Cybersecurity and data privacy continue to be among the most significant legal risks that businesses face today.

Last year brought a series of high-profile cyberattacks on major companies and U.S. infrastructure targets, continuing the trend seen in recent years. Regulators also brought a number of cybersecurity enforcement actions and announced new rules, guidance, and initiatives on ransomware and other cyber-related issues. In addition, after many years of debate, Congress made some progress in crafting legislation that would require certain companies to report significant cyberattacks and ransomware payments to the U.S. federal government. Companies should expect the demands of cybersecurity risk management and oversight to intensify as we enter 2022.
Continue Reading 2021 Cybersecurity and Privacy Developments in the United States

On January 14, 2022, the United States District Court for the Northern District of California issued a decision in SEC v. Matthew Panuwat[1] validating the legal theory advanced by the Commission that trading in the securities of a competitor company could form the basis of an insider trading violation where the defendant learned that an acquisition of his employer was imminent.  In denying the defendant’s motion to dismiss the complaint, the court ruled that the SEC had sufficiently pled a claim, marking the first judicial decision concerning alleged insider trading in securities of a company based on material, nonpublic information (“MNPI”) about another company, a practice that has sometimes been referred to as “shadow trading.”   The court’s refusal to dismiss the SEC’s novel legal theory that trading on the basis of MNPI of one company to profit on a securities transaction involving a competitor constitutes actionable insider trading should be considered by companies and individuals as they assess trading decisions and policies.
Continue Reading SEC’s “Shadow Trading” Insider Trading Case Allowed to Proceed

The path was paved in 2021 for unprecedented tax developments in the coming years for large businesses, especially for multinationals and investment businesses operating across borders.
Continue Reading Taxes: Stepping up Enforcement and Ending the Global “Race to the Bottom”

2021 was a year of transition for white-collar criminal and regulatory enforcement. As courthouses reopened and trials resumed, newly-installed heads of law enforcement authorities looked to reset priorities and ramp up enforcement in the first year of the Biden administration. 
Continue Reading Priorities, Trends and Developments in Enforcement and Compliance

On December 6, 2021, the Biden Administration issued the “United States Strategy on Countering Corruption”. It is the U.S. government’s first-ever comprehensive anti-corruption plan, and “marks a new chapter” in the country’s efforts to curb graft. If the Administration is successful in executing it, the Strategy may spur a significant increase in anti-corruption investigations and

On October 15, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issued “Sanctions Compliance Guidance for the Virtual Currency Industry” (the “Guidance”).  The Guidance follows recent guidance and advisory letters directed to the virtual currency industry relating to the risk of facilitating ransomware payments[1] and is OFAC’s most comprehensive virtual currency-specific advisory to date.  In particular, the Guidance directly addresses some simpler interpretive questions, discusses sanctions compliance programs and “best practices,” and provides hints about OFAC’s enforcement priorities going forward.
Continue Reading OFAC Issues Sanctions Guidance to Virtual Currency Industry

On August 9, 2021, the SEC issued a cease-and-desist order against digital asset exchange Poloniex, Inc. for allegedly operating an unregistered exchange in violation of Section 5 of the Exchange Act in connection with its operation of a trading platform that facilitated the buying and selling of digital asset securities.[1]

In the cease-and-desist order, the SEC alleged that Poloniex met the definition of an “exchange” because it “provided the non-discretionary means for trade orders to interact and execute through the combined use of the Poloniex website, an order book, and the Poloniex trading engine.”  The SEC also found, based on internal communications, that Poloniex decided to be “aggressive,” ultimately listing token(s) it had internally determined carried a “medium” risk of being considered securities under the Securities Act of 1933 pursuant to the test set forth by the U.S. Supreme Court in SEC v. W.J. Howey.[2]  However, the SEC did not identify what digital asset(s) it determined were securities nor why, simply stating that Poloniex facilitated trading of “digital assets that were investment contracts and therefore securities.”

Without admitting or denying the SEC’s findings, Poloniex agreed to the entry of the order and a payment of $10,388,309 in disgorgement, prejudgment interest, and a civil penalty.
Continue Reading SEC Enforcement Action Against Poloniex Signals Heightened Scrutiny for Crypto Exchanges

On July 13, 2021, the Securities and Exchange Commission (“SEC”) announced a major enforcement action related to a proposed merger between a special purpose acquisition company (“SPAC”) and a privately held target company (“Target”).  This followed numerous warnings by the SEC staff over several months of enhanced scrutiny of such transactions under the federal securities laws.[1]  The respondents, except for the Target’s CEO, settled the action by collectively agreeing to civil penalties of approximately $8 million and to certain equitable relief described below. [2]
Continue Reading SEC Brings SPAC Enforcement Action and Signals More to Come

On May 6, 2021, the United States Government Accountability Office (“GAO”)—an independent, non-partisan congressional watchdog organization—published a report summarizing its study on the impact of the Consumer Financial Protection Bureau’s (“CFPB” or the “Bureau”) reorganization of its fair lending enforcement and supervisory activities.[1]  In 2018, the Trump administration-led CFPB decided to relocate the Office of Fair Lending and Equal Opportunity (the “Office of Fair Lending”) from the Supervision, Enforcement, and Fair Lending Division (“SEFL”) to the Office of Equal Opportunity and Fairness (“OEOF”), a division within the Office of the CFPB Director that plays no role in enforcement.  GAO found shortcomings in the reorganization process and highlighted that the reorganization likely led to a decrease in fair lending enforcement activity in 2018.  GAO ultimately recommended that the Bureau analyze the effects of the reorganization on its enforcement and supervision of fair lending laws, develop performance goals, and take measures to assess its fair lending activities going forward.

While not binding on the CFPB, GAO’s report is significant as it comes at a time when the current administration has signaled that it is motivated to increase enforcement of fair lending laws. Acting CFPB Director Dave Uejio has committed the Bureau to implementing GAO’s recommendations, and Biden’s CFPB Director nominee Rohit Chopra has similarly expressed that he would focus on fair lending.  Likewise, progressive advocates are using the report as an opportunity to apply increased pressure on the Biden administration to become more active in this area.
Continue Reading GAO Recommends CFPB Evaluate Trump Era Fair Lending Reorganization

On April 29, 2021, the Securities and Exchange Commission (the “SEC”) announced settled charges against eight public companies that filed notifications of late filings on Form 12b-25 (more commonly known as “Form NT”) without disclosing in those filings a pending restatement or correction of financial statements.

These settlements are a reminder that filing a Form