On March 4, 2019, the Commodity Futures Trading Commission (“CFTC”) announced a whistleblower award of over $2 million to an individual—unaffiliated with the company the CFTC charged—for providing expert analysis in conjunction with a related action instituted by another federal regulator.  While the Securities and Exchange Commission, which possesses a similar whistleblower award regime,[1] has previously issued awards to multiple claimants for both related actions[2] and to company outsiders,[3] this is the first such award to be granted by the CFTC in either respect.

The award demonstrates the CFTC’s continued commitment to the Whistleblower Program, and to using all available means in conducting enforcement actions.  This award also reflects both the CFTC’s willingness to collaborate with other federal regulators and to rely on external sources of expert data analysis and likely reflects the CFTC’s continued expansion of its Whistleblower Program, both in terms of sources of information and awards granted.  Continue Reading CFTC Issues First Whistleblower Award Originating From Both a Related Action and a Company Outsider

On February 20, the Securities and Exchange Commission (the “SEC” or “Commission”) issued a cease-and-desist order against Gladius Network LLC (“Gladius”) concerning its 2017 initial coin offering (“ICO”).  The SEC found that the Gladius ICO violated the Securities Act of 1933’s (“Securities Act”) prohibition against the public offer or sale of any securities not made pursuant to either an effective registration statement on file with the SEC or under an exemption from registration.[1]  While this is far from the first time that the SEC has found that a particular ICO token meets the definition of a “security” under the Securities Act,[2] this is notably the first action involving an ICO token issuer that self-reported its potential violation.  Due to this, and Gladius’s cooperation throughout the investigation, the SEC stopped short of imposing any civil monetary penalties among its ordered remedial measures. Continue Reading SEC Issues First ICO Enforcement Action Against a Self-Reporting Token Issuer

On February 20, 2019, the Paris criminal court found Swiss bank UBS guilty of illegally soliciting French clients and laundering the proceeds of tax fraud, and imposed a record fine of EUR 3.7 billion.

The Paris criminal court (32nd chamber of the Tribunal de grande instance) followed the prosecution’s case, which had requested a fine of EUR 3.7 billion against UBS AG – the highest amount ever imposed by French courts. In addition, UBS AG’s French subsidiary was fined EUR 15 million (again, following the amount requested by the prosecution), and five out of the six former executives or managers of UBS who were charged were sentenced to suspended prison terms ranging from 6 to 18 months and fines ranging from EUR 50,000 to EUR 300,000. Finally, the court ordered UBS AG and its French subsidiary to pay EUR 800 million in damages to the French State, which had joined the criminal proceedings as a civil party.

This decision sheds further light on the heightened scrutiny that French criminal authorities impose on actors of the financial sector with respect to suspicions of financial misconduct.

Please click here to read the full alert memorandum.

On 21 February, the UK Financial Conduct Authority issued its first competition enforcement decision against three asset management firms. The FCA imposed fines totaling £414,900 for an infringement based on the sharing of strategic information on a bilateral basis during an IPO and a placing, shortly before share prices were set. The decision reflects increasing antitrust scrutiny into information exchange in financial markets, provides preliminary insights into the FCA’s approach to fines and its investigative procedure in competition cases, and “demonstrates [the FCA’s] commitment to taking enforcement action to protect competition.”

Please click here to read the full alert memorandum.

On February 15, 2019, the Securities and Exchange Commission (the “SEC”) announced that it had settled—on a no-admit, no-deny basis—with Cognizant Technology Solutions Corporation (“Cognizant”) for alleged violations of the Foreign Corrupt Practices Act (the “FCPA”) involving Cognizant’s former president and chief legal officer.[1] The same day, the Department of Justice (the “DOJ”) indicted the two former executives and the SEC filed a civil complaint seeking permanent injunctions, monetary penalties, and officer-and-director bars against them. The DOJ declined to prosecute Cognizant.[2] The DOJ’s declination was in part based on the fact that Cognizant quickly and voluntarily self-reported the conduct, and, as a result of that self-report, the DOJ was able to identify culpable individuals. This settlement reflects the DOJ demonstrating its continued commitment to its FCPA Corporate Enforcement Policy, under which the DOJ has committed to extending significant cooperation credit, up to and including declinations, to companies that provide meaningful assistance to further DOJ investigations. The resolution also reflects the DOJ’s “anti-piling on” policy in action, as the DOJ declination recognized the “adequacy of remedies such as civil or regulatory enforcement actions,” namely Cognizant’s resolution with the SEC, as a factor in declining to prosecute.[3] Continue Reading DOJ Issues Twelfth Declination Letter Under FCPA Cooperation Policy

On 12 February 2019, the English High Court issued a judgment in proceedings related to the takeover of Autonomy Corporation Limited (now ACL Netherlands BV) by the Hewlett-Packard group in 2011. The question before the Court was whether a U.S. grand jury subpoena served on Hewlett Packard Enterprise (the U.S. parent company of the claimants) required certain documents received by the claimants solely through disclosure in English High Court litigation, as well as witness statements exchanged between the parties to that litigation, to be produced to the U.S. Federal Bureau of Investigation.

In summary:

  • The Court refused to allow disclosure of the documents in response to the grand jury subpoena on the basis that the subpoena did not override English public policy considerations which seek to preserve a litigant’s right to privacy and confidentiality, nor were the parties to the English proceedings compelled to comply with terms of the subpoena.
  • The decision illustrates the high threshold which needs to be met to obtain the court’s permission to make collateral use of documents disclosed in English proceedings, and demonstrates the level of scrutiny which subpoenas from U.S. authorities will be subjected to by the English courts where they relate to documents disclosed in English proceedings and protected by the English courts’ confidentiality rules.

Please click here to read the full alert memorandum.

On January 29, 2019, the SEC announced four settlements with publicly-traded companies for failure to maintain adequate internal control over financial reporting.

None of the companies was charged with making false or inaccurate statements, either about its ICFR or otherwise; indeed, each had repeatedly disclosed material weaknesses in ICFR over many years.

These cases are interesting for at least three reasons:

  • They were announced together to send a message about the SEC’s focus on its agenda to strengthen accounting and controls at public companies.
  • The cases are about controls, and not about disclosure. Material weaknesses in ICFR are not just a disclosure issue: a continuing failure to maintain adequate controls is a violation of law, even if the failure is fully disclosed and there is no other disclosure problem.
  • The cases join several recent instances in which the SEC has shown a willingness to use the internal controls provisions of the Securities Exchange Act of 1934 independently of specific disclosure requirements.

Please click here to read the full alert memorandum.

Last week, in SEC v. Scoville, the U.S. Court of Appeals for the Tenth Circuit held that Dodd-Frank allows the Securities and Exchange Commission to bring fraud claims based on sales of securities to foreign buyers where defendants engage in fraudulent conduct within the United States.

In so holding, the Court concluded that Dodd-Frank abrogated in part the Supreme Court’s rule, announced in Morrison v. National Australia Bank Ltd., that fraud claims under the federal securities laws can only be brought with respect to transactions in securities listed on a U.S. exchange or transactions in other securities in the U.S.  If adopted more broadly, this ruling would restore in government enforcement actions the more expansive conduct-and-effects test that the Morrison Court rejected.

Please click here to read the full alert memorandum.

On January 10, 2019, a Magistrate Judge in the Northern District of California issued an order denying an application for a search warrant that would have compelled any individual present at the premises to be searched to unlock their digital devices using biometric features, such as thumb prints and facial scans.  The order is notable in that the search warrant was not rejected on Fourth Amendment grounds, but rather on the grounds that requiring a person to unlock his or her digital device ran afoul of the Fifth Amendment’s privilege against self-incrimination.[1]  Providing a thumb or facial scan, the court reasoned, constituted testimony protected by the Fifth Amendment, analogizing biometrics to passwords that similarly protect information stored on devices.  This decision highlights the current tension in the courts on the accessibility of information stored on digital devices, and the courts’ continuing efforts to develop rules governing this rapidly-evolving area of law. Continue Reading Court Holds That 5th Amendment Self-Incrimination Privilege Precludes Compelling Fingerprint or Facial Recognition Access to Digital Devices

Nearly a decade ago, WikiLeaks ushered in the age of mass leaks.  Since then, corporations, governments, public figures and private entities have increasingly had to reckon with a new reality: that vigilantes, activists, extortionists and even state actors can silently steal and rapidly disseminate proprietary information, including customer data and other sensitive information.  Last month, the Department of Justice (“DOJ”) indicted four individuals based on information first revealed in the “Panama Papers” leak.  This marks a significant milestone in law enforcement’s reliance on evidence based on an unauthorized mass leak of information.  While leaks and hacks are not a novel phenomenon—in 1971, the New York Times published top secret documents on the Vietnam War and, in 1994, a paralegal leaked tobacco industry documents that ultimately cost the industry billions of dollars in litigation and settlement costs—the frequency, scale and ease of dissemination of leaked information today presents a difference not only of degree, but of kind.  The new Panama Papers-based criminal case will likely raise a host of novel legal issues based on legal challenges to the DOJ’s reliance on information illegally obtained by a third party, as well as information that would ordinarily be protected by the attorney-client privilege.  In this memorandum, we discuss the potential issues raised by the prosecution and their implications. Continue Reading U.S. Criminal Prosecution Based on Panama Papers Hack Raises Novel Legal Issues