This week, in a 3-2 vote, the U.S. Securities and Exchange Commission (“SEC” or the “Commission”) approved significant changes to the rules governing its whistleblower program. The program, established by the Dodd-Frank Act in 2011, incentivizes those with information about possible securities law violations to report to the SEC. If the tipster provides “high-quality original information” that leads to an enforcement action where monetary sanctions exceed $1 million, the SEC will award a bounty equal to 10 to 30 percent of the sanctions. According to the SEC, whistleblower reports have already led to enforcement actions ordering over $2.5 billion in financial remedies and resulting in more than $500 million in whistleblower awards.
On May 19, 2020, in response to the COVID-19 pandemic, President Trump signed Executive Order 13924, to provide regulatory relief for entities economically impacted by the pandemic. Section 6 of the Executive Order directed agencies to revise their procedures and practices in administrative investigations and enforcement in light of certain enumerated principles of fairness. It also required the Director of the Office of Management and Budget (OMB), in consultation with the Assistant to the President for Domestic Policy and the Assistant to the President for Economic Policy, to issue memoranda needed to guide implementation of the EO. On August 31, 2020, OMB issued such a memorandum, providing guidance on the implementation of Section 6.
On September 14, 2020, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) issued a final rule (“Rule”) requiring the minimum standards for anti-money laundering programs for certain institutions lacking a Federal functional regulator. The Rule applies to banks that lack a Federal functional regulator, including, but not limited to, private banks, privately insured credit unions, and certain trust companies. The Rule also extends customer identification program and beneficial ownership requirements to those institutions.
Every organization is at risk of a data breach, and can learn something from Uber’s data privacy missteps. In an article for Corporate Compliance Insights, Squire Patton Boggs lawyers Colin Jennings, Ericka Johnson, and Dylan Yépez offer key takeaways from the company’s high-profile data breaches and the criminal charges that followed.
The Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) quietly released updated guidance on the Foreign Corrupt Practices Act (FCPA) before the Fourth of July holiday weekend. Entitled A Resource Guide to the U.S. Foreign Corrupt Practices Act, Second Edition (“Guide”), the Guide is the first update to the original document published in November 2012.
On June 1, 2020, the Department of Justice (“DOJ”) Criminal Division released an update to its “Evaluation of Corporate Compliance Programs” guidance for federal prosecutors, its first change since April 2019. Although the update did not fundamentally alter the structure of the guidance, the revisions directly impact how companies should assess and monitor their compliance programs. Specifically, companies should note the update’s emphasis on greater dynamism in corporate compliance programs.
Release of $4.9 billion in financial assistance for nursing homes, which care for high risk seniors, is not all good news. Already facing difficult times, skilled nursing facilities will receive even more scrutiny to account for the money. Read tips here from former prosecutors Marisa Darden, David Maria, and Tom Zeno.
A judge recently ordered Capital One to disclose its cybersecurity report about a data breach. For tips on how to keep such reports under attorney client privilege, go to our post here on the Consumer Privacy World blog by Colin Jennings, Ericka Johnson, and Dylan Yépez.
As business slowly and cautiously reopens, cybercriminals lie in wait. A case study into a massive unemployment insurance fraud shows that cybercriminals patiently hunt for lucrative opportunities to strike. For that reason, companies reopening should consider conducting a cyber-audit to identify their cyber vulnerabilities and thwart cybercriminals lying in wait.
Over the past few months, numerous organizations and agencies—including the intergovernmental Financial Action Task Force, UK Financial Conduct Authority, Dubai Financial Services Authority, and U.S. Financial Crimes Enforcement Network—have stressed the need to preserve the integrity and security of the global payments system during and after the pandemic.