creation of the SDNY Whistleblower Pilot Program (the “Pilot Program”).[1] Under the Pilot Program, individuals who self-disclose certain criminal misconduct that involves business organizations to SDNY and cooperate fully may be eligible for a Non-Prosecution Agreement (“NPA”).[2] Continue Reading SDNY Announces Whistleblower Pilot Program For Individuals Who Self-Disclose Wrongdoing Involving Business Organizations
At the September 21, 2023 Conference of the Global Investigations Review, Principal Associate Deputy Attorney General Marshall Miller announced actions by the Department of Justice (“DOJ”) to further incentivize companies engaged in M&A to prioritize compliance. Miller affirmed that “acquiring companies should be rewarded—rather than penalized—when they engage in careful pre-acquisition diligence and post-acquisition integration to detect and remediate misconduct at the acquired company’s business.”[1] He noted that in practice, “… [Main Justice’s] Criminal Division has declined to take enforcement action against companies that have promptly and voluntarily self-disclosed misconduct uncovered in the mergers and acquisitions context and then remediated and cooperated with the Justice Department in prosecuting culpable individuals,” and that the DOJ “will be looking to apply that same approach Department-wide.”[2] Continue Reading DOJ Announces Additional Guidance on Voluntary Self-Disclosure in M&A Context
On September 1, 2023, U.S. District Judge Pamela K. Chen of the Eastern District of New York granted a judgment of acquittal in the latest FIFA bribery prosecution, holding that the federal honest services statute, 18 U.S.C. § 1346, does not cover foreign commercial bribery in light of recent Supreme Court precedent.Continue Reading U.S. District Court Tosses FIFA Bribery Convictions, Finding Honest Services Statute Does Not Reach Foreign Commercial Bribery
On July 26, 2023, the U.S. Securities and Exchange Commission (the “SEC” or “Commission”) adopted rules to enhance and standardize disclosure requirements related to cybersecurity incident reporting and cybersecurity risk management, strategy, and governance.Continue Reading New SEC Disclosure Rules for Cybersecurity Incidents and Governance and Key Takeaways
On July 26, 2023, the Securities and Exchange Commission (“SEC”) proposed new rules targeting the use of predictive data analytics and artificial intelligence (“AI”) by registered investment advisers (“RIAs”) and broker-dealers.[1] The new proposed rules focus on the potential for conflicts of interest and the possibility that newer, more complex analytics models (including those using AI) might optimize decision making for RIAs and broker-dealers by placing those firms’ interests above the interests of their clients.[2] The proposed rules would require RIAs and broker-dealers to: (i) evaluate whether their use of technologies “that optimize for, predict, forecast or direct investment-related behaviors or outcomes” create such a conflict of interest, and (ii) either stop using or address the effects of tools that place a firm’s interests before the interests of clients. RIAs and broker-dealers will also will be required to adopt policies to ensure compliance with the new proposed rules.[3] Continue Reading SEC Proposes Rules Limiting the Use of Artificial Intelligence by Registered Investment Advisers and Broker-Dealers