On September 4, 2019, the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert addressing the most common compliance issues it identified in examinations of investment advisers (“Advisers”) related to principal and agency cross transactions. Continue Reading SEC’s OCIE Affiliate Transaction Risk Alert Highlights Pitfalls in Obtaining Effective Consent
Best Practices for Negotiating the Scope of an Investigative Request
Global Crisis Management Series: This post is part 13 in a series concerning topics further elaborated on in Cleary Gottlieb’s Global Crisis Management Handbook—a desk reference for spotting issues and avoiding common mistakes when faced with a crisis. The current version is available here.
When a company receives a request for information from an investigating authority, one initial issue is whether to cooperate with the request or to assume an adversarial (or at least non-cooperative) position. Even if the company ultimately decides to contest the authority’s characterization of the conduct, it is often in the company’s best interest to agree to cooperate with the investigation and the authority’s requests (to the extent they are reasonable and lawful). In this vein, there are three important ways to establish and maintain a cooperative posture with an investigating authority, while also protecting the company’s interests in the process. Continue Reading Best Practices for Negotiating the Scope of an Investigative Request
Before You Press Send: Protecting Privilege and Complying With Limitations on Data Dissemination When Responding to an Investigative Request
Global Crisis Management Series: This post is part 12 in a series concerning topics further elaborated on in Cleary Gottlieb’s Global Crisis Management Handbook—a desk reference for spotting issues and avoiding common mistakes when faced with a crisis. The current version is available here.
One critical issue to consider in responding to an investigative request is whether by producing the requested data, the company will be waiving a privilege or violating legal confidentiality obligations, including data privacy restrictions. To avoid inadvertently waiving protections over the company’s information or violating any legal restrictions on the production, companies should consider whether any of the following are implicated by the information requested by the authority: Continue Reading Before You Press Send: Protecting Privilege and Complying With Limitations on Data Dissemination When Responding to an Investigative Request
UK Serious Fraud Office Publishes Corporate Co-Operation Guidance
The SFO recently released its much anticipated Corporate Co-Operation Guidance (the “Guidance”). It provides details of the types of behaviour expected by the SFO in order for an organisation to receive credit for its cooperation, including through the offer of a Deferred Prosecution Agreement (“DPA”) or by the SFO determining that it is not in the public interest to prosecute. The Guidance raises the bar for obtaining cooperation credit in key areas, and also produces certain points of tension with guidance issued by US enforcement authorities which will have to be navigated during any transatlantic investigation.
Please click here to read the full alert memorandum.
SEC Continues to Bring Actions Against ADR Lenders For Use of Uncovered Pre-Released ADRs
In what appears to be an industry-wide sweep involving American Depositary Receipts (“ADRs”), over the last few years the SEC has brought enforcement actions against 13 financial institutions – including depositary banks and brokers that borrow and lend “pre-released” ADRs. On August 16, 2019, the SEC announced the latest of these actions against two brokers – Cantor Fitzgerald & Co. and BMO Capital Markets Corporation – for charges related to the improper borrowing and lending of “pre-released” ADRs without obtaining or locating the foreign shares purportedly underlying those ADRs. The SEC’s cases have targeted conduct going back as far as seven years from the date of the announced settlements, and resulted in monetary settlements in excess of $427 million. While these actions may be on the wane given the apparent contraction of the pre-release market, the SEC’s actions signal that it is willing to bring cases to police conduct it views as having a negative effect on markets generally, even in the absence of readily-identifiable victims.
Please click here to read the full alert memorandum.
Five Important Questions for Addressing an Investigative Request
Global Crisis Management Series: This post is part 11 in a series concerning topics further elaborated on in Cleary Gottlieb’s Global Crisis Management Handbook—a desk reference for spotting issues and avoiding common mistakes when faced with a crisis. The current version is available here.
Upon receiving a request for information from a governmental authority or other agency, it is critical to make early strategic decisions about how to respond to the request and effectively frame the scope of the inquiry. Generally speaking, there are two overarching goals that typically inform a company’s strategy for responding to requests for information: (i) to provide the requesting authority the information it seeks as efficiently as possible while maintaining credibility and (ii) to appropriately frame and cabin the scope of inquiry to minimize the burden on the company. To do so, the party receiving the request should first explore a number of foundational questions to understand the context of and motivation for the request. Continue Reading Five Important Questions for Addressing an Investigative Request
Public Relations Considerations When Managing a Crisis
Global Crisis Management Series: This post is part 10 in a series concerning topics further elaborated on in Cleary Gottlieb’s Global Crisis Management Handbook—a desk reference for spotting issues and avoiding common mistakes when faced with a crisis. The current version is available here.
In an increasingly global, regulated, and litigious environment, companies face unanticipated and potentially destabilizing events that often play out in the public eye. Frequently, the issues organizations face during large-scale, often public, crises require more than exclusively legal skills, but also communications skills. Below we discuss three key steps in the process for handling the public relations aspects of any crisis: (1) assembling a crisis-response team, (2) deciding whether or not to make a public statement, and (3) crafting the public message. Continue Reading Public Relations Considerations When Managing a Crisis
U.S. CLOUD Act’s Potential Impact on the GDPR
Responding to a request by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE), the EU’s data protection supervisory bodies released an initial joint opinion on the impact of the U.S. Clarifying Lawful Overseas Use of Data Act (“CLOUD Act”) on the EU data protection framework.
The preliminary assessment by the European Data Protection Supervisor (“EDPS”) and European Data Protection Board (“EDPB”) leaves service providers facing a familiar dilemma.
Although the CLOUD Act now makes clear that U.S. disclosure orders have an extraterritorial reach, the EDPS and EDPB see very limited options for service providers to comply with such orders without breaching the EU’s General Data Protection Regulation (“GDPR”).
Companies will have to carefully consider whether to store data with service providers that may be subject to the Act.
Please click here to read the full alert memorandum.
New York States Extends the Statute of Limitations for Claims Brought Under Martin Act to Six Years
On August 26, 2019, New York Governor Andrew Cuomo signed into law legislation extending the statute of limitations for claims brought under the Martin Act from three to six years. The statute reverses a New York Court of Appeals decision holding that Martin Act claims must be brought within three years. Continue Reading New York States Extends the Statute of Limitations for Claims Brought Under Martin Act to Six Years
Rule 21F–17: Guidance on Drafting Confidentiality and Non-Disclosure Agreements
Global Crisis Management Series: This post is part 9 in a series concerning topics further elaborated on in Cleary Gottlieb’s Global Crisis Management Handbook—a desk reference for spotting issues and avoiding common mistakes when faced with a crisis. The current version is available here.
The Dodd-Frank Wall Street Reform and Consumer Protection Act (“ Dodd-Frank”) goes further than other statutes in providing protection to whistleblowers. In addition to broadening prohibitions against retaliation, the Securities and Exchange Commission (“SEC”) promulgated Rule 21F-17 to ensure companies could not interfere with an individual’s efforts to raise concerns and communicate directly with the SEC.[1]
SEC Rule 21F–17(a) prohibits any person from “imped[ing] an individual from communicating directly with the [SEC] about a possible securities law violation, including enforcing, or threatening to enforce, a confidentiality agreement.”[2] Following a series of enforcement actions in 2015 and 2016, the Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert urging companies to evaluate whether their confidentiality and non-disclosure agreements, among other internal documentation, contained provisions that were inconsistent with Rule 21F–17.[3] Companies can implement a few simple best practices to ensure compliance with Rule 21F–17. Continue Reading Rule 21F–17: Guidance on Drafting Confidentiality and Non-Disclosure Agreements