Richard Manfredi, Author at Gibson Dunn

The Guidelines include some shifts from prior Agency guidance, although in practice they reflect many developments already seen at the Agencies under the Biden Administration’s leadership.

On December 18, 2023, the U.S. Federal Trade Commission (FTC) and Department of Justice (DOJ) (collectively, the Agencies) jointly released the final version of the 2023 Merger Guidelines following a public comment period on an earlier draft version released in July 2023. The Guidelines reflect the Biden Administration’s competition policy and provide guidance on the Agencies’ enforcement priorities. The Guidelines are now effective, and although they include some shifts from prior Agency guidance, in practice the Guidelines reflect many developments already seen at the Agencies under the Biden Administration’s leadership.

The final revised Guidelines include several notable changes from the July draft, including:

An expanded discussion of a transaction’s potential to harm competition by eliminating potential entrants or nascent competitive threats, making clear that the Agencies view their burden to prove the loss of potential competition is materially lower than that of parties to prove that third-party potential entrants will preserve competition;
A modified discussion of vertical merger enforcement that softens the prior draft’s presumption of harm, but expands the discussion of potential foreclosure risks associated with vertical deals; and
A reframing of “trends toward consolidation” as a framework for analyzing mergers in the broader context of developments in their industry rather than as an independent theory of harm.

Overall, the final Guidelines continue to reflect the Agencies’ increased skepticism of merger and acquisition activity, especially in concentrated markets, and attempt to revive seldom-used and novel theories of competitive harm, including some based on case law from many decades ago. While they reflect current enforcement guidance, the new Guidelines are not binding on the federal courts, and it remains to be seen whether courts in the future will find them persuasive as courts have done with the 2010 Merger Guidelines. Likewise, if there is an Administration change in 2025, we expect that there will be a significant, if not wholesale, “dialing back” of these revised Guidelines.

Potential Future Competition

The final Guidelines signal Agency intent to challenge more acquisitions where no immediate competitive overlaps exist between the merging parties under the theory that parties may nevertheless be potential future competitors or important partial constraints as part of a broader “ecosystem” of competitive industry participants. While courts have historically required the Agencies to show, at least by reasonable probability (noticeably greater than 50%), that merging parties will be future competitors,[1] the 2023 Guidelines generally articulate a lower burden for the Agencies to show harm to future competition.

The theme of preventing mergers from eliminating potential and nascent competitive threats reaches across multiple sections of the final Guidelines. In addressing vertical mergers, the Guidelines focus on mergers’ potential to prevent the entry of competitors in the relevant markets under investigation as well as related markets. And in addressing horizontal mergers, the Guidelines carefully distinguish between harm to competition from a merger’s elimination of a potential entrant and rebuttal claims by merging parties that likely or potential entry of new competitors will offset competitive effects. Notably, the Guidelines articulate two different standards for establishing the likelihood of potential entry: a lower standard for Agency claims that effects on a merging party’s potential entry can harm competition because the Agencies “seek to prevent threats at their incipiency,” and a higher standard for merging parties to show that potential entry by a third party can offset competitive harms because potential entrants only offer an attenuated effect on competition compared to active participants. It remains to be seen how courts will address the inconsistency in standards (and the Guidelines cite no case law to support the bifurcated proposition).

The final Guidelines also add new language addressing the effects of “ecosystem” competition in mergers where one or both parties offer a “wide array of products or services.” The Guidelines state that large incumbent firms who acquire small niche players offering non-competing services to the acquirer may nevertheless harm competition by reducing the “ecosystem” of services and products offered by multiple competitors that in concert may constrain larger incumbent firms. The final Guidelines single out markets undergoing “technological transitions” where new technological developments can create competitive threats to incumbent firms. Under this framework, the Agencies may recontextualize smaller acquired parties as “nascent threats” who offer “partial constraints” to large incumbent acquirers.

Vertical Mergers

The final Guidelines’ treatment of vertical mergers is markedly different from the July 2023 draft, reducing the draft version’s focus on categorical presumptions but expanding the discussion of potential harms.

While the draft Guidelines articulated a presumption of illegality when a merged firm has a “foreclosure share” above 50 percent, the final version notes in a footnote that this threshold is sufficient for a general inference of harm “in the absence of countervailing evidence.” In most regards, however, the Guidelines expand categories of potential harms resulting from vertical consolidation. For example, the Guidelines contain an expanded discussion of foreclosure concerns stemming from a vertical merger, including foreclosure of “routes to market,” referring to limiting market participants’ means of access to trading partners, distribution channels, or customers. The final Guidelines also expand on vertical mergers’ potential creation of barriers to entry by requiring potential entrants to invest in related products as well as the relevant product at issue in an investigation. Finally, the Guidelines expound on foreclosure incentives, articulating a low Agency burden of proof that the existence of close competition between merging parties alone signifies an incentive to foreclose rivals through direct or indirect downstream means.

Trends Toward Consolidation

The final Guidelines significantly alter and expand Guideline 7 (formerly Guideline 8 in the draft Guidelines) regarding industry trends towards consolidation. The draft Guidelines appeared to articulate an independent theory of harm that mergers could lessen competition by “contribut[ing] to a trend towards consolidation,” relying on language from the Supreme Court in General Dynamics “allow[ing] the Government to rest its case on a showing of even small increases of market share or market concentration in those industries or markets where concentration is already great or has been recently increasing.”[2]

By contrast, the final Guidelines now note that a trend towards consolidation is a “highly relevant factor” that may “heighten the competition concerns identified in Guidelines 1-6.” Rather than serve as an independent theory of harm on which the Agencies may challenge a merger, however, the Guidelines now articulate that mergers will be reviewed in the context of other industry consolidation activity, and the Agencies will analyze proposed transactions’ potential effect on potential future consolidation activity. The Guidelines discuss an “arms race” concern that consolidation can create leverage against participants in upstream, downstream, or other related markets that encourage further consolidation and generally reduce competition. Vertical mergers, while generally considered inherently procompetitive by courts due to synergies such as elimination of double-marginalization, are particularly susceptible to scrutiny where other market participants may move to vertically integrate to achieve similar efficiencies. Additionally, the Guidelines note that multiple mergers by different players in the same industry may be examined in context of one another, though the Guidelines do not expound further on how this may affect concentration calculations and to what extent trends towards consolidation could serve as a factor in enforcement action claims. The final Guidelines make clear, however, that merging parties must remain cognizant of wider industry merger and acquisition trends in analyzing risk of investigation in planned transactions.

Conclusions and Takeaways

The 2023 Merger Guidelines provide a window into the expanded and more aggressive antitrust enforcement characterizing Agency review of mergers under the Biden Administration.[3] Importantly, as noted, the Guidelines neither reflect nor create binding authority on merging parties. Rather, the Guidelines provide guidance on how and under what circumstances the Agencies will consider enforcement actions and the theories under which they may bring such actions. Actions brought under the enforcement policies articulated and expanded upon in the final Guidelines are subject to review by federal courts, assuming the parties decide to litigate. To prevail on the novel and expanded theories of harm in the Guidelines, the Agencies will ultimately need to persuade federal courts that these theories are supported by legal precedent. Nevertheless, merging parties should expect aggressive enforcement action by the Agencies that seek abandonment of mergers through lengthy investigations, procedural delay, and more frequent court challenges.

Firms considering transactions should continue to proactively consult with antitrust counsel early in the transaction consideration process to identify and mitigate risk. Gibson Dunn attorneys are closely monitoring these developments and are available to discuss these issues as applied to your particular business.

__________

[1] See, e.g., FTC v. Meta Platforms Inc., ___ F.3d __, 2023 WL 2346238, at *22 (N.D. Cal. 2023) (requiring a probability of entry “noticeably greater than fifty percent”). Other courts have imposed an even stricter standard, requiring the government to establish the likelihood of future entry with “clear proof.” FTC v. Atl. Richfield Co., 549 F.2d 289, 295 (4th Cir. 1977).

[2] United States v. General Dynamics Corp., 415 U.S. 486 (1974).

[3] See Gibson Dunn Client Alerts: U.S. Antitrust Agencies Release Updated Merger Guidelines (July 20, 2023); DOJ Signals Increased Scrutiny on Information Sharing (Feb. 10, 2023); FTC Proposes Rule to Ban Non-Compete Clauses (Jan. 5, 2023); FTC Announces Broader Vision of Its Section 5 Authority to Address Unfair Methods of Competition (Nov. 14, 2023); DOJ Antitrust Secures Conviction for Criminal Monopolization (Nov. 9, 2022); DOJ Antitrust Division Head Promises Litigation to Break Up Director Interlocks (May 2, 2022).

The following Gibson Dunn attorneys prepared this update: Kristen Limarzi, Stephen Weissman, Chris Wilson, Jamie France, Zoë Hutchinson, Logan Billman, and Kyla Osburn*.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Antitrust and Competition, Mergers and Acquisitions, or Private Equity practice groups, or the following practice leaders:

Antitrust and Competition:
Rachel S. Brass – San Francisco (+1 415.393.8293, rbrass@gibsondunn.com)
Kristen C. Limarzi – Washington, D.C. (+1 202.887.3518, klimarzi@gibsondunn.com)
Ali Nikpay – London (+44 20 7071 4273, anikpay@gibsondunn.com)
Cynthia Richman – Washington, D.C. (+1 202.955.8234, crichman@gibsondunn.com)
Christian Riis-Madsen – Brussels (+32 2 554 72 05, criis@gibsondunn.com)
Stephen Weissman – Washington, D.C. (+1 202.955.8678, sweissman@gibsondunn.com)
Chris Wilson – Washington, D.C. (+1 202.955.8520, cwilson@gibsondunn.com)
Jamie E. France – Washington, D.C. (+1 202.955.8218, jfrance@gibsondunn.com)

Mergers and Acquisitions:
Robert B. Little – Dallas (+1 214.698.3260, rlittle@gibsondunn.com)
Saee Muzumdar – New York (+1 212.351.3966, smuzumdar@gibsondunn.com)

Private Equity:
Richard J. Birns – New York (+1 212.351.4032, rbirns@gibsondunn.com)
Wim De Vlieger – London (+44 20 7071 4279, wdevlieger@gibsondunn.com)
Federico Fruhbeck – London (+44 20 7071 4230, ffruhbeck@gibsondunn.com)
Scott Jalowayski – Hong Kong (+852 2214 3727, sjalowayski@gibsondunn.com)
Ari Lanin – Los Angeles (+1 310.552.8581, alanin@gibsondunn.com)
Michael Piazza – Houston (+1 346.718.6670, mpiazza@gibsondunn.com)
John M. Pollack – New York (+1 212.351.3903, jpollack@gibsondunn.com)

*Kyla Osburn is an associate working in the firm’s Palo Alto office who is not yet admitted to practice law.

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

The case is particularly significant for limited partners in private equity and hedge fund managers organized as limited partnerships.

On November 28, 2023, the U.S. Tax Court (the “Tax Court” or the “Court”) issued its opinion in Soroban Capital Partners LP v. Commissioner,[1] holding that a “functional analysis test” must be applied in determining whether the “limited partner exception” to the imposition of Self-Employed Contributions Act (“SECA”) tax under section 1402(a)(13)[2] applies to limited partners in a limited partnership.[3] The case is particularly significant for limited partners in private equity and hedge fund managers organized as limited partnerships. Since the launch of its SECA tax compliance campaign in 2018,[4] the Internal Revenue Service (the “IRS”) has been pursuing self-employment tax audits of limited partnerships, limited liability companies, and limited liability limited partnerships. The campaign seeks to address the IRS’s contention that certain taxpayers have been improperly claiming to be “limited partners” for purposes of the “limited partner exception” from SECA tax.

The decision in Soroban Capital Partners LP (“Soroban”), amidst the IRS’s SECA tax compliance campaign, represents a meaningful victory for the IRS that, if sustained on appeal, could significantly limit the ability of many limited partners to assert that they are not subject to self-employment tax.

I. Background

SECA, enacted into law in 1954,[5] requires self-employed individuals to contribute to Social Security and Medicare by imposing a tax on their net earnings from self-employment. The SECA tax applies to “self-employment income,” defined – somewhat tautologically – in section 1402(b) as “net earnings from self-employment” (“NESE”). The SECA tax currently comprises two component parts: a 12.4 percent Social Security tax on the first $160,200 (for 2023) of NESE and 3.8 percent Medicare tax on all NESE.[6] The SECA tax applies to a partner’s distributive share of the partnership’s business income, unless an exception applies, and also applies to a partner’s guaranteed payments for services.

Section 1402(a)(13), enacted as part of the Social Security Amendments of 1977,[7] carves out an exception from NESE (the “Limited Partner Exception”) for “limited partners” that excludes “the distributive share of any item of income or loss of a limited partner, as such, other than guaranteed payments described in section 707(c) to that partner for services actually rendered to or on behalf of the partnership to the extent that those payments are established to be in the nature of remuneration for those services.” (Emphasis added). In enacting this exception, Congress was concerned that individuals were investing as limited partners in investment-related business ventures, paying a small amount of SECA tax, and thereby qualifying for future Social Security benefits. The Limited Partner Exception was intended to curb this perceived abuse.[8]

The scope of the Limited Partner Exception has been subject to some debate because the term “limited partner” is not defined in section 1402 or in the Treasury regulations and, in general, is not a term elsewhere defined in the U.S. federal tax law or commonly understood to have a particular meaning for U.S. federal tax purposes.[9] The emergence – in the 1990s and the first decade of this century – of so-called “hybrid entities,” such as limited liability companies (“LLCs”), limited liability partnerships (“LLPs”), and limited liability limited partnerships (“LLLPs”), which often are classified as partnerships for U.S. federal income tax law purposes, has given rise to questions as to the scope of interpreting and applying the Limited Partner Exception.

In 1994, the Treasury Department and the IRS issued proposed regulations defining “limited partner” for purposes of the Limited Partner Exception.[10] Those regulations were re-proposed in 1997.[11] The proposed regulations also applied to owners of entities other than limited partnerships, such as LLCs. These proposed regulations would have disqualified individuals from being considered limited partners if they bore personal liability for partnership debts, had authority to contract for the partnership, or participated in the partnership’s trade or business for over 500 hours during the partnership’s taxable year.[12] In response to negative reaction from parts of the U.S. media, Congress subsequently enacted a one-year moratorium preventing the finalization of the proposed regulations, due to a concern that the proposed change in the treatment of individuals who are limited partners under applicable state law would have exceeded Treasury’s regulatory authority.[13] In the twenty-five years that have passed since the expiration of the moratorium, neither the IRS nor Congress has clarified the definition of a “limited partner.”[14]

Although several cases have interpreted the Limited Partner Exception in the context of LLPs and LLCs,[15] until Soroban no case had interpreted the Limited Partner Exception in the context of a limited partner who owns a limited partner interest in a limited partnership. Somewhat ironically, Judge Buch wrote the only opinion in this area of the law holding that a member of an LLC classified as a partnership for tax purposes should be treated as a limited partner for purposes of the Limited Partnership Exception.[16]

II. Background to Soroban Capital Partners LP

Soroban, a Delaware limited partnership, is a hedge fund manager located in New York City. During 2016 and 2017, Soroban had four partners: three individual limited partners, each of whom was a limited partner, and Soroban Capital Partners GP LLC, a Delaware limited liability company, as the general partner. The general partner was owned indirectly by the three individual limited partners.

According to the limited partnership agreement, the general partner was to carry on the business and affairs of the limited partnership and had the ultimate authority to make decisions on behalf of the limited partnership. One of the limited partners served as the Managing Partner and Chief Investment Officer, another limited partner served as the Co-Managing Partner, and the third limited partner served as the Head of Trading and Risk Management of Soroban. Two of the limited partners had negative consent rights over certain enumerated actions of a fundamental nature. Each of the three individual limited partners devoted his full-time efforts to the activities of Soroban and its affiliates.

During the years at issue, Soroban made guaranteed payments for services to each of the three individual limited partners and allocated the remaining ordinary business income among all of its partners. Soroban reported the guaranteed payments, as well as the general partner’s share of ordinary business income, but not the limited partners’ shares of ordinary business income, as subject to SECA tax.

The IRS challenged Soroban’s position that the limited partners’ shares of ordinary business income were not subject to SECA tax and issued Notices of Final Partnership Administrative Adjustment (“FPAAs”) making adjustments to Soroban’s NESE for the years in issue. Soroban’s tax matters partner filed a petition in Tax Court challenging the FPAAs and then filed a motion for summary judgment requesting that the Court find as a matter of law that the Limited Partner Exception precludes the limited partners’ shares of ordinary business income from being subject to SECA tax.

III. The Court’s Analysis

Addressing the merits of the case,[17] the Court held that the “limited partner exception does not apply to a partner who, is limited in name only,”[18] even when that person is a limited partner in a limited partnership. The Court turned to principles of statutory construction to ascertain Congress’s intent, as neither section 1402(a)(13) nor applicable regulations define the term “limited partner.” The Court focused on the phrase “limited partner, as such.” In the Court’s view, if Congress had intended for limited partners to be per se excluded from the SECA tax, Congress could have simply used the term “limited partner” without “as such.” In support of its interpretation, the Court reviewed legislative history, stating that “Congress enacted section 1402(a)(13) to exclude earnings from a mere investment. It [Congress] intended for the phrase ‘limited partners, as such’ used in section 1402(a)(13) to refer to passive investors.”[19] The Court held that it must apply a “functional analysis test” to determine whether a limited partner in a limited partnership is a “limited partner, as such.”

In other words, the Court effectively concluded that there is no legally relevant distinction between limited partners in a limited partnership and the partners or members of the other entities (e.g., LLCs and LLPs) addressed under the Court’s prior precedent. This is a surprising expansion of the prior precedent given the very clear language of the Code and the much more obvious meaning of the words “as such,” reflecting a distinction between the distributive share of income received by an individual who is both a limited partner and a general partner in the limited partnership. As stated in the legislative history, “if a person is both a limited partner and a general partner in the same partnership, the distributive share received as a general partner would continue to be covered ….”[20] Thus, “as such” was a necessary clarification that only the distributive share of income attributable to the limited partnership interest is excepted from NESE.

IV. Implications

Because the Soroban opinion addressed only the legal question on summary judgment of whether a partner in a limited partnership is per se excluded from SECA tax, the Tax Court has not yet addressed whether the limited partners in Soroban satisfy the “functional analysis test,” which will depend on the specific facts and circumstances. Resolution of that issue will require further proceedings, including potentially a trial, for the Tax Court to hear evidence on and apply the functional analysis test.

We expect that, if, in applying that test, the Soroban limited partners are found not to be “limited partner[s], as such,” Soroban will appeal the Tax Court’s decision to the U.S. Court of Appeals for the Second Circuit. It is also possible that, to avoid a potentially unnecessary trial, Soroban could pursue an interlocutory appeal of the Tax Court’s summary judgment order, which would require approval of both the Tax Court and the Second Circuit to proceed. There has yet to be a circuit court review of section 1402(a)(13), and now appears to be an opportune time for such a review given both the legal history of this provision and the broad effects on taxpayers. A decision by the Second Circuit in the Soroban case, however, would only control Tax Court cases appealable to the Second Circuit. As a result, in cases appealable to other circuits, taxpayers or the IRS could be expected to continue to litigate the issue.

Currently, there are two other pending Tax Court cases relating to fund managers which raise the same arguments as Soroban, and the IRS is still actively auditing numerous partnerships as part of its SECA tax compliance campaign.

Please reach out to your Gibson Dunn lawyers for assistance with any IRS examinations on this topic or to determine how this case may influence your compliance with SECA tax obligations going forward.

__________

[1] 161 T.C. No. 12 (2023).

[2] Unless indicated otherwise, all “section” references are to the Internal Revenue Code of 1986, as amended (the “Code”), and all “Treas. Reg. §” references are to the Treasury regulations promulgated under the Code.

[3] Judge Buch authored the Soroban opinion, which is the second opinion he has written for the Tax Court applying section 1402(a)(13). See Hardy v. Commissioner, 113 T.C.M (CCH) 1070 (2017) (holding that a plastic surgeon’s distributive share of income from a surgical center organized as an LLC (classified as a partnership) was exempt from SECA tax under section 1402(a)(13) because he was a mere investor in the LLC).

[4] IRS Announces Rollout of Five Large Business and International Compliance Campaigns (March 13, 2018), available at https://www.irs.gov/businesses/irs-lbi-compliance-campaigns-mar-13-2018.

[5] Self Employment Contributions Act of 1954, c. 736, 68A Stat. 353.

[6] Section 1401(a), (b). The base Medicare tax is 2.9 percent, but it increases to 3.8 percent on NESE in excess of certain thresholds.

[7] Pub. L. No. 95-216, Title III, § 313(b), 91 Stat. 1536.

[8] H.R. Rep. No. 95-702, pt. 1, at 40-41 (1977).

[9] In 2011, the IRS issued proposed regulations under section 892 defining a “limited partner interest” as an interest held by a partner who does not have rights to participate in the management and conduct of the partnership’s business at any time during the partnership’s taxable year under the law of the jurisdiction in which the partnership is organized or under the governing agreement. REG-146537–06, 76 Fed. Reg. 68119 (Nov. 3, 2011). In addition, in 2011, the IRS proposed regulations under section 469(h)(2) that was intended to clarify the definition and tax treatment of “limited partners” for purposes of defining material participation in partnership activities. REG-109369-10, 76 Fed. Reg. 72367 (Nov. 23, 2011). Neither of these proposed regulations addressed the definition of a limited partner for purposes of section 1402.

[10] 59 Fed. Reg. 67253 (Dec. 29, 1994).

[11] REG-209824096, 62 Fed. Reg. 1701 (Jan. 13, 1997).

[12] Id., Prop. Treas. Reg. § 1.1402(a)-2(h)(2)(i)-(iii).

[13] Taxpayer Relief Act of 1997, Pub. L. No. 105-34, Title IX, § 935, 111 Stat. 882.

[14] Just weeks before issuance of the Tax Court’s decision in Soroban, the IRS and Treasury Department released the 2023-2024 Priority Guidance Plan, adding “[g]uidance under section 1402(a)(13)” and indicating a renewed interest in addressing the Limited Partner Exception through regulations or other published guidance. 2023-2024 Priority Guidance Plan, available at https://www.irs.gov/pub/irs-utl/2023-2024-priority-guidance-plan-initial-version.pdf.

[15] See, e.g., Renkemeyer, Campbell & Weaver LLP v. Commissioner, 136 T.C. No. 137 (2011). In Renkemeyer, the Court analyzed the legislative history of section 1402(a)(13) and concluded that its intent “was to ensure that individuals who merely invested in a partnership and who were not actively participating in the partnership’s business operations … would not receive credits towards Social Security coverage.” Id. at 150. The Court held that partners in a law firm organized as a limited liability partnership were not limited partners for purposes of section 1402(a)(13) because their “distributive shares arose from legal services … performed on behalf of the law firm” and not “as a return on the partners’ investments.” Id.

[16] See Hardy v. Commissioner, 113 T.C.M (CCH) 1070 (2017).

[17] The Court also held that, under the now-repealed TEFRA partnership audit rules, SECA tax adjustments constituted “partnership items” within the meaning of former section 6231(a)(3), giving it jurisdiction to decide the case. Soroban, 161 T.C. No. 12, slip. op. at 13-15. Under partnership audit rules enacted by the Bipartisan Budget Act (the “BBA”), which generally are effective beginning with the 2018 tax year, the treatment would be different as the BBA is limited to Subtitle A, Chapter I Income Tax and does not include the SECA tax under Subtitle A, Chapter 2.

[18] Soroban, 161 T.C. No. 12, slip. op at 11.

[19] Id.

[20] H.R. Rep. No. 95-702, pt. 1, at 40 (1977).

The following Gibson Dunn attorneys prepared this update: Michael Benison, Michael Desmond, Evan Gusler, Galya Savir, and Terrell Ussing.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Tax and Global Tax Controversy and Litigation practice groups:

Tax:
Dora Arash – Los Angeles (+1 213.229.7134, darash@gibsondunn.com)
Sandy Bhogal – Co-Chair, London (+44 20 7071 4266, sbhogal@gibsondunn.com)
Michael Q. Cannon – Dallas (+1 214.698.3232, mcannon@gibsondunn.com)
Jérôme Delaurière – Paris (+33 (0) 1 56 43 13 00, jdelauriere@gibsondunn.com)
Michael J. Desmond – Los Angeles/Washington, D.C. (+1 213.229.7531, mdesmond@gibsondunn.com)
Anne Devereaux* – Los Angeles (+1 213.229.7616, adevereaux@gibsondunn.com)
Matt Donnelly – Washington, D.C. (+1 202.887.3567, mjdonnelly@gibsondunn.com)
Pamela Lawrence Endreny – New York (+1 212.351.2474, pendreny@gibsondunn.com)
Benjamin Fryer – London (+44 (0) 20 7071 4232, bfryer@gibsondunn.com)
Kathryn A. Kelly – New York (+1 212.351.3876, kkelly@gibsondunn.com)
Brian W. Kniesly – New York (+1 212.351.2379, bkniesly@gibsondunn.com)
Loren Lembo – New York (+1 212.351.3986, llembo@gibsondunn.com)
Jennifer Sabin – New York (+1 212.351.5208, jsabin@gibsondunn.com)
Eric B. Sloan – Co-Chair, New York/Washington, D.C. (+1 212.351.2340, esloan@gibsondunn.com)
Jeffrey M. Trinklein – London/New York (+44 (0) 20 7071 4224), jtrinklein@gibsondunn.com)
Edward S. Wei – New York (+1 212.351.3925, ewei@gibsondunn.com)
Lorna Wilson – Los Angeles (+1 213.229.7547, lwilson@gibsondunn.com)
Daniel A. Zygielbaum – Washington, D.C. (+1 202.887.3768, dzygielbaum@gibsondunn.com)

Global Tax Controversy and Litigation:
Michael J. Desmond – Co-Chair, Los Angeles/Washington, D.C. (+1 213.229.7531, mdesmond@gibsondunn.com)
Saul Mezei – Washington, D.C. (+1 202.955.8693, smezei@gibsondunn.com)
Sanford W. Stark – Co-Chair, Washington, D.C. (+1 202.887.3650, sstark@gibsondunn.com)
C. Terrell Ussing – Washington, D.C. (+1 202.887.3612, tussing@gibsondunn.com)

*Anne Devereaux is of counsel working in the firm’s Los Angeles office who is admitted to practice in Washington, D.C.

In this article, originally published by Law360, we distill the array of major global AI developments to spotlight a narrow but vitally important area — practical insights for employers using AI in the workplace.

We have been witnessing an absolute whirlwind of artificial intelligence policy developments around the globe.

On Dec. 8, European Union policymakers reached a historic agreement on the AI Act — the world’s most comprehensive risk-based framework governing AI systems. Although details will be finalized in the coming weeks, the AI Act’s full set of requirements is expected to go into effect in approximately the next two years.

This is just the latest significant development in AI regulation and governance — following the release of the risk-based AI international code of conduct by G7 leaders, 18 countries signing onto international guidelines on safe AI development and deployment, and the UK’s AI Safety Summit.

Additionally, in the U.S., the White House recently issued its AI executive order. At the same time, AI-related developments have been continuing at the state level, including the California Privacy Protection Agency, or CPPA, publishing discussion draft regulations relating to automated decision-making technology.

Each of these developments shows keen interest in AI regulation and is a road map to the potential requirements and guardrails for those developing and deploying AI tools.

There is a recognition that AI has the potential to transform a range of industries, and that we are merely at the beginning of this technological journey.

In this article, we will seek to move past AI buzzwords and amorphous definitions to distill the array of major AI developments to spotlight a narrow — but vitally important area — practical insights for employers using AI in the workplace.

In particular, we will address how:

- The now officially forthcoming EU AI Act may impose compliance obligations on U.S. employers deploying AI systems;
- The U.S. Department of Labor’s new role as articulated under the AI executive order and recent coordinating efforts with two federal agencies is likely to result in increased AI enforcement actions and influence how AI in the workplace is regulated;
- The recently released draft AI guidance from the White House’s Office of Management and Budget — while not directly applicable to most companies, other than government contractors — is likely to be an instructive guide as to expectations at the federal level; and
- California’s recently published automated decision-making prerulemaking efforts might shape regulation at the state level.

Read More

Reproduced with permission. Originally published by Law360, New York (December 14, 2023).

The following Gibson Dunn attorneys prepared this article: Vivek Mohan and Emily M. Lamm.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Artificial Intelligence or Labor and Employment practice groups, or the authors:

Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)

Emily Maxim Lamm – Washington, D.C. (+1 202.955.8255, elamm@gibsondunn.com)

On November 1, 2023, the New York Department of Financial Services (“NYDFS” or “the Department”) finalized the amendments to its Part 500 Cybersecurity Regulation (the “Second Amended Cybersecurity Regulation”) and cemented its status as a proactive regulatory leader in the effort to protect consumer data, promote cybersecurity governance best practices, and keep pace with new cybersecurity threats and emerging technology.

In line with NYDFS’s risk-based approach to cybersecurity, and as previewed in its previous drafts, the Second Amended Cybersecurity Regulation introduces several notable changes, including expanded responsibility for senior governing bodies, obligations to implement additional safeguards, new requirements for larger companies, new and increased obligations related to written policies and procedures, heightened requirements around audits and risk assessments, and additional reporting requirements for cybersecurity incidents.

NYDFS’s cybersecurity regulation, 23 NYCRR Part 500 (the “Cybersecurity Regulation”), was first released in March 2017 and went into full effect in March 2019. A minor, ministerial amendment changing the date of the required annual certification was made in 2020 (the “First Amended Cybersecurity Regulation”). In July of 2022, NYDFS began the process of a thorough review and update to the regulation. Since then, NYDFS has issued three draft amendments—the initial Draft Proposed Second Amendment (published July 29, 2022), the Proposed Second Amendment (published November 9, 2022), and the Revised Proposed Second Amendment (published June 28, 2023)—and held two notice and comment periods with active stakeholder participation.

Key updates to the Cybersecurity Regulation, as reflected in the Second Amended Cybersecurity Regulation, are highlighted below:

Heightened Obligations for Senior Leadership and Governing Bodies

Under the Second Amended Cybersecurity Regulation, the “senior governing body” of a covered entity joins the Chief Information Security Officer (“CISO”) at the helm of the company’s cybersecurity apparatus. “Senior governing body” is broadly defined to account for the varied sizes, corporate structures, business models, and industries under NYDFS’s purview. A covered entity’s board of directors or equivalent governing body, a board committee, or senior officer(s) responsible for the entity’s cybersecurity program would all qualify as senior governing bodies under the updated regulation.

The senior governing body of a covered entity is required to exercise oversight of the covered entity’s cybersecurity risk management. At a minimum, this entails (i) having a sufficient understanding of cybersecurity-related matters; (ii) requiring management to develop, implement, and maintain the covered entity’s cybersecurity program; (iii) regularly receiving and reviewing management reports on cybersecurity; and (iv) confirming that sufficient resources are allocated in order to implement and maintain the cybersecurity program. Previously, a covered entity’s CISO was charged with ensuring sufficient allocation of resources to develop and maintain an effective cybersecurity system; in recognition of the fact that senior governing bodies, not CISOs, tend to make enterprise-wide resource allocation decisions, NYDFS shifted that responsibility to the senior governing body.

The Second Amended Cybersecurity Regulation also expands reporting obligations on the CISO, requiring the timely reporting of material cybersecurity issues to the senior governing body or senior officer(s), such as significant cybersecurity events and significant changes to the cybersecurity program.

Increased Investment in Cybersecurity Programs

The Second Amended Cybersecurity Regulation requires covered entities assess the adequacy of their governance practices and their investments in technology and personnel. In addition to significantly expanding the breadth of covered entities’ cybersecurity efforts by including “nonpublic information stored on the covered entity’s information systems” in its definition of “cybersecurity program,” NYDFS established additional requirements related to written policies and procedures.

Companies must have written incident response plans, business continuity and disaster recovery plans, and plans for investigating and mitigating cybersecurity events. As it did in the original Cybersecurity Regulation in 2017 for the then-novel incident response plans, NYDFS took care to enumerate a number of proactive measures intended to help covered entities formulate effective business continuity plans. The draft amendments related to business continuity and incident response plans remained largely the same throughout the process of reviewing and updating the regulation, though the Department did make a few practical and logistical changes.

Each covered entity must also implement written policies and procedures that are designed to produce and maintain a complete, accurate, and documented asset inventory of its information systems. NYDFS made a subtle adjustment to this provision from the June 2023 Revised Proposed Second Amendment, requiring covered entities to “produce and maintain” an asset inventory rather than “ensure” it exists—this is one of many instances where the Department made revisions geared toward providing covered entities with concrete guidance on how to navigate the cybersecurity landscape.

Separate Requirements for Larger “Class A” Companies

NYDFS codified heightened cybersecurity requirements for a newly defined class of larger entities, termed “Class A” companies. Throughout its drafting process, NYDFS iterated upon the scope and scale of Class A companies, and ultimately chose a relatively limited definition. Class A companies are those with an in-state gross annual revenue over $20 million in each of the last two fiscal years, and have had either (i) an average of more than 2,000 employees, or (ii) over $1 billion in gross annual revenue in each of the last two fiscal years. When calculating these figures, entities should include any affiliates that it shares information systems, cybersecurity resources, or a cybersecurity program with.

The Department has imposed several obligations on Class A companies, including to design and conduct independent audits of their cybersecurity programs based upon their respective risk assessments; monitor privileged access activity and implement privileged use management solutions; and implement security precautions such as centralized logging and notifications for security alerts, automatic rejection of common or simple passwords, and endpoint detection and response solutions for anomalous activity.

While the Revised Proposed Second Amendment published on June 28, 2023 would have required audits of Class A cybersecurity programs on an annual basis, the final Second Amended Cybersecurity Regulation introduces some flexibility by requiring audits at a frequency determined by the results of the entity’s risk assessments. This change reflects the Department’s understanding that designing and conducting annual audits may be a particularly burdensome, time-consuming, and resource-heavy endeavor given the size of Class A companies and the complexity of their cybersecurity programs. NYDFS did, however, add that Class A companies should design their audits, in addition to conducting them, which demonstrates NYDFS’s desire for covered entities to be engaged, comprehensive, and diligent about their cybersecurity efforts.

Additional Requirements for Audits and Risk Assessments

In earlier draft amendments, NYDFS had proposed strict requirements related to audits, risk assessments, and penetration tests, such as prohibiting the use of internal auditors and requiring covered entities retain external auditors. Many public commenters took issue with these proposals; in response, the Department expanded the pool of eligible auditors and experts to include internal personnel and reduced the rigidity of timetables for certain obligations. Under the Second Amended Cybersecurity Regulation:

An “independent” audit is one conducted by internal or external auditors, who are free to make their own decisions and are not influenced by the covered entity or its owners, managers, or employees;
Class A companies must re-review and update their risk assessments at least annually, and whenever changes to their business or technology result in a “material change” to the cyber risk they face;[1] and
Penetration testing of information systems must be performed annually by qualified internal or external “parties” (not necessarily by “experts,” as contemplated in the Proposed Second Amendment).

In addition, the Second Amended Cybersecurity Regulation includes a new requirement that risk assessments must “inform the design” of the cybersecurity program and enable adjustments in controls to address evolving cybersecurity and privacy risks. This includes general risks and those particular to the covered entity’s business operations.

Incident Notification Obligations

Covered entities should take note of the growing number and increased sophistication of cybersecurity events in recent years. In an effort to combat these threats, NYDFS established a new 24-hour notification obligation in the event a covered entity makes a ransom payment, and a 30-day window for covered entities to provide a written description of why the payment was necessary, alternatives to payment that were considered, and all diligence conducted to ensure compliance with applicable rules and regulations.

NYDFS narrowed the circumstances for which covered entities would have to provide NYDFS with notice by differentiating between “cybersecurity events” and “cybersecurity incidents.” Under the Second Amended Cybersecurity Regulation, entities must notify NYDFS only where the covered entity has determined that there is an incident at the covered entity, its affiliate, or a third-party service provider that: (i) impacts the covered entity and has triggered the notification requirement of another governmental body, self-regulatory agency, or other supervisory body; (ii) has a reasonable likelihood of materially harming normal operations of the covered entity; or (iii) results in the deployment of ransomware within a material part of the covered entity’s information systems.

NYDFS considered, but did not adopt, a requirement that entities notify the Department of any incident involving unauthorized access to a “privileged account,”[2] acknowledging that such an overbroad requirement would likely lead to overreporting and the inefficient use of resources.

Compliance Timeline

In general, entities have 180 days, or until April 29, 2024, to comply with the Second Amended Cybersecurity Regulation. However, several provisions have different specified transitional periods that override this general timeline:

Incident reporting requirements take effect 30 days after the effective date of the Second Amended Cybersecurity Regulation, or December 1, 2023.
Governance, encryption, incident response plan and business continuity management, and the limited exemption provisions take effect one year after the effective date of the Second Amended Cybersecurity Regulation, or November 1, 2024.
Vulnerability scanning, access privileges and management, and monitoring and training provisions take effect 18 months after the effective date of the Second Amended Cybersecurity Regulation, or May 1, 2025.
Multifactor authentication and asset management and data retention provisions take effect two years after the effective date of the Second Amended Cybersecurity Regulation, or November 1, 2025.

Looking Ahead

The proliferation of artificial intelligence (“AI”), generative AI, and large language models is on NYDFS’s radar[3] and may receive attention in a forthcoming round of amendments. Although NYDFS declined to dedicate a section of the Cybersecurity Regulation to these rapidly expanding technologies, it cautioned covered entities that cybersecurity risks associated with AI are “concerning” and should be taken into account in risk assessments and addressed in cybersecurity programs.[4]

The Second Amended Cybersecurity Regulation signals a significant shift in the cybersecurity regulatory landscape, reflecting NYDFS’s proactive efforts to empower covered entities to protect themselves against escalating threats of sophisticated and frequent cyber events. Organizations should assess their cybersecurity policies and practices to ensure that adequate controls, resources, and personnel are in place to comply with NYDFS’s regulatory changes.

__________

[1] NYDFS did not adopt its proposed requirement that external experts conduct risk assessments at least once every three years.

[2] Privileged account means “any authorized user account or service account that can be used to perform security-relevant functions that ordinary users are not authorized to perform, including but not limited to the ability to add, change or remove other accounts, or make configuration changes to information systems.” Section 500.1(n).

[3] Assessment of Public Comments on the Revised Proposed Second Amendment to 23 NYCRR Part 500, here.

[4] Assessment of Public Comments on the Revised Proposed Second Amendment to 23 NYCRR Part 500, here.

The following Gibson Dunn lawyers assisted in preparing this alert: Alexander Southwell, Stephenie Gosnell Handler, Vivek Mohan, Sara Weed, Cassarah Chu, Anne Lonowski, and Ruby Lang.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity & Data Innovation practice group:

United States
S. Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, aberinger@gibsondunn.com)
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, jhorvath@gibsondunn.com)
Alexander H. Southwell – Co-Chair, New York (+1 212.351.3981, asouthwell@gibsondunn.com)
Matthew Benjamin – New York (+1 212.351.4079, mbenjamin@gibsondunn.com)
Ryan T. Bergsieker – Denver (+1 303.298.5774, rbergsieker@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202.887.3786, dburns@gibsondunn.com)
Gustav W. Eyler – Washington, D.C. (+1 202.955.8610, geyler@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, cgaedt-sheckter@gibsondunn.com)
Svetlana S. Gans – Washington, D.C. (+1 202.955.8657, sgans@gibsondunn.com)
Lauren R. Goldman – New York (+1 212.351.2375, lgoldman@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Howard S. Hogan – Washington, D.C. (+1 202.887.3640, hhogan@gibsondunn.com)
Kristin A. Linsley – San Francisco (+1 415.393.8395, klinsley@gibsondunn.com)
Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Karl G. Nelson – Dallas (+1 214.698.3203, knelson@gibsondunn.com)
Rosemarie T. Ring – San Francisco (+1 415.393.8247, rring@gibsondunn.com)
Ashley Rogers – Dallas (+1 214.698.3316, arogers@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)
Benjamin B. Wagner – Palo Alto (+1 650.849.5395, bwagner@gibsondunn.com)
Sara K. Weed – Washington, D.C. (+1 202.955.8507, sweed@gibsondunn.com)
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415.393.8333, mwong@gibsondunn.com)
Debra Wong Yang – Los Angeles (+1 213.229.7472, dwongyang@gibsondunn.com)

Europe
Ahmed Baladi – Co-Chair, Paris (+33 (0) 1 56 43 13 00, abaladi@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33-180, kgesing@gibsondunn.com)
Joel Harrison – London (+44 20 7071 4289, jharrison@gibsondunn.com)
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, vlukic@gibsondunn.com)

Asia
Connell O’Neill – Hong Kong (+852 2214 3812, coneill@gibsondunn.com)
Jai S. Pathak – Singapore (+65 6507 3683, jpathak@gibsondunn.com)

This 60-minute webcast covers key developments to be aware of as you prepare your 2024 proxy statement, including:

Proxy season trends
Recent and upcoming SEC rulemaking
Investor and proxy advisor updates

Please join us for a discussion of these topics and questions provided by the audience.

PANELISTS:

Aaron K. Briggs is a partner in Gibson Dunn’s San Francisco, CA office, where he works in the firm’s securities regulation and corporate governance and ESG practice groups. Mr. Briggs’ practice focuses on advising public companies, with a focus on technology and life sciences companies, on a wide range of corporate governance, securities and ESG matters, including in going-public transactions. Before rejoining Gibson Dunn, Mr. Briggs served as Executive Counsel at General Electric Company. His in-house experience— which included responsibility for SEC reporting and compliance, board governance, proxy and annual meeting, investor outreach and executive compensation matters, and included driving GE’s redesign of its full suite of investor communications provides a unique insight and practical perspective on the issues that his clients face every day. Mr. Briggs is a frequent speaker on securities and ESG matters.

Julia Lapitskaya is a partner in Gibson Dunn’s New York office. She is a member of the firm’s Securities Regulation and Corporate Governance and its ESG (Environmental, Social & Governance) practices. Ms. Lapitskaya’s practice focuses on SEC, NYSE/Nasdaq and Securities Exchange Act of 1934 compliance, securities and corporate governance disclosure issues, corporate governance best practices, state corporate laws, the Dodd-Frank Act of 2010, SEC regulations, shareholder activism matters, ESG and sustainability matters and executive compensation disclosure issues, including as part of initial public offerings and spin-off transactions. Ms. Lapitskaya is a frequent author and speaker on securities law and ESG issues and is a member of the Society for Corporate Governance.

Based in Gibson Dunn’s Orange County office, Lauren Assaf-Holmes advises public companies across industries on a variety of ESG, compliance and related corporate law matters as a member of the firm’s Securities Regulation and Corporate Governance Practice Group. Lauren advises clients throughout the year on financial reporting and compliance matters in connection with Securities and Exchange Act reporting (including Section 16 and Schedule 13G/D reports), as well as beginning or expanding ESG-related reporting. She has contributed to the publication Legal Risks and ESG Disclosures: What Corporate Secretaries Should Know and presents on these and related topics.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact CLE@gibsondunn.com to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

Gibson Dunn represented JPMorgan as dealer manager in connection with Perrigo’s tender offer for up to $300 million of its outstanding 3.9% senior notes due 2024. Gibson Dunn also represented JPMorgan as Administrative Agent and as a lead arranger in connection with Perrigo’s $300 million incremental term loan, the proceeds of which were used to finance the tender offer.

The Gibson Dunn team was led by Doug Horowitz, with Alex Plaia and Melody Karmana on the incremental term loan and Harris Quraishi on the tender offer.

Gibson, Dunn & Crutcher LLP acted for The Kingdom of Saudi Arabia in connection with a US$ 11,000,000,000 Senior Unsecured Term Loan Credit Facility coordinated and arranged by Industrial and Commercial Bank of China Limited, Dubai (DIFC) Branch. It is the largest loan in EMEA in 2023.

The Gibson Dunn team was comprised of partners Mahmoud Abdel-Baky, Laleh Shahabi and associate attorney, Galadia Constantinou.

Last month, Gibson Dunn announced the opening of its Riyadh office with a team that included seven partners, each of whom has extensive experience working with clients in Saudi Arabia. The firm has significantly expanded its presence in the Gulf in the last 12 months, adding 14 new partners and 19 new associates, the largest investment made in the region by any international firm during this time.

With ongoing volatility due to the conflict in the Middle East, the Russia-Ukraine conflict, and other global developments and trends, companies have been navigating a complex 2023 capital raising market. Join partners of Gibson Dunn’s Capital Markets and Securities Regulation and Corporate Governance practice groups, as they provide an overview of market activity in 2023 and how companies have reacted to the market impact of these developments. This webcast also discusses thoughts on 2024 capital raising and the key issues and opportunities that may impact companies considering capital raise transactions in the next year.

PANELISTS:

Andrew L. Fabens is a partner and serves as co-partner in charge of the New York office, co-chair of Gibson Dunn’s Capital Markets Practice Group and is a member of Gibson Dunn’s Securities Regulation and Corporate Governance Practice Group. Mr. Fabens advises companies on long-term and strategic capital planning, disclosure and reporting obligations under U.S. federal securities laws, corporate governance issues and stock exchange listing obligations. He represents issuers and underwriters in public and private corporate finance transactions, both in the United States and internationally. His experience encompasses initial public offerings, follow-on equity offerings, investment grade, high-yield and convertible debt offerings and offerings of preferred, hybrid and derivative securities. In addition, he regularly advises companies and investment banks on corporate and securities law issues, including M&A financing, spinoff transactions and liability management programs.

Robert D. Giannattasio is a partner (effective January 1, 2024) in the New York office of Gibson, Dunn & Crutcher and practices in Gibson Dunn’s Capital Markets Practice Group, Securities Regulation and Corporate Governance Practice Group and Global Finance Practice Group. He has a broad corporate and capital markets practice representing issuers and underwriters on a variety of public and private debt and equity offerings, including acquisition financings, investment-grade and high-yield debt offerings, IPOs and follow-on equity offerings and liability management transactions. Robert has led a number of complex cross-border transactions and regularly advises companies on securities law and corporate governance matters, SEC reporting and disclosure issues.

Thomas J. Kim is a partner in the Washington D.C. office of Gibson, Dunn & Crutcher, LLP, where he is a member of the firm’s Securities Regulation and Corporate Governance Practice Group. Mr. Kim focuses his practice on a broad range of SEC disclosure and regulatory matters, including capital raising and tender offer transactions and shareholder activist situations, as well as corporate governance, environmental social governance and compliance issues. He also advises clients on SEC enforcement investigations – as well as boards of directors and independent board committees on internal investigations – involving disclosure, registration, corporate governance and auditor independence issues. Mr. Kim has extensive experience handling regulatory matters for companies with the SEC, including obtaining no-action and exemptive relief, interpretive guidance and waivers, and responding to disclosures and financial statement reviews by the Division of Corporation Finance. Mr. Kim served at the SEC for six years as the Chief Counsel and Associate Director of the Division of Corporation Finance, and for one year as Counsel to the Chairman.

Ben McNulty is an Executive Director in J.P. Morgan’s Debt Capital Markets group. His clients primarily include investment grade public companies in the TMT industry. He has advised on complex debt offerings, liability management exercises, loan syndications and general capital structure advisory.

Alice Takhtajan is a Managing Director in J.P. Morgan’s Equity Capital Markets group.

We are pleased to provide you with the next edition of Gibson Dunn’s digital assets regular update. This update covers recent legal news regarding all types of digital assets, including cryptocurrencies, stablecoins, CBDCs, and NFTs, as well as other blockchain and Web3 technologies. Thank you for your interest.

ENFORCEMENT ACTIONS

UNITED STATES

DOJ, CFTC, Treasury, and Binance, CZ Reach Settlement
On November 21, Binance, the largest cryptocurrency exchange in the world, reached a settlement with the U.S. Department of Justice (DOJ), the Commodity Futures Trading Commission (CFTC), the U.S. Department of Treasury’s Office of Foreign Asset Control (OFAC) and Financial Crimes Enforcement Network (FinCEN), to resolve a multi-year investigation by the agencies and a civil suit brought by the CFTC. Attorney General Merrick Garland, Treasury Secretary Janet Yellen, and CFTC Commissioner Rostin Benham announced the multi-agency resolutions in a press conference. As part of the settlement, Binance agreed to pay $4.3 billion across the four agencies and pleaded guilty to conspiracy to conduct an unlicensed money transmitting business and violation of the International Emergency Economic Powers Act. The plea agreement requires Binance to engage in remedial compliance measures over a three-year probationary term and imposes an Independent Compliance Monitor, in addition to requiring the payment of fines and forfeitures. Concurrent with the company’s settlement, Binance’s founder Changpeng Zhao also pleaded guilty to one count of failing to maintain an effective AML program. NBC; CNN; ABC; Law360; CNBC; C-SPAN.
SEC Sues Kraken Cryptocurrency Exchange
On November 20, the SEC sued Kraken, the world’s third-largest crypto asset exchange, alleging that it operates as an unregistered securities exchange, broker, dealer, and clearing agency. The complaint’s allegations track those made in complaints against other crypto exchanges. The SEC’s complaint, filed in federal district court in San Francisco, seeks injunctive relief, disgorgement of ill-gotten gains plus interest, and penalties. SEC; Reuters; Fortune.
DOJ Seizes Millions of Dollars of Tether
On November 21, the Department of Justice seized $9 million worth of Tether (USDT), a U.S. dollar stablecoin, from accounts associated with “pig butchering” scams. These schemes involve scammers developing fake romantic relationships with victims, convincing them to transfer digital assets into fake exchanges before stealing the assets. Tether Limited, which manages Tether, had earlier frozen $225 million worth of USDT in accounts connected to these scams, from which the $9 million was seized. The operation was a collaboration between the Department of Justice, the U.S. Secret Service, and Tether Limited. CryptoNews; DOJ; Law360; CNBC.
SEC’s Crypto Enforcement Increases in 2023
The SEC announced their enforcement results for fiscal year 2023 which marked the third consecutive year that enforcement activity had increased since Chair Gary Gensler became head of the agency. While investment adviser cases, insider trading, and individual accountability cases saw a decrease in the 2023 fiscal year, cryptocurrency cases increased from 18 in fiscal year 2022 to 44 in fiscal year 2023. The SEC said it will continue to prioritize violations involving crypto in 2024. Law360.

INTERNATIONAL

Feds Seize and Sanction Sinbad, a North Korean-Linked Crypto Mixer
On November 29, Sinbad, a company that makes crypto transactions anonymous, was sanctioned by the U.S. Department of Treasury. Authorities have alleged that Sinbad washed millions of dollars of stolen cryptocurrency for North Korean state-backed hackers the Lazarus Group following high-profile digital heists. Sinbad is the third crypto mixer to face U.S. sanctions since 2022. Last month, the Financial Crimes Enforcement Network proposed rules to reclassify companies like Sinbad to bring them under its jurisdiction, which could require mixers to report some transactions to the federal government. Law360.
Montenegro Court Approves Extradition of “Cryptocurrency King” Do Kwon
On November 24, 2023, the High Court in Podgorica, Montenegro approved the extradition of Terraform Labs co-founder Do Hyeong Kwon to the United States or South Korea to face charges related to the collapse of stablecoin Terra USD. In February of this year, the U.S. Securities and Exchange Commission charged Kwon with orchestrating a multi-billion dollar crypto asset securities fraud. This followed South Korea’s issuance of a warrant for Kwon’s arrest in September of last year. Kwon agreed to be extradited to South Korea after serving a four-month sentence in Montenegro for document forgery. Montenegro’s justice minister will issue a final decision approving or denying extradition at the expiration of Kwon’s sentence. Reuters; Financial Times.

REGULATION AND LEGISLATION

UNITED STATES

New York State Announces New Crypto Regulations
On November 15, the New York State Department of Financial Services (NYDFS) unveiled new restrictions on crypto companies under the New York Financial Services Law. The restrictions require companies to submit for pre-approval policies regarding the listing and delisting of cryptocurrency coins. The submitted policies must include provisions on governance, risk assessment, monitoring, de-listing process, and execution. The new restrictions apply to digital currency businesses licensed under New York law and to limited purpose trusts under New York banking law. Covered businesses must meet with NYDFS by December 8 to discuss draft policies, and must submit final policies by January 31, 2024. Cointelegraph; N.Y. Dep’t Fin. Servs.
CFPB Proposes Rule to Supervise Nonbank Companies Offering Digital Wallets and Payment Apps
On November 7, the Consumer Financial Protection Bureau (CFPB) issued a proposed rule to supervise certain nonbank companies that offer services such as digital wallets and payment apps. The proposed rule would apply to nonbank payments companies providing general-use digital consumer payment applications that process more than five million consumer payment transactions per year and are not a “small business concern” as defined under the Small Business Act. The proposed rule defines “consumer payment transactions” as “the transfer of funds by or on behalf of a consumer physically located in a State to another person primarily for personal, family, or household purposes,” though it excludes certain transactions (including international money transfers). And it further asserts that “funds” include cryptocurrencies. The comment period for the proposed rule closes on January 8, 2024. CFPB.
Officials’ Questions at Hearing Suggest Further Tax Proposal Revisions to Come Following Crypto Industry’s Criticism
The IRS held a hearing on November 13 regarding its proposed crypto tax reporting rule, which has been heavily criticized by the crypto industry. The proposed rule would set forth reporting requirements and applicable definitions for digital asset brokers. At the hearing, IRS officials asked questions to clarify the criticism regarding the proposal’s wide definition of “brokers,” which as of now includes decentralized finance (DeFi) projects and wallet software. Industry representatives explained that there is no specific person that controls software used in DeFi and that it is therefore impractical to collect the information that would be required to be reported under the IRS’s proposal. In addition, the IRS asked questions relating to potentially excluding the stablecoin-reporting requirement. The industry has argued that the government should not track these transactions as taxable exchanges of assets. Furthermore, the IRS inquired about data privacy risks for consumers as a result of the proposed regulations. CoinDesk; Reuters.
Key Cryptocurrency Legislation Likely Delayed to 2024, Lawmakers Say
In recent months, legislators in Congress have introduced a series of bills to modernize the legal framework governing cryptocurrencies. These include the Financial Innovation and Technology for the 21st Century Act, introduced by Congressman French Hill (R-Ark.), Congressman Dusty Johnson (R-S.D.) and Congressman Glenn G.T. Thompson (R-Pa.) and the Clarity for Payment Stablecoins Act of 2023, introduced by Congressman Patrick McHenry (R-N.C.). Efforts to advance those bills had been sidelined as a leadership dispute roiled the House of Representatives following the ouster of Congressman Kevin McCarthy (R-CA) as Speaker of the House. Key proponents of the legislation have indicated that further progress on the bills is unlikely until at least early-2024. CoinDesk; CNBC.
FASB Says Cryptocurrencies to Be Measured at Fair Value
On December 13, 2023, the Financial Accounting Standards Board (FASB) promulgated new standards governing accounting for digital assets. Under the new standards, companies that hold bitcoin or ether will be required to record their holdings at fair value. The standards do not cover non-fungible tokens, stablecoins, and issuer-created tokens. Previous rules had required companies to record assets at their low values, which some had criticized as artificially depressing the reported value of cryptocurrency holdings due to temporary downturns in price. The FASB accounting standards will take effect after December 15, 2024, but companies may voluntarily adopt them sooner. Bloomberg; CoinDesk.

INTERNATIONAL

Hong Kong’s SFC Updates Guidance on Tokenized Securities-Related ActivitiesOn November 2, Hong Kong’s Securities and Futures Commission (SFC) published two circulars providing updated guidance to intermediaries engaging in tokenized securities-related activities and on the tokenization of SFC-authorized investment products. The SFC now considers tokenized securities to be traditional financial instruments that are securities which utilize blockchain (or similar) technology in their security lifecycle. This updated characterization supersedes the SFC’s previous March 2019 statement characterizing tokenized securities as complex products requiring extra investment protection measures and restricting their offering to professional investors. A detailed breakdown of the circulars is available in Gibson Dunn’s November 10, 2023 Client Alert. Gibson Dunn.
European Banking Authority Launches Public Consultation on Crypto Money Laundering
On November 24, the European Banking Authority initiated a public consultation program to gather opinions on “new Guidelines on preventing the abuse of funds and certain crypto-assets transfers for money laundering and terrorist financing purposes.” The proposed Guidelines set out procedures that payment service providers and crypto asset service provides must follow to “detect missing or incomplete information that accompanies a transfer of funds or crypto-assets” and to manage transfers ordered with less than complete information. The Authority will take comments on its published consultation paper until February 26, 2024, and will hold a virtual public hearing on the Guidelines on January 17, 2024. EBA 1; EBA 2.
Monetary Authority of Singapore Finalizes New Crypto Regulations
On November 23, the Monetary Authority of Singapore (MAS) issued a response to feedback on its proposed regulation of crypto service providers. In an effort to combat the encouragement of crypto speculation, with regard to retail persons, the regulation prohibits crypto service providers from financing crypto transactions, permitting margin transactions, or providing incentives to trade. Providers are barred from accepting locally issued credit card payments, and must assess customers’ risk awareness before permitting trading. The regulation also relaxes requirements for qualifying as an accredited investor by allowing a certain quantity of crypto assets to count toward the net-worth calculation. The MAS previously issued responses to feedback in July when it promulgated regulations requiring providers to deposit customer assets in a statutory trust for safekeeping and restricting providers from lending and staking cryptocurrency to retail investors. The rules will take effect in phases, beginning in mid-2024. CoinDesk; MAS 1; MAS 2; MAS 3.
Countries Announce Intent to Implement the OECD’s Crypto Reporting Framework
The Organization for Economic Cooperation and Development (OECD) released the Crypto-Asset Reporting Framework (CARF) in October 2022, which focused on ensuring crypto-assets are not used for illicit purposes such as tax evasion. This month, 48 jurisdictions, including the U.S., U.K., France, Spain, Germany, Canada, and Japan, announced their intent to implement the CARF by 2027. Erika Nijenhuis, a U.S. Department of Treasury official, said earlier that regulations to implement the CARF were in process and that the Treasury can require reporting for much of what the CARF covers. Law360.
U.K.’s Financial Conduct Authority Licenses Crypto.com As Electronic Money Institution
On December 4, the U.K.’s Financial Conduct Authority granted crypto exchange Crypto.com a license to operate in the country as an Electronic Money Institution. Crypto.com plans to use the license to “offer a suite of UK-localised e-money products,” according to a press release. Since August 2022, the firm has held the status of a registered crypto-asset business in the U.K., but the new license will enable it to provide cash placements and withdrawals from payment accounts; to execute payment transactions; to issue payment instruments; to remit money; and to issue electronic money. Conversely, the license restricts Crypto.com from hiring agents or using distributors and from providing payment services unrelated to those licensed. Other crypto exchanges hold similar licenses in the U.K. CoinDesk; Crypto.com; Financial Conduct Authority; Crypto.news.
South Korea Proposes New Consumer Protection Rules for Cryptocurrency
In June of this year, South Korea’s lawmakers approved the Virtual Asset User Protection Act, which defined digital assets and imposes penalties for trading such assets on nonpublic information, manipulating markets, or otherwise engaging in unfair trading practices. The legislation also gave South Korea’s Financial Services Commission power to oversee cryptocurrency firms and asset custodians. On December 11, 2023, the country’s Financial Services Commission promulgated comprehensive regulations to effectuate the new law. The proposed rules (a) broaden the range of covered tokens, (b) prescribe standards for custodying digital assets, (c) require virtual asset service providers (VASPs) to store 80% or more of customer assets in cold wallets, (d) mandate certain insurance and reserve baselines to prevent catastrophic losses in the event of hacking or technological failures, (e) specify when nonpublic information becomes public, (f) limit when VASPs may block customer deposits and withdrawals, and (g) require VASPs to monitor abnormal transaction activity. Bloomberg; CoinDesk; S.K. Financial Services Commission.
Regulators Approve El Salvador’s “Bitcoin Bonds”
In January 2023, El Salvador’s lawmakers approved a bill authorizing the issuance of sovereign “Bitcoin bonds.” El Salvador’s National Bitcoin Office (ONBTC) announced on Monday that the country’s Digital Assets Commission had approved issuing the bonds, known colloquially as the “Volcano Bond” – a reference to geo-thermal energy sources used to support the country’s mining operations. According to ONBTC, the bonds are expected to issue in the first quarter of 2024 on the Bitfinex Securities Platform, a registered trading site for blockchain-based assets in El Salvador. Cointelegraph; Yahoo.

CIVIL LITIGATION

UNITED STATES

Celsius Network Faces Roadblock in Pivot to Bitcoin Mining After Winning Initial Ch. 11 Plan Approval
On November 30, Chief Judge Martin Glenn of the U.S. Bankruptcy Court for the Southern District of New York said that Celsius Network, the bankrupt cryptocurrency investment platform, may have to seek a new creditor vote on its proposed transformation into a bitcoin mining business. This development comes just days after Judge Glenn signed an order confirming the initial Chapter 11 plan of Celsius. Under that plan, crypto consortium Fahrenheit LLC would acquire Celsius’ assets and focus on mining new bitcoin and on earning “staking” fees by validating blockchain transactions. Customers who had Celsius accounts at the time of the bankruptcy would receive pro rata distributions of the company’s remaining cryptocurrency and preserve their right to pursue claims against parties accused of manipulating the price of Celsius’ tokens prior to the bankruptcy.However, Celsius scaled back its post-bankruptcy business plans to focus only on bitcoin mining after receiving feedback from the SEC. Although the SEC did not explicitly oppose Celsius’ bankruptcy plan before it was approved, Celsius claims that the SEC is unwilling to approve crypto lending and staking activity. Judge Glenn expressed frustration with the late pivot, saying that he had been a “broken record” about Celsius’ need to reach agreement with the SEC. Law360; Reuters.
Genesis, Digital Currency Group Reach Agreement on New Settlement Plan
A recent bankruptcy filing revealed that Genesis Global and its parent company, Digital Currency Group (DCG), have agreed on a repayment plan to settle their lawsuit. In September 2023, Genesis sued DCG seeking repayment of over $600 million in loans. The settlement plan shows that DCG has already settled roughly $227.3 million of its debt to Genesis and lays out a plan for an additional $275 million to be paid by April 2024 using a combination of U.S. dollars and bitcoin. The settlement also includes other consideration. CryptoSlate.
Genesis Sues Gemini to Recover ‘Preferential Transfers’ Worth $689M
On November 21, Genesis Global, a crypto lender, sued cryptocurrency exchange Gemini Trust Co, for allegedly making preferential transfers of approximately $689 million. Genesis filed for bankruptcy in January 2023. Genesis alleges that, before the bankruptcy filing, Gemini made “unprecedented withdrawals” that contributed to a “run on the bank.” Gemini has stated that the claims are “baseless and inflammatory.” Reuters; CoinDesk.
FTX Says IRS Tax Estimate Is $24 Billion Too High
On November 29, FTX asked a Delaware bankruptcy judge to set its tax bill at $0 claiming that the IRS is estimating $24 billion in claims without evidence. Given its collapse in November 2022, FTX is arguing that it has no tax liability. FTX expects to seek votes for its Chapter 11 plan in March and asked for a hearing with the IRS in February to resolve this issue beforehand as it has the potential to derail these Chapter 11 cases. After the IRS began an audit of FTX’s taxes, it had originally estimated claims at $44 billion before being revised in November to $24 billion. FTX is concerned that these claims could halt plan confirmation and indefinitely delay distributions on allowed claims to customers and creditors. Law360.

INTERNATIONAL

FTX Investors Sue MLB, F1 Team Over Crypto Promotions
On November 27, FTX investors filed three class action suits in Florida federal court against Major League Baseball, Mercedes-Benz’s Formula One race team, and media companies Wasserman Media Group LLC and Dentsu McGarry Bowen LLC for promoting FTX. The investors claim that all the organizations failed to conduct adequate due diligence on FTX and “aided and abetted FTX’s deceptive marketing practices.” Further, the suits allege that the organizations had a pivotal role in deceiving the public through their promotion of FTX. Law360.

SPEAKER’S CORNER

UNITED STATES

Presidential Candidate Vivek Ramaswamy Shares Crypto Plan
On November 16, Republican presidential candidate Vivek Ramaswamy shared his plan for regulating digital assets. Ramaswamy advocated for classifying most cryptocurrencies as commodities rather than securities, and has been critical of SEC Chair Gary Gensler’s unwillingness to share how he thinks ether should be classified. Ramaswamy also shared that his administration would not target software developers just for writing code and would leave unhosted wallets unregulated. Fellow GOP candidate Ron DeSantis also has pledged to “defend the right of Americans to hold digital assets without government interference.” CoinDesk; Washington Examiner.

INTERNATIONAL

Singapore to Pilot Use of Wholesale Central Bank Digital Currencies in 2024
On November 16, Ravi Menon, Managing Director of the Monetary Authority of Singapore (MAS), announced Singapore’s plan to pilot the live issuance and use of wholesale central bank digital currencies (CBDCs) in 2024. Previously, the MAS had only simulated the issuance of wholesale CBDCs within test environments. The MAS will soon partner with local banks to pilot the use of wholesale CBDCs as a common settlement asset in domestic payments. Banks will have the ability to issue tokenized bank liabilities that represent claims on their balance sheets. Retail customers can utilize these tokenized bank liabilities in transactions with merchants who, in turn, can credit these liabilities with their respective banks. MAS; CNBC.
IMF Says Central Bank Digital Currencies Can Replace Cash
On November 15, Kristalina Georgieva, Managing Director of the International Monetary Fund (IMF), said that central bank digital currencies (CBDCs) have the potential to replace cash in island economies where the distribution of physical currency is costly. Georgieva encouraged the public sector to prepare for the deployment of CBDCs and related payment platforms in the future, noting that such technologies could potentially improve financial inclusion and financial literacy. Georgieva noted that the success of CBDCs will ultimately rely on policy decisions, how technologies evolve, personal privacy and data security, and how the private sector responds. The IMF has said that more than 100 countries are exploring CBDCs, with countries such as Jamaica, Nigeria, and the Bahamas having already issued retail CBDCs. CNBC.

OTHER NOTABLE NEWS

Gibson Dunn Debuts Fintech and Digital Assets Practice
On November 13, Gibson, Dunn & Crutcher LLP announced its fintech and digital assets practice group. The practice group consists of 40 attorneys and is co-chaired by three Washington, D.C. partners, M. Kendall Day, Jeffrey Steiner, and Sara Weed. These attorneys will “advise traditional and emerging companies on the most complex investigations and enforcement actions brought by regulators in critical markets in the United States, Europe, and Asia.” Working alongside their colleagues in other practice areas like artificial intelligence, financial institutions, data innovation, public policy, privacy and cybersecurity and many others, the fintech and digital assets practice group aims to handle a broad range of “regulatory, policy and supervision and enforcement situations involving fintech, digital assets and blockchain technology” that will enable their clients to seamlessly accelerate their growth worldwide. Gibson Dunn.
Argentina Elects Pro-Bitcoin President Javier Milei
On November 19, Argentina elected Javier Milei as its new president. Milei is known for his anti-central banking stance, criticizing the central bank for “cheating” Argentinians through inflationary tax and even proposing the elimination of the Central Bank of Argentina. As Argentina struggles with triple-digit rates of inflation, Milei sees bitcoin as “the natural reaction against central bank scammers; to make money private again.” While Milei has not proposed making bitcoin legal tender in Argentina, as it is in El Salvador, he plans to dollarize the Argentine economy to combat the country’s inflation issues. Despite his strong views on bitcoin and cryptocurrency, it remains unclear how Milei’s administration will integrate crypto into national economic policies. Blockworks

The following Gibson Dunn attorneys contributed to this issue: Jason Cabral, M. Kendall Day, Chris Jones, Jay Minga, Nick Harper, Grace Feitshans, Justin Fishman, Kameron Mitchell, Michelle Lou, and Edward Ferguson.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s FinTech and Digital Assets practice group, or the following:

FinTech and Digital Assets Group:

Ashlie Beringer, Palo Alto (650.849.5327, aberinger@gibsondunn.com)

Michael D. Bopp, Washington, D.C. (202.955.8256, mbopp@gibsondunn.com

Stephanie L. Brooker, Washington, D.C. (202.887.3502, sbrooker@gibsondunn.com)

Jason J. Cabral, New York (212.351.6267, jcabral@gibsondunn.com)

Ella Alves Capone, Washington, D.C. (202.887.3511, ecapone@gibsondunn.com)

Grace Chong, Singapore (+65 6507 3608, gchong@gibsondunn.com)

M. Kendall Day, Washington, D.C. (202.955.8220, kday@gibsondunn.com)

Michael J. Desmond, Los Angeles/Washington, D.C. (213.229.7531, mdesmond@gibsondunn.com)

Sébastien Evrard, Hong Kong (+852 2214 3798, sevrard@gibsondunn.com)

William R. Hallatt, Hong Kong (+852 2214 3836, whallatt@gibsondunn.com)

Martin A. Hewett, Washington, D.C. (202.955.8207, mhewett@gibsondunn.com)

Michelle M. Kirschner, London (+44 (0)20 7071.4212, mkirschner@gibsondunn.com)

Stewart McDowell, San Francisco (415.393.8322, smcdowell@gibsondunn.com)

Mark K. Schonfeld, New York (212.351.2433, mschonfeld@gibsondunn.com)

Orin Snyder, New York (212.351.2400, osnyder@gibsondunn.com)

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, jsteiner@gibsondunn.com)

Eric D. Vandevelde, Los Angeles (213.229.7186, evandevelde@gibsondunn.com)

Benjamin Wagner, Palo Alto (650.849.5395, bwagner@gibsondunn.com)

Sara K. Weed, Washington, D.C. (202.955.8507, sweed@gibsondunn.com)

The agreement marks a watershed moment for AI regulation and is the most significant endorsement of so-called “comprehensive” AI regulation from a major political actor on the world stage.

I. Introduction

After almost 6 months of negotiations, in the late night and early morning hours of December 8-9, 2023, the European Commission, the Council and the Parliament reached political agreement on the provisional rules that will comprise the European Union’s Artificial Intelligence Act (the “AI Act”).[1] This agreement marks a watershed moment for AI regulation, and is the most significant endorsement of so-called “comprehensive” AI regulation from a major political actor on the world stage. The provisional agreement on the AI Act would:

Establish a broad and extraterritorial scope of application,
Prohibit certain uses of AI entirely, and
Define a broad range of other uses as “high-risk” and subject to stringent requirements.

A number of procedural steps remain before the AI Act is finalized (as summarized in more detail in Section III); however, the staggered – and relatively rapid – planned enforcement of certain provisions bears note. Provisions related to prohibited AI systems are set to become enforceable six months after the Act is finalized; and provisions related to so-called General Purpose AI (“GPAI”) become enforceable 12 months after this date. The rest of the AI Act is expected to become enforceable in 2026.

The “long arm” of the AI Act will impact a broad range of business – including, but not limited to, those that intend to provide or deploy AI systems within the EU.[2] The distinct posture of the AI Act – based in part on fundamental and human rights jurisprudence – requires companies to think differently when preparing compliance strategies:

Proactive engagement with novel regulatory measures, such as a fundamental rights impact assessment for certain AI systems, and
Reimagining and documenting strategic decision-making related to internal governance and compliance in the face of unpredictable and uncertain go-forward risks.

This alert builds on our previous alerts which analyzed the European Commission’s 2021 proposal on the AI Act, the European Council’s common position (December 2022) and European Parliament’s negotiating position (June 2023). This alert takes a closer look at some of the key areas of debate in the trilogue procedure and the political agreement that was reached.

Negotiations on the final text of the AI Act remain underway, and the final wording of the provisional agreement is not yet public. The analysis below is based on public reports and our understanding of the substance of the agreement, but this may change based on a variety of factors. Keen followers of artificial intelligence would no doubt agree a lack of forward-looking certainty is the one guarantee in this area, and that applies equally to the AI Act’s journey from initial gestation to “political agreement.”

II. From negotiation to agreement: Outcome of the trilogue procedure

a) Scope of Application

The AI Act will provide for an extra-territorial scope of application that includes obligations for providers and deployers of AI systems. This has significant consequences for businesses not established in the EU, if they place an AI system on the market or put it into service in the EU. Furthermore, the regulations apply when “outputs” produced by an AI system are (or are intended to be) used in the EU. A key issue yet to be determined relates to the scope of the “output” provisions and the extent to which the AI Act regulates activities across the AI supply chain. One example could be AI-assisted R&D that is outsourced outside Europe such that only the final product (e.g., products designed using AI that do not themselves fall within the definition of an AI system and are not, technically, “outputs” of an AI system) are marketed in the EU.

b) Definition of AI

The definition of AI, a key threshold for applicability of the AI Act, has been subject to significant change throughout the legislative process. As noted in our previous alert, what started out as an overly broad definition has been reportedly narrowed over time with the goal of ensuring that traditional computational processes and software are not inadvertently captured. While the final text of the AI Act has not yet been released, the language reportedly aligns with the definition of AI recently adopted by the OECD[3] and reflects the need to preserve the ability to adjust the definition as necessary to account for future developments in the fast-moving AI landscape. While the definition in the final text does not reflect the OECD’s definition verbatim, it reflects its main elements, i.e., objective-based output generation that is able to influence its environment with varying degrees of autonomy.[4]

c) Prohibited AI systems

The AI Act classifies AI systems by risk level (unacceptable, high, limited, and minimal or no risk). AI systems that carry “unacceptable risk” are per se prohibited. In other words, the Act adopts bright line rules as to some uses of AI systems, based on fundamental rights concerns, differently from some other flagship regulations in the EU which usually allow for exceptions based on general rules. This framework will require particular diligence on behalf of businesses when classifying their AI systems for the purposes of the Act’s risk-based approach.

While the European Commission and Council advocated for a narrower list of prohibited AI systems, the Parliament’s mandate included a longer list of prohibited AI systems, banning certain use cases entirely. The agreed AI Act prohibits, inter alia:[5]

Manipulation of human behavior to circumvent end-users’ free will;
Social scoring;
Certain applications of predictive policing;
Emotion recognition systems used in the workplace; and
Real time remote biometric identification for law enforcement purposes in publicly accessible spaces (with narrow exceptions).

The European Council resisted the full ban on real-time remote biometric identification in publicly accessible spaces proposed by the European Parliament. Instead, real-time remote biometric identification for law enforcement purposes is prohibited unless it fits within narrow exceptions, such as for uses tied to the prevention of terrorist attacks or to locate victims or suspects in connection with serious offences, such as terrorism. Under the agreed version of the AI Act, other forms of biometric identification that fall outside the scope of the prohibition (i.e., ex-post biometric identification) are considered “High-Risk” (for which, see below).

d) High-risk AI systems

High-risk AI systems, while permitted, are subject to the most stringent obligations. AI systems may fall into this category if they pose a “significant risk” to an individual’s health, safety, or fundamental rights, and are used, or intended to be used, for inter alia education, employment, critical infrastructure, public services, law enforcement, border control, and administration of justice. One new obligation for companies imposed by the AI Act will be to prepare fundamental rights impact assessments (‘FRIAs’). Determining when and how to conduct an FRIA will raise many strategic and compliance-focused questions, taking account of the nature and scope of the AI system in question. Businesses will need to take steps to engage with this obligation as soon as possible.

In response to concerns that the high-risk category may be over-inclusive, the agreed version of the AI Act adds the concept of a filter system, which provides a series of exemptions that would allow providers of AI systems to avoid the high-risk category based on self-assessments.

The European Commission is expected to develop guidelines on the application of these filters. Currently, it has been reported that the filters exempt AI systems that are (i) intended to perform a narrow procedural task; (ii) intended to review or improve the result of a previously completed human activity; (iii) purely intended to detect decision-making patterns or deviations from prior decision-making patterns to flag potential inconsistencies; or (iv) used to perform preparatory tasks for an assessment relevant to critical use cases. It is not unlikely that the operation of this filter system may cause some problems in practice and lack of legal certainty as to the scope of the exemptions.

Providers that make an assessment that their systems fall outside of the high-risk category may be obliged to provide, upon request, the results of their prior assessment as to classification to the respective national market surveillance authorities. The agreed AI Act also contemplates allowing these market surveillance authorities to carry out evaluations of AI systems where they have sufficient reason to believe they should be considered high-risk, and to impose fines where they have sufficient evidence that the AI system provider misclassified their system to avoid a high-risk classification.[6]

e) General Purpose AI (Foundation Models)

As explained in our previous alert, the Parliament’s negotiating position introduced a regime for regulating GPAI models – or foundation models – consisting of models that “are trained on broad data at scale, are designed for generality of output, and can be adapted to a wide range of distinctive tasks”.[7] Parliament also introduced certain separate testing and transparency requirements, with most of the obligations falling on any deployer that substantially modifies a GPAI system for a specific use case.

The regulation of GPAI models was heavily debated during the trilogue procedure. The final text features a tiered approach (initially proposed by the European Commission) which places more onerous obligations on GPAI models that could pose “systemic” risks. The AI Act contains a presumption categorizing models as carrying a “systemic risk” where the model was trained using computing power greater than 10^25 floating point operations (FLOPs), indicating their capabilities and amount of underlying data. The European Commission has commented that “these new obligations will be operationalized through codes of practices developed by industry, the scientific community, civil society and other stakeholders together with the Commission.”[8] The tiered approach represents a compromise between the stark opposition to any regulation of foundation models in the AI Act by some Member States, including France, Germany and Italy, and the European Parliament’s preferred approach of establishing horizontal obligations which would apply equally to all foundation models.[9]

While certain obligations will apply to GPAI models, e.g., transparency obligations relating to the training data as well as copyright safeguards or making AI-generated content recognizable, providers of foundation models that meet the “systemic risks” threshold will need to notify the Commission of their status and comply with the relevant obligations in the AI Act (similar to the notification mechanism in the EU Digital Services Act). The regime places onerous obligations on providers of foundation models that are similar to those that apply to high-risk AI systems, e.g., requirements to assess and mitigate the risks their models entail, comply with certain design, information and environmental requirements and register such models in an EU database.

f) Enforcement

The AI Act envisions a strict enforcement regime set to be overseen by national authorities designated by each EU Member State to supervise compliance within its territory as well as a centralized European Artificial Intelligence Office tasked with coordinating enforcement efforts. Notably, the AI Act does not contemplate a de-centralized system of enforcement or a “one-stop shop” as under the GDPR. However, the competent national authorities will be gathered in the European Artificial Intelligence Board to ensure consistent application of the law. The maximum fines for non-compliance with the AI Act can reach up to EUR 35 million or, if the offender is a company, up to 7% of its total worldwide annual turnover for the preceding financial year, whichever is higher.[10] Certain proportionate caps on fines will apply for small and medium-sized enterprises (SMEs) and start-ups.

III. Next Steps

The AI Act is an extensive and complicated piece of legislation, and its impact will be far-reaching. After the conclusion of the trilogue process, the AI Act is now subject to formal adoption by the European Parliament and the Council. Once adopted, the AI Act will be published in the Official Journal and will enter into force 20 days following publication. However, the AI Act will not become fully enforceable until two years after its entry into force—likely in 2026—with some exceptions for specific provisions such as prohibited AI systems and AI systems classified as GPAI, which will be applicable after 6 and 12 months, respectively.

Now that political agreement has been reached, companies should be proactively engaging with the provisions of the AI Act and making preparations to ensure compliance by the applicable deadlines.

__________

[1] Council of the EU, Artificial intelligence act: Council and Parliament strike a deal on the first rules for AI in the world, press release of 9 December 2023, available here.

[2] The scope of some of the broadest jurisdictional hooks, including governing companies that are responsible for generating output from AI tools that have effect in the Union, remains to be seen.

[3] See, Luca Bertuzzi, Euractiv, OECD updates definition of Artificial Intelligence ‘to inform EU’s AI Act’, Article of 9 November 2023, available here.

[4] See, Luca Bertuzzi, Euractiv, AI Act: EU policymakers nail down rules on AI models, butt heads on law enforcement, Article of 9 December 2023, available here.

[5] European Commission, Commission welcomes political agreement on Artificial Intelligence Act, Article of 9 December 2023, available here.

[6] See, Luca Bertuzzi, Euractiv, AI Act: Leading MEPs revise high-risk classification, ignoring negative legal opinion, Article of 10 November 2023, available here.

[7] European Parliament’s compromise proposal, Art. 3(1c), available here.

[8] European Commission, Commission welcomes political agreement on Artificial Intelligence Act, Article of 9 December 2023, available here.

[9] See, Luca Bertuzzi, Euractiv, EU’s AI Act negotiations hit the brakes over foundation models, Article of 10 November 2023, available here.

[10] European Commission, Commission welcomes political agreement on Artificial Intelligence Act, Article of 9 December 2023, available here.

The following Gibson Dunn attorneys assisted in preparing this update: Vivek Mohan, Robert Spano, Kai Gesing, Joel Harrison, Christian Riis-Madsen, Nicholas Banasevic, Stéphane Frank, Frances Waldmann, Leon Freyermuth, Christoph Jacob, Jonas Jousma, Yannick Oberacker, Ciara O’Gara, Tine Rasmussen, and Hayley Smith.

Gibson, Dunn & Crutcher’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any of the leaders and members of the firm’s Artificial Intelligence or Privacy, Cybersecurity & Data Innovation practice groups, or the following authors:

Stéphane Frank – Brussels (+32 2 554 72 07, sfrank@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33 180, kgesing@gibsondunn.com)
Joel Harrison – London (+44 20 7071 4289, jharrison@gibsondunn.com)
Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Christian Riis-Madsen – Brussels (+32 2 554 72 05, criis@gibsondunn.com)
Robert Spano – London/Paris (+44 20 7071 4902, rspano@gibsondunn.com)
Frances A. Waldmann – Los Angeles (+1 213.229.7914, fwaldmann@gibsondunn.com)

Artificial Intelligence:
Cassandra L. Gaedt-Sheckter – Co-Chair, Palo Alto (+1 650.849.5203, cgaedt-sheckter@gibsondunn.com)
Vivek Mohan – Co-Chair, Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Robert Spano – Co-Chair, London/Paris (+44 20 7071 4902, rspano@gibsondunn.com)
Eric D. Vandevelde – Co-Chair, Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)

Privacy, Cybersecurity and Data Innovation:
Ahmed Baladi – Co-Chair, Paris (+33 (0) 1 56 43 13 00, abaladi@gibsondunn.com)
S. Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, aberinger@gibsondunn.com)
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, jhorvath@gibsondunn.com)
Alexander H. Southwell – Co-Chair, New York (+1 212.351.3981, asouthwell@gibsondunn.com)

Gibson Dunn has formed a Workplace DEI Task Force, bringing to bear the Firm’s experience in employment, appellate and Constitutional law, DEI programs, securities and corporate governance, and government contracts to help our clients develop creative, practical, and lawful approaches to accomplish their DEI objectives following the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center. Should you have questions about developments in this space or about your own DEI programs, please do not hesitate to reach out to any member of our DEI Task Force or the authors of this Update (listed below).

Key Developments:

On December 6, 2023, Fearless Fund (represented by Gibson Dunn) filed its merits brief in Am. Alliance for Equal Rights v. Fearless Fund Mgmt., LLC, No. 23-13138 (11th Cir. 2023). The brief is available here. Fearless Fund is a Black women-owned venture capital firm with a “Fearless Strivers” charitable grant program that provides $20,000 grants to Black female entrepreneurs as part of its mission to raise awareness about inequities in access to capital. AAER sued Fearless Fund in August 2023, claiming the program violates Section 1981 and seeking a preliminary injunction preventing Fearless Fund from awarding the grants. The district court denied the plaintiff’s motion for a preliminary injunction, but on September 30, 2023, the Eleventh Circuit temporarily enjoined the program pending appeal. AAER filed its merits brief on November 6, 2023. Its reply brief is due on January 3, 2024. Oral argument is scheduled for January 31, 2024.

On December 6, 2023, the U.S. Supreme Court heard oral arguments in Muldrow v. City of St. Louis, a case that presents potentially sweeping implications for workplace discrimination claims. The question before the Court is whether Title VII prohibits discrimination in transfer decisions if the transfer did not create a significant disadvantage for the employee, such as diminished earnings, benefits, or future career prospects. The plaintiff argued that all job-transfer decisions based on a protected characteristic violate Title VII regardless of whether an employee suffers any additional harm, an argument to which a number of Justices appeared sympathetic. The defendant argued that an employee must experience a materially adverse employment action—beyond the transfer decision itself—for the action to be cognizable under Title VII. Depending on its scope, a finding by the Court that the lateral transfer in this case was an actionable change in the “terms, conditions and privileges of employment” could significantly expand the range of employment actions subject to Title VII. An expanded definition of “terms, conditions and privileges of employment” could raise questions, for example, about whether workplace DEI programs that do not constitute tangible employment actions like promotions could nevertheless be actionable under Title VII if they provide differential treatment based on race or gender.

On November 28, 2023, America First Legal (“AFL”), on behalf of Target shareholders, filed an amended complaint in its lawsuit against Target Corporation and certain of its officers. Plaintiffs allege that the Target board depressed Target’s stock price by falsely representing that it was monitoring social and political risks to the company, when it was, in fact, only focused on risks associated with not achieving ESG and DEI goals. The original complaint alleged violations of Sections 10(b) and 14(a) of the Securities Exchange Act of 1934. The amended complaint adds a claim under Section 20(a) of the Exchange Act based on the company’s 2023 Pride Month collection. The amended complaint also adds four new plaintiffs. Responsive pleadings are due on January 26, 2024.

On December 4, 2023, the Sixth Circuit issued a decision in Ames v. Ohio Department of Youth Services, No. 23-3341 (6th Cir. Dec. 4, 2023), calling attention to a circuit split relating to a plaintiff’s burden of proof in Title VII “reverse-discrimination” cases. In affirming the district court’s decision granting summary judgment for the Department, the court relied on Sixth Circuit precedent that requires plaintiffs in reverse-discrimination cases to make an additional showing that “background circumstances . . . support the suspicion that the defendant is that unusual employer who discriminates against the majority.” In a concurring opinion, Judge Raymond M. Kethledge took issue with the background circumstances rule, noting that the rule goes against the express language of Title VII because it imposes different burdens on different plaintiffs based on their membership in different demographic groups. The Sixth, Seventh, Eighth, Tenth, and D.C. Circuits have adopted the background circumstances rule, while the Third and Eleventh Circuits have expressly rejected it. Judge Kethledge predicted that the Supreme Court will resolve the circuit split and review the validity of the background circumstances rule.

With the 2024 proxy season approaching for many publicly traded companies, special interest investors with viewpoints that span the political spectrum continue to use the shareholder proposal process set forth in Securities and Exchange Commission (SEC) Rule 14a-8 to advance their particular pro- or anti-DEI agendas. As we reported on here, shareholder proposals focused on nondiscrimination and diversity issues were the fourth most popular proposals submitted during the 2023 proxy season. These proposals largely focused on requesting racial equity or civil rights audits, reports on DEI efforts, and analyses of gender and racial pay equity. Companies also received shareholder proposals from ESG skeptics like the National Legal and Policy Center and the National Center for Public Policy Research. These proposals asked that companies roll back plans to undertake a racial equity audit, conduct a cost/benefit analysis of DEI programs and conduct a “return to merit” audit where the supporting statements focused on concerns about potential discrimination against “non-diverse” employees or discrimination based on religious and political views. DEI-related shareholder proposals submitted for 2024 annual meetings to date are similar, including shareholder proposals requesting reports on corporate DEI programs and on any risks associated with potential discrimination against conservative viewpoints or ideologies.

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

The Washington Post, “Conservatives are suing law firms over diversity efforts. It’s working.” (December 9): The Post’s Julian Mark and Taylor Telford summarize the efforts of Edward Blum’s conservative advocacy group American Alliance for Equal Rights, which has sued or sent threat letters to at least seven law firms challenging their diversity recruitment programs. At least three of these firms changed their diversity fellowship eligibility criteria. Blum noted that “it is likely that other corporate entities with similar racially discriminatory policies will be sued in the coming weeks.” Professor Kenji Yoshino was quoted extensively and offered alternative paths to achieving DEI goals in this new legal landscape.
Bloomberg Law, “Blum Says He’s Done Suing Law Firms as Winston Yields on DEI.” (December 6, 2023): Bloomberg Law’s Tatyana Monnay reports that AAER has no further plans to sue law firms, however, Edward Blum noted that his team still “combs websites of hundreds of firms looking for any evidence of programs he views as illegal.”
Law360, “Commerce Dept. Wants Feedback on Draft DEI Principles” (November 27): Law360’s Sarah Jarvis reports on a recent request by the U.S. Department of Commerce for comments on a proposed set of DEIA principles that set out best practices for DEI in the private sector. According to the Department’s Federal Register notice, the Initiative is intended to be the first step in a long-term effort to “convene private sector business diversity leaders, amplify existing efforts, and inspire additional, voluntary business diversity efforts.” The draft principles are focused on executive leadership, organizational strategy, workforce development, human resources, business opportunities, and community investment. Comments are due January 5, 2024.
Bloomberg Law, “Nasdaq’s Board Diversity Court Win Draws New Conservative Appeal” (November 28): Bloomberg Law’s Andrew Ramonas reports that the National Center for Public Policy Research (“NCPPR”) has filed a petition for en banc review of the Fifth Circuit’s October decision in Alliance for Fair Board Recruitment v. SEC, upholding Nasdaq’s Board Diversity Rules. The Alliance for Fair Board Recruitment, the other petitioner in the case, previously filed a petition for rehearing in October. Among other things, NCPPR contends that the rules exceed the scope of the Exchange Act. Gibson Dunn represents Nasdaq as an intervenor in the case.
Law360 California Pulse, “Diversity In Management Linked To Higher Long-Term Growth” (November 30): Law360’s Aaron West summarizes a new study by corporate social responsibility and workplace equity nonprofit As You Sow, which found that, in certain industries, companies with more racial diversity in management are more likely to demonstrate increases in average long-term financial growth, income after tax, and other financial metrics. According to the report, these positive correlations were evident in the “communication services, consumer discretionary, consumer staples, financials, health care, and information technology sectors.” West notes that the study also identified that the most statistically significant positive financial gains occurred among companies with the largest market capitalization.
Law360, “4th Circ. Reluctant To Reverse White Exec’s Race Bias Verdict” (December 7): Law360’s Hayley Fowler reports on the oral argument before a panel of the Fourth Circuit in Duvall v. Novant Health Inc., a case in which a white executive was awarded nearly $4.6 million after a jury trial on his claim that he was fired as a result of a North Carolina hospital’s diversity initiative, in violation of Title VII. Oral argument on Novant Health’s appeal included an extended discussion of the efforts white collar workers must make to find new employment, in order to mitigate damages. According to Fowler, the panel “seemed dubious” overall of undoing the jury verdict in favor of the plaintiff.

Current Litigation:

Below is a list of updates in new and pending cases:

1. Contracting claims under Section 1981, the U.S. Constitution, and other statutes:

Am. Alliance for Equal Rights v. Winston & Strawn LLP, No. 4:23-cv-04113 (S.D. Tex. 2023): AAER sued law firm Winston & Strawn, challenging its 1L diversity fellowship program as racially discriminatory in violation of Section 1981.
- Latest update: On December 6, 2023, AAER dismissed the case after Winston & Strawn changed its fellowship program eligibility language to be race-neutral.
Phillips v. Starbucks Corp., No. 19-cv-19432 (D.N.J. 2019): On October 28, 2019, a white former Starbucks regional director sued the company for firing her based on her race, allegedly to protect its image after the company suffered bad press when two Black men were arrested in a store for which the plaintiff oversaw operations. The plaintiff alleged discrimination and retaliation in violation of Title VII, Section 1981, and New Jersey state law. On June 12, 2023, a New Jersey federal jury awarded $25.6 million in compensatory and punitive damages to the plaintiff. On July 13, 2023, Starbucks filed a number of post-trial motions, including a motion to vacate and a motion for judgment as a matter of law.
- Latest update: The court heard oral argument on the post-trial motions on November 30, 2023.
Correll v. Amazon.com, Inc., No. 3:21-cv-1833 (S.D. Cal. 2022): On October 28, 2021, a white male businessman sued Amazon, alleging that by having a feature within its website that allows consumers to identify products sold by non-white, non-male sellers, the company violated Section 1981 and separately California Civil Code §§ 51 and 51.5, which prohibit racial discrimination by businesses.
- Latest update: On November 28, 2023, the parties filed a joint motion to dismiss, stipulating to the plaintiff’s dismissal of the action against Amazon with prejudice. The court granted the motion on November 30, 2023.
Bradley, et al. v. Gannett Co. Inc., 1:23-cv-01100 (E.D.V.A. 2023): On August 18, 2023, white plaintiffs sued Gannett over its alleged “Reverse Race Discrimination Policy,” in response to Gannett’s expressed commitment to having its staff demographics reflect the communities it covers, alleging violations of Section 1981.
- Latest update: On November 24, Gannett moved to dismiss, arguing that the plaintiffs failed to state Section 1981 claims because they did not plead specific facts connecting the allegedly discriminatory policy with their own differential treatment on the basis of race. Gannett also argued that many of the actions that the plaintiffs challenged, including performance evaluations and reassignments, did not rise to actionable adverse employment actions. A hearing on the motion to dismiss has been scheduled for January 10, 2024.

2. Challenges to agency rules, laws, and regulatory decisions:

Alliance for Fair Board Recruitment v. SEC, No. 21-60626 (5th Cir. 2021): On October 18, 2023, a unanimous Fifth Circuit panel rejected challenges to Nasdaq’s Board Diversity Rules and the SEC’s approval of those rules. Petitioners Alliance for Fair Board Recruitment and National Center for Public Policy Research sought review of the SEC’s approval of Nasdaq’s Board Diversity Rules, which require companies that have contracted to list their shares on Nasdaq’s exchange to (1) disclose aggregated information about their board members’ voluntarily self-identified diversity characteristics (including race, gender, and sexual orientation), and (2) provide an explanation if fewer than two board members are diverse. The SEC approved the rules after determining that they were consistent with the Exchange Act. Petitioners challenged the rules on constitutional and statutory grounds. Gibson Dunn represents Nasdaq, which intervened to defend its rules.
- Latest update: On October 25, 2023, AFBR petitioned for a rehearing en banc. On November 27, 2023, NCPPR also petitioned for rehearing en banc, and the court ordered the SEC and Nasdaq to respond to the petitions. On November 28, Republican Attorneys General from Utah and 18 other states filed an amicus brief in support of the petitions. Responses to these petitions are due December 18, 2023.
Johnson v. Watkin, No. 1:23-cv-00848-ADA-CDB (E.D. Cal. 2023): On June 1, 2023, a community college professor in California sued to challenge new “Diversity, Equity and Inclusion Competencies and Criteria Recommendations” enacted by the California Community Colleges Chancellor’s Office, claiming the regulations violated the First and Fourteenth Amendments. The plaintiff alleged that the adoption of the new competency standards, which require professors to be evaluated in part on their success in integrating DEI-related concepts in the classroom, will require him to espouse DEI principles with which he disagrees, or be punished. The plaintiff moved to enjoin the policy.
- Latest update: On November 29, 2023, both plaintiff and defendant filed objections to the magistrate judge’s recommendation and proposed order granting a preliminary injunction to prevent the college from disciplining or investigating the plaintiff based on his political speech. The plaintiff argued that the court should enjoin the new DEI rules in their entirety. The defendants argued that the proposed injunction is overbroad and forecloses all DEI policies (including those not yet written), and is factually inaccurate as to how disciplinary procedures work. The defendants further argued that the plaintiff lacks standing and that the rules are constitutionally permissible standards for job-related conduct rather than restrictions of the plaintiff’s personal views.

3. Educational Institutions and Admissions (Fifth Amendment, Fourteenth Amendment, Title VI, Title IX):

Students for Fair Admissions, Inc. v. University of Texas at Austin, 1:20-cv-00763-RP (W.D. Tex. 2020): On July 20, 2020, SFFA sued the University of Texas, alleging that UT Austin’s methods of considering race in undergraduate admissions violated the Equal Protection Clause of the Fourteenth Amendment, Sections 1981, Title VII, the Texas Constitution, and Texas state law.
- Latest update: On October 27, 2023, the defendants moved to dismiss the action as moot, claiming UT Austin made its admissions process race-neutral following the Supreme Court’s decision in SFFA v. Harvard. On November 27, SFFA opposed dismissal, arguing the case is still live because UT Austin has allegedly failed to implement safeguards to ensure its admissions officers comply with the new policy and because SFFA is still seeking an injunction to prohibit UT from reinstituting its prior policy. The defendants’ reply is due on January 11, 2024.
Students for Fair Admissions v. United States Naval Academy, No. 1:23-cv-02699-ABA (D. Md. 2023): On October 5, 2023, SFFA sued the U.S. Naval Academy, arguing that consideration of race in its admissions process violates the Fifth Amendment.
- Latest update: On November 27, 2023, the court set a hearing on the plaintiffs’ motion for a preliminary injunction for December 14, 2023. On December 1, 2023, the Naval Academy and other federal defendants filed their response to the preliminary injunction motion, arguing that SFFA did not demonstrate that it had standing because it submitted only anonymous declarations on behalf of its members, and that it did not demonstrate irreparable harm because there had been a substantial delay in bringing the action. On the merits, the Academy argued that the military has a compelling national security interest in a diverse officer corps, and that its admissions process was narrowly tailored.
Students for Fair Admissions v. U.S. Military Academy at West Point, No. 7:23-cv-08262 (S.D.N.Y. 2023): On September 19, 2023, SFFA sued West Point, arguing that affirmative action in its admissions process, including alleged racial “benchmarks” of “desired percentages” of minority representation, violates the Fifth Amendment of the U.S. Constitution by taking applicants’ race into account.
- Latest update: On November 22, 2023, West Point and other federal officials filed their opposition to the motion for a preliminary injunction. They argued that SFFA has not demonstrated it has standing because it has not pled facts to show its members, who are described anonymously in the complaint, have a stake in the controversy. They also argued that SFFA did not demonstrate irreparable harm, in part because its members have not actually applied for admission to West Point. On the merits, West Point argued that its admissions process is constitutional because the military has a compelling national security interest in a diverse officer corps distinct from academic interests in student diversity, and its admissions process is narrowly tailored.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Elizabeth Ising, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Matt Gregory, Zoë Klein, Mollie Reiss, Teddy Rube*, Alana Bevan, and Marquan Robertson*.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, jschwartz@gibsondunn.com)

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, ksmith@gibsondunn.com)

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, mdenerstein@gibsondunn.com)

Elizabeth A. Ising – Partner & Co-Chair, Securities Regulation and Corporate Governance
Washington, D.C. (+1 202-955-8287, eising@gibsondunn.com)

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, zswilliams@gibsondunn.com)

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, msenger@gibsondunn.com)

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, bevanson@gibsondunn.com)

*Teddy Rube and Marquan Robertson are associates working in the firm’s Washington, D.C. office who are not yet admitted to practice law.

The role of ESG in capital markets transactions has evolved significantly over the last five years. Please join us for a discussion of these topics and questions provided by the audience.

What opportunities does ESG present to access capital?
What risks does leveraging ESG present for issuers and underwriters?
How does ESG impact marketing, disclosure and diligence?
What are current ESG market trends?
How can we expect ESG to impact capital markets in the future?

PANELISTS:

Crystal Simpson is a managing director and head of energy equity capital markets at Evercore, which includes sustainable energy & clean technology, oil & gas, power, mining and chemicals. Ms. Simpson has led more than 550 bookrun energy equity offerings. Since 2012, she has raised over $120 billion for energy companies, including Altus Power, Antero, Crescent Energy, EVgo, Gulfport, Lithium Americas, Plains All American, Piedmont Lithium, QuantumScape, Shell Midstream, Rice Energy, RSP Permian, Targa, Viper and Williams. She has deep experience leading initial public offerings, follow-ons, equity-linked offerings, private investments in public equities (PIPEs) and pre-IPO capital. She graduated summa cum laude from Washington & Lee University with a B.S. in business administration and accounting alongside a double-major in broadcast journalism.

Oscar Sloterbeck is a senior managing director and leads Evercore ISI’s Company Surveys Team. Mr. Sloterbeck was ranked No. 3 for economics in the 2023 Institutional Investor All-America Research Team survey, a position he has held since 2019. As head of Company Surveys, he oversees proprietary surveys of companies, investors and U.S. states, as well as teens and young adults. These surveys provide unique insights into the economy and market sentiment. Prior to joining Evercore, Mr. Sloterbeck spent three years at JPMorgan Investment Management on the macroeconomics team. He is a chartered financial analyst and earned his B.A. from the College of William & Mary.

Hillary Holmes is Co-Chair of Gibson Dunn’s Capital Markets practice group. Hillary advises corporations, investment banks and institutional investors on all forms of long-term and strategic capital raising, including sustainability-linked financings and IPOs. She regularly advises companies on obligations under federal securities laws, corporate governance and ESG issues. Chambers ranks her amongst the top lawyers for energy capital markets, energy transactions and corporate counseling, and Law 360 has twice named her an Energy MVP. Hillary earned her JD from University of Pennsylvania Law School and her BA from Duke University, cum laude.

Jason Meltzer is a partner in Gibson Dunn’s Litigation Department and has experience in a wide range of complex commercial litigation, with an emphasis on securities and consumer products class action defense. Jason has defended several cases challenging ESG statements as false or misleading, and authored several publications on minimizing risks in connection with ESG statements. Jason also frequently consults for companies about how to minimize litigation risks in connection with their ESG statements and reports. The National Law Journal, Super Lawyers, and The Washington Post Magazine have all recognized Jason as a class actions and civil litigation “Rising Star,” and Jason was recently recognized as one of The Best Lawyers in America in the Commercial Litigation category. Jason received his B.A., magna cum laude, from the University of Pennsylvania, and his J.D. from the University of Pennsylvania Law School.

Marie Kwon is of counsel in the New York office of Gibson, Dunn & Crutcher. She is a member of the firm’s Capital Markets and Securities and Regulation and Corporate Governance Groups. Marie’s practice focuses on counseling corporations and financial institutions on a wide variety of capital markets transactions, including initial public offerings, secondary offerings, debt offerings and ESG financing. In addition, she has advised public companies on reporting obligations under the Exchange Act. Marie received her Juris Doctor from Columbia University. She graduated magna cum laude from Brown University with a Bachelor of Arts degree in International Relations and was a member of Phi Beta Kappa.

MCLE CREDIT INFORMATION:

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact CLE@gibsondunn.com to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

This edition of Gibson Dunn’s Federal Circuit Update summarizes the current status of several petitions pending before the Supreme Court, and recent Federal Circuit decisions concerning attorneys’ fees under 35 U.S.C. § 285, Article III standing, and the Board’s authority to issue a final written decision past the statutory deadline.

Federal Circuit News

Noteworthy Petitions for a Writ of Certiorari:

As we summarized in our October 2023 update, there are a few petitions pending before the Supreme Court. We provide an update below:

In VirnetX Inc. v. Mangrove Partners Master Fund, Ltd. (US No. 23-315), the Court granted an extension for the response, which is now due December 27, 2023. An amicus curiae brief has been filed by the Cato Institute.
In Intel Corp. v. Vidal (US No. 23-135), a response was filed on November 9, 2023. Three amici curiae briefs have been filed. The petition will be considered during the Court’s January 5, 2024 conference.
The Court denied the petition in HIP, Inc. v. Hormel Foods Corp. (US No. 23-185).

Other Federal Circuit News:

New Federal Circuit Rules. The December 1, 2023 amendments to the Federal Circuit Rules are now in effect. The Federal Circuit has also approved increases to its local fees effective December 1, 2023. Details can be found here.

Upcoming Oral Argument Calendar

The list of upcoming arguments at the Federal Circuit is available on the court’s website.

Key Case Summaries (November 2023)

In re PersonalWeb Technologies LLC, Nos. 21-1858, 21-1859, 21-1860 (Fed. Cir. Nov. 3, 2023): This was the third appeal from a multidistrict litigation involving PersonalWeb. In 2011, PersonalWeb sued Amazon for patent infringement. After claim construction, PersonalWeb dismissed with prejudice its claims against Amazon. Then, in 2018, PersonalWeb brought claims against Amazon’s customers on the same patents. Amazon intervened and filed a motion for declaratory judgment barring PersonalWeb’s infringement actions against Amazon and its customers. The cases were consolidated. The district court ultimately entered judgment of non-infringement in favor of Amazon. Amazon then moved for attorneys’ fees and costs under 35 U.S.C. § 285. The district court granted that motion and awarded over $5 million in fees and costs.

The majority (Reyna, J., joined by Lourie, J.) affirmed, holding that the district court did not abuse its discretion in awarding fees and costs. In particular, the majority concluded that the district court did not abuse its discretion when it determined that PersonalWeb’s claims were objectively baseless because it required only a “straightforward application of Kessler,” which precludes follow-up suits against a company’s customers over the same allegedly infringing products that had already been adjudicated. The majority reasoned that a dismissal with prejudice operates as an adverse adjudication on the merits.

Judge Dyk dissented, reasoning that PersonalWeb’s claims against Amazon’s customers were not objectively baseless in light of unsettled case law surrounding the Kessler doctrine, and specifically whether the Kessler doctrine applies to a stipulated dismissal with prejudice or only to a litigated determination of non-infringement. Indeed, PersonalWeb sought certiorari on that very issue from its 2018 litigation, and the Solicitor General filed an amicus brief agreeing with PersonalWeb that its claims should not have been barred under Kessler. Thus, Judge Dyk would have remanded because, in his view, the district court abused its discretion in awarding fees based on PersonalWeb’s Kessler argument.

Actelion Pharmaceuticals Ltd. v. Mylan Pharmaceuticals Inc., No. 22-1889 (Fed. Cir. Nov. 6, 2023): Actelion sued Mylan for infringing two of Actelion’s patents directed to epoprostenol formulations. The parties disputed the meaning of a limitation in the patents requiring “a pH of 13 or higher.” The district court construed the phrase to encompass “values that round up or down to 13, 12.5 and 13.4,” relying exclusively on the intrinsic evidence. Mylan stipulated to infringement of Actelion’s patents under the district court’s construction, and appealed.

The Federal Circuit (Stoll, J., joined by Reyna and Stark, J.J.) vacated and remanded. The Court concluded that the intrinsic evidence was not sufficiently clear as to the level of precision required by a “pH of 13 or higher” and that the district court should have considered the extrinsic evidence the parties presented to ascertain the ordinary meaning of the phrase. Accordingly, the Court vacated the district court’s construction and remanded for the district court to consider the extrinsic evidence in the first instance.

Allgenesis Biotherapeutics Inc. v. Cloudbreak Therapeutics, LLC, No. 22-1706 (Fed. Cir. Nov. 7, 2023): Allgenesis filed a petition for inter partes review (“IPR”) challenging Cloudbreak’s patent directed to the use of multikinase inhibitors, including nintedanib, for treating pterygium, an eye condition involving tumorous growths. During the proceeding, Cloudbreak disclaimed the genus claims, leaving only the claims that more narrowly claimed the use of nintedanib. The Board issued a final written decision finding that Allgenesis failed to show that the remaining nintedanib claims were unpatentable. Specifically, the Board found that the nintedanbi claims were sufficiently described by the specification of a provisional application from which the Cloudbreak patent claimed priority and therefore predated the alleged prior art reference.

The Federal Circuit (Moore, C.J., joined by Stoll and Cunningham, JJ.) dismissed the appeal because it determined that Allgenesis lacked Article III standing. The Court determined that Allgenesis failed to establish an injury-in-fact from potential infringement liability or that the Board’s priority analysis would have a preclusive effect, impacting Allgenesis’s patent rights in issued or still-pending continuation applications. Specifically, the Court held that collateral estoppel would not attach to the Board’s non-appealable priority determination. Instead, if an examiner were to reach the same priority determination during prosecution of Allgenesis’s pending application, “Allgenesis can challenge that determination in a separate appeal.”

Purdue Pharma L.P. v. Collegium Pharmaceutical, Inc., No. 22-1482 (Fed. Cir. Nov. 21, 2023): Purdue sued Collegium for infringement of Purdue’s patent directed to a formulation containing a gelling agent that “prevent[s] or deter[s] the abuse of opioid analgesics by the inclusion of at least one aversive agent in the dosage form.” Collegium filed a petition for post-grant review (“PGR”) of the patent. Purdue subsequently filed for bankruptcy and requested a stay of all proceedings, including the PGR. After the statutory deadline for the Board to issue a final written decision had passed, Purdue asked for the stay to be lifted for the district court proceedings only, but the bankruptcy court lifted the stay for both the district court and PGR proceedings. Purdue then moved to terminate the PGR proceeding, arguing that the Board no longer had the authority to issue a final written decision. The Board denied the motion and issued its final written decision, finding the challenged claims unpatentable for lack of written description and anticipation.

The Federal Circuit (Dyk, J., joined by Hughes and Stoll, JJ.) affirmed. The Court determined that the Board’s failure to meet the statutory deadline did not deprive the Board of authority to issue a final written decision. The Court noted that the statutory language required that the Board issue a final written decision by a certain deadline, but found no congressional intent to “deprive the agency of power” to act after the deadline passed.

The following Gibson Dunn attorneys assisted in preparing this update: Blaine Evanson, Jaysen Chung, Audrey Yang, Al Suarez, Julia Tabat*, and Vivian Lu.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Federal Circuit. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Appellate and Constitutional Law or Intellectual Property practice groups, or the following authors:

Blaine H. Evanson – Orange County (+1 949.451.3805, bevanson@gibsondunn.com)
Audrey Yang – Dallas (+1 214.698.3215, ayang@gibsondunn.com)

Appellate and Constitutional Law:
Thomas H. Dupree Jr. – Washington, D.C. (+1 202.955.8547, tdupree@gibsondunn.com)
Allyson N. Ho – Dallas (+1 214.698.3233, aho@gibsondunn.com)
Julian W. Poon – Los Angeles (+ 213.229.7758, jpoon@gibsondunn.com)

Intellectual Property:
Kate Dominguez – New York (+1 212.351.2338, kdominguez@gibsondunn.com)
Y. Ernest Hsin – San Francisco (+1 415.393.8224, ehsin@gibsondunn.com)
Josh Krevitt – New York (+1 212.351.4000, jkrevitt@gibsondunn.com)
Jane M. Love, Ph.D. – New York (+1 212.351.3922, jlove@gibsondunn.com)

*Julia Tabat is an associate working in the firm’s Dallas office who currently is admitted to practice in Illinois.

An Expert Analysis of FCPA Liability and Avoiding the Third Party Pitfall

Gibson, Dunn & Crutcher LLP is pleased to announce with Global Legal Group the release of Global Legal Insights – Bribery & Corruption 2024. Gibson Dunn partner Michael Diamant and partner-elect Melissa Farrar, with assistance from associates Allison Lewis and Kelly Skowera, were contributing editors to the publication’s Expert Analysis chapter, “Bribery & Corruption Laws and Regulations 2024 | FCPA liability: avoiding the thirdparty pitfall,” which addresses FCPA liability for actions of third parties and related compliance strategies. The Guide, comprising 21 jurisdictions, is live and FREE to access.

Please view this informative and comprehensive chapter via the links below:

CLICK HERE to view “Bribery & Corruption Laws and Regulations 2024 | FCPA liability: avoiding the thirdparty pitfall.”

CLICK HERE to view, download or print a PDF version.

The following Gibson Dunn lawyers prepared this publication: Michael Diamant and Melissa Farrar, with assistance from Allison Lewis and Kelly Skowera.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Anti-Corruption & FCPA practice group, or the following authors:

Michael S. Diamant – Washington, D.C. (+1 202.887.3604, mdiamant@gibsondunn.com)

Melissa Farrar – Washington, D.C. (+1 202.887.3579, mfarrar@gibsondunn.com)

Join us for a 30-minute briefing covering several M&A practice topics. The program is the fourth in a series of quarterly webcasts designed to provide quick insights into emerging issues and practical advice on how to manage common M&A problems. Stephen Glover, co-chair of the firm’s Global Mergers and Acquisitions Practice, acts as moderator.

Topics discussed:

Branden Berns and Pamela Endreny discuss some of the key corporate, securities law and tax issues that arise in connection with the use of contingent value rights to bridge valuation gaps in M&A transactions.
Lora Elizabeth MacDonald describes the Department of Justice’s plan to provide guidance regarding corporate self-disclosure tailored to M&A transactions.
Andrew Kaplan provides an update on recent trends in shareholder activism.

PANELISTS:

Stephen Glover is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher who has served as Co-Chair of the firm’s Global Mergers and Acquisitions Practice. Mr. Glover has an extensive practice representing public and private companies in complex mergers and acquisitions, joint ventures, equity and debt offerings and corporate governance matters. His clients include large public corporations, emerging growth companies and middle market companies in a wide range of industries. He also advises private equity firms, individual investors and others. Mr. Glover has been ranked in the top tier of corporate transactions attorneys in Washington, D.C. for the past seventeen years (2005 – 2023) by Chambers USA America’s Leading Business Lawyers. He has also been selected by Chambers Global for the past five years as a top lawyer for USA Corporate/M&A. Chambers has singled out Mr. Glover as the only “Star” corporate lawyer in the District of Columbia.

Branden Berns is a partner in the San Francisco office of Gibson, Dunn & Crutcher, where he practices in the firm’s Corporate Transactions Practice Group, with a practice focused on representing leading life sciences companies and investors. Mr. Berns advises clients in connection with a variety of financing transactions, including initial public offerings, secondary equity offerings and venture and growth equity financings, as well as complex corporate transactions, including mergers and acquisitions, asset sales, spin-offs, joint ventures, PIPEs and leveraged buyouts. Mr. Berns regularly serves as principal outside counsel for publicly-traded companies and advises management and boards of directors on corporate law matters, SEC reporting and corporate governance.

Pamela Lawrence Endreny is a partner in the New York office of Gibson, Dunn & Crutcher. Ms. Endreny represents clients in a broad range of U.S. and international tax matters. Ms. Endreny’s experience includes mergers and acquisitions, spin-offs, joint ventures, financings, restructurings and capital markets transactions. She has obtained private letter rulings from the Internal Revenue Service on tax-free spin-offs and other corporate transactions. She has been repeatedly selected for inclusion in Chambers USA: America’s Leading Lawyers for Business, and was also named a Tax “MVP” by Law360. Ms. Endreny is a member of the Executive Committee of the New York State Bar Association Tax Section. She is also a member of the Tax Forum and Private Investment Fund Tax Forum.

Andrew Kaplan is a partner in the New York office of Gibson, Dunn & Crutcher, where his practice focuses on mergers and acquisitions, and corporate governance matters. Mr. Kaplan represents both public and private acquirors and targets in connection with mergers, acquisitions and takeovers, both negotiated and contested. Mr. Kaplan also advises corporations and their boards of directors in connection with corporate governance and compliance matters, shareholder activism, takeover preparedness and other corporate matters. He also represents various major investment banks as financial advisors in M&A transactions, and hedge funds in their M&A and investment activities. Mr. Kaplan also has represented both issuers and underwriters in a variety of securities transactions.

Lora Elizabeth MacDonald is of counsel in the Washington, D.C. office of Gibson, Dunn & Crutcher. She practices in the Firm’s Litigation Department, focusing on white collar criminal defense, internal investigations, and corporate compliance.Lora has extensive experience representing multinational corporations as well as individuals in connection with internal investigations related to potential violations of the U.S. Foreign Corrupt Practices Act (“FCPA”) and U.S. antitrust laws. As part of her practice, she regularly interacts with attorneys at the U.S. Department of Justice and the U.S. Securities and Exchange Commission. Lora has particular experience guiding companies towards the resolution of DOJ and SEC investigations, as well as prophylactic and post-resolution corporate compliance. Lora regularly advises on anti-corruption aspects of proposed mergers and acquisitions, and conducts related due diligence as well as compliance program reviews and pre- and post-acquisition due diligence.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 0.5 credit hour, of which 0.5 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 0.5 hour.

Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. It is the opinion of this provider that this activity qualifies for up to 30 minutes toward your annual CLE requirement in Connecticut, including 0 hour(s) of ethics/professionalism.

Application for approval is pending with the Texas, Virginia and Washington State Bars.

The Proposed Guidelines set out for the first time the specific regulatory requirements and the SFC’s regulatory expectations in respect of market soundings in Hong Kong.

On October 11, 2023, Hong Kong’s Securities and Futures Commission (“SFC”) published a consultation paper (the “Consultation Paper”) on the proposed guidelines for market soundings (the “Proposed Guidelines”).[1] The Proposed Guidelines are noteworthy since it sets out for the first time the specific regulatory requirements and the SFC’s regulatory expectations in respect of market soundings in Hong Kong. This client alert will explore the SFC’s proposals in greater detail.

I. Why introduce the Proposed Guidelines?

To understand the rationale of the requirements in the Proposed Guidelines, it is helpful to understand why the SFC has decided that it is the appropriate time to introduce the Proposed Guidelines.

Firstly, the SFC observed an increasing number of persons trading ahead of placings and block trades, which suggested that some intermediaries may have unfairly taken advantage of non-public information received during market soundings to make unjustified profits. This led the SFC’s thematic review of market sounding practices and controls adopted by intermediaries in 2022, where the SFC noted a divergence of practices among intermediaries in designing their risk controls over market soundings, which suggested that more clarity on the SFC’s regulatory expectations was required to deter substandard conduct and to assist intermediaries in upholding market integrity during market soundings.

Secondly, in light of the determination of the Securities and Futures Appeals Tribunal (“SFAT”) on September 27, 2022 (the “SFAT Determination”) in the Aarons case,[2] the SFC considered it appropriate to provide both sell-side and buy-side market participants with additional clarity on complying with the general principles in the Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission (the “Code of Conduct”) during market soundings. In summary, the case involved a hedge fund manager who entered into short swaps (which can be used for short selling) after the manager received non-public information about an intended block sale (a large, privately negotiated sale of securities) of shares in a listed Korean company from one of the underwriters of the block sale. The communication was made by the underwriter (a sell-side broker) to the hedge fund manager (a buy-side participant) as part of a market sounding to see if the manager would be interested in participating as a buyer on the block sale. After news of the block sale became public, there was a material drop in the share price of the listed Korean company, and the short swaps entered into by the hedge fund manager generated a profit for the fund he managed.

The SFAT upheld the finding by the SFC that the hedge fund manager’s conduct was such that he was not a fit and proper person to continue to be licensed, having regard to General Principles 1 (Honesty and fairness) and 7 (Compliance) of the Code of Conduct. In doing so, the SFAT determined that a two years suspension of the hedge fund manager’s licence was the most appropriate sanction.

It is relevant to note that the hedge fund manager was not charged with the offence of insider dealing under the Securities and Futures Ordinance (Cap. 571) (“SFO”). The reason is likely because the civil and criminal insider dealing regimes[3] under the SFO have a regulatory lacuna with respect to insider dealing committed in Hong Kong with respect to overseas listed securities. This regulatory lacuna will be addressed when amendments to the insider dealing provisions under the SFO are introduced (please see our earlier client alert [4] for further details). As such, in hearing the appeal, it was not necessary for the SFAT to determine whether or not the communication made to the hedge fund manager constituted “inside information” as defined in the SFO. Rather, the issue to be determined by the SFAT was whether the hedge fund manager’s conduct breached the Code of Conduct (namely, General Principles 1 and 7).[5] The SFAT ultimately agreed with the SFC’s findings that the hedge fund manager’s deceitful conduct after receiving “material non-public information” about an impending block sale meant that he failed to adhere to principles of honest and fair conduct, and hence failed to act with the integrity that the market required, and in conclusion failed to comply with General Principles 1 and 7 of the Code of Conduct.

II. What communications are subject to the Proposed Guidelines?

The Proposed Guidelines would apply to the communication of non-public information – irrespective of whether or not it is price-sensitive “inside information”[6] – with potential investors prior to the announcement of a securities transaction, to gauge their interest in a potential transaction or assist in determining the specifications related to a potential transaction (such as private placements and large block trades) (“Market Sounding”), by intermediaries who:

Disclose non-public information during the course of a Market Sounding (“Disclosing Person”), such as a sell-side broker acting on behalf of an issuer or an existing shareholder selling in the secondary market (“Market Sounding Beneficiary”) in a potential securities transaction; and
Receive non-public information during the course of a Market Sounding, such as a buy-side firm that is sounded out by a Disclosing Person as a potential investor in a potential securities transaction(collectively, a “Market Sounding Intermediary”).[7]

It is important to highlight that the Proposed Guidelines apply to communications on all “non-public information”, irrespective of whether the same information constitutes “inside information” under the SFO. It is also noticeable that, despite referring to the SFAT Determination, the Proposed Guidelines do not use the potentially narrower term “material” non-public information, as found in the SFAT Determination, and instead adopt the much broader term “non-public information”. This appears to be intentional, as the Consultation Paper explains that one of the SFC’s concerns was that intermediaries may run the risk of potential misconduct from an inaccurate determination of what constitutes “inside information”, as it often involved complex judgment and interpretations and that it was not uncommon for parties to arrive at different conclusions)[8] – and presumably similar concerns apply to the determination of whether or not non-public information is “material” or not. Adopting the broader term “non-public information” therefore reduces the risk of inaccurate determinations.

III. What communications are not subject to the Proposed Guidelines?

According to the Consultation Paper, the Proposed Guidelines will not apply to communications regarding:

Speculative transactions or trade ideas shared by a Disclosing Person without consulting with the potential Market Sounding Beneficiary or without any “level of certainty” of such transactions materialising. The Proposed Guidelines provides guidance on the factors to consider in determining whether there is some “level of certainty”, such as the extent to which the Market Sounding Beneficiary has expressed an interest with the Disclosing Person in proceeding with a possible transaction, among other factors[9];
Transaction in such size, value, structure or selling method, that are commensurate with “ordinary day-to-day trade execution”, such as a sell-side broker sourcing potential buy-side participants to execute an ordinary size trade (in relation to the average trading volume or market capitalisation) after receiving an actual order instruction placed by the sell-side broker’s client with a genuine intention for execution; and
Public offering of securities.

The above carve-outs will be important in light of the wide range of Market Sounding communications that are likely to contain some form of “non-public information”. However, internal procedures and controls will need to be carefully designed and implemented, or else intermediaries run the risk of potential misconduct from an inaccurate determination of whether a particular communication falls within the above carve-outs, and therefore failing to comply with the regulatory requirements in the Proposed Guidelines.

The Proposed Guidelines also make clear that they may apply even before a formal mandate from the Market Sounding Beneficiary is received, i.e. as soon as the Disclosing Person starts to conduct any form of market sounding (soft or otherwise) on behalf of a Market Sounding Beneficiary.

IV. Core Principles of Market Sounding

The Proposed Guidelines contain a set of Core Principles (“CP”), which all Market Sounding Intermediaries should comply with in conducting Market Soundings. The CPs are briefly summarised below[10]:

CP 1. Market Integrity: Market Sounding Intermediaries should maintain confidentiality and not trade on or use non-public information passed or received during Market Soundings for the benefit of themselves or others until the information ceases to be non-public.
CP 2. Governance: Market Sounding Intermediaries should implement robust governance and oversight arrangements over its Market Sounding activities. This includes: (i) senior management are responsible for oversight of Market Soundings; (ii) establish governance arrangements for Marketing Soundings; (iii) designate a committee or person(s) independent from the “front-office” to monitor Market Soundings in support of senior management oversight; and (iv) develop and implement appropriate reporting lines and escalation processes to ensure any Market Sounding issues are promptly reported to senior management and the designated committee or person(s) for review and follow-up action.
CP 3. Policies and Procedures: Market Sounding Intermediaries should establish and maintain effective policies and procedures specifying the manner and expectations in which its Market Soundings should be conducted. The written polices and procedures should cover, among other matters: (i) when they become applicable and the timing and procedures of Market Soundings; (ii) allocation of roles and responsibilities among staff involved in Market Soundings, taking into account the “three lines of defence” and ensuring proper staff training; (iii) personal dealing restrictions; (iv) escalation protocols; (v) consequences for non-compliance with the Market Sounding requirements; (vi) categorisation, identification and handling of information during the course of Market Soundings; and (vii) record-keeping requirements.
CP 4. Information Barrier Controls: Market Sounding Intermediaries should implement adequate and effective physical and electronic information barrier controls to prevent inappropriate disclosure, misuse or leakage of non-public information during the course of Market Soundings. This includes, but is not limited to: (i) physical segregation; (ii) system user access controls; (iii) information sharing policies and procedures (e.g. Market Sounding information should be restricted to authorised personnel on a “need-to-know” basis and disclosed only through authorised communication channels); and (iv) maintaining a list of internal and external recipients of non-public information as well as “Restricted List” to prohibit trading on non-public information.
CP 5. Review and Monitoring Controls: Market Sounding Intermediaries should establish effective procedures and controls to monitor and detect suspicious behaviour, unauthorised disclosure, or misuse of information from Market Soundings. This includes periodic reviews of trading and communication surveillance controls, voice and electronic communications, and unauthorised access to information.
CP 6. Authorised Communication Channels: Market Sounding Intermediaries should only use recorded and firm-authorised communication channels to conduct Market Soundings, until the information ceases to be non-public.

Market Sounding Intermediaries are expected to periodically review and update their governance and oversight arrangements, policies and procedures, and internal systems and controls, to ensure that they remain robust and effective.

V. Specific requirements for Disclosing Persons

As the party that initiates Market Soundings, Disclosing Persons bear the initial responsibility to ensure that any non-public information associated with Market Soundings is properly safeguarded and disclosed in accordance with the standards of conduct set out in the Proposed Guidelines. To this end, the specific requirements applicable to the Disclosing Persons are more extensive than for the Recipient Persons, and are summarised below.[11]

Stage of Market Sounding	Specific Requirements
Pre-Market Sounding procedures	Before the initial contact with Recipient Persons or other potential investors to conduct a Market Sounding, a Disclosing Person should: Conduct assessments to determine whether the information disclosed during the Market Sounding would constitute non-public information; Obtain consent from the Market Sounding Beneficiary to engage in the Market Sounding; and Determine in advance, on a case-by-case basis taking into account the requirements in the Proposed Guidelines: (i) a standard set of information to be disclosed to Recipient Persons, (ii) an appropriate timing to conduct the Market Soundings, and (iii) a suitable number of Recipient Persons to contact for the Market Sounding.
During the Market Sounding communications process	A Disclosing Persons should adopt a standardised pre-approved script that is reviewed by senior management or independent functions, such as Legal and Compliance, during initial and subsequent Marketing Sounding communications. In summary, the script should at a minimum include: A statement that the communication is for the purpose of a Market Sounding and that the Recipient Person shall keep confidential the non-public information, and not trade or use such information for its own or others’ benefit until the information ceases to be non-public; A statement that the conversation is recorded and to request the Recipient Person’s consent for recording; Confirm that the individual is the person designated by the Recipient Person to receive Market Soundings; A statement that the Recipient Person will receive information which the Disclosing Person considers to non-public and a request for their consent to receive such information; and An estimate of when the information will cease to be non-public, where possible. After obtaining the above consents, a Disclosing Person should provide a written confirmation to the Recipient Person as soon as possible, summarising the contents covered in its Market Sounding communications. Prior to receiving the Recipient Person’s consent (as explained above), a Disclosing Person should ensure that any preliminary information shared with the Recipient Person is sufficiently broad, limited, vague and anonymised to minimise the change of the Recipient Person guessing the name of the security involved. Greater caution should be exercised in determining the amount of non-public information to be shared where the subject security may be identified even with the provision of only limited information (e.g. for narrow industry sectors) – for example the situation in the SFAT Determination as discussed above.
Cleansing	After non-public information has been disclosed during a Market Sounding, a Disclosing Person should: (i) conduct assessments to determine whether the information has ceased to be non-public (e.g. following the announcement of the transaction, or if the transaction was called off); and (ii) inform the Recipient Person(s) as soon as possible in writing when the information ceases to be non-public according to the Disclosing Person’s assessment.
Record keeping	A Disclosing Person should keep the records in relation to its Market Soundings for a period of not less than seven years. These records must include: Consents obtained from Market Sounding Beneficiaries to engage in Market Soundings; A list of Recipient Persons who informed the Disclosing Person that they do not wish to receive any Market Soundings; Audio, video or text recordings of Market Soundings conducted; The Disclosing Person’s assessment considerations, rationales, and discussions with the Market Sounding Beneficiary (if any), in determining whether the information disclosed would constitute non-public information, and whether non-public information disclosed during Market Soundings has ceased to be non-public; A list of all internal and external persons(s) who possess non-public information as a result of Market Soundings, including details such as the date and time of the Marketing Sounds, information and materials disclosed, etc.; Notifications to inform Recipient Persons when the information ceases to be non-public.

VI. Specific requirements for Recipient Persons

The specific requirements for Recipient Persons are relatively lighter when compared with the Disclosing Person, and are summarised below.[12]

Stages of Market Sounding

Requirements

Handling of Market Sounding requests

A Recipient Person should:

Designate a properly trained specified person(s) to receive Market Soundings, and inform the Disclosing Persons of such arrangement upon being contacted by the Disclosing Persons for Market Soundings; and
Inform the Disclosing persons whether it wishes to, or not to, receive Market Soundings from the Disclosing Persons.

Record keeping

A Recipient Person should keep the records in relation to its Market Soundings for a period of not less than seven years. These records must include:

Any notifications given to the Disclosing Person of its wish to, or not to, receive Market Soundings;
Audio, video or text recordings of Market Sounding received; and
A list of all internal and external persons(s) who possess non-public information as a result of Market Soundings, including details such as the date and time of the Marketing Sounds, information and materials disclosed, etc.

VII. Conclusion

The Consultation Paper containing the Proposed Guidelines is currently undergoing a public consultation. The SFC has indicated that it currently plans to provide a six-month transition period for the industry to update their internal procedures and controls after the Proposed Guidelines are finalised. Even prior to the finalisation of the Proposed Guidelines, intermediaries may still find it helpful to compare their existing internal procedures and controls with the requirements in the Proposed Guidelines, as it provides useful guidance on the SFC’s regulatory expectations and areas which an intermediary may wish to consider updating. As demonstrated by the SFAT Determination, the SFC can still find an intermediary to be in breach of the General Principles in the existing Code of Conduct if the intermediary engages in substandard conduct in respect of market soundings.

__________

[1] “Consultation Paper on the Proposed Guidelines for Market Soundings”, published by the SFC on October 11, 2023, available at: https://apps.sfc.hk/edistributionWeb/api/consultation/openFile?lang=EN&refNo=23CP6

[2] Christopher James Aarons v. Securities and Futures Commission, SFAT Application No. 1 of 2021, Determination, September 27, 2022, available at: https://www.sfat.gov.hk/files/SFAT%202021-1%20determination.pdf

[3] SFO, sections 270 and 291.

[4] “Hong Kong SFC Places Key Reforms to SFO Enforcement Provisions on Hold Following Industry Feedback”, published by Gibson Dunn on August 11, 2023, available at: https://www.gibsondunn.com/hong-kong-sfc-places-key-reforms-to-sfo-enforcement-provisions-on-hold-following-industry-feedback/.

[5] SFAT Determination, paragraph 192.

[6] “Inside information” is defined in sections 245 and 285 of the Securities and Futures Ordinance as “specific information that (a) is about (i) the corporation; (ii) a shareholder or officer of the corporation; or (iii) the listed securities of the corporation or their derivatives; and (b) is not generally known to the persons who are accustomed or would be likely to deal in the listed securities of the corporation but would if generally known to them be likely to materially affect the price of the listed securities.

[7] The Consultation Paper, paragraph 24; and the Proposed Guidelines, paragraph 1.2.

[8] The Consultation Paper, paragraphs 20 to 21.

[9] According to the Proposed Guidelines, a case-by-case consideration of the facts and circumstances is needed to determine whether there is some “level of certainty” of a corresponding potential transaction materialising. The examples of factors to take into account when making such determination include the extent to which the Market Sounding Beneficiary has orally or in writing: (i) expressed an interested with the Disclosing Person in proceeding with a possible transaction; (ii) shared any particulars with the Disclosing Person in relation to the possible transaction (such as the timing, size, pricing or structure of the transaction); or (iii) mandated, requested or consented to the gauging of investor appetite by the Disclosing Person. It is important to note that these are only examples of some factors to take into account, and are not intended to be exhaustive.

[10] The Consultation Paper, paragraphs 27 to 41; the Proposed Guidelines, paragraph 2.

[11] The Proposed Guidelines, paragraph 3.

[12] The Proposed Guidelines, paragraph 4.

The following Gibson Dunn lawyers prepared this client alert: William Hallatt, Arnold Pun, and Jane Lu*.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. If you wish to discuss any of the matters set out above, please contact any member of Gibson Dunn’s Global Financial Regulatory team, including the following members in Hong Kong:

William R. Hallatt – Hong Kong (+852 2214 3836, whallatt@gibsondunn.com)
Emily Rumble – Hong Kong (+852 2214 3839, erumble@gibsondunn.com)
Arnold Pun – Hong Kong (+852 2214 3838, apun@gibsondunn.com)
Becky Chung – Hong Kong (+852 2214 3837, bchung@gibsondunn.com)

*Jane Lu is a paralegal (pending admission) working in the firm’s Hong Kong office who is not yet admitted to practice law.

An overview of key technical provisions and practical takeaways for regulated parties from EPA’s final methane rule.

On December 2, 2023, the U.S. Environmental Protection Agency (EPA) announced its finalized rule targeting methane emissions from the oil and gas sector. In this regulatory action, EPA enacted (i) new source performance standards (NSPS) for methane and volatile organic compounds (VOCs) from new or modified oil and gas sources and (ii) emissions guidelines for states to follow in designing and executing implementation plans to cover existing sources.

This final rule is one of the Biden Administration’s signature actions to address climate change. In finalizing the rule, EPA included measures designed to decrease flaring and fugitive emissions from oil and gas production facilities and also moved forward with its novel “Super Emitter” program that allows third parties to track large emissions events. But the final rule also included additional flexibility for industry and states compared to EPA’s proposal, such as more time for states to submit compliance plans for existing facilities, more time for certain requirements, and flexibility for industry to use advanced monitoring technologies to detect methane leaks.

This client alert summarizes the key technical provisions for oil and gas production and practical takeaways for regulated parties.[1]

Who is subject to the rule? The rulemaking applies to new and existing oil and gas facilities involved in (i) production and processing, including equipment and processes at well sites, storage tank batteries, gathering and boosting compressor stations, and natural gas processing plants, and (ii) natural gas transmission and storage, including compressor stations and storage tank batteries.

What are the key takeaways? Leveraging EPA’s existing VOC rules governing oil and gas production, EPA’s new rule requires frequent monitoring and repair of methane leaks at well sites, centralized production facilities, and compressor stations using established inspection technologies or, at an operator’s election, novel advanced detection technologies. Similarly, storage vessels at production facilities are regulated in largely the same manner under this final rule as existing VOC requirements. However, storage vessels that previously were unaffected by regulation, including both new and existing facilities, may now be subject to NSPS based upon updated definitions and the addition of a new applicability trigger. Finally, the rule aims to phase out venting and flaring of gas coming from oil wells. Agency officials said the most significant emissions reductions created by the final rule come from this directive for new oil wells to eliminate routine gas flaring as well as requiring continuous operation of flares on storage tanks.

Unique to this rule is EPA’s creation of the “Super Emitter” program for identifying and addressing significant methane leaks from production facilities, including an avenue for qualified third parties to alert EPA of owners and operators exceeding the emissions standards and for EPA, in turn, to require owners/operators to investigate such alerts.

In addition, the rule imposes a number of new requirements on reciprocating compressors, centrifugal compressors, pneumatic pumps and controllers (even prohibiting using natural gas in all but a few circumstances) and sweetening units, as well as the completion process and liquids unloading process.

How has EPA structured the legal framework?[2] The new rule establishes a role for both federal and state standards. First, new federal NSPS, added at 40 C.F.R. part 60, subpart OOOOb, apply to sources that commenced construction, modification, or reconstruction after December 6, 2022.

Second, existing sources will be regulated by emissions guidelines implemented as part of state programs that are equivalent to federal NSPS. These emissions guidelines – which essentially serve as model rules for states to implement – are set forth in a new subpart, OOOOc. States can either adopt presumptive standards set forth in the OOOOc emissions guidelines for existing sources or develop their own standards that are as strict as the federal standards, and they must conduct meaningful public engagement during their development of these standards.

EPA must approve all state emissions standards, and if a state’s standards are not as strict as the federal standards, EPA can then promulgate a rule for that state.[3]

What is the applicability date? The final rule’s “applicability date” is December 6, 2022. Sources constructed, modified or reconstructed after December 6, 2022 will need to comply with the new source performance standards in OOOOb.

Sources constructed prior to December 6, 2022 will be considered existing sources and will have later compliance dates under state plans. For this category of existing sources, states have two years to propose these standards, and operators have three years after that submission deadline to comply. For that reason, the deadline for compliance for existing sources will vary based on location, but could be up to five years.

What are the key differences in obligations for new and existing sources? Both subpart OOOOb and subpart OOOOc include new requirements to address methane emissions from oil and gas operations using the “best system of emission reduction” (BSER) as summarized below. With the exception of requirements governing new wells and well completions (and particularly the flaring requirements), the final NSPS subpart OOOOb requirements for new affected facilities and the presumptive standards for existing facilities under subpart OOOOc are largely the same as it relates to methane. The key differences between the two programs are (i) the timeframe for compliance, (ii) the additional requirements for new wells, particularly as it relates to flaring, and well completions, and (iii) the additional requirements for VOC control for new sources.[4]

What are the key elements of the new requirements?

Eliminating Routine Flaring From Oil Wells. EPA’s new rule phases out flaring of gas coming from new oil wells under subpart OOOOb. It phases in flaring restrictions by dividing wells into three categories based on construction date. For new wells constructed after future dates set by the rule, routine flaring will be prohibited after the phase-in period; ultimately, absent a safety concern or defined malfunctions, gas from these wells must be routed to a sales line, used as an onsite fuel source or another useful purpose that a purchased fuel, chemical feedstock, or raw material would serve, or reinjected into the well or into another well upon start-up.

Under subpart OOOOc, for preexisting wells with documented methane emissions of 40 tons per year or less, flaring is permitted provided that the gas is routed to a flare or control device that achieves 95.0 percent reduction in methane. For existing wells with documented methane emissions of 40 tons per year or more, flaring is prohibited absent a showing of technical infeasibility with alternative options. These alternatives include routing the gas to a sales line, using it as an onsite fuel source or for another useful purpose, or injecting it back into the same well or another well. If all of these options are technically infeasible, then these existing wells (producing associated gas with more than 40 tpy of methane) can route associated gas to a flare or control device that achieves 95.0 percent reduction in methane.

Third-Party Monitoring of Super Emitters. EPA’s rule establishes the Super Emitter Program. Under this program, certain third-parties can seek agency authorization to detect “super emitter” events at operators’ sites and report those events to EPA. A super emitter event is defined by the rule as emissions of 100 kilograms (220.5 pounds) of methane per hour or larger.

To qualify, these third parties must be credentialed by EPA. Third parties must submit any super emitter detections to EPA, which then verifies them and notifies the operator. Upon receiving such a notification, an operator is required to investigate the alleged super emitter event within five days and report the results of the investigation to EPA within 15 days of the notification. Additionally, incidents that trigger this program may also trigger the Department of Transportation’s upcoming Pipeline and Hazardous Materials Safety Administration rule, which will likely impose reporting and remediation requirements in the event of a major leak (a term that has yet to be defined).

In response to industry comments, the final rule takes a different approach from the proposed rule in that EPA, and not third parties, will notify an identified owner or operator after reviewing third-party notifications of the presence of a super emitter event at or near its oil and gas. Also, in response to comments, the final rule provides that certified third parties only will be authorized to use remote sensing technologies such as satellites or aerial surveys—the program does not authorize third parties to enter well sites or other oil and gas facilities.

Storage Vessel Applicability Changes. In the regulation, EPA has retained the preexisting control and operational requirements governing storage tanks used in oil and gas production under NSPS Subparts OOOO and OOOOa, including the requirement to reduce emissions by 95 percent, but it has added methane into the VOC framework, changed the trigger governing when the federal requirements apply, and added requirements for determining when state permit limits are legally and practicably enforceable limits. These applicability changes potentially impact both new and existing operations.

For purposes of the NSPS applicability trigger governing new or modified facilities, EPA’s rule adds storage tank batteries (i.e. groups of tanks that are adjacent and receive fluids from the same source) to the existing definition of storage vessel. A tank battery is an affected facility under the rule if the aggregate potential methane emissions from the group of storage vessels is greater than or equal to 20 tons per year. This is a change from EPA’s preexisting approach under NSPS Subpart OOOO and OOOOa, which evaluates applicability based on emissions from individual storage tanks (as opposed to batteries). If owners or operators of new or modified facilities trigger NSPS Subpart OOOOb applicability under this new criteria, then the owners/operators of tanks or batteries qualifying as affected facilities must reduce VOC and methane emissions by 95 percent (as previously required by NSPS Subpart OOOO and OOOOa).

The NSPS rule also updates the definition of “modification” to cover the occurrence of an increase in potential emissions of a tank battery such that its potential to emit (PTE) exceeds the 6 tons of VOC per year or 20 tons of methane per year thresholds following any of these four specified physical or operational changes: (i) adding a storage vessel to an existing battery; (ii) increasing the cumulative storage capacity of the battery by replacing one or more storage vessels; (iii) for well sites or centralized production facilities: an existing battery receives additional crude oil, condensate, intermediate hydrocarbons, or produced water throughput (e.g. as a result of hydraulic fracturing or hydraulic refracturing); (iv) for compressor stations or onshore natural gas processing plants: an existing battery receives additional fluids which cumulatively exceed the throughput used in the most recent determination of the potential for VOC or methane emissions.

Owners/operators of existing tanks or tank batteries also will need to evaluate a new applicability trigger under the emissions guidelines set forth in Subpart OOOOc (as incorporated into state plans). Under the presumptive standard, for existing storage tanks or tank batteries with a PTE of 20 tons of methane per year or greater, owners/operators will have to reduce their emissions by 95 percent. In other words, under the rule, existing tank systems can now trigger NSPS requirements if their potential methane emissions exceed 20 tons per year.

Finally, EPA finalized criteria that must be met for a permit limit or other requirement to qualify as a legally and practicably enforceable limit for purposes of determining whether a tank battery is an affected facility or designated facility under NSPS OOOOb. A legally and practicably enforceable limit must include a quantitative production limit and quantitative operational limit(s) for the equipment, or quantitative operational limits for the equipment; an averaging time period for the production limit, if a production-based limit is used, that is equal to or less than 30 days; established parametric limits for the production and/or operational limit(s), and where a control device is used to achieve an operational limit, an initial compliance demonstration (i.e., performance test) for the control device that establishes the parametric limits; ongoing monitoring of the parametric limits that demonstrates continuous compliance with the production and/or operational limit(s); recordkeeping by the owner or operator that demonstrates continuous compliance with the limit(s) in; and periodic reporting that demonstrates continuous compliance.

New Methane Leaks Requirements. EPA’s new rule restructures leak detection and repair (LDAR) requirements based upon the type of facility involved in order to address methane and VOC leaks. In general, affected facilities are well sites, centralized production facilities, and compressor stations where components with the potential to emit fugitive emissions of methane or VOC are present.

Well sites are broken into several regulatory categories.

Single wellhead only well sites require quarterly audible, visual, and olfactory (AVO) inspections. Owners and operators have 15 days from detecting a leak to initiate repairs and must complete those repairs within 15 days after the first repair.
Multi-wellhead only well sites require semiannual optical gas imaging (OGI) inspections (or optional EPA Method 21 inspections) and quarterly AVO inspections. Repairs of any leaks must commence within 30 days of detection and be completed 30 days after the first repair attempt.
Well sites with major production and processing equipment, including one or more controlled storage vessels or tank batteries, control devices, or natural gas-driven process controllers or pumps, and centralized production facilities require quarterly OGI inspections (or optional EPA Method 21 alternative inspections) and bimonthly AVO inspections. Leak repairs must commence within 30 days and be completed 30 days after the first repair attempt.

At compressor stations, the rule requires quarterly OGI inspections (or EPA Method 21 alternative inspections) and monthly AVO inspections. Leaks detected using AVO inspections must be repaired within 15 days after detection and concluded within 15 days after that, while leaks detected using OGI or EPA Method 21 inspections must be repaired beginning 30 days after detection and finalized 30 days later.

The rule provides the opportunity for regulated parties to replace traditional leak detection programs (i.e. using Method 21 and OGI) with advanced measurement technologies such as on-site sensor networks and aerial flyovers using remote sensing technology. These technologies need to be approved by EPA in advance when an owner or operator submits a monitoring plan. The frequency at which these alternative technologies must be used in order to satisfy the traditional OGI/Method 21 requirements varies depending upon the capabilities of the technology itself. For example, if the technology has an aggregate detection threshold of 15 kilograms per hour, periodic screenings must be conducted monthly.

Well Closure. The rule requires that fugitive emissions monitoring continue until the closure of any well pursuant to a well closure plan. Once a well is closed, a final OGI survey must be performed. If any emissions are detected in this final survey, they must be eliminated. Then, the results of the OGI survey, along with other details of the well closure, must be submitted to EPA.

Pneumatic Pump And Controller Requirements. The new rule requires that all pneumatic pump affected facilities in the oil and gas industry have zero emissions. In other words, the rule prohibits natural gas-driven pumps except at facilities with fewer than three natural gas-driven diaphragm pumps in areas where other power sources are inaccessible. EPA’s new rule also requires pneumatic controllers (now called process controllers) outside of Alaska to have zero methane and VOC emissions. The rule provides a one-year period for operators and owners to come into compliance.

Well Liquids Unloading. The rule requires that affected gas wells that unload liquids minimize or eliminate venting of emissions during liquids unloading events to the maximum extent possible using best management practices. Alternatively, such wells can comply by reducing methane and VOC emissions from gas well liquids unloading events by 95 percent using a closed vent system (CVS) to route emissions to a control device.

Well Completions. The rule also regulates well completion of hydraulically fractured or refractured wells. During completion of most non-wildcat and non-delineation wells, owners or operators must route all flowback to a storage or completion vessel and separator. They must then utilize any salable gas (for example, as fuel on-site) and route all liquid to a storage or well completion vessel, a collection system, or another well. During completion of wildcat and delineation wells (and non-wildcat and non-delineation low pressure wells), owners or operators must either route all flowback to a completion combustion device or well completion vessels and use a separator.

Centrifugal Compressors. Centrifugal compressors with wet seals at new affected facilities other than well sites must reduce methane and VOC emissions from their fluid degassing systems by 95 percent by routing emissions to a control device or process. Some new centrifugal compressors such as centrifugal compressors with dry seals must instead meet work practice performance-based volumetric flow rate standards. At existing facilities located at non-well sites, the requirement will be monitoring and repair to maintain volumetric flow rate at or below 3 standard cubic feet per minute per seal.

Reciprocating Compressors. Reciprocating compressors must meet a performance-based emissions standard of 2 standard cubic feet per minute per cylinder.

Covers, Closed Vent Systems and Combustion Control Devices. Similar to the existing VOC rules, covers and CVSs must demonstrate their ability to comply with the no identifiable emissions standard through OGI or EPA Method 21 monitoring and AVO inspections conducted at the same frequency as the fugitive emissions monitoring for the type of site where the cover and CVS are located. Combustion control devices being used to meet a 95 percent emission reduction standard must demonstrate a continuous level of control of emissions through performance tests every 5 years.

Equipment Leaks at Natural Gas Processing Plants. Equipment located at onshore natural gas processing plants, defined as pumps, pressure relief devices, open-ended valves, and flanges and other connectors, must be inspected either (i) bimonthly using OGI monitoring or (ii) according to EPA Method 21 monitoring at the corresponding frequencies of each type of equipment. The rule also includes specific requirements for each piece of equipment. For example, open-ended valves must all be equipped with closure devices.

Sweetening Units. Affected facilities with a sulfur production rate of at least 5 long tons per day must reduce sulfur dioxide emissions by 99.9 percent. For affected facilities with a design capacity of less than 2 long tons per day of hydrogen sulfide in acid gas, recordkeeping and reporting are required but emissions controls are not. These rules only apply to new and modified sources.

How Does the Rule Intersect with Other Climate Change Laws and Programs? EPA’s final methane rule is part of a larger effort by the Biden Administration to address climate change. Related laws and proposals include:

In August 2022, Congress passed the Inflation Reduction Act (IRA) creating a phase-in schedule for a methane fee that commences in 2024. In 2024, the fee will be levied on methane emissions in excess of the allowance at a rate of $900 per metric ton. That rate will rise to $1200 in 2025, and it will remain at $1500 from 2026 on. Importantly, this fee applies only to facilities that are out of compliance with EPA’s methane emissions requirements and do not fall under another exemption.
In July 2023, EPA proposed key changes to the greenhouse gas emissions reporting requirements for the oil and gas sector. If finalized, most of the proposed changes would be reflected in reports for Reporting Year 2025, due by March 31, 2026.This proposed regulatory action would (i) newly require reporting for emissions from maintenance or other abnormal emission events (including planned releases from maintenance activities), (ii) revise existing calculation methodologies, (iii) expand reporting requirements for certain emissions sources, and (iv) clarify ownership transfer rules and reporting responsibility for assets sold or purchased during the reporting year.

__________

[1] To see a chart explaining how the 2023 rule compares to the 2012 and 2016 emissions rules with regard to specific facilities, go to https://www.epa.gov/system/files/documents/2023-12/epas-oil-and-natural-gas-final-rule-.table-of-covered-sources.pdf.

[2] In order to buoy the rule against potential legal challenges by states and other actors, the rule is self-described as severable with regard to each of its categories of actions and with regard to each emissions source it regulates.

[3] Two additional categories in the regulatory framework are edits to reconcile inconsistencies created by Congress’s repeal of 2020 methane rules and an appendix, appendix K, that establishes a protocol for the use of optical gas imaging inspections.

[4] A table summarizing the translation of BSER into concrete requirements for new and existing regulated sources can be found at https://www.epa.gov/system/files/documents/2023-12/summary-of-key-requirements-table.pdf.

The following Gibson Dunn attorneys assisted in preparing this update: Stacie Fletcher, Rachel Levick, Veronica J.T. Goodson, Monica Murphy, Samantha Yi*, and Dominic Solari.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Environmental Litigation and Mass Tort, Environmental, Social and Governance, Oil and Gas or Cleantech practice groups:

Environmental Litigation and Mass Tort:
Stacie B. Fletcher – Washington, D.C. (+1 202.887.3627, sfletcher@gibsondunn.com)
David Fotouhi – Washington, D.C. (+1 202.955.8502, dfotouhi@gibsondunn.com)
Rachel Levick – Washington, D.C. (+1 202.887.3574, rlevick@gibsondunn.com)
Veronica J.T. Goodson – Washington, D.C. (+1 202.887.3719, vgoodson@gibsondunn.com)

Environmental, Social and Governance (ESG):
Hillary H. Holmes – Houston (+1 346.718.6602, hholmes@gibsondunn.com)
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, eising@gibsondunn.com)
Perlette M. Jura – Los Angeles (+1 213.229.7121, pjura@gibsondunn.com)
Ronald Kirk – Dallas (+1 214.698.3295, rkirk@gibsondunn.com)
Michael K. Murphy – Washington, D.C. (+1 202.955.8238, mmurphy@gibsondunn.com)

Oil and Gas:
Michael P. Darden – Houston (+1 346.718.6789, mpdarden@gibsondunn.com)
Anna P. Howell – London (+44 20 7071 4241, ahowell@gibsondunn.com)
Rahul D. Vashi – Houston (+1 346.718.6659, rvashi@gibsondunn.com)

Cleantech:
John T. Gaffney – New York (+1 212.351.2626, jgaffney@gibsondunn.com)

*Samantha Yi is an associate working in the firm’s Washington, D.C. office who currently is admitted to practice in Maryland.

The steps will further strengthen London’s position as a leading centre for resolution of cross-border commercial disputes.

The UK Government has recently taken two steps that will further strengthen London’s position as a leading centre for the resolution of cross-border commercial disputes: (1) introducing legislation updating the UK Arbitration Act 1996 (the “1996 Act”); and (2) confirming that the UK will join the Hague Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters (the “Hague Convention”) as soon as practicable. This client alert highlights some key takeaways from each development.

I. Updates to the 1996 Act

(a) Status

Arbitration in England and Wales is regulated by the 1996 Act – a framework that has helped contribute to London’s global ranking as the most preferred seat for international commercial arbitration.[1] In 2021, the UK Government asked the Law Commission to review the 1996 Act, to determine “whether there might be any amendments to be made in order to ensure that it is fit for purpose…”.[2]

The results of this consultation process were published in September 2023, together with proposed draft legislation to implement the reforms proposed (the “Arbitration Bill”). The consultation concluded that wholesale reform was not needed or wanted; and the list of recommendations were confined to “a few major initiatives”, and “a very small number of minor corrections”.[3]

On 21 November 2023, the Arbitration Bill began its progress through the UK Parliament.[4] It is expected that the legislative process will be straightforward, and that the amended act will become law in 2024.

(b) What are the key changes?

Although the Arbitration Bill does not seek to reform the 1996 Act wholesale, there are some important changes:

A new express provision for summary disposal. The Arbitration Bill provides that a party will be able to apply for a claim, defence or issue to be dismissed “on a summary basis” if it has “no real prospect of succeeding” (thus aligning the test with that of summary judgment in the English courts). Whilst the power to dismiss summarily exists implicitly under the 1996 Act, the lack of express provision has meant that arbitral tribunals have been reluctant to exercise this power in practice. The proposed standard for dismissal is lower than most arbitral institutional rules provide (“manifestly without merit”).[5] Parties may nevertheless agree to those higher standards, however, as the new provision of the 1996 Act will be ‘opt out’.

The law governing an arbitration agreement is the law of the seat of the arbitration, absent express party agreement otherwise. This reverses the UK Supreme Court’s decision in Enka v Chubb [2020] UKSC 38,[6] where the court held, in short, that where parties have not expressly chosen a law to govern an agreement to arbitrate, but they have made an express choice of law to govern the wider (or “matrix”) contract in which the arbitration agreement sits, the law governing the matrix contract is likely to be considered the implied choice of law of the arbitration agreement. This is an important change for parties negotiating arbitration agreements: the law that governs that arbitration agreement should be express if different to the law of the seat, otherwise it will be deemed to be the law of the seat.

The process for challenging an award for lack of substantive jurisdiction has changed. Under s. 67 of the 1996 Act, a party may challenge an award as to its substantive jurisdiction, and this will involve a full re-hearing before court. The Arbitration Bill expressly limits the new arguments that may be heard in that context as follows:
- a ground for objection that was not raised before the arbitral tribunal must not be raised before the court unless the applicant shows that, at the time of the arbitration proceedings, the applicant did not know and could not with reasonable diligence have discovered the ground;
- evidence that was not heard by the tribunal must not be heard by the court unless the applicant shows that, at the time of the arbitration proceedings, the applicant could not with reasonable diligence have put the evidence before the tribunal; and
- evidence that was heard by the tribunal must not be re-heard by the court, unless the court considers it necessary “in the interests of justice”.

The court’s supportive powers of arbitration proceedings have been clarified. The Arbitration Bill: (i) clarifies that orders under s. 44 of the 1996 Act (including in relation to the preservation of evidence, and for injunctive relief) can be made against third parties;[7] and (ii) provides for the enforcement of emergency arbitrator decisions.[8]

Codifies an arbitrator’s duty of disclosure, introducing a statutory duty on an arbitrator to disclose “circumstances that might reasonably give rise to justifiable doubts as to [their] impartiality”.[9]

II. UK to join the Hague Convention

The second notable development is the UK Government’s confirmation that the UK will join the Hague Convention “as soon as practicable”, following a consultation period.[10]

The Hague Convention is a multilateral convention, which entered into force on 1 September 2023. The Hague Convention provides a set of common rules for the recognition and enforcement of judgments given in civil and commercial matters, between Contracting Parties. The merits of a judgment cannot be reviewed, and recognition and enforcement can only be refused on the grounds specified therein. While most national laws provide for the enforcement of foreign judgments (subject to certain conditions), such laws differ as between jurisdictions. This can make the enforcement of foreign judgments unpredictable, lengthy and costly. By establishing common rules, however, the Hague Convention provides greater certainty and reduces complexity (and cost) of that process.

The UK Government is expected to sign and ratify the Hague Convention without delay, and it will enter into force 12 months from the date on which the UK deposits its instrument of ratification.

__________

[1] Queen Mary University of London, 2021 International Arbitration Survey: Adapting arbitration to a changing world, available here: https://arbitration.qmul.ac.uk/research/2021-international-arbitration-survey/.

[2] Law Commission, Review of the Arbitration Act 1996, Current project status, available here: https://lawcom.gov.uk/project/review-of-the-arbitration-act-1996/.

[3] Law Commission, Review of the Arbitration Act 1996: Final report and Bill, paragraph 1.22, available here: https://lawcom.gov.uk/project/review-of-the-arbitration-act-1996/.

[4] https://bills.parliament.uk/publications/53038/documents/4022.

[5] See, for example, LCIA Arbitration Rules 2020, Article 22.1(viii); ICSID Convention Arbitration Rules 2022, Article 41; ICC Rules of Arbitration, Article 22 and Note to Parties and Arbitral Tribunals on the Conduct of the Arbitration under the ICC Rules of Arbitration, Section C.

[6] Enka v Chubb [2020] UKSC 38, available here: https://www.supremecourt.uk/cases/docs/uksc-2020-0091-judgment.pdf.

[7] Section 9 of the Arbitration Bill.

[8] Section 8 of the Arbitration Bill.

[9] Section 2(2) of the Arbitration Bill.

[10] Government response to the Hague Convention of July 2019 on the Recognition and Enforcement of Foreign Judgements in Civil or Commercial Matters (Hague 2019), 23 November 2023, available here: https://www.gov.uk/government/consultations/hague-convention-of-2-july-2019-on-the-recognition-and-enforcement-of-foreign-judgments-in-civil-or-commercial-matters-hague-2019/outcome/government-response-to-the-hague-convention-of-july-2019-on-the-recognition-and-enforcement-of-foreign-judgements-in-civil-or-commercial-matters-hagu.

The following Gibson Dunn attorneys assisted in preparing this update: Piers Plumptre, Stephanie Collins, Theo Tyrrell and Harriet Codd.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s International Arbitration, Judgment and Arbitral Award Enforcement, or Transnational Litigation practice groups, or any of the following in London:

Penny Madden KC (+44 20 7071 4226, pmadden@gibsondunn.com)
Piers Plumptre (+44 20 7071 4271, pplumptre@gibsondunn.com)
Stephanie Collins (+44 20 7071 4216, SCollins@gibsondunn.com)
Theo Tyrrell (+44 20 7071 4016, ttyrrell@gibsondunn.com)
Harriet Codd (+44 20 7071 4057, hcodd@gibsondunn.com)

The Co-Chairs of our Privacy, Cybersecurity and Data Innovation Practice Group, Ahmed Baladi (Paris) and Alexander Southwell (New York), and partner Cassandra Gaedt-Sheckter (Palo Alto), discuss how GDPR has impacted U.S. laws and companies. They examine the contrasts between U.S. privacy laws and GDPR in Europe, provide an overview of enforcement actions in the U.S., particularly California, and review the challenges companies face when dealing with global data privacy laws.

Previous Episode | Next Episode

HOSTS:

Ahmed Baladi is a partner in the Paris office of Gibson, Dunn & Crutcher, where he is co-chair of the firm’s Privacy, Cybersecurity and Data Innovation practice and a member of the Artificial Intelligence practice. Ahmed has developed renowned experience in a wide range of privacy and cybersecurity matters including compliance and governance programs in light of the GDPR. He regularly represents companies and corporate executives on investigations and procedures before Data Protection Authorities. He also advises a variety of clients on data breach and national security matters including handling investigations, enforcement defense and crisis management.

Alexander Southwell is one of the nation’s leading technology-focused litigators and investigations lawyers and is regularly called upon by numerous leading global companies to counsel on — as well as handle investigations, enforcement defense, and litigation related to — a wide array of privacy, data breach, information technology and governance, theft of trade secrets, computer fraud, advertising and marketing practices, and network and data security issues. A partner in Gibson, Dunn & Crutcher’s New York office, Mr. Southwell founded and co-chairs the Firm’s Chambers-ranked Privacy, Cybersecurity, and Data Innovation Practice Group and is a member of the White Collar Defense and Investigation, Litigation, Crisis Management, and Artificial Intelligence Practice Groups. Mr. Southwell is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals.

Cassandra Gaedt-Sheckter is a partner in Gibson, Dunn & Crutcher’s Palo Alto office, where she co-chairs the global Artificial Intelligence (AI) practice, and is a key member of the Privacy, Cybersecurity and Data Innovation practice, including as the leader of the firm’s State Privacy Law Task Force. With extensive experience advising companies on AI, data privacy, and cybersecurity issues, Cassandra focuses on regulatory compliance counseling and privacy and AI program development, regulatory enforcement matters, and transactional representations. Cassandra advises clients in various industries, from leading tech companies and luxury fashion companies, to shipping giants.