Richard Manfredi, Author at Gibson Dunn

From the Derivatives Practice Group: This week, the CFTC announced plans to restructure the Division of Enforcement to refocus on fraud and stop regulation by enforcement.

New Developments

CFTC Announces Crypto CEO Forum to Launch Digital Asset Markets Pilot. On February 7, the CFTC announced that it will hold a CEO Forum of industry-leading firms to discuss the launch of the CFTC’s digital asset markets pilot program for tokenized non-cash collateral such as stablecoins. Participants will include Circle, Coinbase, Crypto.com, MoonPay and Ripple. [NEW]
CFTC Statement on Allegations Targeting Acting Chairman. On February 6, the CFTC released a statement regarding allegations targeting Acting Chairman Pham. [NEW]
David Gillers to Step Down as Chief of Staff. On February 6, the CFTC announced that David Gillers will step down as Chief of Staff to Commissioner Behnam on February 7. [NEW]
CFTC Announces Prediction Markets Roundtable. On February 5, the CFTC announced that it will hold a public roundtable in approximately 45 days at the conclusion of its requests for information on certain sports-related event contracts. The CFTC said that the goal of the roundtable is to develop a robust administrative record with studies, data, expert reports, and public input from a wide variety of stakeholder groups to inform the Commission’s approach to regulation and oversight of prediction markets, including sports-related event contracts. According to the CFTC, the roundtable will include discussion of key obstacles to the balanced regulation of prediction markets, retail binary options fraud and customer protection, potential revisions to Part 38 and Part 40 of CFTC regulations to address prediction markets, and other improvements to the regulation of event contracts to facilitate innovation. The roundtable will be held at the CFTC’s headquarters in Washington, D.C. [NEW]
CFTC Division of Enforcement to Refocus on Fraud and Helping Victims, Stop Regulation by Enforcement. On February 4, CFTC Acting Chairman Caroline D. Pham announced a reorganization of the Division of Enforcement’s task forces to combat fraud and help victims while ending the practice of regulation by enforcement. According to the CFTC, previous task forces will be simplified into two new Division of Enforcement task forces: the Complex Fraud Task Force and the Retail Fraud and General Enforcement Task Force. The Complex Fraud Task Force will be responsible for all preliminary inquiries, investigations, and litigations relating to complex fraud and manipulation across all asset classes. The Acting Chief will be Deputy Director Paul Hayeck. The Retail Fraud and General Enforcement Task Force will focus on retail fraud and handle general enforcement matters involving other violations of the Commodity Exchange Act. The Acting Chief will be Deputy Director Charles Marvine. [NEW]
CFTC Staff Issues No-Action Letter to Korea Exchange Concerning the Offer or Sale of KOSPI and Mini KOSPI 200 Futures Contracts. On February 4, the CFTC’s Division of Market Oversight issued a no-action letter stating it will not recommend the CFTC take enforcement action against Korea Exchange (“KRX”) for the offer or sale of Korea Composite Stock Price Index (“KOSPI”) 200 Futures Contracts and Mini KOSPI 200 Futures Contracts to persons located within the United State while the Commission’s review of KRX’s forthcoming request for certification of the contracts under CFTC Regulation 30.13 is pending. DMO issued similar letters when the KOSPI 200 became a broad-based security index in 2021 and 2022. See CFTC Press Release Nos. 8464-21 and 8610-22. The KOSPI 200 became a narrow-based security index in February 2024. The KOSPI 200 is set to become a broad-based security index on February 6, 2025, and the no-action position in DMO’s letter will be effective on that date. [NEW]
CFTC Staff Issues Supplemental Letter Regarding No-Action Position on Reporting, Recordkeeping Requirements. On January 31, the CFTC’s Division of Market Oversight and the Division of Clearing and Risk announced they have taken a no-action position regarding swap data reporting and recordkeeping regulations. The CFTC said this position is in response to a request from KalshiEX LLC, a designated contract market, and Kalshi Klear LLC, a derivatives clearing organization, to modify CFTC Letter No. 24-15 to remove the condition prohibiting third-party clearing by participants and to cover fully-collateralized variable payout contracts. The Divisions indicated that they will not recommend the CFTC initiate an enforcement action against KalshiEX LLC, Kalshi Klear LLC, or their participants for failure to comply with certain swap-related recordkeeping requirements and for failure to report to swap data repositories data associated with binary option transactions and variable payout contract transactions executed on or subject to the rules of KalshiEX LLC and cleared through Kalshi Klear LLC, subject to the terms of the no-action letter. The supplemental letter also removes the condition in CFTC Letter No. 24-15 that prohibits Kalshi participants from clearing contracts through a third-party clearing member. [NEW]
CFTC and SEC Extend Form PF Amendments Compliance Date. The CFTC, together with the SEC, extended the compliance date for the amendments to Form PF that were adopted Feb. 8, 2024. The compliance date for these amendments, which was originally March 12, 2025, has been extended to June 12, 2025. Form PF is the confidential reporting form for certain SEC-registered investment advisers to private funds, including those that also are registered with the CFTC as commodity pool operators or commodity trading advisers. This extension will mitigate certain administrative and technological burdens and costs associated with the prior compliance date. This extension will also provide more time for filers to program and test for compliance with these amendments.
Acting Chairman Pham Launches Public Roundtables on Innovation and Market Structure. On January 27, Acting Chairman Pham announced the launch of a series of public roundtables on evolving trends and innovation in market structure, including issues such as affiliated entities and conflicts of interest, prediction markets, and digital assets. Pham renewed calls for open public engagement and increased transparency by the CFTC on its policy approach to changes in derivatives markets last year.
Acting Chairman Pham Announces CFTC Leadership Changes. On January 22, Acting Chairman Pham announced the following CFTC leadership changes: Acting Chief of Staff: Harry Jung; Acting General Counsel: Meghan Tente; Acting Director of the Office of Public Affairs: Taylor Foy; Acting Director of the Office of Legislative and Intergovernmental Affairs: Nicholas Elliot; Acting Director of the Division of Market Oversight: Amanda Olear; Acting Director of the Division of Clearing and Risk: Richard Haynes; Acting Director of the Market Participants Division: Tom Smith; Acting Director of the Division of Enforcement: Brian Young; Acting Director of the Office of International Affairs: Mauricio Melara.
SEC Acting Chairman Uyeda Announces Formation of New Crypto Task Force. On January 21, SEC Acting Chairman Uyeda launched a crypto task force that, according to the SEC, is dedicated to developing a comprehensive and clear regulatory framework for crypto assets. Commissioner Hester Peirce will lead the task force. Richard Gabbert, Senior Advisor to the Acting Chairman, and Taylor Asher, Senior Policy Advisor to the Acting Chairman, will serve as the task force’s Chief of Staff and Chief Policy Advisor, respectively. The SEC said that the task force will collaborate with SEC staff and the public to set the SEC on a sensible regulatory path that respects the bounds of the law and that the task force’s focus will be to help the SEC draw clear regulatory lines, provide realistic paths to registration, craft sensible disclosure frameworks, and deploy enforcement resources judiciously. The Sec indicated that the task force will operate within the statutory framework provided by Congress, coordinate the provision of technical assistance to Congress as it makes changes to that framework, and coordinate with federal departments and agencies, including the CFTC, and state and international counterparts.

New Developments Outside the U.S.

DPE Regime for Post-Trade Transparency Becomes Operational. On February 3, the public register listing designated publishing entities (“DPEs”) that now bear the reporting obligation for post-trade transparency under MIFIR went live, bringing the DPE regime into full operational effect. The public register can be found here. The post-trade reporting obligation for systematic internalizers (“SIs”) has been replaced by an analogous obligation on investment firms that have chosen to register as DPEs. As a further consequence of the DPE regime launch, ESMA has decided to discontinue the voluntary publication of quarterly SI calculations data early, ahead of the scheduled removal of the obligation on ESMA to perform SI calculations from September 2025. As of February 1, the mandatory SI regime will no longer apply and investment firms will not need to perform the SI test. However, investment firms can continue to opt into the SI regime. ESMA’s press release on these measures can be found here. [NEW]
ECB Publishes Guidance on Initial Margin Model Approval Under EMIR 3. On January 31, the European Central Bank (“ECB”) published guidance on the initial margin validation process for entities under its supervision under the European Market Infrastructure Regulation (EMIR 3). Following the European Banking Authority’s (“EBA”) no-action letter on December 17, the guidance addresses implementation issues such as what the ECB approach will be until the EBA’s relevant regulatory technical standards and guidelines are applicable, the initial application process and model changes. [NEW]
Equivalence Extension for UK CCPs Published in EU Official Journal. On January 31, the European Commission’s (“EC’s”) implementing decision extending the equivalence decision for UK central counterparties (“CCPs”) until June 30, 2028 was published in the Official Journal of the EU. ESMA will now need to formally extend the temporary recognition decisions and tiering determinations for UK CCPs. [NEW]
ESMA Provides Guidance on MiCA Best Practices. On January 31, ESMA published a new supervisory briefing aiming to align practices across the EU member states. The briefing, developed in close cooperation with National Competent Authorities (“NCAs”), promotes convergence and prevents regulatory arbitrage, providing concrete guidance about the expectations on applicant Crypto Asset Service Providers, and on NCAs when they are processing the authorization requests.
ESMA Publishes Data for Quarterly Bond Liquidity Assessment. On January 31, ESMA published the new quarterly liquidity assessment of bonds. ESMA’s liquidity assessment for bonds is based on a quarterly assessment of quantitative liquidity criteria, which includes the daily average trading activity (trades and notional amount) and the percentage of days traded per quarter.
Equivalence of UK CCPs Extended to June 30, 2028. On January 30, the European Commission determined that the regulatory framework applicable to central counterparties (“CCPs”) in the United Kingdom of Great Britian and Northern Ireland is equivalent, in accordance with Regulation No 648/2012 of the European Parliament and of the Council.
Euribor Panel to include Finland’s OP Corporate Bank and the National Bank of Greece. OP Corporate Bank and the National Bank of Greece join the group of credit institutions that contribute to Euribor under its revised methodology, which is a substitute for the panel banks’ expert judgement. The methodology was adopted in a phased approach by all members across the Euribor panel between May and October 2024.
EC Adopts Delegated Act On OTC Derivatives Identifier for MIFIR Transparency. On January 24, the EC adopted the delegated act on OTC derivatives identifying reference data for transparency under the Markets in Financial Instruments Regulation (MIFIR). The delegated act mandates the inclusion of the unique product identifier in identifying reference data for OTC interest rate swaps and credit default swaps. The selection of the provider of a consolidated tape for OTC derivatives cannot begin until the delegated act has entered into force. In an effort to ensure the selection process can begin on-time, the delegated act will apply from the date of its entry into force – 20 days after publication in the Official Journal of the EU – but, according to the EC, to allow sufficient time to adapt to the new requirements, the identifying reference data specified within the delegated act should only be used to identify interest rate swaps and credit default swaps from September 1, 2026. [NEW]
New Governance Structure for Transition to T+1 Settlement Cycle Kicks Off. On January 22, ESMA, the European Commission (“EC”) and the European Central bank (“ECB”) launched a new governance structure to support the transition to the T+1 settlement cycle in the European Union. Following ESMA’s report with recommendations on the shortening of the settlement cycle, the new governance structure has been designed to oversee and manage the operational, regulatory and technological aspects of this transition. Given the high level of interconnectedness within the EU capital market, a coordinated approach across the EU, involving authorities, market participants, financial market infrastructures and investors, is desirable. ESMA said that the key elements of the new governance model include an Industry Committee, composed of senior leaders and representatives from market players, several technical workstreams, operating under the Industry Committee, focusing on the technological operational adaptations needed in the areas concerned by the transition to T+1 (i.e. trading, matching, clearing, settlement, securities financing, funding and FX, asset management, corporate events, settlement efficiency), and two more general workstreams that will review the scope and the legal and regulatory aspects of these adaptations, and a Coordination Committee, chaired by ESMA and with representation from the EC, the ECB, ESMA and the chair of the Industry Committee, intended to ensure coordination between the authorities and the industry, advising on challenges that may arise during the transition. Additionally, ESMA said that the Commission is currently considering the merits of a legislative change mandating a potential transition to a shorter settlement cycle.

New Industry-Led Developments

ISDA Publishes Joint Trade Association letter to SEC on US Treasury Clearing. On January 24, ISDA, the Alternative Investment Management Association, the Futures Industry Association (“FIA”), the FIA Principal Traders Group, the Institute of International Bankers, the Managed Funds Association and the Securities Industry and Financial Markets Association and its asset management group sent a letter to Mark Uyeda, acting chair at the US Securities and Exchange Commission (SEC) requesting an extension to the implementation dates for the Treasury clearing mandate by a minimum of 12 months. The associations believe this would give the SEC time to consider and address several critical issues and for the industry to implement clearing. In the letter, the associations highlight their concern that, without an extension, the success of the transition to central clearing will be compromised and may lead to disruptions in the cash Treasury securities and repo markets.
ISDA and AFME Publish Joint Response to ECB Consultation on Options and Discretions under EU Law. On January 24, ISDA and the Association for Financial Markets in Europe (“AFME”) responded to the European Central Bank’s (“ECB”) consultation on its approach to options and discretions under EU law. In the response, the associations highlight the efforts of the ECB to establish consistent options and discretions that would harmonize rules and foster a level playing field in the euro area. The response also mentions that further actions are necessary, specifically on trading book boundary classifications and exemptions.
ISDA Publishes Equity Definitions VE, Version 2.0. On January 21, ISDA published version 2.0 of the ISDA Equity Derivatives Definitions (Versionable Edition) on the MyLibrary platform. This publication includes, among other updates, provisions that can be used for documenting transactions with time-weighted average price or volume-weighted average price features, futures price valuation in respect of share transactions and benchmark provisions in respect of an index.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, jsteiner@gibsondunn.com)

Michael D. Bopp, Washington, D.C. (202.955.8256, mbopp@gibsondunn.com)

Michelle M. Kirschner, London (+44 (0)20 7071.4212, mkirschner@gibsondunn.com)

Darius Mehraban, New York (212.351.2428, dmehraban@gibsondunn.com)

Jason J. Cabral, New York (212.351.6267, jcabral@gibsondunn.com)

Adam Lapidus – New York (212.351.3869, alapidus@gibsondunn.com )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, sbrooker@gibsondunn.com)

William R. Hallatt , Hong Kong (+852 2214 3836, whallatt@gibsondunn.com )

David P. Burns, Washington, D.C. (202.887.3786, dburns@gibsondunn.com)

Marc Aaron Takagaki , New York (212.351.4028, mtakagaki@gibsondunn.com )

Hayden K. McGovern, Dallas (214.698.3142, hmcgovern@gibsondunn.com)

Karin Thrasher, Washington, D.C. (202.887.3712, kthrasher@gibsondunn.com)

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

Gibson Dunn’s Workplace DEI Task Force aims to help our clients develop creative, practical, and lawful approaches to accomplish their DEI objectives following the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center. Should you have questions about developments in this space or about your own DEI programs, please do not hesitate to reach out to any member of our DEI Task Force or the authors of this Update (listed below).

Key Developments:

On February 3, the Mayor and City Council of Baltimore, the National Association of Diversity Officers in Higher Education, the American Association of University Professors, and the Restaurant Opportunities Centers United filed a lawsuit in the District of Maryland challenging two recent anti-DEI executive orders. The complaint raises six constitutional claims, including claims alleging that the orders violate the First Amendment, Due Process Clause, Spending Clause, and separation of powers. The complaint asks for a declaratory judgment that Executive Order 14151 and Executive Order 14173 are unconstitutional, as well as a preliminary injunction enjoining enforcement of these executive orders. The case has been assigned to Judge Adam Abelson.

On January 28, the Acting Chair of the Equal Employment Opportunity Commission (EEOC), Andrea Lucas, announced through an EEOC press release that the “agency is returning to its mission of protecting women from sexual harassment and sex-based discrimination in the workplace by rolling back the Biden administration’s gender identity agenda.” The press release described the actions Lucas has taken to effectuate President Trump’s Executive Order 14168, including removing EEOC employees’ ability to display their pronouns on software applications, ending the use of the “X” gender marker in the EEOC intake process, and removing “materials promoting gender ideology” from the EEOC’s internal and external websites. Lucas also initiated a review of the Commission’s “Know Your Rights” poster, which covered employers must post in their workplaces. The EEOC has not yet rescinded its Enforcement Guidance on Harassment in the Workplace, because a majority vote of the EEOC Commissioners is required to rescind guidance documents. On the same day that these changes were announced, the White House terminated two of the three Democratic Commissioners—former EEOC chair Charlotte Burrows and former EEOC vice chair Jocelyn Samuels. Karla Gilbride, the general counsel for the EEOC, was also terminated. On February 4, President Trump named Andrew Rogers as the acting general counsel for the EEOC. Rogers was previously Chief Counsel and Chief of Staff to acting EEOC Chair Andrea Lucas. Prior to that, Rogers worked in the US Department of Labor’s Wage and Hour Division and in private practice.

On January 28, state financial officials from eighteen states sent a letter to Mark Uyeda, the Acting Chair of the Securities and Exchange Commission, and Vince Micone, the Acting Secretary of Labor, requesting that the Commission and Department of Labor develop rules and guidance prohibiting investment decisions based on ESG or DEI objectives as “inconsistent with fiduciary duties.” The letter discussed “an indisputable trend, among large asset managers, to prioritize political and social agendas over the financial security of hardworking Americans,” and advocated that “[r]etirement security should not be jeopardized in order to facilitate corporate virtue signaling and activist-driven initiatives.”

On January 27, nineteen state Attorneys General, led by Iowa Attorney General Brenna Bird, sent a letter to Costco CEO Ron Vachris, urging Costco to repeal its DEI policies. In the letter, the attorneys general identified recent changes in the DEI policies of other major corporations and noted that companies that have not rolled back their programs have been sued or investigated over their DEI initiatives. The letter instructed Costco to respond within 30 days, “either notify[ing]” the group “that Costco has repealed its DEI policies or explain[ing] why Costco has failed to do so.”

In a January 21 memorandum, the U.S. Office of Personnel Management (OPM) provided guidance to all federal agencies regarding implementation of President Trump’s executive orders including Executive Order 14151 and Executive Order 14148. The memorandum required each agency to send agency-wide notices to all employees informing them that the agencies’ DEI offices would be closed, and “asking employees if they know of any efforts to disguise these programs by using coded or imprecise language.” The memorandum, signed by Acting OPM Director Charles Ezell, stated that failing to report on disguised DEI programs could result in “adverse consequences.” Ezell also ordered all agencies to place their DEI staff on paid leave by 5:00 p.m. on January 22, to take down any outward facing media relating to federal DEI offices, to cancel all DEI-related training, and to terminate relationships with all DEI-related contractors. The memorandum also instructed each agency, by close of business on January 31, to submit a “written plan for executing a reduction-in-force action regarding the employees who work in a DEIA office” and a “list of all contract descriptions or personnel position descriptions that were changed since November 5, 2024 to obscure their connection to DEIA programs.”

On January 20, Reverend Al Sharpton called for a boycott on companies eliminating their DEI programs. During a Washington, D.C.-based ceremony celebrating Martin Luther King, Jr. Day, Sharpton, speaking on behalf of his National Action Network, announced the convening of a council that will “engage in a 90-day study of what companies have given up on DEI and what their margins of profit are” before selecting two companies to “specifically be targeted in the boycott.” Sharpton stated that he will be supporting companies that have “doubled down” on DEI, including leading a “buy-cott” rally at a New Jersey Costco location to show support for companies that are maintaining DEI programs.

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

Bloomberg, “Costco Defended Its DEI Policies Now It Should Talk About Them” (February 3): Bloomberg Editorial’s Beth Kowitt reports on the response of Republican attorneys general to Costco’s shareholders rejecting a shareholder proposal that would have compelled reversal of the company’s DEI policies. Kowitt writes that Costco “did a powerful job of making a business case for why its DEI programs are important to the company,” but has failed to articulate what its DEI programs specifically entail, noting the lack of publicly available information on these programs. Kowitt recommends companies be more forthcoming about the details of their DEI initiatives, encouraging companies to “get granular” about what their DEI policies entail. She posits that companies that “vaguely allude to ‘doing DEI’” are much more likely to end up in the crosshairs of the Trump administration than those that make clear their policies comply with federal law. The article also quotes Jason Schwartz, co-chair of the Labor & Employment group at Gibson, Dunn & Crutcher LLP, who argues that, as a general matter, corporate America has not done “a good job at explaining itself and its programs,” and this failure has allowed opponents of DEI to “own[] the public dialogue about [DEI] without any nuance.”
ModernRetail, “How the Trump Presidency Upended Retailers’ DEI Policy Playbooks” (January 30): Writing for ModernRetail, Mitchell Parton and Allison Smith discuss the rapid shift in corporate DEI initiatives in recent months. They report that in 2020, companies “quickly committed to [DEI] measures,” but that many large companies have rolled back those commitments. Parton and Smith say that many other companies are adjusting the language they use to describe their DEI programs to avoid scrutiny. The authors note that “executives are scrambling to gauge their exposure to legal risks tied to diversity policies.” The article quotes Jason Schwartz of Gibson Dunn, who says phones are “ringing off the hook” with companies who “want to take a fresh look” at their programs in light of President Trump’s recent actions.
Law360, “Companies Risk White House Wrath By Keeping DEI Programs” (January 24): Law360’s Sarah Jarvis reports on President Trump’s executive orders in his first week in office targeting DEI programs. She notes that while “[m]any companies have retreated from their DEI commitments amid the pointed political landscape,” some major U.S. companies, including Costco, Apple, and Pinterest, “are staying the course with their existing DEI programs and policies.” The article quotes Jason Schwartz of Gibson Dunn, who says companies can take a range of approaches as they determine how to support a “robust pipeline of diverse talent,” but notes that the executive order involving federal contractors, in particular, creates a “massive expansion of potential liability.” Schwartz says that it is difficult to find the line between pursuing legally sound programs and avoiding unnecessary risk “because the law is in flux right now.”
Bloomberg, “Trump Redefining ‘Sex’ Sets Up Clash Over High Court Protections” (January 23): Bloomberg’s Rebecca Klar and Khorri Atkinson report that President Trump’s day-one executive order requiring the federal government to recognize only two sexes will likely face legal challenges. In the executive order, President Trump called on the Attorney General to “immediately issue guidance to agencies to correct the misapplication of the Supreme Court’s decision in Bostock v. Clayton County,” in which the Supreme Court held that sex discrimination under Title VII included discrimination based on sexual orientation and gender identity. Klar and Atkinson report that “Bostock was the foundation for agency actions like the EEOC’s harassment guidance addressing gender identity protections.” David Lopez, a Rutgers Law School professor and former EEOC general counsel under President Obama, said appellate courts have consistently ruled “with the EEOC position” and that the new executive order is an attempt “to achieve through executive action” what the administration could not previously “achieve in court.” However, at least one federal court has concluded that Bostock does not apply to “workplace policies on bathrooms, dress codes, and locker rooms.” Klar and Atkinson write that they expect litigation over Bostock’s reach and whether it prevents the rollback of gender identity protections the executive order mandates.
Litigation Daily, “With DEI Rollbacks, Employment Lawyers See Potential for Targeting Corporate Commitment to Equality” (January 23): Writing for Litigation Daily, Charles Toutant discusses how companies’ changes to DEI initiatives may be used against them in court. He reports that the National Institute for Workers’ Rights circulated a memorandum in October 2024 stating that a company’s choice to roll back DEI initiatives could be used against it in a discrimination case. Jason Solomon, director of the National Institute for Workers’ Rights, said that an employee bringing a discrimination lawsuit could use these roll backs as evidence that their employer failed to “use reasonable care” to prevent discrimination. Toutant reports that plaintiff-side employment lawyers believe that discovery into a company’s decisions about DEI programs would be “fair game” in a discrimination lawsuit. Conversely, Jason Schwartz of Gibson Dunn described the concern as “overblown.” Schwartz said that it was a “real stretch” to argue that a revision to DEI policies was evidence of animus or discriminatory intent, noting that he has “no doubt that plaintiffs’ lawyers will make that argument,” but that the argument is not “very compelling.” Schwartz concluded, “[t]here are lots of legitimate concerns that people are raising about the rollback of programs, and obviously they think it needs to be done in a thoughtful way. But the fact that it could evidence discrimination—I’m pretty skeptical [of that].”

Case Updates:

Below is a list of updates in new and pending cases:

1. Employment discrimination and related claims:

Paul Fowler v. Emory University, No. 1:24-cv-05353 (N.D. Ga. 2024): On November 21, 2024, a former Emory University employee sued the university, alleging that the Vice Provost for Career and Professional Development discriminated against white employees in investigations, discipline, hiring, and promotions. The plaintiff asserts employment discrimination claims arising from “unlawful race, gender, and age discrimination and retaliation” in violation of Title VII, the Age Discrimination in Employment Act, and Section 1981.
- Latest update: On January 21, 2025, Emory University answered the complaint, denying allegations that it engaged in employment discrimination.

2. Board of director or stockholder actions:

City of Riviera Beach Police Pension Fund v. Target, Corp., et al., No. 2:25-cv-00085 (M.D. Fla.): Institutional investor City of Riviera Beach Police Pension Fund sued Target and certain Target officers on behalf of a class of stockholders, alleging that defendants have defrauded investors by issuing false and misleading statements concerning conduct undertaken to further Target’s ESG and DEI initiatives, causing the company’s stock price to be artificially inflated. The lawsuit brings claims under Sections 10(b), 14(a), and 20(a) of the Securities Exchange Act of 1934
- Latest update: The docket does not indicate that Target has been served yet.

Craig v. Target Corp., No. 2:23-cv-00599-JLB-KCD (M.D. Fl. 2023): America First Legal sued Target and certain Target officers on behalf of a shareholder, claiming the board falsely represented that it monitored social and political risk, when instead it allegedly focused only on risks associated with not achieving ESG and DEI goals. The plaintiffs allege that Target’s statements violated Sections 10(b) and 14(a) of the Securities Exchange Act of 1934 and that Target’s May 2023 Pride Month campaign triggered customer backlash and a boycott that depressed Target’s stock price. On December 4, 2024, the district court denied defendant’s motion to dismiss, concluding that the plaintiffs sufficiently pleaded both their Section 10(b) and Section 14(b) claims. On January 6, 2025, the court entered a stay pending mediation between the parties. On January 17, 2025, Target filed a status update regarding the parties’ proposed mediation, in which it asserted that plaintiffs “would only provide dates of availability to mediate if [Target] agreed to do so on a class-wide basis.” In its filing, Target argued that the case is not a class action, the Private Securities Litigation Reform Act prohibits plaintiffs from “purporting to act on behalf of a hypothetical class,” and the law requires “shareholders who file a class action complaint to provide notice to other shareholders” which plaintiffs have not done. Target asked the court to “direct Plaintiffs to provide their availability to mediate” on an individual basis.
- Latest update: On January 21, 2025, plaintiffs filed a Response to Target’s Status Update and a Motion to Lift the Stay. Plaintiffs assert that Target “misrepresent[ed] the dialogue between the parties,” and they moved to lift the stay to “enable Plaintiffs to pursue, among other things, (1) amending the complaint to add class allegations; and (2) determining the lead plaintiff under 15 U.S.C. § 78u-4(a)(3).” Plaintiffs asked the court to reopen the action, lift the stay, and cancel the mediation conference. On January 31, 2025, Target filed an Opposition to plaintiffs’ motion to lift the stay, asserting that plaintiffs failed to “satisfy the applicable good cause standard for canceling a court-ordered mediation.”

3. Actions against educational institutions:

Chu, et al. v. Rosa, No. 1:24-cv-75 (N.D.N.Y. 2024): On January 17, 2024, a coalition of education groups sued Betty Rosa, Commissioner of Education for the State of New York, alleging that the state’s free summer program discriminates based on race and ethnicity in violation of the Equal Protection Clause of the Fourteenth Amendment. The Science and Technology Entry Program (STEP) permits students who are Black, Hispanic, Native American, and Alaskan Native to apply regardless of their family income level, but all other students, including Asian and white students, must demonstrate “economically disadvantaged status.” On April 19, 2024, Rosa moved to dismiss the amended complaint for lack of subject-matter jurisdiction, arguing that neither the organizational plaintiffs (groups of parents) nor the named plaintiff, also a parent, have suffered any personal or individual injury, and that the plaintiffs cannot sue for alleged violations of members’ rights as prospective STEP applicants. Plaintiffs opposed the motion, arguing that the plaintiffs do not need to apply for the STEP program as a prerequisite for standing because their “injury is the inability to compete on an equal footing,” not whether they can secure a spot in the STEP program. On April 5, 2024, Plaintiffs filed an amended complaint, adding further details regarding organization members and their interests and including that certain students “meet[] the residency and academic requirements” for the program and are “ready and willing to apply.” Rosa moved to dismiss the amended complaint, but the court denied the motion on November 22, 2024. The court ordered Rosa to answer the complaint no later than December 6, 2024, later extending this deadline to January 21, 2025.
- Latest update: On January 21, 2025, Rosa answered the amended complaint, denying allegations of discrimination. She asserted that the plaintiffs lack standing and that the amended complaint failed to state a claim.

4. Challenges to statutes, agency rules, and regulatory decisions:

Do No Harm v. Gianforte, No. 6:24-cv-00024-BMM-KLD (D. Mont. 2024): On March 12, 2024, Do No Harm filed a complaint on behalf of “Member A,” a white female dermatologist in Montana, alleging that a Montana law requiring the governor to “take positive action to attain gender balance and proportional representation of minorities resident in Montana to the greatest extent possible” when making appointments to the twelve-member Medical Board violates the Equal Protection Clause. Do No Harm alleged that since ten seats are currently held by six women and four men, Montana law requires that the remaining two seats be filled by men, which would preclude Member A from holding the seat. Following Governor Gianforte’s motion to dismiss Magistrate Judge De Soto recommended that the case be dismissed for lack of subject matter jurisdiction. Magistrate Judge De Soto found Do No Harm lacked standing because it did not allege “facts demonstrating that at least one Member is both ‘able and ready’ to apply for a Board seat in the reasonably foreseeable future.” For the same reasons, the Magistrate Judge found the case unripe.
- Latest update: On January 24, 2025, Do No Harm objected to the Magistrate Judge’s findings and recommendations. Do No Harm argues that it has associational standing and that the case is ripe because the organization adequately pleaded “concrete factual allegations regarding the ability and readiness of its members” to apply for board membership, and that its injuries are definite and concrete.
Do No Harm v. Cunningham, No. 25-cv-00287 (D. Minn. 2025): On January 24, 2025, Do No Harm sued Brooke Cunningham, Commissioner of the Minnesota Department of Health, challenging a state law that requires the Commissioner to consider race in appointing members to the Minnesota Health Equity Advisory and Leadership Council. Do No Harm alleges that state law requiring that the board include representatives from either “African American and African heritage communities,” “Asian American and Pacific Islander communities,” “Latina/o/x communities,” and “American Indian communities and Tribal governments and nations,” violates the Fourteenth Amendment. Plaintiffs seek a permanent injunction and declaratory relief.
- Latest update: Do No Harm served defendants on January 30, 2025. Their answer is due February 20, 2025.
American Alliance for Equal Rights v. Walz, No. 24-cv-1748-PJS-JFD (D. Minn. 2024): On May 15, 2024, AAER filed a complaint against Minnesota Governor Tim Walz, challenging a state law that requires Governor Walz to ensure that five members of the Minnesota Board of Social Work are from a “community of color” or “an underrepresented community.” The fifteen-member Board, comprised of ten professionally licensed social workers and five public member positions, has three currently open seats and will have an additional six open seats in January 2025. AAER claimed that two of its white female members are “qualified, ready, willing and able to be appointed to the board,” but that they will not be given equal consideration. AAER seeks a permanent injunction and a declaration that the law violates the Equal Protection Clause of the Fourteenth Amendment. On January 3, 2025, AAER filed an amended complaint to reflect the fact that they no longer rely on one of their original white female members.
- Latest update: On January 17, 2025, Governor Walz answered the amended complaint, denying the allegations of unlawful discrimination and asserting that the plaintiffs lack standing and failed to state a claim upon which relief can be granted.
American Alliance For Equal Rights v. Bennett, No. 1:25-cv-00669 (N.D. Ill. 2025): On January 21, 2025, AAER sued the Attorney General of Illinois, the Director of the Illinois Department of Human Rights, and the Secretary of State of Illinois. AAER alleges that an Illinois law requiring “qualifying nonprofits to gather and publicize” certain demographic data online compels organizations to engage in unlawful discrimination. They assert that “[b]y forcing charities to publicize the demographics of their senior leadership, the law pushes them to hire candidates based on race.” AAER also alleges the law violates the First Amendment by compelling organizations “to speak about a host of controversial demographic issues.” AAER seeks a permanent injunction and declaratory relief.
- Latest update: AAER served defendants on January 24, 2025. Their answer is due February 14, 2025.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Zoë Klein, Cate McCaffrey, Jenna Voronov, Emma Eisendrath, Felicia Reyes, Allonna Nordhavn, Janice Jiang, Laura Wang, Maya Jeyendran, Kristen Durkan, Ashley Wilson, Lauren Meyer, Kameron Mitchell, Chelsea Clayton, Albert Le, Emma Wexler, Heather Skrabak, and Godard Solomon.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, jschwartz@gibsondunn.com)

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, ksmith@gibsondunn.com)

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, mdenerstein@gibsondunn.com)

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, zswilliams@gibsondunn.com)

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, msenger@gibsondunn.com)

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, bevanson@gibsondunn.com)

As we write, Attorney General Pamela Bondi is putting her stamp on corporate criminal enforcement through the issuance of memoranda directing prosecutors to focus effort and resources on cases involving transnational corporate organizations, drug cartels, and terrorism. In this alert, we survey negotiated corporate criminal resolutions in 2024 and offer thoughts about how the trends observed in 2024 will change in the wake of the Attorney General’s February 5, 2025 memoranda to the U.S. Department of Justice (“DOJ”).

Changes Following Attorney General Bondi’s February 5, 2025 Memoranda

In the first day of her tenure as Attorney General of the United States, Attorney General Bondi issued a number of directives to federal prosecutors to guide their effort and focus in the coming years. Those memoranda will shape efforts in this area for the next four years, if not longer. Gibson Dunn issued a more detailed analysis of the impacts of these directives, from which we synthesize a few headline points:

DOJ’s stated investigative and charging priorities are now immigration enforcement; human trafficking and smuggling; transitional criminal organizations (“TCOs”), cartels, gangs; and protecting law enforcement.[1] Attorney General Bondi elevated the leadership of two task forces (one focused on MS-13, and the other on human trafficking) to the Office of the Attorney General, in a clear signal of where DOJ’s new priorities lie.[2]
Resources devoted to certain other enforcement efforts were redirected, such as disbanding the Foreign Influence Task Force[3] and limiting criminal charges under the Foreign Agents Registration Act and 18 U.S.C. § 951 “to more traditional espionage by foreign government actors.”[4]
For other areas, the practical implications of the announcements may be less apparent. For example, the Attorney General’s requirement that the Foreign Corrupt Practices Act (“FCPA”) Unit prioritize investigations of foreign bribery that “facilitates” cartels and TCOs, including human smuggling and narcotics and firearms trafficking, and to “shift focus away from investigations and cases that do not have such a connection” may signal a reduced emphasis on FCPA enforcement, insofar as the FCPA unit brought very few such cases historically. However, it is also possible that this is more a measure to ensure that investigations into cartels and TCOs are not stymied by DOJ red tape, consistent with the subsection’s heading, “Removing Bureaucratic Impediments to Aggressive Prosecutions.” Indeed, the new guidance also suspends, for new FCPA and Foreign Extortion Act matters relating to cartels and TCOs, the Justice Manual’s requirements for Criminal Division approval, and it also allows U.S. Attorneys’ Offices seeking to bring FCPA charges in cartel- or TCO-related cases to proceed with only 24 hours’ notice to the Fraud Section–both actions that permit greater, but not unfettered, leeway to pursue this subset of FCPA cases much more aggressively than ever before.[5]
Similarly, the immediate, practical impact from disbanding the National Security Division’s (“NSD”) Corporate Enforcement Unit is also likely to be small, insofar as the unit was already thinly staffed.[6]
Despite their number, the recent DOJ memoranda may signal that the pendulum will swing away from extensive DOJ policies and guidance. Although it does not single out corporate criminal enforcement, the Attorney General’s prohibition on guidance documents that “violate the law when they are issued without undergoing the rulemaking process” but nevertheless “purport to have a direct effect on the rights and obligations of private parties”[7] may well lay the groundwork for revisiting DOJ-issued guidance from the past four years–including guidance around corporate enforcement and compliance.
Finally, in a development directly relevant to some types of corporate criminal resolutions, except in limited circumstances, “settlements should not be used to require payments to third-party, non-governmental organizations that were neither victims nor parties to the law suits”[8]—as did some of the resolutions in 2024 surveyed below.

Notwithstanding these pronouncements signaling an intended departure from the policies and priorities of the Biden administration, we note that DOJ has proceeded to resolve several significant criminal matters in the early days of the Trump administration. For example, on January 27, 2025, online cryptocurrency exchange and trading platform, KuCoin, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of New York for operating an unlicensed money servicing business (“MSB”) and failure to implement an Anti-Money Laundering (“AML”) program. In addition to servicing approximately 1.5 million users in the United States as an unlicensed MSB and futures commission merchant, KuCoin allegedly transmitted billions of dollars in suspicious proceeds due to the lack of an AML program. The plea agreement stipulates forfeiture of $184.5 million, representing the fees paid by U.S. users; a criminal fine of $112.9 million; and a two-year probationary term, during which KuCoin will exit the U.S. market. Notably, the forfeiture amount is lower than one might anticipate based on DOJ’s prior position that companies could be required to forfeit all funds transmitted by U.S., or potentially all, users. It is difficult to say whether this signals the influence of the new Administration or is a product of the specific fact pattern and nuances of the negotiation that pre-dated the change in guard.

Similarly, on February 6, 2025, Brink’s Global Services USA, Inc. (“Brink’s), a cash handling company, announced that it had entered into a two-year non-prosecution agreement with the U.S. Attorney’s Office for the Southern District of California to resolve charges of knowingly operating an unlicensed money transmitting business and failing to maintain an effective AML program. According to the NPA, Brink’s was required to register with FinCEN as a money transmitting business because, on several occasions between 2019 and 2020, it transported both U.S. dollars and other currencies to and from the U.S., totaling approximately $50.4 million, and exceeded the limited “currency transporter exemption” to the registration requirement by failing to adequately identify the source of funds and ultimate destination of funds it transported. Under the NPA, Brink’s agreed to forfeit $25 million, which reflected credit for Brink’s’s acceptance of responsibility and implementing a new AML compliance program. The NPA also credited civil penalties Brink’s would pay pursuant to a parallel consent order with FinCEN.

Survey of Negotiated Corporate Criminal Resolutions in 2024

In 2024, DOJ continued its multi-year trend of resolving fewer cases using corporate non-prosecution agreements (“NPAs”) and deferred prosecution agreements (“DPAs”).[9] Indeed, the relative proportion of resolution types has not changed appreciably in the past three years (as shown in Chart 3 below). DOJ overwhelmingly favored corporate guilty pleas last year, with a total of 75 plea agreements publicized by year-end, compared to 22 NPAs and DPAs, as well as two declinations with disgorgement. The language and substance of these corporate resolutions reflected the intentionality of application of enforcement priorities and detailed policies put forward by DOJ; for example, many resolutions contained express language addressing specific considerations under DOJ’s Corporate Enforcement and Voluntary Self-Disclosure Policy. As detailed below, many updates in the corporate enforcement arena centered around incentivizing voluntary disclosure and whistleblowing. This included pilot programs and policies by several prominent U.S. Attorneys’ Offices. And while prosecutions of corporate fraud-related offenses continued apace in 2024, no corporate criminal resolution involved cartels (in any sense), transnational criminal organizations, or human trafficking. Across the board, U.S. Attorneys’ Offices continued to play an important role in the vast majority of corporate criminal resolutions, a role that Attorney General Bondi’s initial directives suggest may increase further in 2025.

In this client alert, we: (1) report key statistics regarding corporate resolutions, including an analysis of NPAs, DPAs, and Corporate Enforcement and Voluntary Self-Disclosure Policy (“CEP” or “Corporate Enforcement Policy”) declinations from 2000 through 2024 and of corporate guilty pleas between 2022 and 2024, based on data compiled by Gibson Dunn; (2) assess developments in DOJ enforcement policy and priorities in 2024; (3) summarize the 99 agreements in 2024; and (4) survey recent developments in DPA-like regimes abroad.

Key Statistics

Chart 1 below reflects the NPAs and DPAs that Gibson Dunn has identified through public-source research from 2000 through the end of 2024. Of the 22 total agreements in 2024, there were 14 DPAs and eight NPAs. The SEC, consistent with its trend since 2016, did not enter any NPAs or DPAs in 2024.

Chart 2 reflects total monetary recoveries related to publicly available NPAs and DPAs from 2000 through the end of 2024. At approximately $2.6 billion, 2024 recoveries associated with DPAs and NPAs are higher than those in 2023 and continue their upward trend, although they rank as the 16th lowest of our 25 years of annual totals.

Chart 3 reflects the relative mix of NPAs, DPAs, declinations-with-disgorgement and guilty pleas since we began tracking the latter in 2022.

Charts 4 and 5 below focus on 2022 through 2024, and show the numbers of DPAs, NPAs, plea agreements, and declinations with disgorgement in those years, as well as recoveries associated with each category of agreement.[10] These charts illustrate that while DOJ has used all forms of resolution, the relative proportion of guilty pleas to other forms of resolution has not changed significantly in the three years we have tracked plea agreements. Consistent with the higher number of plea agreements relative to other forms of resolution, recoveries associated with guilty pleas have also always been highest. At $5.9 billion, recoveries associated with plea agreements in 2024 more than doubled those associated with NPAs and DPAs but did not outpace them as significantly as in recent years.

[Values shown on a logarithmic scale.]

[Values shown on a logarithmic scale.]

Although it would be impossible to determine with certainty the root cause of the relative decline in NPAs and DPAs that began around 2022, the shift coincided with significant updates announced in the September 2022 Monaco Memorandum (which we analyzed in depth in our October 3, 2022 publication) that broadened policies on voluntary self-disclosure and signaled a meaningful pivot in prosecutors’ charging assessments.

We note a few statistics and possible trends, although it is difficult to say whether they reflect any shift in focus or standards or are a function of the natural ebb and flow of enforcement actions—nor can we predict the prospective impact of the incoming administration’s priorities on them.

Since 2022, all “blockbuster” resolutions involving criminal penalties and forfeiture totaling $1 billion or more across parallel criminal and civil settlements involved plea agreements—with three in that category in 2022, one in 2023, and two in 2024. Looking back over time, we note at least seven NPAs and DPAs involving criminal penalties of $1 billion or more, between 2009 and 2020.
On the other end of the penalty spectrum, the only two publicly available corporate resolutions in 2024 that explicitly cited timely voluntary self-disclosure were both declinations with disgorgement—and both resolved by the Fraud Section of DOJ’s Criminal Division. Historically, voluntary self-disclosure of misconduct had been a significant feature of many NPAs and DPAs, although—consistent with the announcement and expansion of the CEP—the numbers of NPAs and DPAs citing voluntary disclosure as a factor have declined significantly since 2016.
Indeed, every one of the corporate declinations or declinations with disgorgement publicly announced pursuant to the CEP since 2016 has involved the Fraud Section.
Despite DOJ first expanding the predecessor to the Corporate Enforcement Policy to reach beyond the Foreign Corrupt Practices Act (“FCPA”) in 2018, and later underscoring that it applied to all corporate criminal matters in 2023, the Fraud Section was involved in approximately one-third (67) of all (194) DPAs, NPAs, and declinations announced since 2018. That percentage held even after the past three years’ relative decline in DPAs, NPAs and declinations, with the Fraud Section involved in 22 of the 67 total such agreements.
For plea agreements, a similar distinction goes to environmental-related prosecutions. Of the 190 corporate guilty pleas publicly announced from 2022-2024, 50 (slightly more than one-fourth) involved DOJ’s Environmental Natural Resources Division and/or the Environmental Protection Agency. Of the guilty pleas related to enforcement of environmental laws and regulations, almost 20 percent involved tampering or disengagement of monitoring devices designed to detect or prevent pollution, and over 10 percent involved the improper release of oily bilgewater.
DOJ’s Antitrust Division had eight public NPAs and DPAs in 2020-21, three in 2023, and none in 2022 and 2024. But in 2022-2024, it also entered 13 plea agreements. Of these plea agreements, 11 were tied to schemes previously publicly disclosed.
Precisely 50% (344) of all 688 corporate DPAs, NPAs, and declinations issued under the CEP in our 25 years of data involve an allegation or charge of fraud of some sort, ranging from bank or mail fraud to FCPA violations. Since we began tracking plea agreements in 2022, the percentage is slightly lower at 29%, i.e., 74 of the total 252 negotiated corporate resolutions—40 of which were guilty pleas.
U.S. Attorneys’ Offices continue to play an important role in corporate prosecutions, which were historically concentrated in the biggest DOJ offices or Main Justice units. 93% of 2024’s 99 corporate negotiated resolutions involved a U.S. Attorney’s Office.
Monitoring obligations, whether in the form of an independent monitor or self-reporting, have continued to feature in corporate resolutions at approximately the same rate over the past three years. As a percentage, 23%-46% of all publicly reported DPAs, NPAs, and declinations for which data is available for each year between 2022 and 2024 included a monitoring obligation: 25% in 2022, 23% in 2023, and 46% in 2024. While these percentages reflect a steep decline from the prior three years, which ranged from 59%-73% (59% in 2019, 73% in 2020, and 69% in 2021), monitorships and self-reporting are by no means extinct.
In 2024, nine corporate resolution agreements were also signed by parent companies that were not defendants in the proceedings. In these resolutions, the parent company typically agreed to provisions relating to payment, continued cooperation, and compliance enhancements, but certain agreements went farther, requiring specific guarantees or collateral and subjecting the parent to sanctions for any breach of the agreement.

The evolution in form, structure, and elements of corporate resolutions will no doubt continue. More than 20 years ago, Gibson Dunn led the dramatic shift toward increased use of NPAs and DPAs in corporate cases and has recently been at the forefront of monitoring and addressing the apparent shift back toward plea agreements.

2024 Developments in DOJ Corporate Enforcement Policy

Many of DOJ’s policy updates and pilot programs in 2024 centered around incentivizing voluntary disclosure, including by individuals. For business organizations, these initiatives further underscore the need for companies to revisit compliance program elements relating to reporting misconduct and whistleblower protections and may alter the calculus around their own voluntary self-disclosure decisions. Specifically, these initiatives would encourage business organizations to revisit their compliance programs to ensure that they get first notice of issues that may be externally reported, and also to ensure that they investigate reports sufficiently speedily and effectively to allow for timely corporate self-disclosure assessments.

With that said, the policy memoranda issued by Attorney General Bondi on February 5, 2025, cast doubt on whether DOJ will continue to prioritize voluntary disclosure and other corporate criminal enforcement initiatives to the same degree moving forward, as DOJ reorients toward immigration and transnational criminal organizations.[11]

Criminal Division’s Pilot Program on Voluntary Self-Disclosure for Individuals

On April 15, 2024, DOJ’s Criminal Division announced a new Pilot Program on Voluntary Self-Disclosure for Individuals (“the Individuals VSD Pilot Program”). While not directly applicable to corporations, this program is likely to affect the design of corporate compliance programs. The Individuals VSD Pilot Program aims to incentivize individual participants in certain types of criminal conduct involving corporations to voluntarily self-disclose information about the criminal conduct in exchange for an NPA, subject to certain conditions. Specifically, under the Individuals VSD Pilot Program, culpable individuals may receive an NPA if they (1) voluntarily, (2) truthfully, and (3) completely self-disclose original information about misconduct in certain high-priority enforcement areas that was otherwise unknown to the Department; (4) fully cooperate and provide substantial assistance against those who are equally or more culpable; and (5) forfeit any ill-gotten gains and compensate victims. The program is notably not available to Chief Executive Officers, Chief Financial Officers, or their equivalents, nor to individuals reporting violent crimes or who have prior felony convictions for crimes involving fraud or dishonesty.

The applicable “high priority” enforcement areas articulated in 2024 include schemes involving financial institutions, including money laundering; related to the integrity of financial markets involving financial institutions, investment advisors or funds, or public or large private companies; foreign corruption schemes, including violations of the FCPA or Foreign Extortion Prevention Act; healthcare fraud and kickback schemes; federal contract fraud schemes; and domestic corruption schemes involving bribes or kickbacks paid by or through public or private companies.

Going forward, it seems likely that these priorities may shift toward immigration and transnational criminal organizations, consistent with Attorney General Bondi’s memorandum on charging, plea negotiations, and sentencing.[12]

Criminal Division’s Corporate Whistleblower Awards Pilot Program

Several months later, the Criminal Division formally announced another, parallel pilot program, the Corporate Whistleblower Awards Pilot Program, effective immediately upon its announcement on August 1—although Principal Deputy Assistant Attorney General (then-Acting Assistant Attorney General) Nicole M. Argentieri had initially previewed the program in March at the American Bar Association’s 39th National Institute on White Collar Crime.

As we described in greater detail in our prior alert, under this pilot program, a whistleblower who provides the Criminal Division with original and truthful information about corporate misconduct that leads to a forfeiture exceeding $1 million may be eligible for a monetary award, from a portion of that forfeiture. To qualify, the information provided must relate to certain “high priority” enforcement areas including (1) certain crimes involving financial institutions, (2) foreign corruption involving company misconduct, (3) domestic corruption involving company misconduct, or (4) healthcare fraud schemes involving private insurance plans.

Although corporate entities are not themselves eligible for an award under the program, the pilot program guidance clarifies that companies that voluntarily self-report within 120 days of receiving a whistleblower report internally may be eligible for a presumption of declination under the Criminal Division’s Corporate Enforcement Policy, provided that the company reports to the DOJ before the DOJ contacts the company.

According to the 2024 Justice Department, this new program aims to fill important gaps in the existing federal whistleblower programs run by the SEC, CFTC, and FinCEN by seeking original information not covered by those programs. The Program also aims to complement and strengthen the DOJ’s existing voluntary self-disclosure programs for individuals and companies. In the keynote address at the December 2024 Practicing Law Institute’s White Collar Crime 2024 Program, the former Principal Associate Deputy Attorney General stated that the program has received more than 250 tips “many of which appear to identify criminal conduct we didn’t know about.”[13]

Various U.S. Attorneys’ Offices Announce Voluntary Self-Disclosure Pilot Programs

As of this publication, 12 U.S. Attorneys’ Offices have announced their own, separate individual whistleblower or voluntary self-disclosure pilot programs.[14] The programs are similar to one another and to the DOJ Criminal Division’s pilot program in some respects and generally allow a prosecutor to enter an NPA with an individual who (1) reports misconduct not previously known to the office, (2) voluntarily discloses the misconduct, without government inquiry or imminent threat of disclosure, (3) provides substantial assistance and full cooperation, (4) completely and truthfully discloses all criminal conduct in which the individual participated, and (5) agrees to forfeit proceeds and pay restitution to victims.[15]

However, the devil is in the details, and the offices stand out for their differences more than their cohesion. For example, the Central District of California contemplates DPAs in addition to NPAs, while the Northern District of Illinois offers no guarantee of an NPA but rather “maintains the discretion to determine on a case-by-case basis” whether an individual “merits” an NPA (though time will tell whether this is merely a semantic difference, as surely all offices will employ their discretion to determine whether their respective standards have been met).[16] Individuals are eligible to participate in all offices’ programs, with certain common exclusions, such as: (1) federal elected officials or law enforcement officers and, in some offices’ programs, state-elected equivalents; (2) the CEO and, in some offices’ programs, the CFO or Chief Compliance Officer; (3) individuals with felony convictions or, in some offices’ programs, histories of certain types of misconduct.[17] In the Southern District of Texas, business organizations are also eligible to participate in the program.[18]

Although a U.S. Attorney’s Office is subject to jurisdictional and DOJ policy limits on what misconduct it may charge, the types of criminal conduct that qualify for each office’s program also vary significantly. Fraud or control failures involving public or private companies are common, if not universal, among the pilot programs, as is state or local bribery.[19] The District of New Jersey and the Northern District of Illinois programs cover anything not specifically excluded.[20] Most districts exclude misconduct that would be prosecuted by Main Justice such as FCPA violations, violations of campaign finance laws, federal tax offenses, or federal environmental offenses, but in the Eastern District of New York and Northern District of California, nothing is explicitly excluded.[21] Where misconduct could arguably be charged in one of many districts, one could easily imagine a savvy whistleblower and their counsel forum shopping for the program where they stand the best or most certain chance of reaping rewards.

Looking ahead, Attorney General Bondi’s February 6, 2025, policy memoranda appear to signal her intention to empower U.S. Attorneys’ Offices to investigate and prosecute cases with less direct involvement by Main Justice, which could make these programs increasingly important—to the extent they continue.

DOJ Updates Its Evaluation of Corporate Compliance Programs Guidance

As we analyzed in depth in our contemporaneous update, on September 23, 2024, the Criminal Division announced relatively modest revisions to its Evaluation of Corporate Compliance Programs (“ECCP”) guidance, focusing on the following three areas: (1) evaluation and management of risk related to new technologies, such as artificial intelligence (“AI”); (2) further emphasis on the role of data analysis; and (3) whistleblower protection and anti-retaliation. Among these, the Department’s changes in its approach to AI were the most significant, underscoring DOJ’s continued focus on the misuse of technology in criminal conduct and reflecting DOJ’s current expectations as companies tailor their compliance programs to both identify and manage the risks posed by AI. Other key takeaways from the revisions include that in adopting a tailored, risk-based approach, companies should (1) assess whether their use of technology falls within the scope of this guidance; (2) ensure new technologies are as transparent as possible; (3) continuously monitor and revise their compliance programs to keep up with rapid technological developments; (4) allocate the resources at their disposal to identifying and mitigating risks posed by technology; and (5) revisit their approach to compliance reporting to account for the probability of increased activity following DOJ’s recent launch of several new whistleblowing and anti-retaliation programs.

Antitrust Guidelines for Collaboration Among Competitors Withdrawn

On December 11, 2024, the DOJ Antitrust Division and Federal Trade Commission (“FTC”) withdrew longstanding guidelines for collaboration among competitors.[22] Issued in April 2000, the guidelines provided substantive guidance on the types of collaborations and factors that the Division would be more or less likely to view as anticompetitive. The withdrawal notice explained that technological and jurisprudential developments have rendered the guidelines unreliable and stated that the Division is “committed to vigorous antitrust enforcement on a case-by-case basis” going forward. Although the withdrawal is not a criminal enforcement policy, the notice stated that the guidelines “risk[ed] creating safe harbors that have no basis” in law. It also cited “artificial intelligence” and “algorithmic pricing models” as examples of new technologies that the guidelines had not addressed,[23] both of which may be relevant to traditional areas of antitrust criminal enforcement such as price fixing, bid rigging, and market allocation.[24]

2024 Resolutions

This portion of the alert summarizes publicly available corporate resolutions from January 1, 2024 through December 31, 2024. While most are listed alphabetically below, the 14 guilty pleas relating to allegations of tampering with pollution control devices on diesel trucks in violation of the Clean Air Act, which were extracted by the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division and various U.S. Attorneys’ Offices, are grouped together toward the end, for ease of reference. The appendix provides key facts and figures regarding all 99 resolutions, along with links to the resolution documents themselves (where available).

AAR CORP. (NPA)

On December 19, 2024, AAR CORP., a publicly traded aviation services company based in Illinois, entered into an 18-month NPA with DOJ’s Fraud Section and the U.S. Attorney’s Office for the District of Columbia to resolve DOJ’s investigation into an alleged conspiracy to violate the FCPA’s anti-bribery provisions.[25] According to the NPA, between 2015 and 2020, AAR allegedly conspired to pay bribes to government officials in Nepal and South Africa to obtain and retain business with state-owned airlines.[26] As a result of the scheme, AAR reportedly obtained nearly $24 million in profits.[27] Pursuant to the NPA, AAR agreed to pay a $26.4 million criminal penalty and to forfeit at least $18.6 million in proceeds traceable to the offense; however, DOJ agreed to credit disgorgement paid pursuant to AAR’s parallel SEC resolution against the forfeiture amount.[28] According to the NPA, the penalty reflected a 45% discount below the bottom of applicable Guidelines range, and DOJ credited AAR for self-reporting the potential violations to the DOJ and SEC and cooperating with both agencies throughout their multi-year investigations.[29] AAR’s self-report did not qualify as a “voluntary self-disclosure,” however, because media outlets in Nepal and South Africa published several English-language articles reporting potential irregularities in the relevant contracts prior to the company’s disclosure and an independent source reported the alleged Nepal misconduct to U.S. prosecutors 12 days prior to the company’s self-disclosure.[30]

DOJ also charged two individuals in connection with their involvement in these alleged bribery schemes. Deepak Sharma, a former AAR subsidiary executive, pleaded guilty in the District of Columbia on August 1, 2024 to a conspiracy to violate the FCPA for his role in the Nepal scheme and settled related SEC charges on December 19, 2024. Julian Aires, a third-party agent of AAR, pleaded guilty in the District of Columbia on July 15, 2024 to a conspiracy to violate the FCPA for his role in the South Africa scheme.[31]

To resolve parallel SEC charges, AAR consented to a cease-and-desist order finding that the company had violated the FCPA’s anti-bribery and accounting provisions and agreed to pay $29.2 million in disgorgement plus prejudgment interest.[32] In sum, after offsets, AAR agreed to payments totaling approximately $55.6 million.

Advoque Safeguard LLC (Guilty Plea)

On October 24, 2024, Advoque Safeguard LLC, a protective equipment manufacturer, together with three individual defendants, entered a guilty plea for conspiracy to introduce or deliver for introduction into interstate commerce a misbranded device with intent to defraud or mislead pursuant to a plea agreement with the United States Attorney’s Office for the District of Massachusetts.[33] The government alleged that Advoque Safeguard conspired to ship N95 facemasks, misbranded as National Institute of Occupational Safety and Health (NIOSH)-approved while not meeting NIOSH filtration standards.[34] Pursuant to the plea agreement, the parties agreed to recommend a criminal fine of $700,000 to be paid within 120 days and probation of one year.[35] Sentencing has not yet occurred.

Akua Mosaics, Inc. (Guilty Plea)

On March 19, 2024, Akua Mosaics, Inc. (“Akua Mosaics”) entered into a plea agreement with the U.S. Attorney’s Office for the District of Puerto Rico to resolve charges alleging that Akua Mosaics conspired to defraud the U.S. by smuggling and importing porcelain mosaic tiles manufactured in China in violation of 18 U.S.C. §§ 371, 545.[36] The government alleged that from 2021 through about June 2022, Akua Mosaics and its president conspired with a Chinese citizen and resident to ship the Chinese-manufactured tiles to Malaysia, causing the boxes to be labeled “Made in Malaysia,” and then shipping those tiles to Puerto Rico.[37]

In connection with the agreement, Akua Mosaics and its president, also charged in the same case, face a maximum penalty of five years in prison, a $250,000 fine, a three-year term of supervised release, and $1,090,000 in restitution.[38] Pursuant to the agreement, Akua Mosaics agreed to pay restitution of $1,090,000, and a recommendation that no fine be imposed. In related actions, the Chinese national with which the company and president allegedly conspired was arrested in April 2023 in the Northern District of California while attempting to leave the U.S., pleaded guilty to participation in the conspiracy, and was sentenced in September 2023 to four months in prison.[39]

Al’s Asphalt Paving Company, Inc. (Guilty Plea)

On January 31, 2024, Al’s Asphalt Paving Company, Inc. (“Al’s Asphalt”), a provider of asphalt paving services, entered into a plea agreement with the DOJ Antitrust Division.[40] The agreement resolved allegations involving bid rigging, in which Al’s Asphalt and other companies coordinated, and conspired to coordinate, bid prices, resulting in non-competitive bids from March 2013 through as late as June 2019 U.S.C. § 1.[41] Al’s Asphalt’s plea agreement was part of a broader investigation conducted by the DOJ Antitrust Division, which has resulted in nine guilty pleas by companies and executives in the Michigan asphalt-paving services industry, and in which DOJ has coordinated with the Department of Transportation Office of the Inspector General and the U.S. Postal Service Office of Inspector General.[42] This scheme allegedly involved at least $3.6 million in commerce attributable to Al’s Asphalt.[43] On July 31, 2024, the U.S. District Court for the Eastern District of Michigan sentenced the company, imposing a criminal penalty of $795,662, to be paid in installments over the course of five years.[44]

AM/NS Calvert, LLC (Guilty Plea)

On July 23, 2024, AM/NS Calvert, LLC (“AM/NS”), a steel plant owner and operator, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Alabama and the Environmental Crime Section of the Department of Justice.[45] The plea agreement resolved allegations that, from approximately February 2014 through April 2017, AM/NS’s acid regeneration plant was not using caustic solution required by its Clean Air Act permit, in violation of the Clean Air Act.[46] In October 2024, AM/NS was sentenced to three years of probation and a $750,000 fine.[47] The plea agreement also requires AM/NS to comply fully with the terms of a separate, related settlement agreement with the U.S. Environmental Protection Agency’s Office of Debarment and Suspension.[48]

Amigos Mexican Cuisine & Cantina LLC (Guilty Plea)

On November 27, 2023 (though publicly filed on April 29, 2024), Amigos Mexican Cuisine & Cantina LLC (“Amigos Mexican”) entered into a plea agreement with the U.S. Attorney’s Office for the District of Oregon to resolve allegations that the company stole federal funds intended to help small businesses during the COVID-19 pandemic.[49] According to the agreement, over the course of about one year, Amigos Mexican allegedly submitted five fraudulent loan applications to steal more than $759,000 from three COVID-19 pandemic relief programs: the Paycheck Protection Program, Economic Injury Disaster Loan program, and the Restaurant Revitalization Fund. The company’s owners allegedly transferred these funds into personal accounts for personal expenditures.[50] Pursuant to the agreement, Amigos Mexican agreed to pay a fine of $200,000, as well as $759,100 in restitution to the Small Business Administration.[51] In a separate civil proceeding, the company was ordered to pay $1.6 million to resolve a related False Claims Act allegation.[52]

AMVAC Chemical Corp. (Guilty Plea)

On May 24, 2024, AMVAC Chemical Corp. (“AMVAC”), a pesticide manufacturer, entered into a plea agreement with the Environmental Crimes Section of the U.S. Department of Justice’s Environment and Natural Resource Division and the U.S. Attorney’s office for the Southern District of Alabama, to resolve Resource Conservation and Recovery Act (“RCRA”) transportation violation charges.[53] The plea agreement resolved allegations that AMVAC knowingly transported hazardous waste without a required hazardous waste manifest.[54] The government alleged that AMVAC imported tens of thousands of used containers of a pesticide called “Thimet” without labeling the containers as containing hazardous waste.[55] On October 25, 2024, the court sentenced AMVAC to a fine of $400,000 and a three-year probation period where AMVAC will be required to fund and develop an Environmental Compliance Plan (“ECP”), the recommended sentence provided in the agreement.[56] Pursuant to the agreement, the ECP shall be developed and administered by a third-party environmental auditor.

Asphalt Specialists LLC (Guilty Plea)

On January 30, 2024, Asphalt Specialists LLC (“Asphalt Specialists”), a provider of asphalt paving services, entered into a plea agreement with the DOJ Antitrust Division.[57] The agreement was part of a broader investigation into anticompetitive behavior in the asphalt paving industry[58] and resolved allegations involving bid rigging, in which Asphalt Specialists and other companies (including Al’s Asphalt, supra) coordinated, and conspired to coordinate, bid prices, resulting in non-competitive bids from March 2013 through as late as May 2021 in violation of the Sherman Act, 15 U.S.C. § 1.[59] This scheme allegedly involved at least $23,465,114 in commerce attributable to Asphalt Specialists.[60] On August 15, 2024, the U.S. District Court for the Eastern District of Michigan sentenced Asphalt Specialists, imposing a criminal penalty of $6.5 million, as recommended by the government, to be paid over the course of six years.[61]

Austal USA (Guilty Plea)

On August 26, 2024, Austal USA LLC (“Austal USA”), a Navy shipbuilder, entered into a plea agreement resolving allegations regarding securities fraud and obstruction of a federal audit with the U.S. Attorney’s office for the Southern District of Alabama and DOJ’s Fraud Section.[62] The agreement resolved allegations that Austal reported false financial results to investors, lenders, and its auditors.[63] The government alleged Austal USA artificially suppressed an accounting metric known as “estimate at completion” (“EAC”) in relation to its construction of multiple combat ships that Austal USA was building for the U.S. Navy, overstating profitability and earnings in its public financial statements.[64] Under the plea agreement, Austal USA agreed that an approximately $73,572,680 criminal fine was appropriate, but, due to Austal USA’s inability to pay, the plea agreement proposed a criminal fine of $24,000,000 and a three-year probation period during which Austal USA will undergo an independent compliance monitorship.[65] The plea agreement provided up to a 100% credit against the fine for payments made by Austal USA toward a parallel settlement with the SEC in federal court relating to violations of the antifraud provisions of the Securities Exchange Act of 1934.[66] Austal USA’s parent company, Austal Limited was not a defendant in the action though Austal Limited still consented to engage in remedial measures required in the probation.[67]

Aventura Technologies, Inc. (Guilty Plea)

On March 19, 2024, Aventura Technologies, Inc. (“Aventura”), a security and surveillance hardware and software manufacturer, pled guilty in the Eastern District of New York to mail and wire fraud conspiracy, 18 U.S.C. §§ 1341, 1343, and illegal importation, 18 U.S.C. § 1349.[68] Aventura admitted to a more than decade-long, $112 million scheme to purchase Chinese-made security equipment and resell it, while representing that the equipment was U.S.-made.[69] From 2006 to November 2019, Aventura imported and then resold the Chinese-made equipment to the U.S. government and military and other overseas private and public customers, earning over $20 million in government contracts.[70] Aventura actively concealed the equipment’s origins, including by working with Chinese suppliers to label equipment as “Made in USA” and with an American flag, and by showing visitors both a fake lab and fake classified building at the company’s facility on Long Island.[71] The company also falsely represented that it was a woman-owned small business.[72]

Under the guilty plea, Aventura agreed to dissolve itself following sentencing and to three years’ probation, to provide continued federal court jurisdiction during the state-law corporate dissolution process.[73] It also agreed to forfeit over $3 million in assets and 7,000 items of merchandise.[74] Seven individual defendants had previously pled guilty, including to charges of wire fraud conspiracy.[75]

Avin International Ltd & Kriti Ruby Special Maritime Enterprise (Guilty Plea)

On December 23, 2024, shipping companies Avin International Ltd (“Avin”) and Kriti Ruby Special Maritime Enterprise (“Kriti Ruby SME”) entered into a plea agreement with the U.S. Attorney’s Offices for the District of New Jersey and the Middle District of Florida and with the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division.[76] The agreement resolved multiple counts arising from allegations that Avin and Kriti Ruby SME violated the Act to Prevent Pollution from Ships, failed to maintain records, falsified records, and obstructed justice. Specifically, between May 2022 and September 2022, crew members of an oil tanker, which was commercially operated and managed by Avin and owned by Kriti Ruby SME, allegedly knowingly bypassed required pollution prevention equipment by discharging oily waste from the vessel into the sea during port calls in New Jersey and Florida.[77] According to the agreement, crew members allegedly failed to record the discharges in the vessel’s oil record book and were directed to conceal the equipment used to conduct the transfers before inspection by the United State Coast Guard.[78]

In connection with the agreement, Avin and Kriti Ruby SME were ordered to pay a criminal fine of $3,375,000, of which $1,250,000 will be designated as a community service payment to the National Fish and Wildlife Foundation.[79] The companies were sentenced to five-year terms of probation during which they must adopt and implement environmental compliance plans, retain the services of an independent third-party auditor to perform external audits, and fund a court-appointed monitor.[80]

BIT Mining Ltd. (DPA)

On November 18, 2024, BIT Mining Ltd. (“BIT Mining”), which operated as a cryptocurrency mining company based in the Cayman Islands and was formerly known as 500.com Ltd., agreed to enter into a three-year DPA to resolve an investigation by the Fraud Section of DOJ’s Criminal Division and the U.S. Attorney’s Office for the District of New Jersey into alleged violations of the anti-bribery and books-and-records provisions of the FCPA.[81] In particular, DOJ alleged one count of conspiracy to violate the anti-bribery and books-and-records provisions, and one count of violating the books-and-records provisions.[82] The allegations stemmed from the company’s alleged participation in a 2017-2019 scheme to pay $1.9 million in bribes to Japanese government officials and the company’s consultants to win a contract to open a resort and casino in Japan.[83]

The Justice Department also announced on November 18, 2024 that an indictment had been unsealed charging the company’s former CEO with FCPA violations for his alleged role in the scheme.[84] In connection with the DPA, BIT Mining acknowledged that an appropriate criminal penalty would be $54 million.[85] Based on its proven inability to pay this amount, however, the parties agreed to a criminal penalty of $10 million; DOJ also agreed to credit up to $4 million against the civil penalty BIT Mining had agreed to pay the SEC to resolve a parallel investigation into the same conduct.[86] In addition, BIT Mining agreed to continued cooperation, any appropriate enhancements to its compliance program, and periodic reporting to the government regarding remediation and the implementation of compliance measures during the DPA’s three-year term.[87]

The parallel SEC resolution, which alleged approximately $2.5 million in improper payments, charged BIT Mining with violations of the anti-bribery, books-and-records, and internal controls provisions of the FCPA, and imposed a $4 million civil penalty.[88]

BNL Technical Services, LLC (Guilty Plea)

On October 22, 2024, BNL Technical Services, LLC (“BNL”), a small business that provides engineering support for environmental remediation and renewable energy projects, entered into a plea agreement to resolve allegations of bank fraud with the U.S. Attorney’s Office for the District of Eastern Washington.[89] The government alleged that BNL applied for and received a $493,865 loan in April 2020 as part of the Paycheck Protection Program (“PPP”) even though its employee pay and benefits were already being covered by Department of Energy and other federal sources including the Veterans Administration.[90] In August 2021, BNL, through its sole owner Wilson Pershing Stevenson III, requested and was granted forgiveness of the $493,865 PPP loan, by falsely certifying the loan proceeds had been used for eligible uses and business expenses.[91] BNL agreed to pay restitution of $493,865, no additional fine, and a $400 special assessment fee.[92] The agreement included no probation, reporting, or monitor because BNL was no longer a going concern. In exchange, the government agreed to dismiss all remaining indictment counts against BNL, and to dismiss a pending indictment against Wilson Pershing Stevenson III with prejudice.[93] Sentencing is scheduled for March 11, 2025.[94]

Boston Consulting Group (Declination with Disgorgement)

On August 27, 2024, the Fraud Section of DOJ’s Criminal Division issued a “declination with disgorgement” letter to U.S.-based consulting firm Boston Consulting Group, Inc. (“BCG”) for violations of the FCPA’s anti-bribery provisions.[95]

The declination requires that BCG continue to cooperate with the investigation and disgorge more than $14.4 million.[96] The declination letter cited several factors favorable to BCG, including the absence of aggravating factors such as executive management involvement or significant profit, as well as the company’s voluntary and timely self-disclosure, full and proactive cooperation, and substantial remediation efforts, which included terminating employees in Portugal involved in the misconduct, requiring them to forfeit their equity in the company, and withholding bonuses.[97] The declination also credited BCG for significant improvements to its compliance program and internal controls.[98]

Boyd Farm LLC (Guilty Plea)

On June 27, 2024, Boyd Farm, LLC entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Virginia to resolve allegations of unlawfully discharging a pollutant in violation of the Clean Water Act.[99] Between 2017 and 2019, Boyd Farm used excavators and other earthmoving equipment to pull vegetation, grub stumps and grade land at three sites in Virginia’s Piedmont region, which left behind debris that made its way into wetlands and streams at the properties.”[100] Boyd Farm was sentenced to pay a fine of $300,000 and serve a year of probation.[101]

Brazos Urethane, Inc. (DPA)

On February 7, 2024, Brazos Urethane, Inc. (“Brazos Urethane”), a commercial building contractor, entered into a three-year DPA with the U.S. Attorney’s Office for the Western District of Wisconsin.[102] The agreement resolved allegations that the company conspired to defraud the United States in connection with the company’s contract with the Federal Bureau of Prisons (“BOP”) to replace roofs on buildings of a correctional facility in Oxford, Wisconsin.[103] The government alleged that Brazos Urethane illegally dumped asbestos-containing materials at a site used to house workers in violation of its contract, which was valued at over $3.9 million.[104] After the Wisconsin Department of Natural Resources discovered the illegal dumping, the government alleged that Brazos Urethane falsely claimed to have completed the cleanup when in reality, it had merely pushed the waste further into the woods.[105] According to the agreement, Brazos Urethane acknowledged its responsibility and received full credit for its cooperation, which included two separate debriefings of all relevant facts, as well as ongoing remediation.[106]

In connection with the agreement, Brazos Urethane agreed to pay a monetary penalty of $300,000 and enhance its compliance and ethics program and internal controls.[107] The agreement did not require restitution because Brazos Urethane had already paid approximately $480,000 to remediate the dump site.[108] However, three months later, on May 6, 2024, the parties amended the DPA, agreeing that the payment “should not be considered a monetary fine because the Court has not initiated any action against the defendant in this case,” seeking to reclassify the payment as restitution, and petitioning the court to transfer it from the clerk of court to the Bureau of Prisons,[109] a motion which the court granted on May 20.[110]

Cambridge International Systems, Inc. (Guilty Plea)

On April 16, 2024, Cambridge International Systems, Inc. (“Cambridge”), a defense contractor, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of California to resolve allegations of conspiracy to commit bribery of, among others, a former Naval Information Warfare Center employee, in violation of 18 U.S.C. § 201.[111] According to the agreement, from 2014-2019, Cambridge allegedly provided jobs to the employee’s family and friends, meals, and sports tickets, in exchange for awarding Cambridge two contracting jobs worth over $132 million.[112] Pursuant to the agreement, Cambridge agreed to forfeit $1,672,102.23, representing the total paid to date under the awarded contracts, and the government agreed to recommend a fine “at the low end of the advisory guideline range recommended by the Government at sentencing.”[113] The agreement did not recommend the court to impose any term of probation.[114]

On September 24, 2024, Cambridge was sentenced to two years of probation and $2.25 million in fines, in addition to the $1.67 million in forfeitures.[115] As part of the condition of the probation, the court ordered the company to set up a fund valued at $250,000 to benefit the family of a slain employee.[116]

CBM SAS, CBM NA, and CBM U.S. (NPA)

On July 8, 2024, CBM SAS, together with its wholly-owned subsidiaries CBM NA and CBM US (collectively “CBM”), an international bus parts supplier, entered into a two-year non-prosecution agreement with the U.S. Attorney’s Office for the Southern District of New York.[117] The agreement resolved allegations that CBM engaged in a scheme to defraud U.S. transit authority customers through false and misleading statements about the sources of contracted-for bus parts from about 2010 to April 2021.[118] Although CBM did not receive credit for voluntary disclosure, to account for “CBM’s significant and early cooperation,” the monetary penalty the company ultimately agreed to pay reflects a 50% discount off the bottom of the U.S. Sentencing Guidelines fine range.[119]

According to the agreement, CBM is required to pay $463,243.41 in forfeiture to the United States, representing its profits from the scheme, and pay a fine of $1,500,000.[120] In addition, CBM has agreed to pay restitution to victims who submit claims, and to hold $2,000,000 in escrow to account for any victim restitution claims made directly to CBM.[121] At the conclusion of the NPA’s term, CBM must revert unclaimed funds up to $438,859.52 to the Crime Victims Fund, which is administered by DOJ’s Office for Victims of Crime.[122] For the duration of the agreement, CBM also must cooperate with the United States, report any violations of U.S. law, and continue its ongoing efforts to implement and maintain an adequate compliance program.[123]

Cerebral, Inc. (NPA)

On November 4, 2024, Cerebral, Inc. (“Cerebral”), an online mental healthcare company, entered into a 30-month NPA with the U.S. Attorney’s Office for the Eastern District of New York.[124] The agreement resolved allegations that Cerebral had improperly promoted distribution of controlled substances through its telehealth services from 2019 through 2022, in violation of 21 U.S.C. §§ 841 and 846.[125] The government alleged that Cerebral, which provided telehealth and prescription treatment for ADHD and other conditions through its app, deliberately pushed prescriptions of controlled substances to increase its revenue and patient retention.[126] The government also alleged that the company’s risk diversion controls were insufficient.[127] While Cerebral did not self-report the conduct, it cooperated with the investigation and took remedial measures including removing its CEO, halting use of prescription metrics for individual employees, and ceasing prescription of controlled substances, among other steps.[128] In consideration of these remedial measures, no independent monitor was imposed by the agreement.

Pursuant to the NPA, Cerebral will forfeit $3,652,000 in profits.[129] The NPA also assessed a fine of $2,922,000 (accounting for an aggregate discount of 20 percent in consideration of Cerebral’s timely cooperation). The fine is deferred for the term of the NPA because Cerebral is financially unable to pay and will be waived at the end of the agreement’s term unless Cerebral’s financial position has changed.[130]

Covetrus North America LLC (Guilty Plea)

On February 12, 2024, Covetrus North America LLC (“Covetrus”), a prescription drug company, entered into a plea agreement with the U.S. Attorney’s Office for the Western District of Virginia to resolve allegations of criminal drug misbranding in connection with the sale of veterinary prescription drugs.[131] Pursuant to the plea agreement, Covetrus agreed to pay a $1,000,000 fine to the Virginia Department of Health Professions and approximately $21,534,091 in forfeiture, representing the total value of misbranded prescription drugs.[132] The company was further sentenced to one year of probation and an additional $1,000,000 criminal penalty.[133] Covetrus also agreed to implement a corporate compliance program, and to annual reporting and certification of compliance for a period of two years.[134]

Cruise, LLC (DPA)

On November 15, 2024, Cruise, LLC (“Cruise”) entered into a DPA with the U.S. Attorney’s Office for the Northern District of California to resolve allegations that it violated Section 1519 of Title 18 of the United States Code by submitting a false report to a federal agency to obstruct justice.[135] Specifically, Cruise allegedly provided a false record to National Highway Traffic Safety Administration (“NHTSA”) with the intent to impede, obstruct, or influence the investigation of a crash involving one of Cruise’s autonomous vehicles.[136] Pursuant to the DPA, Cruise agreed to pay a $500,000 monetary penalty; adopt various remedial, review, and audit measures; and submit annual self-reports during the DPA’s three-year term.[137] DOJ credited Cruise’s cooperation, including sharing privileged documents pursuant to a limited waiver of privilege, and remediation, including terminating responsible employees and revamping the company’s safety and incident response protocols.

Defyned Brands (Guilty Plea)

On January 12, 2024, Defyned Brands (also known as 5 Star Nutrition LLC), a product development, brand marketing, and multi-channel retail company, entered into a plea agreement with DOJ Civil Division’s Consumer Protection Branch and the U.S. Attorney’s Office for the Western District of Texas.[138] Defyned pleaded guilty to three counts of distributing misbranded dietary supplements—workout supplements Epivar, Alpha Shredded and Laxobolic—in interstate commerce in violation of the federal Food, Drug and Cosmetic Act (“FDCA”), from September 2018 to July 2020.[139] The products were allegedly misbranded because they contained ingredients mislabeled as dietary ingredients or not listed on the product label.[140] In connection with the agreement, Defyned agreed to forfeit $4.5 million composed of 90 monthly payments of $50,000, and agreed to implement specific compliance program measures and to satisfy related reporting requirements for a term of three years.[141]

Dlubak Glass Company (Guilty Plea)

On December 2, 2024, Dlubak Glass Company entered into a plea agreement with the U.S. Attorney’s Office for the Northern District of Texas and DOJ’s Environmental Crimes Section.[142] The government alleged that the Company made materially false statements to the Texas Commission on Environmental Quality regarding its crushed cathode ray tube glass, which is subject to stringent environmental regulations.[143] Specifically, Dlubak allegedly represented that the crushed glass contained no lead, when in fact, the glass contained materials that have significant levels of lead.[144] Pursuant to the plea arrangement, the parties agreed that an appropriate sentence for Dublak would be four years’ probation and a $100,000 fine, and Dlubak would be required to appoint an Environmental Compliance Officer within 30 days of sentencing.[145] Arraignment is scheduled for April 3, 2025.

Domermuth Environmental Services, LLC (Guilty Plea)

On July 16, 2024, Domermuth Environmental Services, LLC (“DES”), a Tennessee-based petroleum spill clean-up company, entered into a guilty plea with the U.S. Attorney’s Office for the Eastern District of Tennessee to resolve allegations that DES knowingly discharged pollutants into navigable waters without a permit in violation of the Federal Water Pollution Control Act.[146] The government alleged that in 2018, petroleum-contaminated wastewater spilled on an outdoor concrete pad at DES’s processing facility.[147] Employees attempted to manage the spill by using absorbent pads and then pumping the contaminated water over a retaining wall into a patch of vegetation, but this water eventually flowed into a shallow ditch and discharged into the Holston River, a navigable waterway.[148] Pursuant to the agreement, the government recommended that DES be sentenced to three years’ probation and a $50,000 criminal fine, reflecting a downward departure of two levels due to the nature and quantity of substance involved.[149] The Honorable Thomas Varlan sentenced DES to the agreed terms on December 12, 2024.[150]

Eagle Renovations LLC (Guilty Plea)

On April 18, 2024, Eagle Renovations LLC (“Eagle Renovations”), a real estate company, pleaded guilty to one count wire fraud in the U.S. District Court in Dayton, Ohio in connection with an investigation into the misuse of COVID-relief program funds.[151] Eagle Renovations admitted to improperly applying for rental assistance through a federally funded CARES Act program in October and November 2020.[152] Eagle Renovations allegedly applied for funds through the program for at least seven properties, including some that were not inhabited or where the amount paid was “well in excess of what would be needed to cover any actual monthly rent.”[153] Reportedly, Eagle Renovations received about $70,875 through the program and paid back approximately $40,000.[154] As of the time of this publication, the plea agreement remains under seal.

On August 26, 2024, Eagle Renovations was sentenced to five years of probation and ordered to pay $24,150 restitution.[155]

eBay Inc. (DPA)

On January 10, 2024, eBay Inc. (“eBay”) entered into a three-year DPA with the U.S. Attorney’s Office for the District of Massachusetts.[156] In connection with the agreement, eBay agreed to pay a $3 million penalty, retain an independent compliance monitor, and make certain compliance enhancements.[157]

Endo Health Solutions Inc. (Guilty Plea)

In connection with the chapter 11 cases of global pharmaceutical manufacturer Endo International plc, a Gibson Dunn-led secured creditor group negotiated a multi-agency economic settlement with the federal government resolving approximately $8 billion in asserted claims, including several billion dollars of disputed tax claims, FDCA claims, and healthcare claims, in exchange for a single net present value payment of $200 million paid upon emergence of Endo’s business from chapter 11 in April 2024.[158] This global resolution included a misdemeanor guilty plea made shortly after emergence by non-successor debtor Endo Health Solutions Inc., which was negotiated with the DOJ’s Consumer Protection Branch to resolve alleged violations of the FDCA, and a stipulated unsecured claim in the form of $1.086 billion in criminal fines and an additional $450 million criminal forfeiture, which was deemed fully satisfied (along with all other federal claims) by the aforementioned global economic settlement payment.[159]

Envigo RMS LLC and Envigo Global Services Inc. (Guilty Plea)

On June 3, 2024, Envigo RMS LLC (“Envigo RMS”) and Envigo Global Services Inc. (“Envigo Global”), two related companies involved in dog breeding operations, pleaded guilty with the U.S. Attorney’s Office for the Western District of Virginia and the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division to conspiracy to violate the Animal Welfare Act and Clean Water Act.[160] The plea agreement resolved allegations that Envigo RMS failed to provide adequate veterinary care, adequate staffing, and safe and sanitary living conditions for the dogs housed at its breeding facility, and that Envigo Global failed to properly treat its wastewater or safely dispose of it.[161] The companies agreed to criminal fines—$11 million for Envigo RMS and $11 million for Envigo Global, for a total fine of $22 million—along with $6.5 million in payments to non-governmental organizations, a $7 million commitment to improving their facilities and personnel, five years’ probation, and a compliance monitor to submit reports every six months during a five-year term.[162] On October 24, 2024, Envigo RMS and Envigo Global were sentenced in accordance with the agreement.[163]

Environmental Resources Inc. (Guilty Plea)

On August 15, 2024, Environmental Resources, Inc. DBA Easy Rooter Plumbing, a Nevada company providing waste removal services, entered a plea agreement with the DOJ’s Environmental and Natural Resources Division and the U.S. Attorney’s Office for the District of Nevada, tied to a group plea deal with its co-defendant Matthew Thurman, pursuant to which the company pleaded guilty to a single count of knowingly violating a Clean Water Act pretreatment standard by illegally discharging grease waste and wastewater into the local publicly owned treatment works.[164] The plea agreement resolves allegations that the company and its owner collected grease wastes from food-service businesses and pumped them down manholes or into the grease traps of other customers.[165] Consistent with the agreement, on December 10, 2024, Environmental Resources, Inc. was sentenced to three years of probation and a $680,000 fine, for which the company was solely liable.[166] The owner was sentenced to two years in prison, one year of supervised release, and ordered to pay a $680,000 fine.[167]

Evans Concrete, LLC (Guilty Plea)

On April 2, 2024, Evans Concrete, LLC, a concrete sales company, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Georgia and the DOJ Antitrust Division, pursuant to which it pleaded guilty to conspiracy in restraint of trade in violation of the Sherman Act.[168] The plea agreement resolved allegations that Evans Concrete, from 2011-2013, knowingly entered into and engaged in a conspiracy to suppress and eliminate competition by fixing prices, rigging bids, and allocating specific jobs for sales of ready-mix concrete.[169] The government alleged that Evans Concrete and its co-conspirators agreed on pricing levels for ready mix concrete jobs in Statesboro, Georgia and allocated specific ready-mix concrete jobs in Statesboro, and that the conspirators used a third party to facilitate the transfer of information to one another to conceal the conspiracy.[170] Previously, in 2021, the government entered into a DPA with one of the co-conspirators, Argos USA, LLC, which had started cooperating with the government in 2020 and agreed to pay more than $20 million in criminal penalties in a DPA in 2021.[171] Evans Concrete paid a fine of over $2.7 million, and the court imposed one year of probation.[172]

Evoqua Water Technologies (NPA)

On May 13, 2024, Evoqua Water Technologies Corp. (“EVOQUA”) entered into a two-year NPA with the U.S. Attorney’s Office for the District of Rhode Island to resolve securities fraud charges relating to the company’s revenue recognition and statements to auditors.[173] The government alleged that between 2016 and 2018, EVOQUA booked revenue from purported sales of products where the receiving revenue was not reasonably assured, the products had not shipped to customers in the quarter the revenue was recognized, and/or the component parts had not been completed.[174] The government further alleged that these bookings caused the company to make misstatements in its financial statements and annual and quarterly SEC filings.[175]

In connection with the agreement, EVOQUA agreed to pay $8.5 million in criminal penalties and monitoring, reporting and compliance obligations for a two-year period.[176] The government did not impose an independent monitor because of EVOQUA’s acquisition by another company, EVOQUA’s remedial improvements to its compliance program and internal controls, and its agreement to enhance its compliance program.[177] The company also entered into a March 2023 resolution with the SEC for the same conduct and paid a civil penalty of $8.5 million.[178]

Family Dollar Stores, LLC (Misdemeanor Guilty Plea)

On February 26, 2024, Family Dollar Stores, LLC (“Family Dollar Stores”), a subsidiary of the retail company, entered into a plea agreement involving a misdemeanor offense with DOJ’s Consumer Protection Branch and the U.S. Attorney’s Office for the Eastern District of Arkansas.[179] The agreement resolved allegations that the subsidiary violated a strict liability misdemeanor provision of the Federal Food, Drug, and Cosmetic Act (“FDCA”) related to the adulteration of food, cosmetics, drugs, and devices.[180] The government alleged that a distribution center in West Memphis, Arkansas fell into a state of disrepair in 2019 and had rodent activity as a result that led to adulterated product being shipped in interstate commerce.[181]

In connection with the agreement, the subsidiary agreed to pay a fine of $200,000, a special assessment of $125, and forfeiture of $41.5 million.[182] The agreement notes the company’s extensive cooperation and significant remedial efforts, including the voluntary recall of affected products, retention of a third-party FDA expert to develop standard operating procedures for handling and storage of FDA-regulated products, and the appointment of experienced legal and compliance leaders to oversee the enhanced compliance program including food safety, among other measures. The DOJ credited the company’s development, implementation and maintenance of effective corporate compliance measures, and the Company agreed to self-report on its progress to DOJ for a period of three years.[183]

Fidelity Development Group LLC

On September 16, 2024, Fidelity Development Group LLC (“Fidelity”), a real estate development company, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Ohio.^[184] Although the agreement remains under seal, according to a press release, the agreement resolved allegations that Fidelity violated the Clean Air Act by failing to inspect for the presence of asbestos before renovating a building.^[185] The government alleged that in 2015 or 2016, Fidelity purchased the property and began renovations without conducting or acquiring an asbestos survey, despite an April 2020 asbestos survey that identified more than 12,000 linear feet of friable asbestos pipe wrap insulation in the building.^[186]

On January 16, 2025, Fidelity pleaded guilty to the charge.^[187] News sources claiming to have reviewed the plea agreement report that it includes a $100,000 fine and that the company expects to receive a two-year sentence of organizational probation.^[188] Sentencing is scheduled for March 4, 2025.^[189]

Frame, Inc. (Guilty Plea)

On February 22, 2024, Frame, Inc., a construction service company operating in West Virginia and Florida, entered into a plea agreement with the U.S. Attorney’s Office for the Northern District of West Virginia to resolve allegations of conspiracy to commit wire fraud.[190] Frame, Inc. was contracted by EMCOR Facilities Services, Inc. to provide repair services at U.S. Postal Service (USPS) facilities within a 150-mile radius of Charleston, West Virginia.[191] While Frame, Inc. was permitted to use subcontractors for this work, certain disclosure and maximum mark-up requirements applied.[192] The government alleged that Frame, Inc. committed wire fraud when it submitted bills for supposed services with rates above what was being charged by the subcontractors (including above maximum mark-up limits), after many times certifying that Frame, Inc. conducted the work, when in fact, a subcontractor had been used.[193] Pursuant to the agreement, Frame agreed to pay restitution of $187,286 and agreed that it is debarred from future federal government contracts.[194] According to a DOJ press release announcing the plea agreement, Frame also agreed to dissolve the corporation.[195] The court did not impose any additional penalties at sentencing.[196]

Gremex Shipping S.A. de C.V. (Guilty Plea)

On October 30, 2024, Gremex Shipping S.A. de C.V. (“Gremex”), a Mexican corporation that managed ships, entered into a plea agreement with the U.S. Attorney’s Office for the with the Northern District of Florida and DOJ’s Environmental Crimes Section.[197] The agreement resolved one felony charge of violation of the Act to Prevent Pollution from Ships (APPS) through the illegal discharge of bilge waste, and one charge of providing false records to the U.S. Coast Guard to conceal the illegal discharge.[198] In particular, the plea agreement resolved allegations that Gremex discharged oily bilge water without first removing the oil from the bilge water via an oil water separator, as required by international treaty.[199] Gremex was further alleged to have failed to adequately document its oily water discharges in its oil record book.[200] As part of its plea, Gremex agreed to pay a $1.75 million fine, to serve a four-year term of probation, and to fund and implement a detailed environmental compliance plan that includes retention of an independent third-party auditor to execute a prescribed audit plan.[201] Gremex also consented to the imposition of a court-appointed monitor for the duration of probation.[202] At the time of publication, sentencing had not yet occurred.

Gunvor (Guilty Plea)

On March 1, 2024, Gunvor, S.A. (“Gunvor”), a commodities trading company, entered into a plea agreement with U.S. Department of Justice’s Criminal Division, Fraud and Money Laundering and Asset Recovery Section (“MLARS”), and the U.S. Attorney’s Office for the Eastern District of New York.[203] The agreement resolved allegations that Gunvor paid bribes to Ecuadorean government officials to secure business with Ecuador’s state-owned oil company between 2012 and 2020.[204] The government alleged that Gunvor, through Gunvor Singapore, paid more than $97 million to brothers Antonio Pere and Enrique Pere knowing that a portion of the payments were intended as bribes for Ecuadorian officials.[205] The Pere brothers had previously pleaded guilty to conspiracy to commit money laundering, as had a former Gunvor employee and former senior official at Ecuador’s state-owned oil company.[206] The Pere brothers also pleaded guilty to conspiracy to violate the FCPA.[207]

In connection with the agreement, Gunvor agreed to pay a criminal penalty of over $374 million and forfeiture of approximately $287 million, for a total of $661 million, with credit of up to one quarter of the criminal fine for the amounts of any resolutions within one year of the agreement, with Swiss and/or Ecuadorian authorities, related to the same conduct.[208] Swiss authorities announced a parallel resolution for approximately $98 million simultaneously with the U.S. plea agreement, and in June 2024, Gunvor resolved with Ecuadorian authorities for $93.6 million.[209] DOJ cited Gunvor’s cooperation and remediation as mitigating factors, and also considered a separate bribery resolution with Swiss authorities for actions contemporaneous with, but unrelated to, the conduct at issue that also involved alleged flaws in Gunvor’s internal controls.[210] Gunvor’s penalty reflects a discount of 25 percent from the 30^th percentile of the applicable Sentencing Guidelines range.[211]

DOJ determined that an independent compliance monitor was not necessary based on Gunvor’s remediation and the state of its compliance program, but Gunvor is required to annually report on remediation and compliance measures during the agreement’s three-year term.[212]

See our 2024 Year-End FCPA Update for additional details and analysis.

Hexamed Business Solutions LLC and Trinity Champion Healthcare Partners LLC (Guilty Plea)

On April 3, 2024, Hexamed Business Solutions LLC (“Hexamed”) and Trinity Champion Healthcare Partners LLC (“Trinity”), both “Managed or Management Service Organizations” (“MSOs”) operated by Med Left LLC, a pharmacy marketer, pleaded guilty to conspiracy to commit concealment money laundering in the U.S. District Court for the Northern District of Texas.[213] The charges, brought by the U.S. Attorney’s Office for the Northern District of Texas, relate to an alleged patient referral scheme involving Med Left and Next Health, a pharmacy and laboratory services company.[214] According to the indictment, from about September 1, 2013, through at least October 2018, Next Health and several doctors allegedly agreed to split profits on prescriptions filled at pharmacies owned by Next Health.[215] NextHealth allegedly identified the industry’s most profitable prescriptions and then paid physicians to prescribe those medications through NextHealth pharmacies.[216] The scheme allegedly involved granting doctors “ownership” of specific pharmacies for a nominal fee.[217] From about September 1, 2013 through February 1, 2017, bribes and kickbacks were allegedly paid to referring physicians under the guise that the payments were legitimate returns on investment from the physicians’ ownership in the pharmacies.[218] Beginning in February 2017, doctors who no longer wanted to be invested in the pharmacies or were not offered the chance to buy-in, were instead allegedly paid bribes and kickbacks through MSOs operated by Med Left, such as Hexamed and Trinity.[219] The prescribing pharmacy would allegedly track each prescription by doctor by profit, send the proceeds to Med Left, and then Med Left would pay kickbacks to physicians through Hexamed and Trinity.[220] From about February 2017 through about October 2019, bribes and kickbacks were allegedly paid to physicians under the guise that the payments were legitimate returns on investment in the MSOs.[221]

As part of the plea agreements, Trinity and Hexamed agreed to pay fines not exceeding $10,000 and to forfeit funds seized from each entity’s bank account, amounting to $9,172.20 and $13,929.46, respectively.[222] Both companies agreed to pay a mandatory special assessment of $400 prior to sentencing.[223] The court accepted the companies’ guilty plea on November 14, 2024, but sentencing has not occurred at the time of this writing.[224]

JDM Supply (Guilty Plea)

On September 30, 2024, JDM Supply, LLC (“JDM Supply”), a manufacturing company, entered into a plea agreement with the U.S. Attorney’s Office for the District of Massachusetts relating to alleged conspiracy to introduce or deliver for introduction into interstate commerce a misbranded device with intent to defraud or mislead, in violation of the FDCA.[225] The government alleged that JDM conspired to ship N95 facemasks, misbranded as National Institute of Occupational Safety and Health-approved N95 respirators, to hospitals in Massachusetts.[226] Pursuant to the plea agreement, JDM Supply agreed to one year of probation and faces a maximum fine upon sentencing of $3,800,000.[227] A sentencing hearing is scheduled for March 25, 2025.[228]

KBC Capital (Guilty Plea)

On July 31, 2024, KBC Capital, LLC (“KBC Capital”), an after-market firearm accessory manufacturer and distributor, entered into a plea agreement with the U.S. Attorney’s Office for the District of Massachusetts, in which it agreed to plead guilty to 26 counts of transferring a firearm in violation of the National Firearms Act (“NFA”).[229] The government alleged that from about 2017 to September 2023, KBC Capital was responsible for illegally transferring firearm suppressors (i.e., silencers) to Massachusetts residents, noting that making gunshots harder to hear impedes law enforcement response to shootings.[230] KBC Capital admitted to the underlying facts and agreed to pay a fine of $260,000 and to three years of probation to resolve the charges.[231] The probation requirement also included an agreement to cease marketing of firearms accessories.

KVK Research Inc. (Guilty Plea) and KVK Tech Inc. (DPA)

On March 6, 2024, generic pharmaceutical manufacturer KVK Research Inc. (“KVK Research”) entered into a plea agreement with DOJ’s Consumer Protection Branch and the U.S. Attorney’s Office for the Eastern District of Pennsylvania.[232] The criminal information charged KVK Research and its corporate affiliate, KVK Tech Inc. (“KVK Tech”) with two misdemeanor counts of introducing adulterated drugs into interstate commerce in violation of the Federal Food, Drug and Cosmetic Act (FDCA) and recommended forfeiture of $1 million. Pursuant to the plea agreement, KVK Research agreed to this forfeiture amount and to pay a criminal fine of $750,000.[233]

In pleading guilty, KVK Research admitted that from 2011 to 2013, it introduced into interstate commerce at least 62 batches of adulterated hydroxyzine tablets, which were manufactured with an active pharmaceutical ingredient made at a foreign facility for which KVK Research had not sought authorization from the FDA.[234] In addition to the monitor imposed on KVK Tech, the plea agreement imposes quarterly reporting obligations on KVK Research to DOJ regarding remediation and implementation of the compliance measures established in the plea agreement.[235]

Separately, the corporate affiliate KVK Tech, Inc. entered into a three-year DPA with DOJ’s Consumer Protection Branch and the United States Attorney’s Office for the Eastern District of Pennsylvania, relating to the same conduct.[236] The DPA requires KVK Tech to implement a compliance program designed to prevent and detect violations of federal regulations[237] as well as current good manufacturing processes, and imposes an independent compliance monitor to evaluate KVK Tech’s corporate compliance program to address and reduce the risk of future violations during the duration of the DPA’s three-year term.[238]

In addition to these resolutions, the government announced that KVK agreed to pay $2 million to resolve alleged civil liability under the False Claims Act arising from the company’s alleged failure to exercise appropriate controls, causing the company to introduce adulterated drugs into interstate commerce drugs.[239] This in turn allegedly resulted in the submission of false claims to the TRICARE program, Federal Employees Health Benefits Program (FEHBP), Veterans Administration (VA) and Department of Labor, Office of Workers Compensation Programs (DOL-OWCP).[240]

Limited Properties, Inc. (Guilty Plea)

On July 23, 2024, Limited Properties, Inc. entered into a plea agreement with the U.S. Attorney’s Office for the District of South Carolina to resolve allegations of wire fraud conspiracy and money laundering conspiracy.[241] The indictment alleges that Limited Properties and its co-defendant Randy Cannon were engaged in the rental property business and would notify a third co-defendant (Leslie Sievers) of the items they wanted her to buy using her employer’s credit card for non-business-related purchases at a major home improvement retailer. Cannon would then pick up the items from the retailer, for which he would pay her (at a steeply discounted rate) with money or prescription pills. Limited Properties would then use those fraudulently obtained items in its rental properties.[242] Limited Properties is awaiting sentencing, and no specific fine or penalty has been agreed between the parties. Limited Properties agreed to forfeit “all assets subject to forfeiture,” including a list of 272 pieces of equipment, four vehicles, four bank accounts, and 40 firearms that had been seized and were subject to forfeiture.[243]

Logsdon Valley Oil, Inc. a/k/a Hart Petroleum (Guilty Plea)

On January 18, 2024, Logsdon Valley Oil, Inc., a/k/a Hart Petroleum (“Logsdon Valley”), a Kentucky-based oil company, entered into a plea agreement with the U.S. Attorney’s Office for the Western District of Kentucky to resolve allegations that it violated the Safe Drinking Water Act.[244] The government alleged that Logsdon Valley improperly discharged fluid generated from oil and gas production into sinkholes without a permit.[245] Logsdon Valley had previously pleaded guilty to similar charges in 2013, paid a $45,000 fine, and completed two years’ probation. In connection with the guilty plea, Hart Petroleum was sentenced to three years’ probation and a criminal fine of $100,000.[246]

Magellan Diagnostics, Inc. (Guilty Plea and related DPA)

On June 27, 2024, Magellan Diagnostics, Inc. (“Magellan”), a medical technology manufacturer, entered into both a plea agreement and a two-year DPA with the U.S. Attorney’s Office for the District of Massachusetts.[247] These agreements resolved allegations that Magellan concealed a device malfunction that produced inaccurate test results for thousands of patients. Specifically, the devices were used for lead testing in blood samples and accounted for more than half of all blood tests conducted in the U.S. from 2013 through 2017.[248] The Food & Drug Administration (“FDA”) found that the devices could not accurately test samples, leading to a recall of all the devices and a warning to the public.[249] In its plea agreement, Magellan admitted that it did not timely notify the FDA about a malfunction causing the company’s devices to provide inaccurate lead level results and that it changed the user instructions for the devices without FDA notice or approval.[250]

Magellan pleaded guilty to two counts of introducing a misbranded medical device into interstate commerce in violation of the Food, Drug, and Cosmetic Act (“FDCA”).[251] It separately entered into a DPA with the U.S. Attorney’s Office for the District of Massachusetts for conspiracy to commit wire fraud in violation of 18. U.S.C. § 1349 and conspiracy to defraud the U.S. in violation of 18 U.S.C. §371, in connection with the same conduct.[252] Magellan was sentenced in connection with the plea agreement on October 10, 2024, and ordered to pay $21.8 million in fines and $10.9 million in forfeiture. The DPA separately requires the company to establish and fund a victim compensation fund with a minimum of $9.3 million to compensate patient victims.[253] In addition, pursuant to the DPA Magellan must retain an independent compliance monitor for two years, implement certain compliance measures, and submit periodic reports regarding its compliance program.[254]

MAM Construction, Inc. (Guilty Plea)

On October 16, 2024, MAM Construction, Inc., a construction management company, pleaded guilty to one count of fraud pursuant to a plea agreement with the United States Attorney’s Office for the District of Puerto Rico.[255] The plea agreement resolved charges that MAM Construction defrauded investors by misrepresenting that it would broker the issuance of state, federal, and administrative permits for lifetime licenses from the FCC for construction of cell towers and that the investors would receive payments for permitting the construction. The government alleged that MAM Construction facilitated the investment of $194,786.46 for the fraudulent scheme. Pursuant to the plea agreement, MAM Construction agreed, jointly with its president Miguel Merced-Torres, to pay restitution in the same amount, and the parties agreed to recommend at sentencing that no fine be imposed. Sentencing is scheduled for February 11, 2025.

Martinez Builders Supply (Guilty Plea)

On October 28, 2024, Martinez Builders, a construction materials supplier, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Florida, resolving charges of alleged conspiracy to harbor aliens by means of employment.[256] In particular, the plea agreement resolved charges that, from 2018-2021, Martinez Builders’ officers and employees conspired to harbor aliens by establishing a fictitious entity to employ aliens who were not authorized to work in the United States, so that they would no longer appear on Martinez Builders’ payroll, though they continued to work on Martinez Builders projects.[257] Pursuant to the plea agreement, Martinez Builders agreed to forfeit $450,000. On January 24, 2025, Martinez Builders was sentenced to two years of probation and a $100,000 fine.[258]

Mary Mahoney’s Old French House, Inc. (Guilty Plea)

On May 20, 2024, Mary Mahoney’s Old French House, Inc. (“Mary Mahoney’s”), a well-known restaurant in Mississippi, entered into a plea agreement with the United States Attorney’s Office Southern District of Mississippi and the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division.[259] The agreement resolved allegations that the restaurant misrepresented the species, sources, and cost of the seafood sold to customers, thereby deceiving them about the nature and quality of the products being purchased.[260] The government alleged that from 2013 through November 2019, the restaurant, and its co-owner and manager conspired to misbrand and sell frozen fish imported from other countries as local premium species.[261] Pursuant to the agreement, Mary Mahoney’s agreed to plead guilty to a single count of conspiring to defraud its customers, was ordered to pay a $149,000 criminal fine and $1,350,000 in forfeiture, and was sentenced to five years’ probation.[262] Mary Mahoney’s co-owner and manager Anthony Charles Cvitanovich concurrently pleaded guilty to a felony charge of misbranding seafood during 2018-19, was ordered to pay a $10,000 fine, and was sentenced to three years of probation and four months of home detention.[263]

McKinsey and Company Africa (Pty) Ltd (DPA)

On December 5, 2024, McKinsey and Company Africa (Pty) Ltd (“McKinsey Africa”), a subsidiary of international consulting firm McKinsey & Company, Inc. (“McKinsey”) operating in South Africa, entered into a three-year DPA with the Fraud Section of DOJ’s Criminal Division and the U.S. Attorney’s Office for the Southern District of New York to resolve a single count of conspiracy to violate the anti-bribery provisions of the FCPA.[264] A former McKinsey senior partner who worked at McKinsey Africa had previously pleaded guilty to one count of conspiracy to violate the FCPA arising from the same misconduct.[265] According to the DPA, to obtain consulting contracts, McKinsey Africa allegedly agreed to pay bribes to officials at Transnet SOC Ltd., South Africa’s state-owned and state-controlled custodian of ports, rails, and pipelines, and at Eskom Holdings SOC Ltd., the country’s state-owned and state-controlled energy company.[266]

Pursuant to the DPA, McKinsey Africa agreed to pay a criminal penalty of $122,850,000; however, DOJ agreed to credit up to 50% of the criminal penalty against amounts that McKinsey pays to authorities in South Africa within 12 months. In determining the penalty, DOJ acknowledged McKinsey Africa for suspending and requiring continued cooperation by the implicated partner, conducting trainings, enhancing due diligence processes and controls, and voluntarily repaying all revenues from potentially tainted contracts, resulting in a 35% discount from the fifth percentile of the applicable USSG range. Due to McKinsey Africa and McKinsey’s remediation and compliance program, no monitor was imposed, but both companies agreed to annual self-reporting during the term, followed by certain certifications at expiration. Although not a defendant, McKinsey signed the DPA and agreed to certain terms and obligations, including cooperation, reporting, and implementation of a compliance and ethics program.

McKinsey & Company, Inc. United States (DPA)

On December 13, 2024, McKinsey & Company, Inc. United States (“McKinsey US”), the U.S. subsidiary of the global management consulting firm McKinsey & Company, Inc. (“McKinsey”), entered into a five-year DPA with DOJ’s Consumer Protection Branch and the U.S. Attorney’s Offices for the Western District of Virginia (where proceedings were filed) and for the District of Massachusetts, to resolve charges of (1) one misdemeanor count arising from McKinsey US allegedly conspiring with Purdue Pharma LLP and others to aid and abet the misbranding of prescription drugs, held for sale after shipment in interstate commerce, without valid prescriptions and (2) one felony count of obstruction of justice, arising through the acts of a McKinsey senior partner allegedly destroying and concealing records.[267] Although not a defendant in the criminal proceedings, McKinsey signed the DPA and agreed to certain terms and obligations—including, for example, the payment provisions and annual self-reporting certifications. Procedurally, the DPA was entered in a miscellaneous case proceeding as an attachment to an “Agreed Order Compelling Compliance” by both McKinsey and McKinsey US that provided for the court to “impose any sanction it deems appropriate” for a violation of the DPA, including criminal contempt.[268]

According to the DPA, after a Purdue Pharma affiliate pleaded guilty to misbranding OxyContin in 2007 by falsely marketing it as less addictive, McKinsey partners allegedly worked with Purdue Pharma over the course of 75 different engagements between 2004 and 2019 to enhance “brand loyalty” for OxyContin when sales declined, assessed underlying drivers of OxyContin performance, and identified opportunities to increase OxyContin revenue.[269] These efforts included approaches for “turbocharging the sales engine” by intensifying marketing to prescribers who were writing prescriptions for uses that were “unsafe, ineffective, and medically unnecessary,” along with other initiatives regarding the drug.[270] (Because the alleged misconduct was charged and resolved as a misdemeanor violation of the Federal Food, Drug & Cosmetic Act of 1938 (“FDCA”), the offense is a strict liability crime with no mens rea requirement.[271]) When scrutiny around Purdue Pharma’s role with the opioid crisis increased, a McKinsey senior partner allegedly deleted documents related to Purdue that allegedly would have been pertinent to investigations into Purdue Pharma.[272] As part of the resolution, the senior partner pleaded guilty to obstruction of justice.[273]

Pursuant to the DPA, McKinsey US and McKinsey jointly agreed to pay a total of $650 million, of which $231 million would be allocated as a criminal penalty and $93.5 million as forfeiture, with the vast majority of the remainder ($323 million) allocated to a parallel civil settlement agreement, described below, and $2 million to the Virginia Medicaid Fraud Control Unit. Notably, the DPA included as attachments both a security agreement granting a security interest in and lien on McKinsey US’s receivables[274] and an agreed verified complaint for forfeiture in rem of McKinsey US (that is, to forfeit the entity McKinsey US), to be stayed pending submission of the final forfeiture payment.[275] McKinsey received credit for cooperating with the government in connection with the investigation and for engaging in remedial measures.[276]

The companies also agreed to forgo any work related to the marketing, sale, promotion, or distribution of controlled substances, and agreed to maintain for three years a “conspicuous public link” on its website homepage to a public statement of contrition and a copy of the DPA.[277] The DPA also specifically required the companies to require certain senior executives to read the DPA, information, and statement of facts within 30 days, and to develop global training for specific functions about the resolution, its root cause, remediation efforts, and ongoing compliance commitments. In an attachment, the DPA imposed additional requirements for the companies’ corporate compliance program, specifying detailed obligations such as factors to be considered in a mandatory, standardized “client service risk assessment” framework and review and escalation protocols based on risk tiers.[278]

As referenced in the payment provisions of the DPA, the resolution also included a civil settlement of False Claims Act allegations that the company misled the FDA and that it caused false and fraudulent claims for OxyContin to be submitted to federal healthcare programs such as Medicare and Medicaid. McKinsey US entered into this False Claims Act settlement with the Fraud Section of the Commercial Litigation Branch of DOJ’s Civil Division; the Office of Inspector General of the Department of Health and Human Services; the Defense Health Agency, acting on behalf of the TRICARE program; the Office of Personnel Management, which administers the Federal Employees Health Benefits Program; and the United States Department of Veterans Affairs, which administers the Veterans Health Administration.[279]

MGM Grand Hotel, LLC and The Cosmopolitan of Las Vegas (NPA)

On January 9, 2024 and January 11, 2024, MGM Grand Hotel, LLC (“MGM Grand”) and The Cosmopolitan of Las Vegas (“The Cosmopolitan”), respectively, entered into two-year NPAs with the U.S. Attorney’s Office for the Central District of California.[280] The agreements resolve allegations that MGM Grand and The Cosmopolitan violated the Bank Secrecy Act and money laundering statutes by allowing a casino patron who ran and operated an illegal bookmaking business to gamble at the casinos and affiliated properties with illicit proceeds generated from the illegal bookmaking business.[281] Pursuant to its NPA, MGM Grand agreed to pay a monetary fine of $6,527,728; to forfeit $500,000, which will be counted toward the fine; and to spend $750,000 in new funding over two years on its compliance program.[282] Pursuant to its NPA, the Cosmopolitan agreed to pay a monetary fine of $928,600, and to forfeit $500,000 in proceeds, which will be counted toward the fine.[284] MGM Grand and The Cosmopolitan both received cooperation credit, and the respective NPAs noted that both companies engaged in timely remedial measures.[285] Both companies agreed to enhance their joint compliance program and to implement additional review and reporting requirements.[286]

Mold Wranglers, Inc. (Guilty Plea)

On October 24, 2024, Mold Wranglers, Inc. (“Mold Wranglers”), a company that provides hazardous material mitigation services, pleaded guilty to an information charging one count of conspiracy to violate the False Claim Act pursuant to a plea agreement with the U.S. Attorney’s Office for the District of Montana.[287] The plea agreement resolved allegations that Mold Wranglers, through other companies, submitted false requests for payment to the U.S. Department of Veterans Affairs falsely claiming that lead-based paint work had been performed.[288] Mold Wranglers faces a maximum fine of $500,000 fine as well as restitution. Sentencing is scheduled for March 4, 2025.[289]

Morgan Stanley & Co. LLC (NPA)

On January 12, 2024, Morgan Stanley & Co. LLC (“Morgan Stanley”) entered into an NPA with the U.S. Attorney for the Southern District of New York.[290] The agreement involved allegations that, between 2018 and August 2021, certain Morgan Stanley employees made representations regarding confidentiality to block sellers that were both false and material to the relevant transactions insofar as leaks to the market risked driving down the market price of the stock, which could decrease the money the sellers received for the block sales.[291] Instead of keeping the information about the relevant transactions confidential, as sellers were promised, Morgan Stanley employees shared highly specific information with buy-side investors, including information about the size and precise timing of the block trades, benefiting Morgan Stanley at the expense of block sellers.[292]

Morgan Stanley is required, pursuant to the NPA, to forfeit $72.5 million, to pay $64 million in restitution to the block sellers, and to pay a $16.9 million criminal fine.[293] Morgan Stanley received credit for its extensive cooperation, remedial efforts, and continued cooperation, resulting in a 35% reduction from the bottom of the applicable USSG range.[294] The non-prosecution agreement also requires Morgan Stanley to continue to cooperate with and provide information to the United States for at least three years from the date of the agreement.[295] The Morgan Stanley employee who supervised the block trades, Pawan Passi, entered into a DPA concurrently, pending court approval.[296]

Morgan Stanley and Passi also resolved parallel SEC proceedings relating to the same misconduct.[297] Pursuant to the cease-and-desist order, Morgan Stanley must pay $166 million in disgorgement and interest, to be offset by payments made pursuant to the forfeiture or restitution order in conjunction with the NPA, and a civil penalty of $83 million.[298]

N. Ali Enterprises Inc. and 21^st Century Distribution Inc. (Guilty Plea)

On January 11, 2024, N. Ali Enterprises, Inc. of Naperville, Illinois and 21st Century Distribution Inc., of Las Vegas, Nevada, both pleaded guilty with the U.S. Attorney’s Office for the Eastern District of California to 20 counts of mail and wire fraud in a California excise tax fraud scheme.[299] The entities’ president, Rahman Lakhani, also pleaded guilty.[300] The guilty pleas resolved allegations that Lakhani and the corporate defendants used warehouses in Illinois, Nevada, and California to move more than $25 million worth of non-cigarette tobacco across the United States and into California, submitting false excise tax returns intended to hide the true size and value of the shipments.[301] On August 1, 2024, Lakhani was sentenced to four years in prison, the entities were each sentenced to three years of probation, and all three defendants were ordered to pay more than $5.9 million in restitution, jointly and severally.[302] Pursuant to plea agreements, assets seized, including $41,274.49 from a bank account, and forfeited would be credited against the restitution.[303]

Northridge Construction Corporation (Guilty Plea)

Northridge Construction Corporation (“Northridge”), a construction company based in Long Island, NY, entered into a plea agreement with DOJ’s Environment and Natural Resources Division to resolve federal charges stemming from a 2018 incident that resulted in the death of an employee who fell from an improperly secured roof during construction.[304] The case was investigated by the Occupational Safety and Health Administration (OSHA), which found that Northridge violated regulations requiring the stability of metal structures during construction.[305] In addition to the safety violation, the company was charged with making two false statements that obstructed OSHA’s investigation.[306] On August 6, 2024, U.S. District Court Judge Joan M. Azrack sentenced Northridge to a $100,000 fine and five years of probation, during which the company must implement enhanced safety training for its employees.[307]

Peticub Pharmacy Corporation (Guilty Plea)

On March 11, 2024, Peticub Pharmacy Corporation (“Peticub”) pleaded guilty to (1) conspiracy to distribute and possess with intent to distribute tapentadol (an opioid), and (2) conspiracy to (i) introduce or delivery for introduction into interstate commerce adulterated and misbranded drugs, and (ii) receive adulterated and misbranded drugs and deliver or proffer for delivery to another, pursuant to a plea agreement with the U.S. Attorney’s Office for the Central District of California.[308] The government alleged that the operator of Peticub—who also pleaded guilty—ran an illicit pill trafficking business from Peticub.[309] Pursuant to the agreement, the government agreed to recommend a fine of $20,000.[310] At sentencing on July 31, 2024, Peticub was placed on probation for five years on each count and fined $5,000.[311]

Prive Overseas Marine LLC and Prive Shipping Denizcilik Ticaret, A.S. (Guilty Plea)

On May 21, 2024, Prive Overseas Marine LLC (“Prive Overseas”) and Prive Shipping Denizcilik Ticaret, A.S. (“Prive Shipping”), two related shipping companies that operated the motor tanker P.S. Dream, pleaded guilty to conspiracy, knowingly violating the Act to Prevent Pollution from Ships (APPS) and obstruction of justice in a plea agreement with DOJ’s Environment & Natural Resources Division, and the U.S. Attorney’s Office for the Eastern District of Louisiana.^[312] The plea agreement resolved allegations that the companies discharged oil-contaminated waste into open waters in violation of applicable maritime pollution regulations and falsified Oil Record Book records to conceal the violation.[313] The government also alleged that the crew members removed visible oil residue from the ship’s Residual Tanks to conceal the discharges, and that crew members further made false statements to U.S. Coast Guard inspectors about the contents of the Residual Tank and the crew’s disposal of the waste.[314]

Prive Overseas and Prive Shipping were sentenced to pay a total penalty of $2 million, including a criminal fine of $1.5 million and a $500,000 donation to the National Fish & Wildlife Foundation as organizational community service.[315] Prive Overseas and Prive Shipping were also ordered to adopt and implement an environmental compliance plan.[316]

Proterial Cable America, Inc. (Declination with Disgorgement)

On April 12, 2024, the Fraud Section of DOJ’s Criminal Division issued a “declination with disgorgement” letter to Proterial Cable America, Inc. (“PCA”) (formerly known as Hitachi Cable America Inc.), a global manufacturer of specialized technologies for the data communications, medical, and automotive industries, declining prosecution of PCA for wire fraud and conspiracy in violation of 18 U.S.C. §§ 1343, 1349 “despite the fraud committed by employees of Hitachi Cable.”[317] According to the letter, the Fraud Section alleged that between 2006 and 2022, Hitachi Cable misrepresented to customers that its motorcycle brake hose assemblies met federal safety performance standards, thereby obtaining roughly $15.1 million in illicit profits through its sales of noncompliant brake hose assemblies.[318]

The letter stated that the Fraud Section’s decision to decline prosecution was based on an assessment of factors including: (1) PCA’s voluntary and timely self-disclosure of the misconduct to the Fraud Section within weeks after the company discovered the issue during an internal audit; (2) PCA’s “full and proactive cooperation” in this matter; (3) the nature and seriousness of the offense; (4) PCA’s timely and appropriate remediation measures undertaken, including terminating relevant employees and “significant investment in designing, implementing, and testing” PCA’s compliance program; and (5) PCA’s agreement to pay disgorgement of $15,126,204, which the DOJ described as the total profit obtained through the alleged scheme, to two brake assemblers and a motorcycle company.[319]

Q Link Wireless LLC (Guilty Plea)

On October 15, 2024, Q Link Wireless LLC, a telecommunications company, together with its CEO Issa Assad, pleaded guilty to a single count of conspiring to wire fraud and to defraud and commit offenses against the United States pursuant to a plea agreement with the U.S. Attorney’s Office for the Southern District of Florida.[320] The plea agreement resolves claims that Q Link engaged in a scheme to defraud the Federal Communications Commission (“FCC”)’s Lifeline program that sought to provide discounted phone service to people in need.[321] The government alleged that Q Link, directed by its CEO, cheated the program by making repeated false claims for reimbursement, including by manufacturing non-existent cellphone activity and engaged in coercive marketing techniques to get people to remain Q Link customers.[322] Q Link and its CEO agreed to pay jointly $109,637,057 in restitution to the FCC.[323] Q Link also agreed to forfeit proceeds traceable to the offense but represented that it was unable to pay a fine in addition to the restitution amount, subject to assessment prior to sentencing scheduled for April 22, 2025.[324]

Quality Poultry and Seafood, Inc. (Guilty Plea)

On August 27, 2024, Quality Poultry and Seafood, Inc. (“QPS”), the largest seafood distributor on the Mississippi Gulf Coast, along with managers Todd Rosetti and James Gunkel, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Mississippi and the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division to resolve allegations that it conspired to defraud customers by marketing mislabeled seafood products and wire fraud.[325] The government alleged that QPS misbranded and sold fish that had been imported from other countries as local premium species.[326] Despite a criminal search warrant executed by the FDA to investigate the mislabeled seafood, QPS continued its fraudulent activities for over a year by selling frozen fish from Africa, South America, and India as local species.[327] Pursuant to the agreement, QPS agreed to forfeit $1,000,000 and five years’ probation.[328] Although consistent with the plea agreement, the government recommended that a $150,000 fine be imposed on QPS, at sentencing, the Honorable Halil Suleyman Ozerden departed from this recommendation and ordered QPS to pay a $500,000 fine.[329]

Raytheon Company (DPA)

On October 16, 2024, DOJ and SEC announced parallel resolutions relating to allegations that, between 2012 and 2016, Raytheon authorized nearly $2 million in corrupt payments to a high-level official of the Qatari Air Force to secure air defense contracts through an alleged “sham subcontractor,” and failed to disclose these subcontractor payments as required by the Arms Export Control Act (“AECA”) and International Traffic in Arms Regulations (“ITAR”).[330] The SEC additionally alleged that over a longer period Raytheon paid more than $30 million to a Qatari-based agent, who was a relative of the Qatari Emir, under circumstances that presented elevated corruption risk.[331] To resolve the criminal FCPA, AECA, and ITAR allegations, Raytheon entered into a three-year deferred prosecution agreement and agreed to pay a $230.4 million criminal fine plus approximately $36.7 million in forfeiture, though up to $7.4 million of the forfeiture amount was credited against the SEC resolution. In the SEC matter, parent company RTX Corporation consented to a cease-and-desist proceeding alleging FCPA anti-bribery, books-and-records, and internal controls violations, and agreed to pay $49.1 million in disgorgement and prejudgment interest plus a civil penalty of $75 million, though $22.5 million of that penalty is offset against the criminal fine. And in a separate but coordinated matter, Raytheon resolved allegations of major fraud against the United States in a separate deferred prosecution agreement and civil False Claims Act settlement alleging that the company provided inaccurate pricing data to the U.S. Department of Defense associated with foreign defense contracts.[332] In total, and coupled with an earlier consent decree with the State Department, Raytheon and RTX agreed to pay nearly $1 billion to resolve the FCPA and non-FCPA charges, and also agreed to retain a compliance monitor jointly focused on anti-corruption and government contracts pricing compliance. But in contrast to the SEC resolution, parent RTX is not a defendant in either of the criminal resolutions and agreed only to adhere to the compliance- and disclosure-related obligations of its subsidiary Raytheon.[333]

RKB Handyman Services, Inc. (Guilty Plea)

On June 21, 2024, RKB Handyman Services, Inc. (“RKB”), a maintenance company that subcontracted to perform repair jobs at United States Post Offices, entered into a plea agreement with the U.S. Attorney’s office for the Eastern District of Pennsylvania.[334] The agreement resolved allegations that RKB engaged in wire fraud by submitting falsified invoices to overcharge the United States Postal Service for maintenance work performed by its own subcontractors.[335] Specifically, the government alleged that, between October 2019 and March 2021, RKB intentionally submitted more than 300 false and altered invoices for payment, causing the United States Postal Service to overpay for services and supplies in the amount of $117,781.36.[336] In connection with the agreement, the company was sentenced to a $240,000 fine and ordered to pay $117,781.36 in restitution.[337]

SAP SE (DPA)

On January 10, 2024, SAP SE (“SAP”), a publicly traded global software company based in Germany, entered into a three-year DPA and agreed to pay over $220 million to resolve an investigation by the DOJ Fraud Section and the U.S. Attorney’s Office for the Eastern District of Virginia into violations of the Foreign Corrupt Practices Act (“FCPA”) arising out of alleged schemes to pay bribes to government officials in South Africa and Indonesia.[338] The Company received credit for its substantial cooperation with the DOJ’s investigation as well as its timely remediation, which included withholding bonuses from employees who engaged in suspected wrongdoing or who had supervisory authority over those employees.[339] SAP was penalized, however, for prior criminal and civil resolutions, including a 2021 NPA with DOJ’s National Security Division and a 2016 resolution with the SEC regarding alleged FCPA violations in Panama.[340] It did not receive voluntary disclosure credit. Under the terms of the DPA, SAP paid a criminal penalty of $118.8 million, representing a 40% discount off the low end of the U.S. Sentencing Guidelines, and an administrative forfeiture of $103,396,765, and agreed to self-reporting during the three-year term.[341] DOJ coordinated its resolution with both the SEC and prosecutors in South Africa. DOJ agreed to credit up to $55.1 million of the criminal penalty against amounts that SAP paid to resolve the South African investigation. The Department further agreed to credit up to the full forfeiture amount against any disgorgement that SAP paid to either the SEC or South African authorities. SAP’s parallel resolution with the SEC called for it to pay disgorgement of $85 million plus prejudgment interest of more than $13.4 million, totaling more than $98 million, which in turn was to be offset by up to $59 million paid to the South African government.[342]

Satori Recovery Center, LLC (Guilty Plea)

On September 5, 2024, Satori Recovery Center, LLC, an alcohol and drug treatment facility based in Orange County, California, pleaded guilty to conspiracy to violate the Travel Act pursuant to a plea agreement with the United States Attorney’s Office for the Central District of California .[343] The government alleged that Satori paid referral fees to patient brokers after patients stayed at Satori for a period of time and received treatment, for which services Satori was reimbursed by insurers.[344] Satori allegedly falsely characterized these fees at “marketing” payments.[345] The plea agreement did not include a recommended sentence. Sentencing is scheduled for February 4, 2025.

Siemens Energy, Inc. (Guilty Plea)

On September 30, 2024, Siemens Energy, Inc. (“SEI”), a U.S.-based energy company, entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Virginia to resolve criminal allegations of conspiracy to commit wire fraud arising out of the misappropriation of confidential competitor information.[346] In 2019, Dominion Energy, Inc. (“Dominion”) sought to construct a power plant and solicited requests for proposals from SEI and two other companies. During the procurement process, a Dominion employee improperly shared confidential pricing information from the two other bidders with a SEI employee.[347] That information was used in a revised bid by SEI to Dominion.[348] To resolve the allegations, Siemens agreed to pay $104 million in fines and to three years’ organizational probation.[349] Sentencing occurred December 5, 2024, and the Court imposed a $104 million fine, a three-year probation term, and a $400 special assessment.[350] Three individuals involved in the conduct also entered into plea agreements.[351]

Star Enterprises (Guilty Plea)

On February 14, 2024, Star Enterprises Inc. (“Star Enterprises”), an educational company, pleaded guilty to Federal Program Theft with the U.S. Attorney’s office for the District of Puerto Rico.[352] The plea agreement resolved one count of federal program theft, arising from allegations that Star Enterprises contracted in 2019-2020 with the Puerto Rico Department of Education (“PRDOE”) despite having no certificate of eligibility to contract with Puerto Rican agencies.[353] The government alleged the director of the Technical Education Program for PRDOE funneled $213,210.07 to Star Enterprises, which was owned by someone with whom he cohabited, for unspecified services, and which the plea agreement alleged were obtained through theft, embezzlement, or fraud.[354] Star Enterprises was sentenced to pay $206,639 in restitution.[355]

Taaj Services US LLC (Guilty Plea / DPA)

On June 26, 2024, Taaj Services US LLC, a money transmitting business, pleaded guilty for failing to report financial transactions involving more than $10,000 in U.S. currency as required by the Bank Secrecy Act, pursuant to a two-year agreement with the U.S. Attorney’s Office for the Southern District of California.[356] Taaj Services admitted as part of the agreement that it was never licensed to operate in California and so beginning in November 2019, it entered into a conspiracy with another money transmitting business that was licensed to operate in California to transfer money in California.[357] Notably, although the agreement is labeled and referred to as a plea agreement and some of its substance—such as the admission of organizational guilt—is consistent with a plea agreement, its operation is that of a DPA insofar as the government agreed to defer judgment for 24 months and to seek dismissal of the prosecution thereafter if Taaj Services complies with the terms and conditions of the agreement.[358] As part of the agreement, Taaj Services agreed to forfeit $700,000 to the U.S. government, and the parties agreed to recommend no additional fine if the prosecution were to proceed to sentencing.[359]

TD Bank, N.A. and TD Bank U.S. Holding Company (Guilty Plea)

On October 10, 2024, TD Bank, N.A. (“TDBNA”) and its direct parent TD Bank U.S. Holding Company (“TDBUSH”) (collectively, “TD Bank”) each entered into concurrent plea agreements with the Money Laundering and Asset Recovery Section (“MLARS”) of DOJ’s Criminal Division and the U.S. Attorney’s Office for the District of New Jersey.[360] The dual pleas were part of coordinated resolutions with the Board of Governors of the Federal Reserve Board (“FRB”), the Treasury Department’s Office of the Comptroller of the Currency (“OCC”), and Financial Crimes Enforcement Network (“FinCEN”).[361] (Although the charges and penalties vary between the two plea agreements, the facts, reporting requirements, and compliance commitments are substantively similar in both documents.) Pursuant to the plea agreements, TDBNA pleaded guilty to a single count of conspiring to fail to maintain an adequate anti-money laundering (“AML”) program, to fail to file accurate currency transaction reports, and to launder monetary instruments; and TDBUSH pleaded guilty to two counts of causing TDBNA to fail (1) to maintain an adequate AML program and (2) to file accurate currency transaction reports.[362] According to the plea, between 2014 and 2023, TD Bank allegedly failed to maintain an AML program that complied with the Bank Secrecy Act (“BSA”), which enabled, among other things, three money laundering networks to launder approximately $671 million.[363] Although not parties to the plea agreements, global parent company Toronto-Dominion Bank and intermediate holding company TD Group US Holdings LLC agreed to certain terms, such as providing officer certifications and ensuring that the defendant entities comply with their compliance commitments.

TD Bank agreed to forfeit over $452 million and pay an approximately $1.4 billion criminal fine, for a total financial penalty of $1.8 billion, to engage an independent compliance monitor for three years, and to a five-year term of probation.[364] TD Bank received credit for providing partial cooperation and engaging and agreeing to continue to engage in remedial measures, and the penalty reflects a discount of 20 percent from the “agreed upon fine.”[365] TDBNA’s plea agreement credited $123.5 million paid to the FRB against the forfeiture amount, and TDBUSH’s plea agreement credited $2 million against the fine pursuant to the Criminal Division’s pilot program on compensation incentives and clawbacks, while allowing for a potential additional clawback credit of $5.5 million subject to TDBUSH providing information about additional bonuses withheld or clawed back as a result of the misconduct no later than January 31, 2025.[366] TD Bank also agreed to engage an independent compliance monitor for a period of three years.

TD Securities (DPA)

On September 30, 2024, TD Securities (USA) LLC (“TD Securities”), a subsidiary of TD Group US Holdings LLC, entered into a three-year DPA with the Fraud Section of DOJ’s Criminal Division.[367] On the same day, TD Securities entered into settlements in separate, parallel proceedings with the SEC and Financial Industry Regulatory Authority (“FINRA”).[368] The DPA would resolve DOJ’s criminal information for one count of wire fraud for placing false orders for U.S. Treasuries. According to the DPA, Jeyakumar Nadarajah, who at the time served as a Director at TD Securities and the Head of its U.S. Treasury desk, allegedly engaged in “spoofing” and “layering” to give the false impression of genuine demand and artificially increase prices for U.S. Treasuries products.[369] Mr. Nadarajah was indicted in November 2023 in connection with the same facts and is currently awaiting trial.[370] Although TD Group US Holdings LLC is not named as a defendant in the DPA, it is a signatory to the DPA and subject to the cooperation, compliance, and annual self-reporting requirements.

Pursuant to the DPA, TD Securities agreed to pay a criminal penalty of approximately $9.4 million, as well as over $4.7 million in victim compensation and $1.4 million in forfeiture.[371] TD Securities received credit for its cooperation and remediation, though its cooperation was described as “largely reactive,” resulting in a discount of 5 percent from the bottom of the applicable USSG range.[372] Additionally, TD Securities agreed to pay a $6.5 million civil penalty and $400,000 in disgorgement (all $400,000 of which will be credited against forfeiture to DOJ) including $135,700 in prejudgment interest in connection with the SEC settlement, and a $6 million civil penalty in connection with the FINRA settlement.[373]

Telefónica Venezolana C.A. (DPA)

On November 8, 2024, Telefónica Venezolana C.A. (“Telefónica Venezolana”), a Venezuela-based subsidiary of the Spain-based global telecommunications operator Telefónica S.A. (Telefónica), entered into a three-year deferred prosecution agreement with the U.S. Department of Justice’s Criminal Division, FCPA Section, and the U.S. Attorney’s office for the Southern District of New York.[374] The agreement resolved charges of one count of conspiracy to violate the anti-bribery provisions of the FCPA.[375] In particular, the government alleged that the company, acting as an agent of Telefónica, bribed Venezuelan government officials to participate in government currency exchange auctions through which it exchanged Venezuelan currency for U.S. dollars. To ensure its success at auction, Telefónica Venezolana allegedly enlisted suppliers to funnel bribes through intermediaries to the government officials. In connection with the agreement, Telefónica Venezolana agreed to pay a criminal penalty of $85,260,000.[376] In addition, as part of the DPA, Telefónica Venezolana and its parent Telefónica agreed to continued cooperation, any appropriate compliance program enhancements, and periodic reporting to the government regarding remediation and compliance program enhancements during the DPA’s three-year term.[377]

Tip the Scale LLC (Guilty Plea)

On June 13, 2024, Tip the Scale LLC (“Tip”) (d/b/a L&D Kitchen and Bath) entered into a plea agreement with the U.S. Attorney’s Office for the Western District of Washington, to resolve allegations in violation of the Lacey Act for making false declarations relating to the species and harvest location of timber used in cabinets and vanities.[378] According to the agreement, the government alleged that Tip imported shipping containers containing wooden products produced in China that were all falsely declared as a false species of wood harvested in Malaysia, avoiding over $850,000 in import duties.[379] While the plea agreement indicates that the maximum fine Tip could face is $500,000 and that Tip could be sentenced to probation for up to five years, the agreement contains a recommended sentence of three years’ probation, $110,000 in criminal fines, and $250,000 in penalties.[380] The agreement itself also does not impose any form of reporting or monitoring requirement on Tip but it does require the company to implement the “Environmental and Customs Compliance Plan” that was filed with the plea.[381]

On the same day as pleading guilty, Tip was sentenced to the recommended three-year term of probation and $360,000 in fines and penalties, one condition of which is that it will implement the Compliance Plan within 60 days.[382]

TPC Group LLC (Guilty Plea)

On May 21, 2024, TPC Group LLC (“TPC”), a Texas petrochemical company, entered into a plea agreement with the U.S. Attorney’s office for the Eastern District of Texas and the U.S. DOJ’s Environment and Natural Resources Division relating to one count of a violation of the Clean Air Act.[383] The plea agreement intended to resolve allegations that TPC knowingly failed to adhere to its own written operating procedures, resulting in two explosions and a series of fires that released contaminants into the air within a four-mile radius of the operating facility.[384] TPC initially agreed to pay criminal fines and civil penalties of over $30 million ($18 million criminal, $12.1 million in civil penalties paid to bankruptcy claimants) and to spend approximately $80 million to improve its risk management program and safety issues at facilities, and to $212 million in restitution already paid.[385] However, on January 10, 2025, the Court allowed TPC to withdraw its guilty plea after the court indicated its plan to increase restitution.[386]

TPC has separately settled civil actions related to the blasts. On November 22, 2024, in a settlement with the State of Texas, TPC agreed to pay $12.6 million in penalties and fees and to repair or replace certain equipment.[387] In August 2024, TPC also agreed to pay $150 million in penalties related to allegations by the Texas Commission of Environmental Quality, and the State of Texas decided to subordinate its claim to these penalties because TPC had already filed for bankruptcy, because the State of Texas wanted to ensure that victims of the blast were made whole to the greatest extent possible.[388] The EPA also filed a related civil complaint and consent decree under the Clean Air Act.[389]

Trafigura Beheer B.V. (Guilty Plea)

On March 28, 2024, Trafigura Beheer B.V. (Trafigura), a Dutch oil distribution and commodities trading company with its principal place of business in Switzerland, entered into a plea agreement with the DOJ Criminal Division, Fraud Section, and the U.S. Attorney’s Office for the Southern District of Florida, pleading guilty to one count of conspiracy to violate the anti-bribery provisions of the FCPA.[390] According to the agreement, Trafigura paid approximately $19.7 million in commissions to third parties, a portion of which was used to pay bribes to Brazilian officials.[391]

In connection with the agreement, Trafigura agreed to pay a total of over $126 million, including approximately $80.5 million in criminal fines and approximately $46.5 million in forfeiture.[392] Penalties were calculated in consideration of many factors, among them, Trafigura’s cooperation and remedial efforts to date and its history of prior misconduct. DOJ agreed to credit up to $26.8 million of the criminal fine against the amount the company pays to resolve charges in Brazil relating to the same conduct.[393] The agreement requires annual compliance reporting for three years but does not impose an independent monitor based on the company’s remediation and the state of its compliance program.[394]

Tribar Technologies, Inc. (Guilty Plea)

On December 18, 2024, Tribar Technologies, Inc., an automobile parts manufacturer, entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Michigan and the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division.[395] The agreement resolved allegations that the Company negligently violated a pretreatment standard under the Clean Water Act.[396] The government alleged that a Tribar plant discharged approximately 10,000 gallons of wastewater containing high concentrations of known carcinogen hexavalent chromium that it failed to pretreat after an employee disabled alarms and then failed to report the incident for three days.[397]

The guilty plea recommends a criminal penalty of $200,000 and five years’ probation, and requires Tribar to develop and implement an Environmental Management System/Compliance Plan that mandates a series of audits by an EPA-approved auditor and quarterly self-reporting.[398] The guilty plea further directs the court to order restitution to every identifiable victim of the offense, including Wixom publicly-owned treatment works, but notes that no victims appeared to have been physically harmed at the time of the agreement.[399] Tribar’s sentencing hearing is scheduled for April 29, 2025.

Valley Processing Inc. (Guilty Plea)

On December 17, 2024, Valley Processing Inc. (“VPI”), a fruit juice manufacturing company, pleaded guilty to conspiracy to introduce adulterated and misbranded fruit juice into interstate commerce in violation of the FDCA, pursuant to a plea agreement with DOJ’s Consumer Protection Branch and the U.S. Attorney’s Office for the Eastern District of Washington.[400] Under the plea agreement, VPI admitted to conspiring to distribute tainted apple and grape juice to customers between October 2012 and June 2019, and that this juice was potentially unsafe. [401] The company further admitted that it sold the juice to customers as if it were a new product, even though the juice was really a mixture of newer grape juice concentrate and years-old concentrate that had been stored outside and exposed to the elements.[402] VPI closed in 2021 and was indicted in 2022 with 12 counts of fraud and food safety violations[403] Pursuant to the plea agreement, VPI agreed to pay a criminal forfeiture of $742,139 jointly and severally with its co-defendant owner, Mary Ann Bliesner, and the parties agreed to recommend no criminal fine or restitution.[404] VPI’s sentencing hearing is scheduled for March 26, 2025[405]

Valley Property Partners LLC (Guilty Plea)

On August 30, 2024, Valley Property Partners LLC D/B/A “House Dudes” (“VPP”), a Minnesota-based residential real estate company, entered into a plea agreement with the U.S. Attorney’s Office for the District of North Dakota.[406] The agreement resolved allegations that VPP failed to provide a lead-based paint disclosure to the buyer of a pre-1978 home in Hillsboro, North Dakota, in violation of the Toxic Substances Control Act.[407] The government alleged that two young children living in this home were diagnosed with elevated blood lead levels in 2022.[408]

In connection with the agreement, VPP agreed to plead guilty to a Class A misdemeanor, to one year of probation, to include a notice on its website about the harms of lead paint exposure and disclosure obligations, to perform 50 hours of community service, and to pay no more than $15,000 in restitution and fines.[409] Charges against co-defendant Jack Hoss were dismissed on acceptance of VPP’s plea. On December 3, 2024, VPP was sentenced to the agreed terms, including $4,274.78 in restitution and $10,000 in fines.[410]

Vitamin Shack and Shakes, LLC (Guilty Plea)

On December 6, 2024, Vitamin Shack and Shakes, LLC (d/b/a “The Shack”), a retail nutritional supplement company, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Texas.[411] The agreement resolved allegations that The Shack violated the FDCA by misbranding drugs in interstate commerce.[412] Specifically, the government alleged that The Shack sold products containing ostarine, a selective androgen receptor modulator (SARM) not approved for human consumption, that were falsely labeled as “research product[s].”[413]

Pursuant to the plea agreement, The Shack agreed to forfeit $175,000 and pay a special assessment of $125.[414] Additionally, the company agreed to develop policies on batch record-keeping, recalls, adverse event reporting, and periodic product testing.[415] The agreement further stipulates that the Defendant must also show proof of its FDA registration as an own-label distributor, if required by law.[416]

Vulto Creamery LLC (Guilty Plea)

On March 5, 2024, Vulto Creamery LLC (“Vulto”), a former raw milk cheese manufacturer, pleaded guilty, pursuant to a plea agreement with DOJ’s Consumer Protection Branch and the U.S. Attorney’s office for the Northern District of New York, to shipping adulterated cheese in interstate commerce.[417] The plea agreement resolved misdemeanor allegations that Vulto prepared, packed, and held its products under unsanitary conditions from 2014 to 2017, that led to a listeriosis outbreak in 2017.[418] In particular, the government alleged that between 2014 and 2017 Vulto Creamery had sold unpasteurized cheese despite numerous, frequent tests showing that listeria was present in the facility.[419] The resulting listeriosis outbreak led to eight hospitalizations and two deaths.[420] According to the plea, after the Food & Drug Administration recalled the cheese, the company immediately closed the facility, and the owner agreed to a permanent injunction against food manufacturing and assisted with the FDA’s investigation.[421] Vulto, which no longer operates, was sentenced to 12-months’ probation, including regular or unannounced examinations by the probation officer or experts engaged by the court.[422]

Western Sea, Inc. (Guilty Plea)

On March 11, 2024, Western Sea, Inc., a fishing company, entered into a plea agreement with the U.S. Attorney’s office for the District of Maine, pursuant to which it pleaded guilty to falsification of records.[423] The plea agreement resolved allegations that the “Western Sea” fishing vessel submitted false Fishing Vessel Trip Reports (“FVTR”) to the National Oceanic and Atmospheric Administration at the end of each fishing trip.[424] The government alleged that from June 2016 through September 2019, the crew of the Western Sea sold Atlantic herring to purchasers and then failed to report some of these sales on FVTRs, including when the vessel caught more than the quantity of herring allowed under weekly catch limits established by NOAA.[425] Western Sea was sentenced to 24-months’ probation and to pay a $400 assessment and $175,000 fine.[426]

Wynn Las Vegas, LLC (NPA)

On September 6, 2024, Wynn Las Vegas, LLC (“Wynn”) entered into a two-year non-prosecution agreement with the U.S. Attorney’s Office for the Southern District of California to resolve an investigation into various transactions relating to foreign patrons that facilitated unlicensed money transmitting businesses.[427] The government alleged that Wynn conspired with various third parties, agents, and individuals to use unregistered money transmitting businesses to transmit value from one geographic location to another, outside the conventional financial system.[428] In reaching the decision to offer Wynn an NPA, DOJ took into consideration Wynn’s cooperation with the investigation and its timely remedial measures, including submitting to an external compliance review and providing written reports on its progress in enhancing its Bank Secrecy Act/anti-money laundering compliance program.[429] Pursuant to the NPA, Wynn agreed to forfeit $130,131,645,[430] which is believed to be the largest forfeiture by a casino in a criminal case.[431]

Diesel Pollution Control Tampering Plea Agreements

Allegations of tampering with pollution control devices on diesel trucks in violation of the Clean Air Act served as the basis for a series of plea agreements in districts around the country, which we summarize below.

All Out Diesel, LLC (Guilty Plea)

On December 4, 2024, All Out Diesel, LLC (“All Out”), a diesel truck repair shop in Salem, Missouri, and its owner Joseph Easter, entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Missouri.[432] The agreement resolved allegations that All Out violated the Clean Air Act by tampering with monitoring devices on diesel trucks.[433] According to the agreement, between October 2019 and March 2020, All Out allegedly falsified, tampered with, and rendered inaccurate at least 75 monitoring devices.[434]

In connection with the agreement, All Out agreed to a sentence of 3 years’ probation and a $400 special assessment.[435] Sentencing is scheduled for March 14, 2025.[436]

Clancy Logistics, Inc. (Guilty Plea)

On September 18, 2024, Clancy Logistics, Inc. (“Clancy Logistics”) entered into a plea agreement with the U.S. Attorney’s Office for the District of Oregon to resolve allegations that it tampered with a monitoring device, resulting in charges of one count of violating the Clean Air Act.[437] According to the agreement, between 2019 and 2023, Clancy Logistics allegedly removed at least 13 diesel trucks’ pollution control hardware and disabled their on-board diagnostic systems that would have detected the removal of the hardware.[438] Pursuant to the plea agreement, Clancy Logistics agreed to three years’ probation,[439] annual self-reporting,[440] a $400 special assessment, and a criminal fine of $101,510 to be paid jointly and severally with co-defendant Timothy Curtis Clancy,[441] who was also indicted for associated conduct and entered into a separate plea agreement.[442] Clancy Logistics further agreed to implement a compliance program requiring, among other obligations, affected vehicles to be restored by a licensed mechanic to their certified configuration and mandating annual compliance reporting obligations to the U.S. Attorney’s Office.[443] Clancy Logistics’ sentencing is scheduled for February 25, 2025.[444]

Diesel & Offroad Authority, LLC (Guilty Plea)

On April 10, 2024, Diesel & Offroad Authority, LLC (“Diesel”), and its owner, Christopher Kauffman, entered into a plea agreement with the U.S. Attorney’s Office for the District of Oregon to resolve allegations of tampering with pollution monitoring devices in violation of the Clean Air Act.[445] According to the agreement, between 2018 and 2022, Diesel removed emissions control systems designed to reduce pollutants from more than 180 diesel vehicles, for which it collected fees totaling $378,313.[446] Pursuant to the agreement, Diesel agreed to a sentence of three years’ probation and a criminal fine of $150,000 to be paid jointly with Kauffman.[447] The agreement did not impose any form of reporting or monitoring.[448] On September 6, 2024, Diesel was sentenced to three years’ probation and required to pay $150,000 in fines and a $400 special assessment.[449]

Elite Diesel Service (Guilty Plea)

On June 12, 2024, Elite Diesel Service, Inc., a marine diesel engine service company, pleaded guilty to conspiracy to violate the Clean Air Act in an agreement with the U.S. Attorney’s office for the District of Colorado.[450] The plea agreement resolved allegations that Elite Diesel tampered with diesel truck emissions control systems installed in hundreds of heavy-duty commercial diesel vehicles.[451] The government alleged Elite Diesel conspired with diesel shops to tune onboard diagnostic computer software systems to prevent them from detecting emissions control malfunctions.[452] On December 16, 2024, Elite Diesel was sentenced to a five-year term of probation and ordered to pay a fine of $37,500 and a $400 special assessment.[453] Elite Diesel was also ordered to pay $12,500 to a program operated by the Colorado Department of Public Health and the Environment to repair the emissions control systems on vehicles owned by low-income drivers, who cannot afford to bring their vehicles into compliance.[454] As part of its continuing obligations during the duration of the plea agreement, Elite Diesel also agreed to submit annual reports and certifications regarding its compliance program and continued compliance with the plea agreement.[455]

Frock Brothers Trucking, Inc. (Guilty Plea)

On October 1, 2024, Frock Brothers Trucking, Inc. (“Frock”), a long-distance trucking company based in Pennsylvania, entered into a plea agreement with the U.S. Attorney’s Office for the Middle District of Pennsylvania to resolve allegations that the company conspired to violate the Clean Air Act.[456] Specifically, DOJ alleged that Frock, between November and December 2018, contracted with a mechanic to disable and/or remove emissions control components and equipment from eight trucks, which allowed the trucks to operate without emissions control devices as required under the Clean Air Act.[457] According to the agreement, prosecutors agreed to recommend that the court impose an $80,000 fine and two years of probation for Frock.[458] The defendant also agreed to a $400 special assessment.[459] A sentencing hearing is scheduled for March 6, 2025.[460]

Hardway Solutions LLC, Spokane Truck Service LLC, Pauls Trans LLC, PT Express LLC (Guilty Pleas)

On October 24, 2024, Hardway Solutions LLC d/b/a Hardway Performance entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Washington to resolve allegations that Hardway Solutions and its owner, Ryan Hugh Milliken, conspired to violate the Clean Air Act.[461] On December 12, 2024, the other entities and individual named as co-defendants—Spokane Truck Service LLC, Pauls Trans LLC, PT Express LLC, and Pavel Ivanovich Turlak—also entered into plea agreements with the same U.S. Attorney’s Office to resolve a similar charge and a second count of making a false claim against the U.S. Small Business Administration in violation of Section 287 of Title 18.[462] According to the agreements, all defendants allegedly tampered with pollution control equipment software in diesel trucks in violation of the Clean Air Act.[463] The latter three corporate defendants also allegedly made false claims when applying for COVID-19-related small business loans.[464] While the plea agreements indicate that the maximum fine each corporate defendant could face is $500,000, the agreements do not make a recommendation as to the criminal fine.[465] The agreements recommend a five-year term of probation for each defendant, during which time the corporate defendants agree to submit annual self-reports.[466] Additionally, the agreements require the defendants to implement a compliance program requiring, among other obligations, affected vehicles to be restored by a licensed mechanic to its certified configuration.[467] Spokane Truck Service LLC, Pauls Trans LLC, PT Express LLC, as well as owner Pavel Ivanovich Turlak, agreed that they will be jointly and severally liable for restitution in the amount of at least $317,388.46.[468] On January 22, 2025, Hardway Solution was sentenced to a term of probation of five years and was ordered to pay a fine of $75,000 and a $400 special assessment.[469] Sentencing for Spokane Truck Service LLC, Pauls Trans LLC, and PT Express LLC is scheduled for April 2, 2025.[470]

Highway and Heavy Parts, LLC (Guilty Plea)

On August 16, 2024, Highway and Heavy Parts, LLC (“HHP”), a heavy-duty diesel parts supplier, entered into a plea agreement with the U.S. Attorney’s Office for the Northern District of New York, pursuant to which it agreed to plead guilty to conspiracy to violate the Clean Air Act.[471] The plea agreement resolved allegations investigated by the EPA’s Criminal Investigation Division that HHP conspired to violate the Clean Air Act by tampering with required emissions controls on diesel vehicles.[472] Specifically, the government alleged that between 2017 and 2019, HHP referred customers to a co-conspirator to reprogram the onboard diagnostic systems, allowing the trucks to travel at normal speeds while bypassing Clean Air Act requirements.[473] In exchange, customers paid $1,250 to $1,750 per truck, of which HHP kept $250 and remitted the rest to the co-conspirator.[474]

HHP was sentenced to a $25,000 criminal fine and $400 assessment.[475] No term of supervision was imposed.[476] An individual co-defendant entered into a plea agreement the next month, pursuant to which he agreed to pay a fine of $100,000 and face a sentence of up to five years imprisonment followed by three years of supervised release.[477] Other co-conspirators had previously pleaded guilty and had been sentenced to a fine of $13,000 but were not subject to supervision given compliance with EPA and New York Department of Environmental Conservation monitoring.[478]

Moody Motor Co., Inc. (Guilty Plea)

On April 1, 2024, Moody Motor Co., Inc. (“Moody Motor”), a Ford dealership located in Niobrara, Nebraska, pleaded guilty to accessory after the fact to a Clean Air Act violation in the U.S. District Court of Nebraska.[479] The case stemmed from an investigation initiated in January 2022 by the EPA’s Criminal Investigations Division (EPA-CID).[480] Moody Motor had purchased tuners and delete kits from Diesel Performance of Texas, products that unlawfully modified vehicle exhaust systems in violation of the Clean Air Act.[481] Between April 2019 and January 2022, the dealership received these products about 14 times and installed about 10 to 20 of them.[482] On July 31, 2024, Moody Motor was sentenced to one year of probation, fined $39,741.95, and required to pay a $125 special assessment.[483]

Racing Performance Maintenance Northwest LLC & RPM Motors and Sales LLC (Guilty Pleas)

On March 18, 2024, Racing Performance Maintenance Northwest LLC (“Racing Performance”) and RPM Motors and Sales LLC (“RPM Sales”) entered into separate plea agreements with the U.S. Attorney’s Office for the Western District of Washington to resolve allegations that each company violated the Clean Air Act.[484] According to the agreements, Racing Performance and RPM Sales allegedly removed hundreds of diesel trucks’ pollution control hardware and disabled on-board diagnostic systems that would have detected the removal of the hardware.[485] Specifically, from January 2018 to January 2021, Racing Performance allegedly tampered with approximately 375 trucks, for which it collected fees totaling $536,447. While the plea agreements indicate that the maximum fine Racing Performance and RPM Sales could each face is $500,000, twice the defendants’ pecuniary gain, or twice the victims’ pecuniary loss, and that each entity could be sentenced to probation for up to five years, the parties did not agree to any sentencing recommendation.[486] The agreements also do not impose any form of reporting or monitoring requirement on Racing Performance or RPM Sales.[487] Racing Performance’s and RPM Sales’ individual owners were also indicted for associated conduct.[488] Racing Performance’s and RPM Sales’ individual owners were sentenced on January 13, 2025, to a three-year term of probation and each ordered to pay a $10,000 fine.[489]

Rudy’s Performance Parts Inc. (Guilty Plea)

On July 19, 2024, Rudy’s Performance Parts Inc. (Rudy’s), an automotive parts manufacturer and seller based in North Carolina, entered into a plea agreement with the Environmental Crimes Section of DOJ’s Environment and Natural Resources Division and the U.S. Attorney’s Office for the District of Columbia, resolving charges that, from 2015 to 2018, it violated the Clean Air Act by manufacturing and selling “defeat devices” that remove or disable required emissions controls in vehicles.[490] Pursuant to the agreement, Rudy’s consented to a $2.4 million criminal fine and a three-year probation period, during which period Rudy’s must submit all self-reports pursuant to a parallel civil consent decree (described below) to the criminal prosecutors.[491] Rudy’s’ owner, Aaron Rudolf, who previously pleaded guilty to tampering with emissions monitoring devices on about 300 diesel trucks, received a separate sentence that included three years of probation and a $600,000 fine.[492]

In addition to the criminal case, DOJ filed a civil suit on behalf of the EPA seeking penalties for the extensive sale of these devices, leading to a $7 million civil penalty as part of a consent decree.[493] The decree prohibits Rudy’s and Rudolf from manufacturing, selling, or profiting from defeat devices, mandates compliance with EPA regulations, and requires annual self-reporting until termination of the consent decree. The financial penalties reflect Rudy’s ability to pay capabilities and were meant to underscore the health risks associated with the tampering of diesel emissions controls.[494]

International Developments

As noted in previous updates (see, e.g., our 2021 Year-End Update), several countries outside the United States have developed DPA-like regimes in the past several years, while others have made strides in prosecuting corporate entities. Of countries that have adopted DPA-like agreements, we have previously analyzed Brazil (in our 2019 Year-End Update), Canada (in our 2018 Mid-Year Update), France (see our 2019 Year-End and 2020 Mid-Year Updates for details), Singapore, and the United Kingdom (in our 2014 Year-End Update), as well as their corporate enforcement actions. Notably, this year, Argentina signaled that it may be entering its first DPA-like agreement, and South Africa introduced a DPA-like regime.

United Kingdom

In a first for the UK, UK authorities have initiated an action against an organization for breach of a DPA. On November 21, 2024, the UK’s Serious Fraud Office (“SFO”) informed the court that it believes Güralp Systems Ltd (“Güralp”), a UK-based manufacturer of seismic instrumentation, breached the terms of its 2019 DPA and requested a hearing.[495] As detailed in our 2019 Year-End Update, Güralp entered into a five-year DPA with the SFO to resolve charges of (1) conspiracy to make corrupt payments and (2) failure to prevent bribery by employees, both arising from corrupt payments made to a South Korean public official between 2002 and 2015.[496] The DPA required Güralp to provide the SFO with annual reports regarding implementation of its compliance program and to disgorge gross profits of £2,069,861 (approximately $2.5 million).[497] The SFO has not disclosed how Güralp allegedly breached its DPA. If Güralp is found to have violated the terms of the DPA, criminal prosecution for the underlying offenses may resume.

France

After a quiet first few months of the year, France’s prosecuting agencies entered into multiple DPA-like agreements (known as conventions judiciaires d’intérêt public, or “CJIPs”) in the latter half of 2024.

On May 17, 2024, the Judicial Court of Tours approved the entry of a CJIP to resolve allegations that SARL Gudno (“Gudno”), a construction company in Tours, evaded paying taxes of €110,861 VAT and €50,886 corporate tax.[498] The court acknowledged that Gudno regularized its late tax filings and approved the terms of the CJIP requiring Gudno to pay a fine of €50,000 through monthly installments over 11 months.

Seventeen years after Tracfin, France’s AML authority, first flagged a suspicious payment, on July 10, 2024, the Judicial Court of Paris approved the entry of a CJIP between Sotec, a Gabonese construction and services company, and the Paris Prosecutors’ Office to resolve allegations that Sotec and another Gabonese company facilitated the payment of bribes to Gabonese officials on behalf of a French military clothing company.[499] (The French company was not named in the settlement, but press reporting has identified the company as Marck (known as Marck et Balsan).[500]) According to the CJIP, in 2005, Sotec and another Gabonese company allegedly acted as intermediaries to funnel payments to an official of Gabon’s Ministry of Defense in connection with contracts worth €7.5 million to supply military uniforms and equipment to Gabon’s security forces.[501] The CJIP further alleged that Tracfin flagged in 2007 a suspicious payment of €394,843 by the French company to a Gabonese company for subcontracting that the investigation—initiated in 2015—ultimately determined to have been invoiced to the Ministry of Defense for €2,084,764.[502] The CJIP requires Sotec to pay a €520,000 fine.[503] Prosecutors imposed a reduced fine from the potential maximum of €742,400,000 in light of Sotec’s cooperation during the investigation and the lapse in time since the alleged misconduct.[504] As is true in any CJIP, Sotec did not admit guilt in connection with the settlement.

On August 27, 2024, Danske Bank A/S entered into a CJIP with France’s financial crime prosecutor’s office, the Parquet national financier (“PNF”), to resolve allegations that the bank laundered the proceeds of tax fraud by French residents through corporate accounts at the bank’s Estonian branch.[505] In 2022, Danske Bank resolved a proceeding in the U.S. arising from similar allegations by pleading guilty to one count of conspiracy to commit bank fraud and agreeing to forfeit $2 billion.[506] Under the terms of the CJIP, Danske Bank agreed to pay a fine exceeding €6 million and €300,000 in damages within 30 days.[507] In addition to the financial penalty, Danske Bank committed to enhance its compliance program and to pay expenses incurred by the French corruption regulator Agence française anticorruption (“AFA”) as it monitors the bank’s compliance program for up to three years.[508] The Judicial Court of Paris approved the CJIP on September 18, 2024.[509]

Finally, on December 9, 2024, a Paris court approved a CJIP entered on December 2, 2024, between the PNF and French mining companies, Areva SA and Orano Mining SAS (“Orano”).[516] (According to the CJIP, Orano acquired Areva’s mining operations in 2018.) The CJIP terminates an investigation opened in June 2015, relating to alleged bribery of foreign public officials in connection with mining activities in Mongolia between 2013 and 2017.[517] To resolve the allegations, Areva agreed to pay a fine of €4.8 million, and Orano agreed to implement a compliance program and to pay expenses not to exceed €1.5 million relating to compliance program monitoring by the AFA for three years.[518]

Argentina

In May 2024, Argentina’s national prosecution service, the Ministerio Público Fiscal, confirmed that Securitas Argentina, the former local subsidiary of Sweden-based Securitas (now known as Securion), was negotiating the country’s first-ever corporate negotiated resolution under Argentina’s Corporate Criminal Law.[519] According to the prosecutor’s public statements, Securitas admitted in court to paying millions in bribes to representatives of public organizations to avoid losing contracts with Argentina’s public works and sanitation authority, passport and national identification agency, and arms registration authority, among others.[520] The agreement marks the country’s first “collaboration agreement,” a mechanism introduced in 2018 that allows companies to reduce penalties by cooperating and providing information about individuals responsible for the misconduct.

According to press reports, this case followed an internal investigation by Securitas which began in 2018.[521] Securitas self-disclosed the findings of its investigation to Argentinian authorities, terminated the employees involved, and ultimately sold the Argentinian subsidiary in 2023 due to the challenging business climate in Argentina.[522] The public prosecutor handling the case told the press that the “undue benefit” Securitas obtained from its misconduct, which will affect the company’s fine, is yet to be calculated.[523] Prosecutors have brought bribery-related charges against former employees of the subsidiary, indicted several public officials, and expect to bring more charges.[524]

Brazil

In February, Seatrium, a Singapore-based shipyard and marine engineering operator, reached settlements in principle with Brazilian authorities, including the Attorney General’s Office (“AGU”), the federal Comptroller General (“CGU”), and the federal Public Prosecutor’s Office (“MPF”), that resolve corruption allegations related to its predecessor, Sembcorp Marine, prior to Sembcorp’s 2023 acquisition of Keppel Offshore & Marine (“Keppel O&M”).[525] The allegations stemmed from the sprawling Operation Carwash investigations into alleged bribery linked to public contracts across multiple Brazilian public authorities and entities, aspects of which have recently been overturned or vacated by Brazil’s Supreme Court.[526] Pursuant to the settlement, Seatrium agreed to pay BRL 670.7 million (approximately $130 million).[527] The agreement was subject to approval by Brazil’s court overseeing the public finances, i.e., the Tribunal de Contas da União (“TCU”), and other ministerial bodies.[528]

In April 2024, the CGU imposed a R $2 million fine on Chemtrade Brasil for its involvement in a scheme to illegally sell data from Brazil’s Integrated Foreign Trade System (Siscomex) to companies engaged in export or import activities.[529] This penalty followed administrative proceedings initiated by the Ministry of Development, Industry, Commerce and Services (“MDIC”), based on the findings of the Federal Police’s 2017 “Operation Spy,” which uncovered the illegal practice.[530] (Operation Spy resulted in another, unrelated company’s plea agreement in 2023 and has resulted in penalties for 21 companies.)[531] The order, published in Brazil’s official gazette on April 10, 2024, was made after Chemtrade Brasil requested the penalty, acknowledged its wrongdoing, and agreed to comply with the imposed sanctions.[532] The CGU’s press release acknowledged that Chemtrade Brasil made its request pursuant to CGU Normative Ordinance No. 19/2022, which encourages companies to demonstrate commitment to legal compliance and public integrity, and that the fine was issued under Brazil’s Lei Anticorrupção no. 12846/2013 known in English as the Clean Companies Act.[533]

In November 2024, Freepoint Commodities, a Connecticut-based commodities company, agreed to a leniency agreement with the CGU and AGU over allegations of bribing public officials between 2012 and 2018 to gain an unfair advantage in dealings with Petrobras, the state-owned oil company.[534] The agreement requires Freepoint to pay BRL 131.3 million ($22.6 million), including a fine to be paid to the Brazilian government and reimbursement to Petrobras, and to improve its corporate governance and compliance policies.[535] This agreement followed a joint investigation with U.S. authorities that, as detailed in our 2023 Year-End Update, was resolved when Freepoint entered a three-year DPA with the DOJ, pursuant to which the company agreed to pay a $68 million criminal penalty and forfeit $30.5 million, and a parallel resolution with the Commodity Futures Trading Commission (“CFTC”), pursuant to which it agreed to disgorge more than $7.6 million.[536] In the DPA, the DOJ and Connecticut U.S. Attorney’s Office agreed to credit amounts Freepoint paid to Brazilian authorities within one year, up to $22.4 million.[537]

Finally, state-level prosecutors in Brazil also negotiated a leniency agreement relating to a multinational company that had also been subject to scrutiny by U.S. authorities. On December 3, 2024, announcements by the Public Prosecutor’s Office of the State of Minas Gerais (“MPMG”), Comptroller General of the State of Minas Gerais (“CGE”), and the Attorney General of the State of Minas Gerais (“AGE”) revealed a Leniency Agreement and Damage Compensation Agreement with SAP Brasil Ltda, in connection with an investigation into alleged misconduct in public contracting for an integrated human resources management system.[538] The agreement followed an enforcement proceedings initiated by the CGE in 2022 and, together with MPMG and AGE, a total of 32 rounds of negotiations.[539] Pursuant to the agreement, SAP Brasil admitted to finding evidence of illegal practices, including collusion with other companies and state officials to defraud the bidding process, and agreed to pay approximately BRL 66 million (approximately $ 11 million), encompassing a fine under the Clean Companies Act, disgorgement of illicit profits, and damages to the state of Minas Gerais.[540] As discussed above, in January 2024, parent company SAP SE’s DPA with DOJ and the SEC resolved allegations regarding bribery schemes in multiple countries but did not mention Brazil.

South Africa

Tipping the international scales toward the Southern Hemisphere with a third country, in April 2024, South Africa’s National Prosecuting Authority published guidance regarding a new corporate alternative dispute resolution (“CADR”) mechanism available to companies charged with corruption and corruption-related offenses.[541] Although South Africa has already entered into several corporate resolutions in recent years, this non-trial resolution mechanism adopts elements of DPAs but will not require court approval.[542] According to the guidance, when determining whether a matter is appropriate for pre-trial resolution, the Authority will consider multiple factors, including the company’s timely and voluntary disclosure, of both the alleged violation and evidence; cooperation; willingness to pay restitution; prior history of misconduct, as well as the nature, seriousness, and complexity of the unlawful activities; pervasiveness of the wrongdoing; the existence of an effective compliance program; likelihood of significant negative collateral effect on the company in the event of a conviction; and the interests of any victims.[543]

Appendix

The chart below summarizes the agreements concluded from January through December 2024. The complete text of each publicly available agreement is hyperlinked in the chart.

The figures for “Monetary Recoveries” may include amounts not strictly limited to an NPA, DPA, or guilty plea, such as fines, penalties, forfeitures, and restitution requirements imposed by other regulators and enforcement agencies, as well as amounts from related settlement agreements, all of which may be part of a global resolution in connection with the NPA, DPA, or plea agreement, paid by the named entity and/or subsidiaries. The term “Monitoring & Reporting” includes traditional compliance monitors, self-reporting arrangements, and other monitorship arrangements found in resolution agreements, but does not include probation.

U.S. DPAs, NPAs, Declinations, and Plea Agreements January-December 2024
Company	Agency	Alleged Violation	Type	Monetary Recoveries	Monitoring & Reporting	Term of Agreement (Months)
AAR Corp.	DOJ Fraud; SEC	FCPA	NPA	$55,599,653	None	18
Advoque Safeguard	D. Mass.	Conspiracy to introduce misbranded devices into interstate commerce with intent to defraud or mislead	Guilty Plea	$700,000	None	12
Akua Mosaics, Inc.	D.P.R.	Smuggling goods into the U.S.; Conspiracy to defraud the U.S.	Guilty Plea	$1,090,000	None	None
Al’s Asphalt Paving Company, Inc.	DOJ Antitrust; DOT OIG; USPS OIG	Sherman Act; Conspiracy to violate the Sherman Act by suppressing and eliminating competition by agreeing to rig bids for contracts	Guilty Plea	$795,662	None	None
All Out Diesel, LLC	E.D. Mo.; EPA	Clean Air Act	Guilty Plea	Pending	None	36
AM/NS Calvert, LLC	S.D. Ala.; DOJ ENRD	Clean Air Act	Guilty Plea	$750,000	None	36
Amigos Mexican Cuisine & Cantina LLC	D. Or.	Public Money Theft (COVID relief fraud)	Guilty Plea	$2,559,100	None	None
AMVAC Chemical Corp.	DOJ ENRD; S.D. Ala.	Transporting unmanifested hazardous waste	Guilty Plea	$400,000	Third-party environmental auditor	36
Asphalt Specialists, LLC	DOJ Antitrust; DOT OIG; USPS OIG	Sherman Act	Guilty Plea	$6,500,000	None	72
Austal USA	DOJ Fraud; S.D. Ala.	Securities Fraud; Obstruction of Fed. Audit	Guilty Plea	$24,000,000	Independent compliance monitor	36
Aventura Technologies, Inc.	E.D.N.Y.; FBI; GSA OIG; DCIS; IRS; CBP; AFOSI; TIGTA; NCIS; Army CID; DOE-IG	Mail and wire fraud conspiracy; illegal importation	Guilty Plea	$3,000,000	None	36
Avin International Ltd & Kriti Ruby Special Maritime Enterprise	D.N.J.; M.D. Fla.; DOJ ENRD	Act to Prevent Pollution from Ships (APPS); Obstruction of Justice	Guilty Plea	$4,501,600	Monitor – Third-Party External Auditor and Court-Appointed Monitor	60
BIT Mining Ltd.	D.N.J.; DOJ Fraud	FCPA	DPA	$10,000,000	Annual Self Reporting	36
BNL Technical Services LLC	E.D. Wash.	Bank Fraud	Guilty Plea	$494,265 (pending sentencing)	None	N/A
Boston Consulting Group, Inc.	DOJ Fraud	FCPA	Declination with Disgorgement	$14,424,000	None	N/A
Boyd Farm LLC	E.D. Va.	Clean Water Act	Guilty Plea	$300,000	None	N/A
Brazos Urethane	W.D. Wis.	Conspiracy to defraud the BOP	DPA	$300,000	Annual self-reporting	36
Cambridge International Systems	S.D. Cal.	Bribery	Guilty Plea	$3,922,102	None	24
CBM	S.D.N.Y.; DOT-OIG; MTA-IG	Defraud U.S. transit authority customers	NPA	$2,402,103 minimum; $3,963,243 maximum (depending on restitution)	None	24
Cerebral, Inc.	E.D.N.Y.	Distribution of controlled substances	NPA	$6,574,000	None	30
Clancy Logistics Inc.	D. Or.; EPA	Clean Air Act	Guilty Plea	$101,910	Annual self-reporting	36
Covetrus	W.D. Va.	Criminal Drug Misbranding	Guilty Plea	$23,534,091	Annual self-reporting	12
Cruise, LLC	N.D. Cal.; NHTSA	Falsification of records with intent to impede/obstruct/influence crash investigation.	DPA	$500,000	Annual self-reporting	36
Defyned Brands (d/b/a 5 Star Nutrition LLC)	DOJ CPB; W.D. Tex.	FDCA	Guilty Plea	$4,500,000	Annual self-reporting for three years	90
Diesel & Offroad Authority, LLC	D. Or.	Clean Air Act	Guilty Plea	$150,400	None	36
Dlubak Glass Company	N.D. Tex.; DOJ ENRD	False statements to Texas Commission on Environmental Quality	Guilty Plea	$100,400	None	48
Domermuth Environmental Services, LLC	E.D. Tenn.; EPA	Clean Water Act Violation	Guilty Plea	$50,000	None	36
Eagle Renovations LLC	D. Ohio	Wire Fraud	Guilty Plea	$24,150	Unknown	60
eBay	D. Mass.	Harassment and intimidation; Witness tampering; obstruction of justice	DPA	$3,000,000	Monitor – 3-year compliance monitor	36
Elite Diesel Service	D. Col.	Clean Air Act	Guilty Plea	$50,400	Annual compliance certifications and reporting	60
Endo Health Solutions Inc. (EHSI)	DOJ CPB; S.D.N.Y.	FDCA – Distribution of Misbranded Drugs	Guilty Plea	$1,536,000,000	None	N/A
Envigo RMS LLC & Envigo Global Services, Inc.	W.D. Va. EPA; USDA	Conspiracy to violate the Animal Welfare Act	Guilty Plea	$35,000,000	Compliance monitor to submit reports every six months	60
Environmental Resources Inc.	D. Nev.; EPA CID	Clean Water Act	Guilty Plea	$680,000	None	0
Evans Concrete, LLC	DOJ Antitrust; S.D. Ga.	Sherman Act	Guilty Plea	$2,713,700	None	12
Evoqua Water Technologies	D.R.I.; SEC	Securities fraud	NPA	$8,500,000	None	24
Family Dollar Stores, LLC	DOJ CPB; FDA; E.D. Ark.	Holding food, drugs, medical devices, and cosmetics under unsanitary conditions	Guilty Plea (misdemeanor)	$41,675,125	Annual self-reporting	36
Fidelity Development Group LLC	S.D. Ohio; EPA	Clean Air Act	Guilty Plea	$100,000	Unknown	24
Frame Inc.	N.D.W. Va.	Wire fraud	Guilty Plea	$187,286	None	N/A
Frock Brothers Trucking, Inc.	M.D. Pa.	Clean Air Act	Guilty Plea	$80,400	None	24
Gremex Shipping S.A. de C.V.	DOJ ENRD; N.D. Fl.	Act to Prevent Pollution from Ships (APPS)	Guilty Plea	$1,750,000	Monitor and Auditor	48
Gunvor S.A.	DOJ Fraud; DOJ MLARS, E.D.N.Y.	Conspiracy to violate FCPA anti-bribery provisions	Guilty Plea	$661,698,215	Annual self-reporting	36
Hardway Solutions, LLC	E.D. Wash.; EPA	Clean Air Act	Guilty Plea	$75,400	Annual self-reporting	60
Hexamed Business Solutions	N.D. Tex.	Conspiracy to commit money laundering	Guilty Plea	$19,172	None	Unclear
Highway and Heavy Parts LLC	N.D.N.Y.; EPA	Clean Air Act Conspiracy	Guilty Plea	$25,400	None	None
JDM Supply	D. Mass.	Conspiracy to introduce misbranded devices into interstate commerce with intent to defraud or mislead	Guilty Plea	Pending	Pending	Pending
KBC Capital, LLC	D. Mass.; ATF, DEA, HSI, USPIS	National Firearms Act (NFA)	Guilty Plea	$260,000	None	36
KVK Research Inc.	DOJ CPB; E.D. Penn.	FDCA – Distribution of adulterated narcotics; FCA	Guilty Plea	$1,750,000	None	None
KVK Tech Inc.	DOJ CPB; E.D. Penn.	FDCA – Distribution of adulterated narcotics; FCA	DPA	$3,500,000	Independent compliance monitor	36
Limited Properties, Inc.	D.S.C.	Wire fraud; Money laundering	Guilty Plea	Pending	Pending	Pending
Logsdon Valley Oil	W.D. Ky.; EPA CID	Safe Drinking Water Act violation; Aiding and abetting	Guilty Plea	$100,000	None	36
Magellan Diagnostics, Inc.	D. Mass.	Introducing misbranded device in violation of FDCA	Guilty Plea	$32,700,000	Independent compliance monitor	24
Magellan Diagnostics, Inc.	D. Mass.	Conspiracy to commit wire fraud and conspiracy to defraud the U.S. (DPA charges)	DPA	$9,300,000	Independent compliance monitor	24
MAM Construction	D.P.R.	Fraud – General	Guilty Plea	$194,786	Pending	Pending
Martinez Builders Supply	S.D. Fla.	Conspiring to harbor aliens by means of employment	Guilty Plea	$550,000	None	24
Mary Mahoney’s Old French House, Inc.	S.D. Miss.; FDA OCI	Conspiracy to defraud customers via mislabeled food; Use of interstate wires to facilitate fraud	Guilty Plea	$1,499,000	None	60
McKinsey and Company Africa (Pty) Ltd	S.D.N.Y.; DOJ Fraud	FCPA	DPA	$122,850,000	Annual self-reporting	36
McKinsey & Company Inc.	DOJ CPB; W.D. Va.; D. Mass.	Misbranding of drugs; Obstruction of justice	DPA	$650,000,000	Annual self-reporting	60
MGM Grand Hotel, LLC	C.D. Cal.; DHS HSI; IRS Criminal Investigation	Bank Secrecy Act	NPA	$6,527,728	External compliance reviewer	24
Mold Wranglers, Inc.	D. Mont.	False Claim Act	Guilty Plea	Up to $956,000	None	None
Moody Motor Co., Inc.	D. Neb.; EPA	Clean Air Act	Guilty Plea	$39,867	None	12
Morgan Stanley & Co LLC	S.D.N.Y.	Making false statements in connection with sale of block trades	NPA	$153,431,223	None	36
N. Ali Enterprises Inc.; 21st Century Distribution Inc.	C.D. Cal.	Mail and Wire Fraud	Guilty Plea	$5,919,205	None	36
Northridge Construction Company	DOJ ENRD	Worker Safety Standards; OSHA	Guilty Plea	$100,000	None	60
Pauls Trans LLC	E.D. Wash.; EPA	Clean Air Act	Guilty Plea	Pending	Annual self-reporting	60
Peticub Pharmacy Corporation	C.D. Cal.	Conspiracy to Distribute	Guilty Plea	$5,000	None	60
Prive Overseas Marine LLC; Prive Shipping Denizcilik Ticaret, A.S.	E.D. La.; DOJ ENRD; Coast Guard Investigative Service; EPA	Act to Prevent Pollution from Ships (APPS); Obstruction of justice	Guilty Plea	$2,000,000	Third-party auditor	48
Proterial Cable America, Inc. (f/k/a Hitachi Cable America Inc.)	DOJ Fraud	Fraud – General	Declination with Disgorgement	$15,126,204	None	N/A
PT Express LLC	E.D. Wash.; EPA	Clean Air Act	Guilty Plea	Pending	Annual self-reporting	60
Q Link Wireless	S.D. Fla.	Fraud – General	Guilty Plea	$109,637,057	None	0
Quality Poultry and Seafood, Inc.	S.D. Miss.; FDA	Conspiracy to mislabel seafood; conspiracy to commit wire fraud	Guilty Plea	$1,500,000	None	60
Racing Performance Maintenance Northwest LLC	W.D. Wash.	Clean Air Act	Guilty Plea	Pending	Pending	Pending
Raytheon Company	D. Mass.	AECA; ITAR	DPA	$685,990,981	Independent compliance monitor	36
Raytheon Company	E.D.N.Y.	FCPA	DPA	$371,500,918	Independent compliance monitor	36
RKB Handyman Services, Inc.	E.D. Pa.	Wire fraud	Guilty Plea	$358,181	None	None
RPM Motors and Sales LLC	W.D. Wash.	Clean Air Act	Guilty Plea	Pending	Pending	Pending
Rudy’s Performance Parts Inc.	DOJ ENRD; EPA; D.D.C.	Clean Air Act	Guilty Plea	$9,400,000	Annual self-reports	36
SAP SE	DOJ Fraud; E.D. Va.	FCPA	DPA	$295,057,693	Annual self-reporting	36
Satori Recovery Center LLC	C.D. Cal.	Travel Act	Guilty Plea	Pending	Pending	Pending
Siemens	E.D. Va.	Wire fraud; Conspiracy to commit wire fraud	Guilty Plea	$104,000,000	None	36
Spokane Truck Service LLC	E.D. Wash.; EPA	Clean Air Act	Guilty Plea	Pending	Annual self-reporting	60
Star Enterprises	D.P.R.	Federal Program Theft	Guilty Plea	$206,639	None	None
Taaj Services US LLC	S.D. Cal	Bank Secrecy Act	Guilty Plea	$700,000	None	24
TD Bank N.A.	D.N.J.; DOJ Fraud	Conspiracy to fail to implement an adequate AML program, to fail to file accurate currency transaction reports, and to launder money	Guilty Plea	$1,659,932,702	Independent compliance monitor for three years	60
TD Bank U.S. Holding Company	D.N.J.; DOJ Fraud	Causing TD Bank N.A. to fail to maintain an adequate AML program and to fail to file accurate currency transaction reports	Guilty Plea	$1,434,513,478	Independent compliance monitor for three years	60
TD Securities (USA) LLC	DOJ Fraud	Wire fraud	DPA	$28,161,602	Annual self-reporting	36
Telefónica Venezolana C.A.	S.D.N.Y.; DOJ Fraud	FCPA	DPA	$85,260,000	Self-reporting	36
The Cosmopolitan Las Vegas	C.D. Cal.; DHS HSI; IRS CID	Bank Secrecy Act	NPA	$928,600	None	24
Tip the Scale LLC	DOJ ENRD; CBP	Lacey Act	Guilty Plea	$360,000	External auditor of importer compliance plan	36
TPC Group LLC	DOJ ENRD; EPA; OSHA	Clean Air Act	Guilty Plea	$110,100,000, crediting $212 million paid as restitution – but plea withdrawn	Plea withdrawn	Plea withdrawn
Trafigura Beheer B.V.	DOJ Fraud; S.D. Fl.	FCPA	Guilty Plea	$126,998,697	Annual self-reporting	36
Tribar Technologies, Inc.	E.D. Mich.; DOJ ENRD	Clean Water Act	Guilty Plea	$200,000	External auditor and quarterly self-reporting	Until remediation complete
Trinity Champion Healthcare Partners LLC	N.D. Tex.	Conspiracy to commit money laundering	Guilty Plea	$23,929	None	Unclear
Valley Processing Inc.	DOJ CPB; E.D. Wash.; FDA OCI	Conspiracy to introduce adulterated and misbranded fruit juice into interstate commerce (FDCA)	Guilty Plea	$742,139	None	N/A
Valley Property Partners, LLC	D.N.D.; EPA	Toxic Substances Control Act (misdemeanor)	Guilty Plea	$14,400	None	12
Vitamin Shack and Shakes, LLC	S.D. Tex.; FDA	FDCA	Guilty Plea	$175,000	None	Pending
Vulto Creamery LLC	N.D.N.Y.; DOJ CPB	Adulterated food	Guilty Plea	None	Pending	12
Western Sea, Inc.	D. Maine	Falsification of Records	Guilty Plea	$175,000	None	24
Wynn Las Vegas	S.D. Cal.; DHS HSI; IRS CID; DEA	Unlicensed money transmitting; Bank Secrecy Act	NPA	$130,131,645	External compliance reviewer	24

[1] DOJ, General Policy Regarding Charging, Plea Negotiations, and Sentencing (Feb. 5, 2025), https://www.justice.gov/ag/media/1388541/dl?inline.

[2] DOJ, Total Elimination of Cartels and Transnational Criminal Organizations (Feb. 5, 2025), https://www.justice.gov/ag/media/1388546/dl?inline.

[3] DOJ, General Policy Regarding Charging, Plea Negotiations, and Sentencing (Feb. 5, 2025), https://www.justice.gov/ag/media/1388541/dl?inline.

[4] DOJ, Total Elimination of Cartels and Transnational Criminal Organizations (Feb. 5, 2025), https://www.justice.gov/ag/media/1388546/dl?inline.

[5] Id.

[6] DOJ, General Policy Regarding Charging, Plea Negotiations, and Sentencing (Feb. 5, 2025), https://www.justice.gov/ag/media/1388541/dl?inline.

[7] DOJ, Reinstating the Prohibition on Improper Guidance Documents (Feb. 5, 2025), https://www.justice.gov/ag/media/1388511/dl?inline.

[8] DOJ, Reinstating the Prohibition on Improper Third-Party Settlements (Feb. 5, 2025), https://www.justice.gov/ag/media/1388536/dl?inline.

[9] This update addresses developments and statistics through December 31, 2024. NPAs and DPAs are two kinds of voluntary, pre-trial agreements between a corporation and the government, most commonly used by DOJ. They are standard methods to resolve investigations into corporate criminal misconduct and are designed to avoid the severe consequences, both direct and collateral, that conviction would have on a company, its shareholders, and its employees. Though NPAs and DPAs differ procedurally—a DPA, unlike an NPA, is formally filed with a court along with charging documents—both usually require an admission of wrongdoing, payment of fines and penalties, cooperation with the government during the pendency of the agreement, and remedial efforts, such as enhancing a compliance program or cooperating with a monitor who reports to the government. Although NPAs and DPAs are used by multiple agencies, since Gibson Dunn began tracking corporate NPAs and DPAs in 2000, we have identified more than 700 agreements initiated by DOJ, and 10 initiated by the U.S. Securities and Exchange Commission (“SEC”).

[10] Gibson Dunn began tracking corporate guilty pleas in 2022. Our data generally captures information publicly available at the time of the agreement; if sentencing has not occurred by year-end, monetary recoveries may not be included in our data. Following publication of our prior updates, we identified additional plea agreements not originally included in those prior updates. We have adjusted the 2022 and 2023 data here to reflect those additional plea agreements.

[11] DOJ, Reinstating the Prohibition on Improper Guidance Documents (Feb. 5, 2025), https://www.justice.gov/ag/media/1388511/dl?inline.

[12] See DOJ, General Policy Regarding Charging, Plea Negotiations, and Sentencing (Feb. 5, 2025), https://www.justice.gov/ag/media/1388541/dl?inline.

[13] Press Release, DOJ, Principal Associate Deputy Attorney General Marshall Miller Delivers Keynote Address at the Practicing Law Institute’s White Collar Crime 2024 Program (Dec. 6, 2024), https://www.justice.gov/opa/speech/principal-associate-deputy-attorney-general-marshall-miller-delivers-keynote-address.

[14] See infra notes 15-21; U.S. Atty’s Off. D.D.C., District of Columbia Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-dc/media/1367686/dl?inline; U.S. Atty’s Off. W.D. Va., WDVA Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-wdva/media/1372401/dl?inline; U.S. Atty’s Off. E.D.N.C., EDNC Whistleblower Pilot Program, https://www.justice.gov/usao-ednc/media/ednc_whistleblower_program.pdf/dl?inline.

[15] See, e.g., U.S. Atty’s Off. E.D.N.Y., EDNY Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-edny/media/1368306/dl?inline.

[16] U.S. Atty’s Off. C.D. Cal., CDCA Whistleblower Pilot Program, https://www.justice.gov/usao-cdca/media/1365146/dl?inline; U.S. Atty’s Off. N.D. Ill., United States Attorney’s Office Northern District of Illinois Individual Self-Disclosure Program for Organizational Misconduct, https://www.justice.gov/usao-ndil/media/1368056/dl?inline (“N.D. Ill. Whistleblower Program”).

[17] See, e.g., U.S. Atty’s Off. E.D.N.Y, supra note 5; N.D. Ill. Whistleblower Program, supra note 6; U.S. Atty’s Off. S.D. Fla., The United States Attorney’s Office for the Southern District of Florida’s Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-sdfl/media/1367206/dl?inline; U.S. Atty’s Off. E.D. Va., EDVA Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-edva/media/1367986/dl?inline.

[18] U.S. Atty’s Off. S.D. Tex., SDTX Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-sdtx/media/1368031/dl?inline.

[19] See, e.g., U.S. Atty’s Off. C.D. Cal., supra note 6.

[20] U.S. Atty’s Off. D.N.J., DNJ Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/usao-nj/media/1367691/dl?inline; N.D. Ill. Whistleblower Program, supra note 6.

[21] Compare U.S. Atty’s Off. C.D. Cal., supra note 6, and U.S. Atty’s Off. S.D.N.Y., SDNY Whistleblower Non-Prosecution Pilot Program, https://www.justice.gov/d9/2025-01/01.14.2025_wb_policy_for_sdny_website.pdf, with U.S. Atty’s Off. E.D.N.Y., supra note 5, and U.S. Atty’s Off. N.D. Cal., NDCA Whistleblower Pilot Program, https://www.justice.gov/usao-ndca/media/1343691/dl?inline.

[22] DOJ: Antitrust Division, Justice Department and Federal Trade Commission Withdraw Guidelines for Collaboration Among Competitors (Dec. 11, 2024), https://www.justice.gov/atr/media/1380001/dl?inline.

[23] Id.

[24] See generally DOJ: Antitrust Division, Federal Antitrust Crime: A Primer for Law Enforcement Personnel 1 (Oct. 2023), https://www.justice.gov/atr/page/file/1091651/dl.

[25] Non-Prosecution Agreement, AAR CORP. (Dec. 19, 2024), available at https://www.justice.gov/opa/media/1381656/dl.

[26] Statement of Facts, AAR CORP. (Dec. 19, 2024), available at https://www.justice.gov/opa/media/1381656/dl.

[27] Id. at A-5.

[28] Non-Prosecution Agreement, AAR CORP. (Dec. 19, 2024), available at https://www.justice.gov/opa/media/1381656/dl.

[29] Id. at 1–2.

[30] Id. at 1.

[31] Press Release, DOJ, AAR CORP to Pay Over $55M To Resolve Foreign Corrupt Practices Act Investigation (Dec. 19, 2024), https://www.justice.gov/opa/pr/aar-corp-pay-over-55m-resolve-foreign-corrupt-practices-act-investigation.

[32] Non-Prosecution Agreement, at 3.

[33] Plea Agreement, United States v. Advoque Safeguard, LLC, 24-cr-10329 (D. Mass. Oct. 24, 2024).

[34] Information, United States v. Advoque Safeguard, LLC, 24-cr-10329 (D. Mass. Oct. 29, 2024)

[35] Plea Agreement, United States v. Advoque Safeguard, LLC, 24-cr-10329 (D. Mass. Oct. 24, 2024).

[36] Plea Agreement, United States v. Akua Mosaics, Inc., No. 3:23-cr-00105-ADC (D.P.R. Mar. 19, 2024) (“Akua Mosaics Plea Agreement”); Press Release, DOJ, Akua Mosaics, Inc. and its President Plead Guilty to a Conspiracy to Smuggle Goods into the United States to Avoid Paying Over $1 Million in Duties and Tariffs (May 3, 2023), https://www.justice.gov/usao-pr/pr/akua-mosaics-inc-and-its-president-plead-guilty-conspiracy-smuggle-goods-united-states (“Akua Mosaics Press Release”).

[37] Akua Mosaics Plea Agreement at 1-2, 14.

[38] Id. at 2.

[39] Press Release, DOJ, HSI Investigation Leads to Indictment of Chinese National Circumventing Antidumping and Countervailing Duties in Puerto Rico (May 3, 2023), https://www.justice.gov/usao-pr/pr/hsi-investigation-leads-indictment-chinese-national-circumventing-antidumping-and; Judgment, United States v. Mo, 23-cr-171 (N.D. Cal. Sept. 1, 2023).

[40] Plea Agreement, United States v. Al’s Asphalt Paving Company, Inc., No. 2:23-cr-20699-GAD-DRG (E.D. Mich. Jan. 31, 2024).

[41] Information, United States v. Al’s Asphalt Paving Company, Inc., No. 2:23-cr-20699-GAD-DRG (E.D. Mich. Jan. 31, 2024).

[42] Press Release, DOJ, Vice President of Asphalt Paving Company Pleads Guilty to Bid Rigging (Oct. 2, 2024), https://www.justice.gov/opa/pr/vice-president-asphalt-paving-company-pleads-guilty-bid-rigging-0.

[43] Plea Agreement, United States v. Al’s Asphalt Paving Company, Inc., No. 2:23-cr-20699-GAD-DRG (E.D. Mich. Jan. 31, 2024).

[44] Judgment in a Criminal Case, United States v. Al’s Asphalt Company, Inc., No. 2:23-cr-20699-GAD-DRG (E.D. Mich. July 31, 2024).

[45] Plea Agreement, United States v. AM/NS Calvert, LLC, No. 24-cr-00117 (S.D. Ala. July 23, 2024) (“AM/NS Plea Agreement”).

[46] Id. at 12.

[47] Judgment, United States v. AM/NS Calvert, LLC, No. 24-cr-00117 (S.D. Ala. July 23, 2024).

[48] AM/NS Plea Agreement at 4–5.

[49] Plea Agreement, United States v. Amigos Mexican Cuisine & Cantina LLC, No. 3:24-cr-00155-IM (D. Or. Apr. 29, 2024).

[50] Id. at 2–4.

[51] Id. at 5–6.

[52] See Press Release, DOJ, Southern Oregon Restaurant Sentenced in Federal Court for Stealing Covid Relief Program Funds (Aug. 16, 2024), https://www.justice.gov/usao-or/pr/southern-oregon-restaurant-sentenced-federal-court-stealing-covid-relief-program-funds.

[53] See Case Summary, DOJ, United States v. AMVAC Chemical Corporation (May 24, 2024), https://www.justice.gov/enrd/case/united-states-v-amvac-chemical-corporation-et-al.

[54] Id.

[55] Id.

[56] Judgment, United States v. AMVAC Chemical Corp., No. 24-cr-00043 (S.D. Ala. Oct. 28, 2024); see also Plea Agreement, United States v. AMVAC Chemical Corporation, No. 24-CR-00043 (S.D. Ala. May, 24, 2024).

[57] Press Release, DOJ, Company Sentenced to Pay $6.5M Criminal Fine for Bid Rigging in Michigan Asphalt Industry (Aug. 15, 2024), https://www.justice.gov/opa/pr/company-sentenced-pay-65m-criminal-fine-bid-rigging-michigan-asphalt-industry.

[58] Press Release, DOJ, Vice President of Asphalt Paving Company Pleads Guilty to Bid Rigging (Oct. 2, 2024), https://www.justice.gov/opa/pr/vice-president-asphalt-paving-company-pleads-guilty-bid-rigging-0.

[59] Plea Agreement, United States v. Asphalt Specialists LLC, No. 2:23-cr-20700-GAD-DRG (E.D. Mich. Jan. 30, 2024).

[60] Id.

[61] Judgment in a Criminal Case, United States v. Asphalt Specialists LLC, No. 2:23-cr-20700-GAD-DRG (E.D. Mich. Jan. 30, 2024).

[62] Plea Agreement, United States v. Austal USA, LLC, No. 24-cr-00131 (S.D. Ala. Aug. 26, 2024).

[63] Press Release, DOJ, U.S. Navy Shipbuilder Pleads Guilty to Financial Accounting Fraud Scheme and Obstructing a Defense Department Audit (Aug. 27, 2024), https://www.justice.gov/opa/pr/us-navy-shipbuilder-pleads-guilty-financial-accounting-fraud-scheme-and-obstructing-defense.

[64] Id.

[65] Plea Agreement, United States v. Austal USA, LLC, No. 24-cr-00131 (S.D. Ala. Aug. 26, 2024) (“Austal USA Please Agreement”).

[66] Austal Plea Agreement at 21; see also SEC v. Austal Limited and Austal USA, LLC, No. 24-cv-307 (S.D. Ala. December 2, 2024).

[67] Austal USA Plea Agreement at 1.

[68] Press Release, Aventura Techs., Inc. Pleads Guilty to Wire Fraud and Illegal Importation for Reselling Chinese Goods as U.S.-Made (Mar. 19, 2024), https://www.justice.gov/usao-edny/pr/aventura-technologies-inc-pleads-guilty-wire-fraud-and-illegal-importation-reselling (“Aventura Press Release”); Complaint, United States v. Aventura Techs., Inc., No. 19-MJ-1035 (E.D.N.Y. Nov. 6, 2019) (“Aventura Compl.”) at 2–4 .

[69] Aventura Press Release; see also Transcript of Change of Plea Hearing at 20–26, United States v. Aventura Techs., Inc., No. 2:19-cr-00582-JMA-ARL, (E.D.N.Y. Mar. 19, 2024) (“Aventura Plea Tr.”).

[70] Aventura Press Release; Aventura Plea Tr. at 23–25.

[71] Aventura Press Release; Aventura Plea Tr. at 24, 26–28.

[72] Aventura Press Release; Aventura Plea Tr. at 23, 25.

[73] Aventura Plea Tr. at 7.

[74] Aventura Press Release; Aventura Plea Tr. at 8.

[75] Id.

[76] Plea Agreement, United States v. Avin International Ltd & Kriti Ruby Special Maritime Enter., No. 2:24-cr-00836 (D.N.J. Dec. 23, 2024).

[77] Id., Attach. 1, at 1-3.

[78] Id., Attach. 1, at 3-4.

[79] Judgment, United States v. Avin International Ltd & Kriti Ruby Special Maritime Enter., No. 2:24-cr-00836 (D.N.J. Dec. 26, 2024), at 5.

[80] Id. at 2.

[81] Deferred Prosecution Agreement, United States v. BIT Mining Ltd. (f/k/a 500.com Ltd.), No. 2:24-cr-00744-EP (D.N.J. Nov. 18, 2024) (“BIT Mining DPA”).

[82] Id. at 1.

[83] Id., Attach. A, at 4.

[84] Press Release, DOJ, Former CEO Indicted for Role in Bribing Japanese Officials and BIT Mining Ltd. Resolves Foreign Bribery Investigation (Nov. 18, 2024), https://www.justice.gov/opa/pr/former-ceo-500com-now-bit-mining-ltd-indicted-role-bribing-japanese-officials-and-bit-mining.

[85] BIT Mining DPA at 10.

[86] Id. at 11.

[87] Id. at 7-9, 13-14

[88] Press Release, SEC, SEC Charges BIT Mining with FCPA Violations in Connection with Bribery Scheme to Influence Members of Japanese Parliament (Nov. 18, 2024), https://www.sec.gov/newsroom/press-releases/2024-180.

[89] Plea Agreement, United States v. BNL Technical Services, LLC, No. 4:23-CR-6014-SAB (E.D. Wash. Oct. 22, 2024).

[90] Id. at 11-14.

[91] Id.

[92] Id. at 15-16.

[93] Id. at 14.

[94] Press Release, DOJ, Hanford Site Subcontractor Pleads Guilty to Stealing COVID-19 Relief Funding, Owner Agrees to Pay $1.1 Million in Restitution and Penalties (Oct. 22, 2024), https://www.justice.gov/usao-edwa/pr/hanford-site-subcontractor-pleads-guilty-stealing-covid-19-relief-funding-owner-agrees.

[95] Letter from DOJ re Boston Consulting Group, Inc. (August 27, 2024), https://www.justice.gov/criminal/media/1365431/dl?inline.

[96] Id. at 2.

[97] Id.

[98] Id.

[99] Plea Agreement, United States v. Boyd Farm, LLC, No. 3:24-cr-91-DJN (E.D. Va. June 27, 2024) (“Boyd Farm Plea Agreement”), ECF No. 12.

[100] Press Release, DOJ, Virginia Company and Owner Sentenced for Criminally Filling Wetlands (June 27, 2024), https://www.justice.gov/opa/pr/virginia-company-and-owner-sentenced-criminally-filling-wetlands.

[101] Boyd Farm Plea Agreement, at 3; see also Judgment, United States v. Boyd Farm, LLC, Case No. 3:24-cr-00091 (E.D. Va. July 1, 2024), ECF No. 15.

[102] Deferred Prosecution Agreement at 1, United States v. Brazos Urethane, Inc., No. 24-cr-17-jdp (W.D. Wis. Feb. 7, 2024), ECF No. 3.

[103] Id., Attach. A, at 1-2.

[104] Id., Attach. A, at 1-3.

[105] Id., Attach. A, at 4.

[106] Id. at 4.

[107] Id. at 9-11.

[108] Id. at 9.

[109] First Addendum to Deferred Prosecution Agreement at 1, United States v. Brazos Urethane, Inc., No. 24-cr-17-jdp (W.D. Wis. May 6, 2024), ECF No. 9-1.

[110] Order, United States v. Brazos Urethane, Inc., No. 24-cr-17-jdp (W.D. Wis. May 20, 2024), ECF No. 10.

[111] Plea Agreement at 2-3, 20, United States v. Cambridge Int’l Sys., Inc., No. 3:24-cr-00759-TWR (S.D. Cal. Apr. 16, 2024) (“Cambridge Plea Agreement”).

[112] Id. at 20-27; Press Release, DOJ, Virginia-Based Defense Contractor Pleads Guilty to Bribery Conspiracy Involving Government Contracts Worth More Than $100 Million (Apr. 16, 2024), https://www.justice.gov/usao-sdca/pr/virginia-based-defense-contractor-pleads-guilty-bribery-conspiracy-involving.

[113] Cambridge Plea Agreement at 8.

[114] Id. at 9.

[115] Judgment at 2, 5, United States v. Cambridge Int’l Sys., Inc., No. 3:24-cr-00759-TWR (S.D. Cal. Sept. 24, 2024).

[116] Id. at 4.

[117] Non-Prosecution Agreement, CBM SAS, CBM NA, and CBM US, at 1 (July 8, 2024) (“CBM NPA”); Press Release, U.S. Attorney Announces Non-Prosecution Agreement With International Bus Parts Supplier CBM (July 22, 2024), https://www.justice.gov/usao-sdny/pr/us-attorney-announces-non-prosecution-agreement-international-bus-parts-supplier-cbm (“CBM Press Release”).

[118] CBM NPA, Attach. A., at 1-4.

[119] CBM NPA at 3.

[120] Id. at 2-3.

[121] Id. at 3.

[122] Id.

[123] Id. at 3-4.

[124] Non-Prosecution Agreement, Cerebral, Inc., at 1-2 (Nov. 1, 2024) (“Cerebral NPA”).

[125] Id. at 2.

[126] Cerebral NPA, Attach. A, at 3-12.

[127] Id. at 13-15.

[128] Cerebral NPA at 1-2 & 2 n.1.

[129] Id. at 3.

[130] Id. at 2-3.

[131] Plea Agreement at 1, United States v. Covetrus N. Am., No. 1:24-mj-00009-PMS (W.D. Va. Feb. 9, 2024) (“Covetrus Plea Agreement”), ECF No. 6; see also Judgment at 2-5, United States v. Covetrus N. Am., No. 1:24-mj-00009-PMS (W.D. Va. May 8, 2024), ECF No. 27 (“Covetrus Judgment”).

[132] Covetrus Plea Agreement at 2-3.

[133] Covetrus Judgment at 2-4.

[134] Covetrus Plea Agreement, Attach. B, at 1-4.

[135] Deferred Prosecution Agreement as to Cruise, LLC, United States v. Cruise, LLC, No. 3:24-cr-00572-SI (N.D. Cal. Nov. 15, 2024) (“Cruise Deferred Prosecution Agreement”).

[136] Cruise Deferred Prosecution Agreement at 15-23.

[137] Cruise Deferred Prosecution Agreement at 4-7.

[138] Press Release, FDA, Texas Company Pleads Guilty to Distributing Misbranded Dietary Supplements and Agrees to $4.5 Million Forfeiture (Jan. 12, 2024) https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/press-releases/texas-company-pleads-guilty-distributing-misbranded-dietary-supplements-and-agrees-45-million.

[139] Id.

[140] Id.

[141] Plea Agreement at 5-7, United States v. Defyned Brands a/k/a 5 Star Nutrition, LLC, No. 1:23-cr-00213-DH (W.D. Tex. Dec. 15, 2023), ECF No. 3.

[142] Plea Agreement, United States v. Dlubak Glass Co., No. 3-24cr-533 (N.D. Tex. Dec. 2, 2024), ECF No. 3.

[143] Id. at 5; Information, United States v. Dlubak Glass Co., No. 3-24cr-533 (N.D. Tex. Dec. 2, 2024), ECF No. 1.

[144] Information, United States v. Dlubak Glass Co., No. 3-24cr-533 (N.D. Tex. Dec. 2, 2024), ECF No. 1.

[145] Plea Agreement, United States v. Dlubak Glass Co., at 2–3.

[146] Plea Agreement, United States v. Domermuth Env’t Servs., LLC, No. 3:24-cr-75 (E.D. Tenn. July 16, 2024), ECF No. 2.

[147] Id. at 2.

[148] Id. at 2–3.

[149] Id. at 5.

[150] Judgment, United States v. Domermuth Env’t Servs., LLC, No. 3:24-cr-75 (E.D. Tenn. Dec. 12, 2024), ECF No. 21.

[151] Josh Sweigart, Second company facing federal charges following DDN investigation of rental assistance program, Dayton Daily News (Aug. 15, 2024), https://www.daytondailynews.com/local/second-company-facing-federal-charges-following-ddn-investigation-of-rental-assistance-program/KQ6IBEZHAFHMTII66DKBY6K5WQ/; see also Plea Agreement, United States v. Eagle Renovations LLC, No. 3:23-CR032 (S.D. Ohio April 18, 2024), ECF No. 3 (under seal at time of publication).

[152] Id.

[153] Id.

[154] Id.

[155] Judgment, United States v. Eagle Renovations LLC, No. 3:23-cr-00032 (S.D. Ohio Aug. 26, 2024), ECF No. 12.

[156] Press Release, DOJ, eBay Inc. to Pay $3 Million in Connection with Corporate Cyberstalking Campaign Targeting Massachusetts Couple (Jan. 10. 2024), https://www.justice.gov/usao-ma/pr/ebay-inc-pay-3-million-connection-corporate-cyberstalking-campaign-targeting; Deferred Prosecution Agreement, eBay Inc. (“eBay DPA”).

[157] eBay DPA.

[158] See Press Release, DOJ, Opioid Manufacturer Endo Health Solutions Inc. Agrees to Global Resolution of Criminal and Civil Investigations into Sales and Marketing of Branded Opioid Drug (Feb. 29, 2024), https://www.justice.gov/opa/pr/opioid-manufacturer-endo-health-solutions-inc-agrees-global-resolution-criminal-and-civil.

[159] Plea Agreement, United States v. Endo Health Solutions Inc., No. 2:24-cr-20159-LVP-APP (E.D. Mich. Feb. 28, 2024).

[160] Plea Agreement, United States v. Envigo RMS, LLC and Envigo Global Services, Inc., No. 6:24-CR-00016 (W.D. Va. June 3, 2024).

[161] Criminal Information at 1, 26, 40, United States v. Envigo RMS, LLC and Envigo Global Services, Inc., No. 6:24-CR-00016 (W.D. Ky. June 3, 2024).

[162] Plea Agreement at 9-10, United States v. Envigo RMS, LLC and Envigo Global Services, Inc., No. 6:24-CR-00016 (W.D. Va. June 3, 2024).

[163] Press Release, DOJ, Animal Breeder Sentenced in Animal Welfare and Water Pollution Crimes, Will Pay More than $35M, Including Record Fine in Animal Welfare Case (Oct. 24, 2024), https://www.justice.gov/usao-wdva/pr/animal-breeder-sentenced-animal-welfare-and-water-pollution-crimes-will-pay-more-35m.

[164] See Plea Agreement, United States v. Thurman and Environmental Resources Inc., DBA Easy Rooter Plumbing, 3:24-cr-00014-HDM-CLB (D. Nev. Aug. 15, 2024) (“Environmental Resources Plea Agreement”).

[165] Id. at 8.

[166] Judgment, United States v. Thurman and Environmental Resources Inc., DBA Easy Rooter Plumbing, 3:24-cr-00014-HDM-CLB-2 (D. Nev. Dec. 13, 2024), ECF No. 54.

[167] See Press Release, DOJ, Nevada Man Sentenced for Dumping Waste into Cities’ Wastewater System and Lying to Investigators (Dec. 10, 2024), https://www.justice.gov/opa/pr/nevada-man-sentenced-dumping-waste-cities-wastewater-system-and-lying-investigators.

[168] See Plea Agreement, United States v. Evans Concrete, LLC, No. 20-CR-00081 (S.D. Ga Sept. 6, 2024).

[169] Id. at 2-3.

[170] Id.

[171] See Gibson Dunn, 2021 Mid-Year Update on Corporate Non-Prosecution Agreements and Deferred Prosecution Agreements (July 22, 2021), https://www.gibsondunn.com/2021-mid-year-update-on-corporate-non-prosecution-agreements-and-deferred-prosecution-agreements/.

[172] Judgment, United States v. Evans Concrete, LLC, No. 20-CR-00081 (S.D. Ga Sept. 6, 2024).

[173] NPA, Evoqua Water Technologies Corporation (May 13, 2024) (“Evoqua NPA”); Press Release, DOJ, Evoqua Water Technologies Corp. Agrees to Pay $8.5 Million Criminal Penalty for Fraudulent Revenue Recognition (May 14, 2024), https://www.justice.gov/usao-ri/pr/evoqua-water-technologies-corp-agrees-pay-85-million-criminal-penalty-fraudulent-revenue.

[174] Evoqua NPA, Attachment A at 2.

[175] Id. at 1-2.

[176] Evoqua NPA, at 2-3.

[177] Id.

[178] Press Release, SEC, Securities and Exchange Commission v. Evoqua Water Technologies Corp. and Imran Parekh Case No. 1:23-cv-00105-MSM-PAS (D.R.I.), https://www.sec.gov/enforcement-litigation/distributions-harmed-investors/evoqua-water-technologies-corp.

[179] Plea Agreement at 1, United States v. Family Dollar Stores, LLC, No. 2:24-CR-00001-LPR (E.D. Ark. Feb. 26, 2024) (“Family Dollar Plea Agreement”).

[180] Family Dollar Plea Agreement at 2.

[181] Id. at 9–10.

[182] Id. at 5–6.

[183] Id.

[184] Press Release, DOJ, United States v. Fidelity Development Group LLC (Sept. 16, 2024), https://www.justice.gov/enrd/case/united-states-v-fidelity-development-group-llc.

[185] Id.

[186] Id.

[187] Press Release, DOJ, United States v. Fidelity Development Group LLC (Jan. 16, 2025), https://www.justice.gov/enrd/case/united-states-v-fidelity-development-group-llc-0.

[188] Cornelius Frolik, Fidelity building redeveloper in downtown Dayton guilty of asbestos violation, Dayton Daily News (Oct. 2, 2024), https://www.daytondailynews.com/local/fidelity-building-redeveloper-in-downtown-dayton-guilty-of-asbestos-violation/OWDJTVUDONB3BABMSI4NARDTGE/.

[189] Press Release, DOJ, United States v. Fidelity Development Group LLC (January 16, 2025), https://www.justice.gov/enrd/case/united-states-v-fidelity-development-group-llc-0.

[190] Plea Agreement at 1, United States v. Frame Inc., No. 3:24-cr-00018-GMG-RWT (N.D.W.Va. May 6, 2024), ECF No. 12 (“Frame Plea Agreement”).

[191] Press Release, DOJ, West Virginia Business Defrauds, Pays the United States Postal Service (Sept. 11, 2024), https://www.justice.gov/usao-ndwv/pr/west-virginia-business-defrauds-pays-united-states-postal-service; see also Criminal Information at 3, United States v. Frame Inc., No. 3:24-cr-00018-GMG-RWT (N.D.W.Va. Mar. 6, 2024), ECF No. 1.

[192] Criminal Information, United States v. Frame Inc., No. 3:24-cr-00018-GMG-RWT (Mar. 6, 2024), at 3.

[193] Id. at 6–8.

[194] Frame Plea Agreement at 1.

[195] Press Release, DOJ, West Virginia Business Defrauds, Pays the United States Postal Service (Sept. 11, 2024), https://www.justice.gov/usao-ndwv/pr/west-virginia-business-defrauds-pays-united-states-postal-service.

[196] See Judgment, United States v. Frame Inc., No. 3:24-cr-00018-GMG-RWT (Sept. 16, 2024).

[197] Plea Agreement at 1, United States v. Gremex Shipping S.A. de C.V., 3:24-cr-00101-TKW (N.D. Fla Oct. 30, 2024) (“Gremex Plea Agreement”).

[198] Gremex Plea Agreement at 2; Press Release, DOJ, Ship Management Company Fined $1.75M for Failing to Maintain an Accurate Oil Record Book that Concealed Unauthorized Discharges at Sea (Oct. 30, 2024), https://www.justice.gov/opa/pr/ship-management-company-fined-175m-failing-maintain-accurate-oil-record-book-concealed (“Gremex Press Release”).

[199] Gremex Press Release.

[200] Id.

[201] Gremex Plea Agreement at 5–7.

[202] Id. at 11.

[203] Plea Agreement, United States v. Gunvor S.A., No. 1:24-cr-00085-ENV (E.D.N.Y. Mar. 1, 2024) (“Gunvor Plea Agreement”).

[204] Id. at A-5.

[205] Id. at A-6.

[206] Press Release, Commodities Trading Company Will Pay Over $661M to Resolve Foreign Bribery Case (Mar. 1, 2024), https://www.justice.gov/opa/pr/commodities-trading-company-will-pay-over-661m-resolve-foreign-bribery-case.

[207] Id.

[208] Id.

[209] Ana de Liz, Ecuador reaches bribery settlement with Gunvor following US, Swiss penalties, Glob. Investigations Rev. (Jun. 12, 2024), https://globalinvestigationsreview.com/just-anti-corruption/article/ecuador-reaches-bribery-settlement-gunvor-following-us-swiss-penalties.

[210] Id.

[211] Gunvor Plea Agreement at 7.

[212] Id. at 6.

[213] Plea Agreement, United States v. Hexamed Business Solutions, LLC, No. 3:24-CR-049-S (N.D. Tex. Apr. 3, 2024) (“Hexamed Plea”), ECF No. 123; Plea Agreement, United States v. Trinity Champion Healthcare Partners, LLC, No. 3:24-CR-049-S (N.D. Tex. Apr. 3, 2024) (“Trinity Champion Plea”), ECF No. 120.

[214] Press Release, DOJ, Fourteen Indicted in Pharmaceutical Kickback Case, (Feb. 22, 2024), https://www.justice.gov/usao-ndtx/pr/fourteen-indicted-pharmaceutical-kickback-case.

[215] Indictment, United States v. Mortazavi et al, No. 3:24-CR-00049 (N.D. Tex. Feb. 1, 2024); Factual Resumes, United States v. Mortazavi et al., No. 3:24-CR-00049 (N.D. Tex. April 3, 2024), ECF Nos. 122, 125.

[216] Id.

[217] Id.

[218] Id.

[219] Id.

[220] Id.

[221] Id.

[222] Hexamed Plea at 2; Trinity Champion Plea at 2.

[223] Hexamed Plea at 3; Trinity Champion Plea at 3.

[224] Orders Accepting Reports and Recommendations on Guilty Pleas, United States v. Mortazavi et al., No. 3:24-CR-00049 (N.D. Tex. Nov. 14, 2024), ECF Nos. 177, 178.

[225] Plea Agreement, United v. States JDM Supply LLC, 24-cr-10309 (D. Mass Oct. 2, 2024).

[226] Press Release, DOJ, California Company Charged with Conspiring to Sell Misbranded N95 Masks to Hospital in Early Months of COVID-19 Pandemic (Oct. 29, 2024), https://www.justice.gov/usao-ma/pr/california-company-charged-conspiring-sell-misbranded-n95-masks-hospital-early-months.

[227] Plea Agreement, United v. States JDM Supply LLC, 24-cr-10309 (D. Mass Oct. 2, 2024).

[228] Procedural Order, United v. States JDM Supply LLC, 24-cr-10309 (D. Mass. Oct. 29, 2024).

[229] Plea Agreement, United States v. KBC Capital LLC, No. 1:24-cr-10226-FDS (D. Mass Jul. 31, 2024) (“KBC Capital Plea Agreement”).

[230] KBC Capital Plea Agreement at 9-13; Press Release, DOJ, After-Market Firearm Accessory Manufacturer and Distributor Agrees to Plead Guilty to Illegal Distribution of Firearm Silencers (Aug. 1, 2024), https://www.justice.gov/usao-ma/pr/after-market-firearm-accessory-manufacturer-and-distributor-agrees-plead-guilty-illegal.

[231] KBC Capital Plea Agreement at 2-4.

[232] Plea Agreement, United States v. KVK Research, 24-CR-00069 (E.D. Pa. Mar. 6, 2024) (“KVK Plea”).

[233] KVK Plea at 7.

[234] KVK Plea at 2-5.

[235] KVK Plea at 7-10.

[236] Deferred Prosecution Agreement, United States v. KVK Tech Inc., 24-0069 (E.D. Pa. Feb. 26, 2024) (“KVK Tech DPA”).

[237] KVK Tech DPA at 1-3.

[238] KVK Tech DPA at 9-13.

[239] Press Release, DOJ, Generic Pharmaceuticals Manufacturer Pleads Guilty, Agrees to $1.5 Million Criminal Penalty for Distributing Adulterated Drugs and $2 Million to Resolve Civil Liability under the False Claims Act (Mar. 6, 2024), https://www.justice.gov/opa/pr/generic-pharmaceuticals-manufacturer-pleads-guilty-agrees-15-million-criminal-penalty.

[240] Id.

[241] Plea Agreement, United States v. Limited Properties, Inc., No. 6:24-cr-00032-TMC (D.S.C. July 23, 2024), ECF No. 118.

[242] Superseding Indictment, United States v. Randy Scott Cannon et al., No. 6:24-cr-00032 (D.S.C. Feb. 13, 2024).

[243] Plea Agreement, United States v. Limited Properties, Inc., No. 6:24-cr-00032-TMC (D.S.C. July 23, 2024).

[244] Plea Agreement, United States v. Stinson et al., No. 1:21-cr-00044 (W.D. Ky. Jan. 18, 2024), ECF No. 42.

[245] Id. at 2.

[246] Judgment, United States v. Stinson et al., No. 1:21-cr-00044 (W.D. Ky. Aug. 19, 2024), ECF No. 54.

[247] Plea Agreement, United States v. Magellan Diagnostics, Inc., No. 1:24-cr-10144-PBS (D. Mass. May 21, 2024) (“Magellan Plea Agreement”); Deferred Prosecution Agreement, United States v. Magellan Diagnostics, Inc., No. 1:24-cr-10144-PBS (D. Mass. May 21, 2024) (“Magellan DPA”); see also Press Release, Magellan Diagnostics Pleads Guilty to Criminal FDCA Charges (Jun. 27, 2024), https://www.justice.gov/usao-ma/pr/magellan-diagnostics-pleads-guilty-criminal-fdca-charges.

[248] Press Release, DOJ, Magellan Diagnostics Pleads Guilty to Criminal FDCA Charges (Jun. 27, 2024), https://www.justice.gov/usao-ma/pr/magellan-diagnostics-pleads-guilty-criminal-fdca-charges (“Magellan Press Release”).

[249] Magellan Plea Agreement at 10.

[250] Magellan Press Release.

[251] Magellan Plea at 11-12.

[252] Magellan DPA at 1.

[253] Magellan Press Release; Magellan Plea Agreement at 2-3.; Magellan DPA at 4.

[254] Magellan DPA at 9.

[255] Plea Agreement, United States v. MAM Construction, No. 23-cr-423 (D.P.R. Oct. 16, 2024)

[256] Plea Agreement, United States v. Martinez Builders Supply, LLC, No. 24-cr-14035 (S.D. Fla Oct. 28, 2024).

[257] Press Release, DOJ, Florida Company and Former Employee Plead Guilty to Conspiring to Harbor Aliens by Means of Employment (Oct. 28, 2024), https://www.justice.gov/usao-sdfl/pr/florida-company-and-former-employee-plead-guilty-conspiring-harbor-aliens-means.

[258] Judgment, United States v. Martinez Builders Supply, LLC, No. 24-cr-14035 (S.D. Fla Jan. 24, 2025).

[259] See Plea Agreement, United States v. Mary Mahoney’s Old French House, Inc., No. 1:24-cr-00045 (S.D. Miss. May 30, 2024), ECF No. 12.

[260] Id. at 5.

[261] Press Release, DOJ, Mary Mahoney’s Old French House and Manager Sentenced for Conspiracy and Misbranding of Seafood, (Nov. 18, 2024), https://www.justice.gov/usao-sdms/pr/mary-mahoneys-old-french-house-and-manager-sentenced-conspiracy-and-misbranding.

[262] See Amended Judgment, United States v. Mary Mahoney’s Old French House, Inc., No. 1:24-cr-00045 (S.D. Miss. Nov. 21, 2024), ECF No. 25.

[263] See Press Release, DOJ, Mary Mahoney’s Old French House and Manager Sentenced for Conspiracy and Misbranding of Seafood (Nov. 18, 2024), https://www.justice.gov/usao-sdms/pr/mary-mahoneys-old-french-house-and-manager-sentenced-conspiracy-and-misbranding.

[264] Deferred Prosecution Agreement, United States v. McKinsey and Company Africa (Pty) LTD, No. 1:24-cr-00669-CM (S.D.N.Y. Dec. 5, 2024), https://www.justice.gov/media/1379421/dl.

[265] See Press Release, DOJ, McKinsey & Company Africa to Pay Over $122M in Connection with Bribery of South African Government Officials (Dec. 5, 2024), https://www.justice.gov/opa/pr/mckinsey-company-africa-pay-over-122m-connection-bribery-south-african-government-officials.

[266] Id.

[267] Press Release, DOJ, Justice Department Announces Resolution of Criminal and Civil Investigations into McKinsey & Company’s Work with Purdue Pharma L.P.; Former McKinsey Senior Partner Charged with Obstruction of Justice (Dec. 13, 2024), https://www.justice.gov/usao-ma/pr/justice-department-announces-resolution-criminal-and-civil-investigations-mckinsey (“McKinsey MA Press Release”); Deferred Prosecution Agreement, United States v. McKinsey & Company, Inc. United States, No. 1:24-CR-00046 (W.D. Va Dec. 13, 2024), ECF No. 2 (“McKinsey DPA”).

[268] Agreed Order Compelling Compliance, In re: McKinsey & Company, Inc., No. 1:24-MC-00013-RSB (W.D. Va. Dec. 13, 2024), ECF No. 2.

[269] See McKinsey MA Press Release; McKinsey DPA.

[270] See id.

[271] See 21 U.S.C. § 333(a)(1).

[272] McKinsey DPA, Attachment 3 at 59-64.

[273] Plea Agreement, United States v. Martin Elling, 1:24-cr-00045-RSB-PMS (W. D. Va Dec. 13, 2024).

[274] McKinsey DPA, Attachment 6.

[275] McKinsey DPA, Attachments 9A-9D; see United States v. McKinsey & Company, Inc. United States, No. 1:24-CV-00063 (W.D. Va.).

[276] McKinsey DPA, at 2.

[277] Id. at 13.

[278] McKinsey DPA, Attachment 2A.

[279] Settlement Agreement, available at https://www.justice.gov/opa/pr/justice-department-announces-resolution-criminal-and-civil-investigations-mckinsey-companys.

[280] NPA, MGM Grand Hotel, LLC (C.D. Cal. Jan. 9, 2024) (“MGM NPA”); NPA, The Cosmopolitan of Las Vegas (C.D. Cal. Jan. 11, 2024) (“Cosmopolitan NPA”).

[281] Id.

[282] Press Release, DOJ, U.S. Atty’s Office for the C.D. Cal., Former President of MGM Grand Pleads Guilty to Violating the Bank Secrecy Act for Allowing Man Involved in Criminal Conduct to Gamble (Jan. 25, 2024), https://www.justice.gov/usao-cdca/pr/former-president-mgm-grand-pleads-guilty-violating-bank-secrecy-act-allowing-man

[284] Id.

[285] See MGM NPA; see also Cosmopolitan NPA.

[286] Id.

[287] Plea Agreement, United States v. Mold Wranglers, Inc., No. 6:24-cr-00025-MTD (D. Mont. Oct. 24, 2024) (“Mold Wranglers Plea Agreement”).

[288] Press Release, DOJ, Kalispell company admits filing false claims for payment to federal agency claiming an abatement of lead paint in veterans housing at Fort Harrison (Nov. 5, 2024), https://www.justice.gov/usao-mt/pr/kalispell-company-admits-filing-false-claims-payment-federal-agency-claiming-abatement.

[289] Id.

[290] NPA, United States v. Morgan Stanley & Co. LLC (Jan. 12, 2024) (“Morgan Stanley NPA”); Press Release, DOJ, Morgan Stanley & Co. LLC To Enter into a Non-Prosecution Agreement and to Pay $153 Million in Financial Penalties (Jan. 12, 2024), https://www.justice.gov/usao-sdny/pr/us-attorney-announces-agreements-morgan-stanley-and-former-senior-employee-pawan-passi.

[291] Morgan Stanley NPA.

[292] Morgan Stanley NPA.

[293] Press Release, DOJ, Morgan Stanley & Co. LLC To Enter into a Non-Prosecution Agreement and to Pay $153 Million in Financial Penalties (Jan. 12, 2024), https://www.justice.gov/usao-sdny/pr/us-attorney-announces-agreements-morgan-stanley-and-former-senior-employee-pawan-passi.

[294] Morgan Stanley NPA at 2.

[295] Morgan Stanley NPA at 3.

[296] Press Release, DOJ, U.S. Attorney Announces Agreements With Morgan Stanley And Former Senior Employee, Pawan Passi, In Connection With Deceptive Practices In Block Trades Business (Jan. 12, 2024), https://www.justice.gov/usao-sdny/pr/us-attorney-announces-agreements-morgan-stanley-and-former-senior-employee-pawan-passi.

[297] Order Instituting Administrative and Cease-and-Desist Proceedings, In the matter of Morgan Stanley & Co. LLC, Exchange Release No. 99336 (Jan. 12, 2024).

[298] Id.

[299] Plea Agreement, United States v. N. Ali Enterprises, Inc., No. 2:18-cr-257-DJC (E.D. Cal. Jan. 11, 2024) (“N. Ali Enterprises Plea Agreement”); Plea Agreement, United States v. 21st Century Distribution, Inc., No. 2:18-cr-257-DJC (E.D. Cal. Jan. 11, 2024) (“21st Century Distribution Plea Agreement”).

[300] Press Release, U.S. Atty.’s Office for the E.D. of Ca., Corporate President and Two Corporations Plead Guilty to 20 Counts of Mail and Wire Fraud in Multimillion Dollar California Excise Tax Scheme (Jan. 12, 2024), https://www.justice.gov/usao-edca/pr/corporate-president-and-two-corporations-plead-guilty-20-counts-mail-and-wire-fraud.

[301] See N. Ali Enterprises Plea Agreement; 21st Century Distribution Plea Agreement.

[302] Press Release, U.S. Atty’s Office for the E.D. of Ca., Corporate President Sentenced to Prison for Multimillion Dollar California Excise Tax Scheme (Aug. 1, 2024), https://www.justice.gov/usao-edca/pr/corporate-president-sentenced-prison-multimillion-dollar-california-excise-tax-scheme.

[303] See N. Ali Enterprises Plea Agreement; 21st Century Distribution Plea Agreement.

[304] Press Release, DOJ, Long Island Construction Company Pleads Guilty to Worker Safety Violation Causing Death of an Employee (Jan. 5, 2024), https://www.justice.gov/opa/pr/long-island-construction-company-pleads-guilty-worker-safety-violation-causing-death.

[305] Id.

[306] Id.

[307] Id.

[308] Plea Agreement, United States v. Peticub Pharmacy Corp., No. 2:23-cr-00375-DMG-2 (C.D. Cal. Mar. 11, 2024), ECF No. 47 (“Peticub Plea Agreement”).

[309] See Peticub Plea Agreement; Sentencing Memorandum, United States v. Shaoulian, et al., No. 2:23-cr-00375-DMG-2 (C.D. Cal. Jul.17, 2024).

[310] Peticub Plea Agreement at 3.

[311] Judgment and Commitment Order, United States v. Peticub Pharmacy Corp., No. 2:23-cr-00375-DMG-2 (C.D. Cal. Aug. 7, 2024).

[312] Plea Agreement, United States v. Prive Overseas Marine, LLC and Prive Shipping Denizcilik Ticaret, A.S., No. 2:24-CR-00074 (E.D. La., May 21, 2024).

[313] Criminal Information at 5, United States v. Prive Overseas Marine, LLC and Prive Shipping Denizcilik Ticaret, A.S., No. 2:24-CR-00074 (E.D. La., Apr. 1, 2024).

[314] Id. at 7, 8.

[315] Judgment, United States v. Prive Overseas Marine, LLC and Prive Shipping Denizcilik Ticaret, A.S., No. 2:24-CR-00074 (E.D. La., Oct. 1, 2024).

[316] Id.

[317] Letter from DOJ regarding Proterial Cable America, Inc. (f/k/a Hitachi Cable America Inc.) (Apr. 12, 2024), https://www.justice.gov/criminal/media/1348111/dl?inline.

[318] Id.

[319] Id.

[320] Plea Agreement, United States v. Q Link Wireless, LLC, No. 24-cr-20363 (S.D. Fla. Oct. 15, 2024) (“Q Link Plea Agreement”).

[321] Information, United States v. Q Link Wireless, LLC, No. 24-cr-20363 (S.D. Fla. Aug. 22, 2024).

[322] Id.

[323] Q Link Plea Agreement at 3.

[324] Q Link Plea Agreement at 5

[325] Plea Agreement, United States v. Quality Poultry and Seafood, Inc., No. 1:24-cr-00089 (S.D. Miss. Aug. 27, 2024), ECF No. 15.

[326] Press Release, DOJ, United States v. Quality Poultry and Seafood, et al. (Sept. 3, 2024), https://www.justice.gov/enrd/case/united-states-v-quality-poultry-and-seafood-et-al. (“QPS Press Release”).

[327] QPS Press Release.

[328] Judgment, United States v. Quality Poultry and Seafood, Inc., No. 1:24-cr-00089 (S.D. Miss. Dec. 17, 2024), ECF No. 21.

[329] Id.

[330] DPA, United States v. Raytheon Company, No. 1:24-cr-10319-NMG (D. Mass. Oct. 16, 2024) (“Raytheon D. Mass. DPA”); DPA, United States v. Raytheon Company, No. 1:24-cr-00399-RER (E.D.N.Y. Oct. 16, 2024) (“Raytheon E.D.N.Y. DPA”); Order Instituting Cease-and-Desist Proceedings, In the matter of RTX Corp., Exchange Act Release No. 101353 (Oct. 16, 2024).

[331] Order Instituting Cease-and-Desist Proceedings, In the matter of RTX Corp., Exchange Act Release No. 101353 (Oct. 16, 2024).

[332] Settlement Agreement (Oct. 16, 2024), available at https://www.justice.gov/opa/pr/raytheon-company-pay-over-950m-connection-defective-pricing-foreign-bribery-and-export.

[333] Raytheon D. Mass DPA; Raytheon E.D.N.Y. DPA.

[334] See Plea Agreement, United States of America v. RKB Handyman Services, Inc., No. 24-cr-00109 (June 21, 2024).

[335] See Information, United States of America v. RKB Handyman Services, Inc., No. 24-cr-00109 (E.D. Pa. Mar. 20, 2024); Guilty Plea Memorandum, United States of America v. RKB Handyman Services, Inc., No. 24-cr-00109 (E.D. Pa. June 21, 2024).

[336] See id.

[337] See Judgment, United States of America v. RKB Handyman Services, Inc., No. 24-cr-00109 (E.D. Pa. June 21, 2024).

[338] Deferred Prosecution Agreement, United States of America vs. SAP SE, 1:23-cr-00202 (E.D. Va. Jan. 10, 2024), available at https://www.justice.gov/opa/media/1332661/dl?inline.

[339] Id. at 4-6.

[340] Id. at 7.

[341] Id. at 7-8.

[342] Order Instituting Cease-and-Desist Proceedings, In the matter of SAP SE, Exchange Act Release No. 99308 (Jan. 10, 2024).

[343] Plea Agreement, United States v. Satori Recovery Center LLC, 8:24-cr-00106-DMG (C.D. Cal. Sept. 5, 2024).

[344] Id.

[345] Id.

[346] ECF No. 9, Plea Agreement, United States v. Siemens Energy, Inc., No. 3:24-cr-141 (E.D. Va. Sept. 30, 2024) (“Siemens Plea Agreement”).

[347] Press Release, DOJ, Siemens Energy, Inc. pleads guilty to stealing confidential competitor information in $104M resolution after former corporate executive and others were sentenced (Sept. 30, 2024), https://www.justice.gov/usao-edva/pr/siemens-energy-inc-pleads-guilty-stealing-confidential-competitor-information-104m (“Siemens Press Release”).

[348] Siemens Press Release.

[349] Siemens Plea Agreement at 3, 5-6.

[350] Judgment as to Siemens, United States v. Siemens Energy Inc., No. 3:24-cr-00141-DJN (E.D. Va. Dec. 5, 2024), ECF No. 24.

[351] Siemens Press Release.

[352] Plea Agreement, United States v. Star Enterprises, 24-CR-00039 (D.P.R. February 14, 2024).

[353] Id.

[354] See id.

[355] Judgment, United States v. Star Enterprises Inc., 24-CR-00039 (D.P.R. July 2, 2024).

[356] Plea Agreement, United States v. Taaj Services US LLC, No. 3:24-cr-01322-BAS (C.D. Cal. May 20, 2024).

[357] Id.

[358] Id. at 3.

[359] Id.; see Press Release, U.S. Atty.’s Office for the S.D. of Cal., Money Transmitting Business Pleads Guilty to Failing to Report Transactions; Agrees to Forfeit $700,000 (Jun. 26, 2024), https://www.justice.gov/usao-sdca/pr/money-transmitting-business-pleads-guilty-failing-report-transactions-agrees-forfeit.

[360] Plea Agreement, United States v. TD Bank, N.A., No. 2:24-cr-00667-ES (D.N.J. Oct. 10, 2024) (“TDBNA Plea Agreement”); Plea Agreement, United States v. TD Bank US Holding Company, No. 2:24-cr-00668-ES (D.N.J. Oct. 10, 2024) (“TDBUSH Plea Agreement”).

[361] Press Release, DOJ, TD Bank Pleads Guilty to Bank Secrecy Act and Money Laundering Conspiracy Violations in $1.8B Resolution (Oct. 10, 2024), https://www.justice.gov/opa/pr/td-bank-pleads-guilty-bank-secrecy-act-and-money-laundering-conspiracy-violations-18b (“TD Bank Press Release”).

[362] TDBNA Plea Agreement at 2; TDBUSH Plea Agreement at 2.

[363] Id.

[364] Id.

[365] TD Bank Press Release.

[366] TDBUSH Plea Agreement at 21.

[367] Deferred Prosecution Agreement, United States v. TD Securities (USA) LLC, No. 2:24-cr-00623 (D.N.J. Sept. 30, 2024) (“TD Securities DPA”).

[368] See Press Release, DOJ, TD Securities to Pay $15.5M in Connection with Scheme to Defraud U.S. Treasuries Markets (Sept. 30, 2024), https://www.justice.gov/opa/pr/td-securities-pay-155m-connection-scheme-defraud-us-treasuries-markets (“TD Securities Press Release”); Order Instituting Cease-and-Desist Proceedings, In the matter of TD Securities (USA) LLC, Exchange Act Release No. 101221 (Sept. 30, 2024).

[369] TD Securities DPA at 34-35.

[370] TD Securities Press Release.

[371] TD Securities DPA at 6.

[372] TD Securities DPA at 4.

[373] TD Securities DPA at 5.

[374] See DPA, United States v. Telefónica Venezolana C.A., No. 1:24-cr-00633-DEH-1 (S.D.N.Y. Nov. 8, 2024), https://www.justice.gov/media/1376656/dl (“Telefónica Venezolana DPA”).

[375] Press Release, DOJ, Telefónica Venezolana to Pay Over $85M to Resolve Foreign Bribery Investigation (Nov. 8, 2024), https://www.justice.gov/opa/pr/telefonica-venezolana-pay-over-85m-resolve-foreign-bribery-investigation.

[376] Telefónica Venezolana DPA at 10.

[377] Id. at 7–8, 12–13.

[378] Plea Agreement, United States v. Tip the Scale, LLC, No. 3:24-cr-05103-BHS (W.D.Wa. June 13, 2024) (“TIP Plea Agreement”).

[379] Id.; Press Release, DOJ, Tacoma Company Pleads Guilty and Sentenced for False Declarations on Timber Imports (June 14, 2024), https://www.justice.gov/opa/pr/tacoma-company-pleads-guilty-and-sentenced-false-declarations-timber-imports

[380] TIP Plea Agreement

[381] Id., Attach. A.

[382] Judgment, United States v. Tip the Scale, LLC, No. 3:24-cr-05103-BHS (W.D.Wa. June 13, 2024).

[383] Press Release, DOJ, Texas Petrochemical Company Pleads Guilty to Clean Air Act Violation and Fined More than $30 Million in Criminal Fines and Civil Penalties Related to Explosions at Its Facility in Port Neches (May 21, 2024), https://www.justice.gov/opa/pr/texas-petrochemical-company-pleads-guilty-clean-air-act-violation-and-fined-more-30-million (“TPC Press Release”).

[384] Criminal Information at 1, 3–4, United States v. TPC Group LLC, No. 1:24-CR-00039 (E.D. Tex Apr. 30, 2024).

[385] TPC Press Release; Sentencing Memorandum, United States v. TPC Group LLC, No. 1:24-CR-00039 (E.D. Tex. Oct. 3, 2024).

[386] Oral Order, United States v. TPC Group LLC, No. 1:24-CR-00039 (E.D. Tex Jan. 10, 2025).

[387] Press Release, Tex. Att’y Gen., Attorney General Ken Paxton Secures Over $100 Million in Environmental Penalties From Company Responsible for 2019 Chemical Manufacturing Plant Explosion, Attorney General of Texas (Nov. 22, 2024), https://www.texasattorneygeneral.gov/news/releases/attorney-general-ken-paxton-secures-over-100-million-environmental-penalties-company-responsible.

[388] Id.; Kayla Guo, Texas Reaches $12.6 Million Settlement in Connection with 2019 Port Neches Chemical Plant Explosion, Tex. Trib. (Nov. 22, 2024), https://www.texastribune.org/2024/11/22/texas-port-neches-plant-explosion-settlement/.

[389] TPC Press Release.

[390] Plea Agreement at 1, 7, Attachment A at 1, United States v. Trafigura Beheer B.V., No. 1:23-cr-20476-KMW (S.D. Fla. Mar. 28, 2024).

[391] Id., Attachment A at 4.

[392] Id. at 19–20.

[393] Id. at 19.

[394] Id. at 6, 8, Attachment D.

[395] Plea Agreement at 2, 6, United States v. Tribar Technologies, LLC, No. 2:24-cr-20552 (E.D. Mich. Dec. 18, 2024).

[396] Id. at 1.

[397] Id. at 6, 8–9.

[398] Id. at 1–2, App’x A.

[399] Id. at 16.

[400] Plea Agreement at 1–2, 4, United States v. Valley Processing Inc., No. 1:22-cr-02097-SAB (E.D. Wa. Dec. 17, 2024).

[401] Id. at 12–19.

[402] Id. at 17.

[403] Press Release, DOJ, Fruit Juice Manufacturing Company and Its Former President Plead Guilty to Food Safety Crimes (Dec. 19, 2024), www.justice.gov/opa/pr/fruit-juice-manufacturing-company-and-its-former-president-plead-guilty-food-safety-crimes (“VPI Press Release”).

[404] Id.; Plea Agreement at 30–31.

[405] VPI Press Release.

[406] Plea Agreement at 1, United States v. Valley Property Partners LLC, No. 3:24-CR-00117-ARS (D.N.D. Aug. 30, 2024) (“VPP Plea Agreement”).

[407] Id. at 2; Press Release, DOJ, Moorhead, Minnesota, Real Estate Company Sentenced for Failing to Provide Lead-Based Paint Disclosure (Dec. 3, 2024), https://www.justice.gov/usao-nd/pr/moorhead-minnesota-real-estate-company-sentenced-failing-provide-lead-based-paint (“VPP Press Release”).

[408] VPP Plea Agreement at 2.

[409] Id. at 1, 7–8.

[410] VPP Press Release.

[411] Plea Agreement at 1, United States v. Vitamin Shack and Shakes, LLC, No. 4:23-CR-00195 (S.D. Tex. Dec. 6, 2024).

[412] Id.

[413] Id. at 6-7.

[414] Id. at 2, 9.

[415] Id. at 10.

[416] Id. at 9.

[417] Plea Agreement at 1–2, United States v. Vulto Creamery LLC, No. 3:24-CR-62 (N.D.N.Y Mar. 5, 2024).

[418] Id. at 6–9; Criminal Information, United States v. Vulto Creamery LLC, No. 3:24-CR-62 (N.D.N.Y Jan. 30, 2024).

[419] Id. at 5-9.

[420] Id. at 9.

[421] Id.

[422] Judgment, United States v. Vulto Creamery LLC, No. 3:24-CR-62 (N.D.N.Y Jul. 17, 2024).

[423] Plea Agreement, United States v. Western Sea, Inc., No. 22-CR-00012 (D. Me. Mar. 11, 2024).

[424] Indictment, United States v. Western Sea, Inc., No. 22-CR-00012 (D. Me. Mar. 11, 2024).

[425] Id.; Press Release, DOJ, Sentences Handed Down for Multi-Year Scheme to Subvert Commercial Fishing Regulations (July 11, 2024), https://www.justice.gov/usao-me/pr/sentences-handed-down-multi-year-scheme-subvert-commercial-fishing-regulations.

[426] Judgment, United States v. Western Sea, Inc., No. 22-CR-00012 (D. Me. Mar. 11, 2024).

[427] NPA, Wynn Las Vegas (S.D. Cal. Sept, 6, 2024) (“Wynn NPA”); see also Wynn Resorts, Ltd., Current Report (Form 8-K) (Sept. 6, 2024), https://wynnresortslimited.gcs-web.com/static-files/c71048b4-e1db-4f80-883f-fa1771e833a4.

[428] See Wynn NPA, Attachment A at iii.

[429] Wynn NPA at 1–2.

[430] Wynn NPA, Attachment B at i.

[431] See Press Release, DOJ, Wynn Las Vegas Forfeits $130 Million for Illegally Conspiring with Unlicensed Money Transmitting Businesses (Sept. 6, 2024), https://www.justice.gov/usao-sdca/pr/wynn-las-vegas-forfeits-130-million-illegally-conspiring-unlicensed-money-transmitting.

[432] Plea Agreement, United States v. Easter, No. 4:24-CR-00626-SEP (E.D. Mo. Dec. 4, 2024), ECF No. 10 (All Out Diesel, LLC), ECF No. 9 (Joseph Easter).

[433] Id. at 2.

[434] Id. at 3.

[435] Id. at 5–6.

[436] Scheduling Order, United States v. Easter, No. 4:24-CR-00626-SEP, ECF No. 6 (E.D. Mo. Dec. 4, 2024).

[437] Plea Agreement, United States v. Clancy Logistics, Inc., No. 3:24-cr-00344-AN-1 (D. Or. Sept. 18, 2024), ECF No. 14 (“Clancy Logistics Plea Agreement”).

[438] Id. at 3–4.

[439] Id. at 4.

[440] Clancy Logistics Plea Agreement, Attachment A, at 2.

[441] Clancy Logistics Plea Agreement at 4.

[442] Plea Agreement, United States v. Clancy Logistics, No. 3:24-cr-00344-AN-2 (D. Or. Sept. 18, 2024), ECF No. 16 (“Timothy Clancy Plea Agreement”).

[443] Clancy Logistics Plea Agreement, Attachment A, at 2.

[444] Scheduling Order, United States v. Clancy Logistics, Inc., No. 3:24-cr-00344-AN-1 (D. Or. Jan. 8, 2025), ECF No. 19.

[445] Plea Agreement, United States v. Diesel & Offroad Authority, LLC, 6:24-cr-00092-MC (D. Or. Apr. 10, 2024), ECF No. 16.

[446] Id. at 2–3.

[447] Id. at 3.

[448] Id.

[449] Judgment, United States v. Diesel & Offroad Authority, LLC, No. 6:24-cr-00092-MC (D. Or. Sept. 6, 2024), ECF No. 32.

[450] Plea Agreement, United States v. Elite Diesel Service, Inc., No. 24-cr-00118 (D. Colo. June 12, 2024), ECF No. 21.

[451] Id. at 5.

[452] Id. at 8–10.

[453] Judgment at 6, United States v. Elite Diesel Service, Inc., No. 24-cr-00118 (D. Colo. Dec. 16, 2024), ECF No. 54 (“Elite Diesel Judgment”).

[454] Elite Diesel Judgment at 6; Press Release, DOJ, Windsor, Colorado Business Owner and Company Sentenced for Conspiring to Delete Emissions Controls on Hundreds of Heavy Duty Diesel Trucks in Violation of the Clean Air Act (Dec. 9, 2024), https://www.justice.gov/usao-co/pr/windsor-colorado-business-owner-and-company-sentenced-conspiring-delete-emissions.

[455] Plea Agreement, Attachments B & C, United States v. Elite Diesel Service, Inc., No. 24-cr-00118 (D. Colo. June 12, 2024), ECF No. 21.

[456] Plea Agreement, United States v. Frock Brothers Trucking, Inc., No. 24-cr-00250-JKM, ECF No. 8 (D. Pa. Oct. 1, 2024) (“Frock Amended Plea Agreement”).

[457] Information at 6–7, United States v. Frock Brothers Trucking, Inc., No. 24-cr-00250-JKM (M.D. Pa. Sept. 19, 2024), ECF No. 1.

[458] Frock Amended Plea Agreement at 9.

[459] Id. at 5.

[460] Rescheduling Order, United States v. Frock Brothers Trucking, Inc., No. 24-CR-00250-JKM (M.D. Pa. Jan. 2, 2025), ECF No. 18.

[461] Plea Agreement as to Hardway Solutions LLC, United States v. Turlak, No. 2:24-cr-00057-TOR-06 (E.D. Wash. Oct. 24, 2024), ECF No. 78 (“Hardway Solutions Plea Agreement”).

[462] Plea Agreement as to Spokane Truck Service LLC, United States v. Turlak, No. 2:24-cr-00057-TOR-3 (E.D. Wash. Dec. 12, 2024), ECF No. 84 (“Spokane Truck Service Plea Agreement”); Plea Agreement as to Pauls Trans LLC, United States v. Turlak, No. 2:24-cr-00057-TOR-4 (E.D. Wash. Dec. 12, 2024), ECF No. 85 (“Pauls Trans Plea Agreement”); Plea Agreement as to PT Express LLC, United States v. Turlak, No. 2:24-cr-00057-TOR-2 (E.D. Wash. Dec. 12, 2024), ECF No. 86 (“PT Express Plea Agreement”); Plea Agreement, United States v. Turlak, No. 2:24-cr-00057-TOR-1, ECF No. 83 (E.D. Wash. Dec. 12, 2024) (“Ivanovich Plea Agreement”).

[463] E.g., Hardway Solutions Plea Agreement at 16; Spokane Truck Service Plea Agreement at 13; Pauls Trans Plea Agreement at 11; PT Express Plea Agreement at 14.

[464] See Spokane Truck Service Plea Agreement at 14–15; Pauls Trans Plea Agreement at 11–12; PT Express Plea Agreement at 14–15.

[465] Hardway Solutions Plea Agreement at 17; Spokane Truck Service Plea Agreement at 16–17; Pauls Trans Plea Agreement at 14; PT Express Plea Agreement at 17.

[466] Hardway Solutions Plea Agreement at 18, Attachment A at 2; Spokane Truck Service Plea Agreement at 20, Attachment A at 2; Pauls Trans Plea Agreement at 17–18, Attachment A at 2; PT Express Plea Agreement at 21, Attachment A at 2.

[467] Hardway Solutions Plea Agreement, Attachment A at 2; Spokane Truck Service Plea Agreement Attachment A at 2; Pauls Trans Plea Agreement, Attachment A at 2; PT Express Plea Agreement, Attachment A at 2.

[468] Spokane Truck Service Plea Agreement at 18; Pauls Trans Plea Agreement at 15; PT Express Plea Agreement at 19; Ivanovich Plea Agreement at 26.

[469] Judgment at 2, 4, United States v. Turlak, No. 2:24-cr-00057-TOR (E.D. Wash. Jan. 22, 2025), ECF No. 106.

[470] Order Accepting Guilty Plea and Setting Sentencing as to Spokane Truck Service LLC, United States v. Turlak, No. 2:24-cr-00057-TOR (E.D. Wash. Dec. 12, 2024), ECF No. 84; id. at ECF No. 85 (Order as to Pauls Trans LLC); id. at ECF No. 86 (Order as to PT Express LLC).

[471] Plea Agreement at 1, United States v. Highway & Heavy Parts, LLC, No. 1:24-cr-00124-MAD (N.D.N.Y. Aug. 16, 2024), ECF No. 29 (“HHP Plea Agreement”); see also Judgment, United States v. Highway & Heavy Parts, LLC, No. 1:24-cr-00124-MAD (N.D.N.Y. Dec. 3, 2024), ECF No. 38 (“HHP Judgment”).

[472] HHP Plea Agreement at 4–6.

[473] Id.

[474] Id. at 6.

[475] HHP Judgment at 2.

[476] Id.

[477] Plea Agreement, United States v. Offringa, No. 1:24-cr-124-MAD, ECF No. 31 at 1–3 (N.D.N.Y Sept. 17, 2024).

[478] See Judgment at 2–3, United States v. DAIM Logistics, Inc., No. 1:21-cr-00016-MAD (N.D.N.Y. Nov. 8, 2024), ECF No. 44; Plea Agreement at 2–3, United States v. DAIM Logistics, Inc., No. 1:21-cr-00016-MAD (N.D.N.Y. Aug. 19, 2021), ECF No. 7.

[479] Plea Agreement, United States vs. Moody Motor Co., Inc., No. 8:24-CR-00043-SMB, ECF No. 11 (D. Neb. April 1, 2024).

[480] Id. at 6.

[481] Id.

[482] Id.

[483] Judgment, United States vs. Moody Motor Co., Inc., No. 8:24-CR-00043-SMB, ECF No. 26 at 3, 5–6 (D. Neb. Jul. 31, 2024).

[484] Plea Agreement, United States v. Racing Performance Northwest LLC, No. 21-cr-5184-BHS (W.D. Wash. March 18, 2024) (“Racing Performance Plea Agreement”); Plea Agreement, United States v. RPM Motors and Sales LLC, No. 21-cr-5148-BHS (W.D. Wash. March 18, 2024) (“RPM Sales Plea Agreement”).

[485] Racing Performance Plea Agreement at 5-7; RPM Sales Plea Agreement at 5-7.

[486] Racing Performance Plea Agreement at 2; RPM Sales Plea Agreement at 2.

[487] See Racing Performance Plea Agreement & RPM Sales Plea Agreement.

[488] Second Superseding Indictment, United States v. Coiteux et al., No. 21-cr-5184-BHS (W.D. Wash. Jan. 24, 2024).

[489] Minute Entry for Sentencing, ECF No. 248, United States v. Coiteux et al., No. 21-cr-5184-BHS (W.D. Wash. Jan. 13, 2025).

[490] Plea Agreement, United States v. Rudy’s Performance Parts, Inc., No. 1:24-cr-00336-TNM (D.D.C. Sept. 10, 2024).

[491] Id. at 2.

[492] Id.

[493] Consent Decree, United States v. Rudy’s Performance Parts, Inc., No. 1:22-cv-00495-TDS-LPA (M.D.N.C. Nov. 1, 2024), ECF No. 84; see Press Release, DOJ, North Carolina Auto Parts Seller and Its Owner to Pay $10M for Making, Selling and Installing Emissions Defeat Devices on Motor Vehicles

(Sept. 10, 2024), https://www.justice.gov/opa/pr/north-carolina-auto-parts-seller-and-its-owner-pay-10m-making-selling-and-installing.

[494] Id.

[495] Serious Fraud Office, News Release, Güralp Sytems Ltd (Nov. 29, 2024) https://www.gov.uk/sfo-cases/guralp-sytems-ltd.

[496] Press Release, Serious Fraud Office, Three Individuals Acquitted as SFO Confirms DPA with Güralp Systems Ltd (Dec. 20, 2019), https://www.sfo.gov.uk/2019/12/20/three-individuals-acquittedas-sfo-confirms-dpa-with-guralp-systems-ltd/.

[497] Approved Judgment, In the Matter of s.45 of the Crime and Courts Act 2013 between Serious Fraud Office and Güralp Systems Limited (Oct. 22, 2019), ¶ 39-40.

[498] Cour d’appel [regional court of appeal] Orléans, SARL Gudno Ordonnance de Validation d’une Convention Judiciaire d’Intérêt Public, May 17, 2024, 20161/70, https://www.justice.gouv.fr/sites/default/files/2024-05/CJIP_GUDNO_OV_20240517.pdf.

[499] La Société Sotec Convention Judiciaire d’Intérêt Public, July 8, 2024, https://www.justice.gouv.fr/sites/default/files/2024-07/CJIP_SOTEC_20240708_.pdf (“Sotec CJIP”); Cour d’appel [regional court of appeal] Paris, La Société Sotec Ordonnance de Validation d’Une Convention Judiciaire D’Intérêt Public, July 10, 2024, 07176092030/82-2024, https://www.justice.gouv.fr/sites/default/files/2024-07/CJIP_SOTEC_OV_20240710.pdf.

[500] L’entreprise gabonaise Sotec paye en France une amende de 500 000 euros pour corruption, RFI (Nov. 7, 2024), https://www.rfi.fr/fr/afrique/20240711-l-entreprise-gabonaise-sotec-paye-en-france-une-amende-de-500-000-euros-pour-corruption.

[501] Sotec CJIP.

[502] Id.

[503] Tribunal Judiciaire de Paris, News Release (July 23, 2024), https://www.tribunal-de-paris.justice.fr/sites/default/files/2024-07/2024-07-22%20-%20CP%20CJIP%20SOTEC.pdf

[504] Sotec CJIP.

[505] Danske Bank A/S Convention judiciaire d’intérêt public (Aug. 27, 2024), https://www.justice.gouv.fr/sites/default/files/2024-09/CJIP_DANSKE_BANK_AS_20240827.pdf (“Danske Bank CJIP”)

[506] Press Release, DOJ, Danske Bank Pleads Guilty to Fraud on U.S. Banks in Multi-Billion Dollar Scheme to Access the U.S. Financial System (Dec. 13, 2022), https://www.justice.gov/opa/pr/danske-bank-pleads-guilty-fraud-us-banks-multi-billion-dollar-scheme-access-us-financial.

[507] Danske Bank CJIP.

[508] Cour d’appel [regional court of appeal] Paris, Ordonnance de validation d’une convention judiciare d’intérêt public, Sept. 18, 2024, 14050000347/106-2024, https://www.justice.gouv.fr/sites/default/files/2024-09/CJIP_DANSKE_BANK_AS_OV_20240918.pdf. See News Release, Ministère de la Justice (Sept. 18, 2024), https://files.lbr.cloud/public/2024-09/240918_CP%20CJIP%20Danske%20Bank%20-%20VD.pdf?VersionId=tmuUvOlaLT2wJfDqNT.KRRGvGyIkAIQk.

[509] Id.

[516] Cour d’appel [regional court of appeal] Paris, Ordonnance de validation d’une convention judiciaire d’intérêt public, Dec. 9. 2024, 14107000071/167-2024, https://www.justice.gouv.fr/sites/default/files/2024-12/CJIP_AREVA_%20ORANO_OV_20241209.pdf.

[517] Areva SA and Orano Mining SAS Convention judiciaire d’intérêt public (Dec. 2, 2024), https://www.justice.gouv.fr/sites/default/files/2024-12/CJIP_AREVA_%20ORANO_20241202.pdf

[518] Id.

[519] Press Release, Ministerio Público Fiscal [Argentina], Luego de dos jornadas consecutivas, finalizó el ‘Diálogo técnico regional sobre responsabilidad de las personas jurídicas por la comisión de hechos de corrupción’ (May 9, 2024), https://www.mpf.gob.ar/pia/luego-de-dos-jornadas-consecutivas-finalizo-el-dialogo-tecnico-regional-sobre-responsabilidad-de-las-personas-juridicas-por-la-comision-de-hechos-de-corrupcion/.

[520] Id.

[521] See Ana de Liz, Argentina inches closer to first corporate criminal resolution, Glob. Investigations Rev. (July 4, 2024), https://globalinvestigationsreview.com/article/argentina-inches-closer-first-corporate-criminal-resolution; Mariel Fitz Patrick, Securitas, Kueider, Bordet y las relaciones de poder e irregularidades, Análisis (Dec. 15, 2024), https://www.analisisdigital.com.ar/provinciales/2024/12/15/kueider-por-que-quedo-el-exsenador-implicado-en-el-caso-securitas.

[522] Id.

[523] Id.

[524] Id.

[525] Seatrium in $134 million settlement over Brazil’s Operation Car Wash, Seatrade Mar. News (Feb. 26, 2024), https://www.seatrade-maritime.com/shipyards/seatrium-134-million-settlement-over-brazils-operation-car-wash (“Seatrium Article”).

[526] See Ricardo Brito, Brazil’s Supreme Court confirms decision to annul Lula convictions, Reuters (April 15, 2021), https://www.reuters.com/world/americas/brazils-supreme-court-confirms-decision-annul-lula-convictions-2021-04-15/.

[527] Seatrium Article.

[528] Id.

[529] Press Release, Controladoria-Geral da União [Brazil], Empresa é multada em R$ 2 milhões por comercializar dados do Siscomex [Company fined R$ 2 million for selling Siscomex data] (May 24, 2024), https://www.gov.br/mdic/pt-br/assuntos/noticias/2024/maio/empresa-e-multada-em-r-2-milhoes-por-comercializar-dados-do-siscomex (“CGU Chemtrade Brasil Press Release”).

[530] Id.

[531] Press Release, Controladoria-Geral da União [Brazil], CGU aplica multa a mais uma empresa envolvida na Operação Spy [CGU fines yet another company involved in Operation Spy] (Dec. 22, 2023), https://www.gov.br/cgu/pt-br/assuntos/noticias/2023/12/cgu-aplica-multa-a-mais-uma-empresa-envolvida-na-operacao-spy.

[532] See CGU Chemtrade Brasil Press Release; CGU, Decisão no. 120, processo no. 00190.102408/2022-49, Ministro: Vinícius Marques de Carvalho, 9.8.2024, 69, D.O.U., 10.04.2024, 93, https://www.in.gov.br/web/dou/-/decisao-n-120-de-9-de-agosto-de-2024-553036174.

[533] CGU Chemtrade Brasil Press Release.

[534] Craig Buchan, CGU, AGU fine Freepoint $22.6 million over Petrobras bribery scheme, Glob. Investigations Rev. (Nov. 15, 2024), https://globalinvestigationsreview.com/news-and-features/investigators-guides/brazil/article/cgu-agu-fine-freepoint-over-petrobras-bribery-scheme.

[535] Id.

[536] Deferred Prosecution Agreement, United States v. Freepoint Commodities LLC, No. 3:23-cr-00224 (D. Conn. Dec. 14, 2023), at 6-8 (“Freepoint DPA”), https://www.justice.gov/opa/media/‌1329266‌‌/dl?inline.

[537] Id. at 6; see also Press Release, DOJ, Commodities Trading Company Agrees to Pay Over $98M to Resolve Foreign Bribery Case (Dec. 14, 2023), https://www.justice.gov/opa/pr/commodities-trading-company-agrees-pay-over-98m-resolve-foreign-bribery-case.

[538] Press Release, Controladoria-Geral do Estado de Minas Gerais [Controller-General of the State of Minas Gerais], CGE, AGE e MPMG assinam acordo de leniência com a empresa SAP Brasil Ltda. [CGE, AGE, and MPMG sign leniency agreement with company SAP Brasil Ltda.] (Dec. 5, 2024), https://cge.mg.gov.br/noticias-artigos/1381-cge-age-e-mpmg-assinam-acordo-de-leniencia-com-a-empresa-sap-brasil-ltda?_sm_au_=iVVLWNR2qPL4sMTsFcVTvKQkcK8MG; Press Release, Advocacia-Geral do Estado de Minas Gerais [Attorney General of the State of Minas Gerais], CGE, AGE e MPMG assinam acordo de leniência com a empresa SAP Brasil Ltda. [AGE, CGE, and MPMG sign leniency agreement with company SAP Brasil Ltda.] (Dec. 4, 2024), https://advocaciageral.mg.gov.br/cge-age-e-mpmg-assinam-acordo-de-leniencia-com-a-empresa-sap-brasil-ltda/; Press Release, Ministério Público do Estado de Minas Gerais [Public Prosecutor of the State of Minas Gerais], CGE, AGE e MPMG assinam acordo de leniência com a empresa SAP Brasil Ltda. [AGE, CGE, and MPMG sign leniency agreement with company SAP Brasil Ltda.] (Dec. 4, 2024), https://www.mpmg.mp.br/portal/menu/comunicacao/noticias/mpmg-cge-e-age-celebram-acordo-de-leniencia-com-a-sap-brasil-ltda.shtml.

[539] Associação dos Procuradores do Estado de Minas Gerais [Association of Minas Gerais State Prosecutors], Após 32 rodadas de negociações, a AGE e a CGE celebram Acordo de Leniência com a empresa SAP Brasil Ltda e mais de R$ 66 milhões recuperados [After 32 rounds of negotiation, AGE and CGE enter a Leniency Agreement with company SAP Brasil Ltda and recover more than R$66 million] (Dec. 6, 2024), https://apeminas.org.br/noticias/apos-32-rodadas-de-negociacoes-a-age-e-a-cge-celebram-acordo-de-leniencia-com-a-empresa-sap-brasil-ltda-e-mais-de-r-66-milhoes-recuperados/

[540] Ana de Liz, SAP fined $11m by Brazilian state agency, Glob. Investigations Rev. (Dec. 4, 2024), https://globalinvestigationsreview.com/article/sap-fined-11m-brazillian-state-agency

[541] Corporate ADRM, National Prosecuting Authority of South Africa (April 19, 2024), https://www.npa.gov.za/media/annexure-part-51-corporate-adrm (“Corporate ADRM”).

[542] Alice Johnson, South Africa expands anti-corruption tool kit, Glob. Investigations Rev. (July 25, 2024), https://globalinvestigationsreview.com/article/south-africa-expands-anti-corruption-tool-kit

[543] Corporate ADRM.

The following Gibson Dunn lawyers prepared this client alert: F. Joseph Warin, Stephanie Brooker, M. Kendall Day, Courtney Brown, Melissa Farrar, Bryan Parr, Justin Accomando, Cordelia Achen, Jackson Akselrad, Alex Buettner, Daniel Carvalho, Douglas Colby, Michael Dziuban, Gus Eyler Betsy Goodwin, Sarah Hafeez, Erika Suh Holmberg, Rachel Jackson, Teddy Kristek, Madelyn La France, Hayley Lawrence, Wynne Leahy, Allison Lewis, Jake McGee, Alex Ogren, Sarah Pongrace, David Reck, Kelly Skowera, Shannon Summer, Yixian Sun, Eric Thompson, Lorena Toussaint, Todd Truesdale, Alyse Ullery-Glod, Mike Ulmer, Blair Watler, Robert Blake Watson, and Matt Weiner.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of Gibson Dunn’s White Collar Defense and Investigations or Anti-Corruption and FCPA practice groups:

Washington, D.C.
F. Joseph Warin (+1 202.887.3609, fwarin@gibsondunn.com)
Stephanie Brooker (+1 202.887.3502, sbrooker@gibsondunn.com)
Courtney M. Brown (+1 202.955.8685, cmbrown@gibsondunn.com)
David P. Burns (+1 202.887.3786, dburns@gibsondunn.com)
John W.F. Chesley (+1 202.887.3788, jchesley@gibsondunn.com)
Daniel P. Chung (+1 202.887.3729, dchung@gibsondunn.com)
M. Kendall Day (+1 202.955.8220, kday@gibsondunn.com)
Stuart F. Delery (+1 202.955.8515, sdelery@gibsondunn.com)
Michael S. Diamant (+1 202.887.3604, mdiamant@gibsondunn.com)
Gustav W. Eyler (+1 202.955.8610, geyler@gibsondunn.com)
Melissa Farrar (+1 202.887.3579, mfarrar@gibsondunn.com)
Amy Feagles (+1 202.887.3699, afeagles@gibsondunn.com)
Scott D. Hammond (+1 202.887.3684, shammond@gibsondunn.com)
George J. Hazel (+1 202.887.3674, ghazel@gibsondunn.com)
Jake M. Shields (+1 202.955.8201, jmshields@gibsondunn.com)
Adam M. Smith (+1 202.887.3547, asmith@gibsondunn.com)
Patrick F. Stokes (+1 202.955.8504, pstokes@gibsondunn.com)
Oleh Vretsona (+1 202.887.3779, ovretsona@gibsondunn.com)
David C. Ware (+1 202.887.3652, dware@gibsondunn.com)
Ella Alves Capone (+1 202.887.3511, ecapone@gibsondunn.com)
Lora Elizabeth MacDonald (+1 202.887.3738, lmacdonald@gibsondunn.com)
Bryan Parr (+1 202.777.9560, bparr@gibsondunn.com)
Nicole Lee (+1 202.887.3717, nlee@gibsondunn.com)
Pedro G. Soto (+1 202.955.8661, psoto@gibsondunn.com)

New York
Zainab N. Ahmad (+1 212.351.2609, zahmad@gibsondunn.com)
Barry H. Berke (+1 212.351.3860, bberke@gibsondunn.com)
Reed Brodsky (+1 212.351.5334, rbrodsky@gibsondunn.com)
Mylan L. Denerstein (+1 212.351.3850, mdenerstein@gibsondunn.com)
Jordan Estes (+1 212.351.3906, jestes@gibsondunn.com)
Dani R. James (+1 212.351.3880, djames@gibsondunn.com)
Darren LaVerne (+1 212.351.3936, dlaverne@gibsondunn.com)
Michael Martinez (+1 212.351.4076, mmartinez2@gibsondunn.com)
Osman Nawaz (+1 212.351.3940, onawaz@gibsondunn.com)
Karin Portlock (+1 212.351.2666, kportlock@gibsondunn.com)
Mark K. Schonfeld (+1 212.351.2433, mschonfeld@gibsondunn.com)
Orin Snyder (+1 212.351.2400, osnyder@gibsondunn.com)

Dallas
David Woodcock (+1 214.698.3211, dwoodcock@gibsondunn.com)

Denver
Ryan T. Bergsieker (+1 303.298.5774, rbergsieker@gibsondunn.com)
Robert C. Blume (+1 303.298.5758, rblume@gibsondunn.com)
John D.W. Partridge (+1 303.298.5931, jpartridge@gibsondunn.com)
Laura M. Sturges (+1 303.298.5929, lsturges@gibsondunn.com)

Houston
Gregg J. Costa (+1 346.718.6649, gcosta@gibsondunn.com)

Los Angeles
Michael H. Dore (+1 213.229.7652, mdore@gibsondunn.com)
Michael M. Farhang (+1 213.229.7005, mfarhang@gibsondunn.com)
Diana M. Feinstein (+1 213.229.7351, dfeinstein@gibsondunn.com)
Douglas Fuchs (+1 213.229.7605, dfuchs@gibsondunn.com)
Nicola T. Hanna (+1 213.229.7269, nhanna@gibsondunn.com)
Poonam G. Kumar (+1 213.229.7554, pkumar@gibsondunn.com)
Marcellus McRae (+1 213.229.7675, mmcrae@gibsondunn.com)
Eric D. Vandevelde (+1 213.229.7186, evandevelde@gibsondunn.com)
Debra Wong Yang (+1 213.229.7472, dwongyang@gibsondunn.com)

San Francisco
Winston Y. Chan (+1 415.393.8362, wchan@gibsondunn.com)
Charles J. Stevens (+1 415.393.8391, cstevens@gibsondunn.com)

Palo Alto
Benjamin Wagner (+1 650.849.5395, bwagner@gibsondunn.com)

London
Patrick Doris (+44 20 7071 4276, pdoris@gibsondunn.com)
Sacha Harber-Kelly (+44 20 7071 4205, sharber-kelly@gibsondunn.com)
Michelle Kirschner (+44 20 7071 4212, mkirschner@gibsondunn.com)
Allan Neil (+44 20 7071 4296, aneil@gibsondunn.com)
Philip Rocher (+44 20 7071 4202, procher@gibsondunn.com)

Paris
Benoît Fleury (+33 1 56 43 13 00, bfleury@gibsondunn.com)
Bernard Grinspan (+33 1 56 43 13 00, bgrinspan@gibsondunn.com)

Frankfurt
Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com)

Munich
Kai Gesing (+49 89 189 33 285, kgesing@gibsondunn.com)
Katharina Humphrey (+49 89 189 33 155, khumphrey@gibsondunn.com)
Benno Schwarz (+49 89 189 33 110, bschwarz@gibsondunn.com)

Hong Kong
Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com)

Singapore
Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com)
Karthik Ashwin Thiagarajan (+65 6507 3636, kthiagarajan@gibsondunn.com)

Upon her swearing in, Attorney General Pamela Bondi issued a flurry of memoranda seeking to deploy Department of Justice enforcement resources in service of the Trump Administration’s priorities. AG Bondi issued 14 memoranda in total; we survey them below, focusing on those that should be of greatest interest to corporate clients and white collar practitioners.

On their face, the memoranda herald a seismic shift in enforcement priorities for the next four years. AG Bondi has directed Departmental resources toward immigration enforcement, prosecution of human trafficking and smuggling, and disruption of criminal gangs and drug cartels, and away from prior corporate enforcement priorities such as Foreign Corrupt Practices Act (“FCPA”) and Foreign Agents Registration Act (“FARA”) prosecutions against corporations and lobbyists, respectively. In addition, the directives announced the disbanding of three kleptocracy-related programs and the National Security Division’s (“NSD’s”) Corporate Enforcement Unit, along with the elevation of two gang-related Joint Task Forces to the Office of the Attorney General.

The memoranda also indicate a less eye-catching—but nonetheless critical—development: namely, “decentralization” from Main Justice to United States Attorney’s Offices (“USAOs”) of prosecutorial decisions in certain matters. To remove “bureaucratic impediments” to “aggressive” prosecutions of gangs and cartels, AG Bondi has —for now—suspended certain approvals USAOs previously needed from Main Justice components. It is possible that this move could be the first step in a broader reduction of oversight and approvals from Main Justice and a delegation of decision-making authority to local prosecutors, but it is too early to tell just two days into AG Bondi’s tenure.

Significant questions raised by the Attorney General’s memoranda remain, including how profound the changes in DOJ’s enforcement activity ultimately will be, how quickly any such changes will manifest themselves, and whether AG Bondi’s directive that prosecutors seek to bring “the most serious readily provable offense” will offset for corporate defendants the apparent shift in resources away from corporate prosecutions. Notably, the memoranda are forward-looking and remain silent on what to do with pending cases in which DOJ has already invested significant time and resources.

I. The “Total Elimination” Memorandum

For corporate entities, perhaps the most significant memorandum will turn out to be the one calling for a “fundamental change in mindset and approach” to “pursue total elimination” of cartels and transnational criminal organizations (“TCOs”) (emphasis in original). The memorandum seeks to refocus DOJ resources onto cartels and TCOs and to streamline the process of bringing charges against them. To do so, the FCPA Unit and the Money Laundering and Asset Recovery Section (“MLARS”) have been instructed to prioritize cases that relate to cartels and TCOs, with the FCPA Unit directed to shift focus away from cases that lack such a connection. As examples of priority cases, the memorandum cites bribery of foreign officials to facilitate human smuggling or drug trafficking. The memorandum also disbands Task Force KleptoCapture; DOJ’s Kleptocracy Team; and MLARS’s Kleptocracy Asset Recovery Initiative. Attorneys working on those initiatives are to return to their “prior posts.”

It is unclear how much of the FCPA Unit’s “focus” will be redirected towards cartel and TCO-related cases, whether this new “focus” will materially impact already-running FCPA investigations, and whether the FCPA Unit’s corporate enforcement activity will change materially or at the margins. We note that in the coming months, other DOJ sections are likely also to receive guidance instructing them to shift their own priorities, and that the cumulative effect of these shifts may be difficult to predict as a result.

Practitioners should also note that the recent guidance speaks to DOJ’s FCPA enforcement priorities, but the U.S. Securities and Exchange Commission (“SEC”)—which has civil FCPA enforcement authority over U.S. issuers but not private companies—has not yet weighed in. To date, the SEC has not announced any changes to its FCPA enforcement program, although further guidance on that front may be coming. It is possible that in the long run these changes are intended to shift the center of gravity for FCPA enforcement from DOJ to the SEC.

A cautious approach is particularly prudent as the announced changes are—at present—in place for 90 days and subject to renewal. They appear under a section titled “Removing Bureaucratic Impediments to Aggressive Prosecutions,” suggesting that the goal is to increase overall enforcement activity, with a particular focus on cartels and TCOs. The guidance does not necessarily portend an abandonment of corporate FCPA enforcement or a lack of focus on existing FCPA prosecutions and investigations. It is hard to know precisely how the FCPA could fit into an “America First” agenda, but it is worth noting that the majority of major FCPA enforcement actions over the past decade have been of non-U.S. corporations.

The memorandum indicates a clear focus on drug cartels—citing MS-13 and Tren De Aragua. The guidance could encourage prosecutors to use FCPA and related charges more often insofar as they can be marshalled in furtherance of “aggressive” prosecutions of foreign officials who can be tied to TCOs. Investigative activity regarding cartels and TCOs thus could have a spillover effect in the FCPA space. Furthermore, prosecutors may be inclined to take decisive action where bribery is alleged to support—perhaps even indirectly—regimes that facilitate cartel and TCO activity. In this respect, it is worth recalling that Venezuela’s President Nicolas Maduro—whose regime has been the subject of very aggressive FCPA enforcement activity—is himself still under indictment for charges related to corruption and narco-trafficking.

In furtherance of “aggressive” prosecutions, the memorandum sets forth significant (and again, for the moment, temporary) changes to existing processes for charging decisions related to cartels and TCOs. The memorandum suspends approval requirements from Main Justice components before USAOs can proceed with a wide swath of charges, provided those charges are cartel- or TCO-related. For instance, the guidance suspends requirements that NSD approve most terrorism and International Emergency Economic Powers Act (“IEEPA”) charges. Nevertheless, USAOs are still “encouraged” to consult with NSD and the Office of International Affairs and required to provide 24-hour notice of the intention to seek such charges. The guidance likewise suspends the requirement that the FCPA Unit authorize investigations or charges that relate to cartels or TCOs. USAOs are to provide the FCPA Unit with just 24-hours’ notice if they intend to seek FCPA charges, with the FCPA Unit entitled to review charging memoranda but not authorized to require any “new or additional paperwork” from USAOs.

The memorandum also contains a directive for DOJ to advocate for a number of legislative reforms that would make it easier to prosecute conduct associated with the manufacturing and distribution of counterfeit drugs containing fentanyl. These reforms include scheduling certain drugs and broadening provisions of the Controlled Substances Act and Federal Food Drug and Cosmetic Act to “cover manufacturing and other conduct” related to fentanyl, counterfeit pills, and pill-press machines. The sought reforms closely relate to an initiative that DOJ’s Consumer Protection Branch has been advancing related to corporate conduct that facilitates the manufacturing or distribution of counterfeit pills. Relevant to that initiative, the Branch recently stated in a publication that, “given the sharp rise in overdose deaths from counterfeit pills laced with fentanyl, the Branch has broadened its efforts to pursue corporate bad actors facilitating the manufacture, distribution, or sale of counterfeit pills. This includes investigating e-commerce sites and social media platforms that may be allowing traffickers to sell counterfeit pills to teens and young adults. Further, the Branch is investigating companies that may be allowing precursor chemicals and equipment to get into the hands of drug trafficking organizations.” (See the April 2024 Recent Highlights issued by the Consumer Protection Branch.)

II. General Policy Regarding Charging, Plea Negotiations, and Sentencing

In addition to restating some high-level policies on charging, plea bargaining, and sentencing, this memorandum restores a “core principle” of the first Trump Administration that, “in the absence of unusual facts, prosecutors should charge and pursue the most serious, readily provable offense.” Any prosecutorial decision to deviate from this “core principle” must be approved by a U.S. Attorney or Assistant Attorney General (or their designee), with the reasons for the deviation to be documented. The memorandum cites to President Trump’s Executive Order 14147 (Ending the Weaponization of the Federal Government) and instructs that charging decisions must not be influenced by prosecutors’ personal or professional “animosity or careerism.”

The memorandum also instructs that plea bargaining is “governed by the same fundamental considerations” applied in charging decisions, namely pursuing the most serious, readily provable offense. The memorandum directs that prosecutors cannot “abandon pending charges” in favor of a plea that is inconsistent with the “seriousness of the defendant’s conduct at the time the charges were filed.” As to sentencing, the memorandum advises that “[i]n most cases,” sentences within the applicable Sentencing Guidelines will be appropriate.

Finally, the memorandum lists several specific “investigative and charging priorities,” noting that “[f]urther detailed guidance regarding these priorities, and others, will follow.” These “priority” enforcement areas are: (1) immigration enforcement; (2) human trafficking and smuggling; (3) transnational organized crime, cartels, and gangs; (4) protecting law enforcement personnel; (5) shifting resources in NSD; and (6) shifting Bureau of Alcohol, Tobacco and Firearms (“ATF”) resources from alcohol and tobacco-related enforcement programs to “more pressing priorities.” Notably, the FCPA, which was among the Biden Administration’s priorities under its 2021 Strategy on Countering Corruption, is absent from this list.

Of particular note for corporate enforcement are changes at NSD. Citing concerns about “weaponization,” the memorandum instructs that charges under FARA are to be “limited” to “conduct similar to more traditional espionage by foreign government actors.” The memorandum also disbands NSD’s Corporate Enforcement Unit. Although that Unit was already thinly staffed, this directive is consistent with a broader effort to shift enforcement priorities away from corporate investigations and prosecutions.

III. Reinstating the Prohibition on Improper Guidance Documents

AG Bondi moved to reimplement guidance from the first Trump Administration that the Biden Administration had later rescinded. She rescinded former AG Garland’s July 1, 2021 memorandum, Issuance and Use of Guidance Documents by the Department of Justice. That July 2021 memorandum had itself rescinded two DOJ memoranda issued during the first Trump Administration, Prohibition on Improper Guidance Documents (Nov. 16, 2017) and Limiting Use of Agency Guidance Documents in Affirmative Civil Enforcement Cases (Jan. 25, 2018). This move is the latest in a back-and-forth between recent administrations regarding use of DOJ guidance documents.

The memorandum appears to signal the Department’s preparations to rescind memoranda issued under the Biden Administration, which could include, for example, previous guidance on corporate enforcement and compliance.

IV. Reinstating the Prohibition on Improper Third-Party Settlements

As above, AG Bondi moved to restore since-rescinded guidance from the first Trump Administration. AG Bondi rescinded two Biden Administration memoranda related to payments to third parties under DOJ-secured settlements, effectively reimplementing AG Sessions’s June 5, 2017 memorandum, Prohibition on Settlement Payments to Third Parties.

In doing so, the memorandum cites the risk of “improper use of settlements to funnel payments” to third parties, and instructs that, absent special circumstances, settlements—including civil settlements, NPAs, and DPAs—should “not be used to require payments to non-governmental, third-party organizations that were neither victims nor parties” to the proceeding.

V. Other Memoranda and Directives

AG Bondi issued a slate of other memoranda, including documents seeking to implement government-wide Trump Administration priorities such as abolishing Diversity, Equity, and Inclusion (“DEI”) programs and implementing return to work requirements. The memoranda related to DEI programs are the subject of a separate Gibson Dunn client alert.

Restoring the Integrity and Credibility of the Department of Justice: Establishes the Weaponization Working Group to review instances where DOJ’s or other agencies’ actions may have been politically motivated or improper over the last four years. The newly created group will examine various issues, including the conduct of Special Counsel Jack Smith, the Manhattan District Attorney, and the New York Attorney General in targeting President Trump, his family, and businesses. DOJ will update the White House quarterly on the progress of the group’s review.
Ending Illegal DEI and DEIA Discrimination and Preferences: Announces that DOJ’s Civil Rights Division, in line with President Trump’s E.O. 14173, Ending Illegal Discrimination and Restoring Merit-Based Opportunity (Jan. 21, 2025), will “investigate, eliminate, and penalize” DEI programming in private sector and educational institutions that receive federal funds. The memorandum instructs the Civil Rights Division and the Office of Legal Policy to submit a joint memorandum to the Associate Attorney General by March 1, 2025, that contains recommendations on how to accomplish that goal. Notably, this memorandum contemplates proposals for criminal investigations and potential civil compliance investigations of entities with DEI programs.
Eliminating Internal Discriminatory Practices: Instructs all DOJ components to implement the directive of President Trump’s E.O. 14173 by “thoroughly evaluat[ing]” consent decrees, settlement agreements, litigation positions, grants and funding mechanisms, procurements, internal policies and guidance, and contracting arrangements. The memorandum also directs all DOJ components to submit a report to the Attorney General’s Office by March 15, 2025, that details its findings from that evaluation process.
General Policy Regarding Zealous Advocacy on Behalf of the United States: Instructs DOJ attorneys that their responsibilities include “vigorously defending presidential policies and actions against legal challenges on behalf of the United States.” Advises that prosecutorial discretion “does not include latitude to substitute personal political views or judgments for those that prevailed in the election.” The memorandum warns that any attorney who—based on their “personal political views or judgments”—refuses to sign briefs or appear in court, or “otherwise delays or impedes the Department’s mission” will be subject to discipline up to termination.
Return to Full-Time In-Person Work at the Department of Justice: Mandates a return to full-time, in-person work for all DOJ employees by February 24, 2025.
Restoring a Measure of Justice to the Families of Victims of Commuted Murderers: Aims to provide support and justice to families affected by commutations of death sentences and authorizes USAOs to assist local prosecutors in bringing capital cases under state law against those whose federal death sentences were commuted.
Reviving the Federal Death Penalty and Lifting the Moratorium on Federal Executions: Rescinds AG Garland’s Moratorium on Federal Executions Pending Review of Policies and Procedures and instructs that DOJ will instead “swiftly implement[]” death sentences.
Sanctuary Jurisdiction Directives: Addresses policies related to “[s]o-called ‘sanctuary jurisdictions’” and their compliance with federal immigration laws and prohibits DOJ grants to such jurisdictions.
Establishment of Joint Task Force October 7: Establishes Joint Task Force October 7 (“JTF 10-7”) within the Office of the Deputy Attorney General. Supported by related initiatives, JTF 10-7 will focus on “seeking justice for victims of the October 7, 2023, terrorist attack in Israel,” and “combatting antisemitic acts of terrorism and civil rights violations in the homeland.”
Rescinding Environmental Justice Memorandum: Rescinds two Biden Administration memoranda titled Actions to Advance Environmental Justice and Comprehensive Environmental Justice Enforcement Strategy and rescinds “any other” guidance that “implement[s] the prior administration’s ‘environmental justice’ agenda.”

The following Gibson Dunn lawyers prepared this update: F. Joseph Warin, Stephanie Brooker, Stuart Delery, Michael Diamant, Gus Eyler, David Burns, Amy Feagles, Patrick Stokes, Oleh Vretsona, Kendall Day, Winston Chan, Debra Yang Wong, Nicola Hanna, Michael Bopp, Melissa Farrar, David Ware, José Madrid, Bryan Parr, Erika Suh Holmberg, and Michael Jaskiw.

Gibson Dunn’s White Collar Defense and Investigations Practice Group successfully defends corporations and senior corporate executives in a wide range of federal and state investigations and prosecutions, and conducts sensitive internal investigations for leading companies and their boards of directors in almost every business sector. The Group has members across the globe and in every domestic office of the Firm and draws on more than 125 attorneys with deep government experience, including more than 50 former federal and state prosecutors and officials, many of whom served at high levels within the Department of Justice and the Securities and Exchange Commission, as well as former non-U.S. enforcers. Joe Warin, a former federal prosecutor, is co-chair of the Group and served as the U.S. counsel for the compliance monitor for Siemens and as the FCPA compliance monitor for Alliance One International. He previously served as the monitor for Statoil pursuant to a DOJ and SEC enforcement action. He co-authored the seminal law review article on NPAs and DPAs in 2007. M. Kendall Day is a partner in the Group and a former white collar federal prosecutor who spent 15 years at the Department of Justice, rising to the highest career position in the DOJ’s Criminal Division as an Acting Deputy Assistant Attorney General.

Washington, D.C.
F. Joseph Warin (+1 202.887.3609, fwarin@gibsondunn.com)
Stephanie Brooker (+1 202.887.3502, sbrooker@gibsondunn.com)
Courtney M. Brown (+1 202.955.8685, cmbrown@gibsondunn.com)
David P. Burns (+1 202.887.3786, dburns@gibsondunn.com)
John W.F. Chesley (+1 202.887.3788, jchesley@gibsondunn.com)
Daniel P. Chung (+1 202.887.3729, dchung@gibsondunn.com)
M. Kendall Day (+1 202.955.8220, kday@gibsondunn.com)
Stuart F. Delery (+1 202.955.8515, sdelery@gibsondunn.com)
Michael S. Diamant (+1 202.887.3604, mdiamant@gibsondunn.com)
Gustav W. Eyler (+1 202.955.8610, geyler@gibsondunn.com)
Melissa Farrar (+1 202.887.3579, mfarrar@gibsondunn.com)
Amy Feagles (+1 202.887.3699, afeagles@gibsondunn.com)
Scott D. Hammond (+1 202.887.3684, shammond@gibsondunn.com)
George J. Hazel (+1 202.887.3674, ghazel@gibsondunn.com)
Adam M. Smith (+1 202.887.3547, asmith@gibsondunn.com)
Patrick F. Stokes (+1 202.955.8504, pstokes@gibsondunn.com)
Oleh Vretsona (+1 202.887.3779, ovretsona@gibsondunn.com)
David C. Ware (+1 202.887.3652, dware@gibsondunn.com)
Ella Alves Capone (+1 202.887.3511, ecapone@gibsondunn.com)
Lora Elizabeth MacDonald (+1 202.887.3738, lmacdonald@gibsondunn.com)
Bryan Parr (+1 202.777.9560, bparr@gibsondunn.com)
Nicole Lee (+1 202.887.3717, nlee@gibsondunn.com)
Pedro G. Soto (+1 202.955.8661, psoto@gibsondunn.com)

Dallas
David Woodcock (+1 214.698.3211, dwoodcock@gibsondunn.com)

Houston
Gregg J. Costa (+1 346.718.6649, gcosta@gibsondunn.com)

San Francisco
Winston Y. Chan (+1 415.393.8362, wchan@gibsondunn.com)
Charles J. Stevens (+1 415.393.8391, cstevens@gibsondunn.com)

Palo Alto
Benjamin Wagner (+1 650.849.5395, bwagner@gibsondunn.com)

Paris
Benoît Fleury (+33 1 56 43 13 00, bfleury@gibsondunn.com)
Bernard Grinspan (+33 1 56 43 13 00, bgrinspan@gibsondunn.com)

Frankfurt
Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com)

Munich
Kai Gesing (+49 89 189 33 285, kgesing@gibsondunn.com)
Katharina Humphrey (+49 89 189 33 155, khumphrey@gibsondunn.com)
Benno Schwarz (+49 89 189 33 110, bschwarz@gibsondunn.com)

Hong Kong
Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com)

Singapore
Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com)
Karthik Ashwin Thiagarajan (+65 6507 3636, kthiagarajan@gibsondunn.com)

The four years of the Biden administration were marked by the most aggressive and far-reaching use of international trade tools of any U.S. administration in history. Its final acts—some just days before the new administration took power—were among the most impactful of these measures. While there remains uncertainty about the Trump administration’s trade policy, early indications are that the Trump team will wield these tools in an even more aggressive manner focused on an ever-larger set of policy goals—with unknown effects, both at home and abroad.

Throughout 2024, the United States, the European Union, and the United Kingdom continued their fast-paced adoption and usage of the entire suite of international trade tools to exert pressure on Moscow, Beijing, and other targets. As but one indicator of his preference for the use of these tools, President Biden during his tenure imposed sanctions at a faster rate than any of his predecessors by adding thousands of names per year to restricted party lists maintained by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”). That upswing accelerated in 2024 as the United States added a record-shattering number of, predominantly Russian, individuals and entities to OFAC sanctions lists:

Sanctions designations, however, tell only a small part of the story. Policymakers in Washington, London, and other capitals this past year also unveiled groundbreaking export controls, and focused on novel outbound investment regimes, in a bid to slow China’s advances in certain critical technologies like semiconductors and artificial intelligence (“AI”).

Following a wave of turnover in the White House, Downing Street, the EU institutions, and in other halls of power, the world’s major economies appear poised to continue their heavy reliance on trade controls—though the mix of tools and targets could radically shift. Under President Trump, the United States appears set to favor aggressive threats and uses of tariffs (over other tools in the international trade arsenal), and, as we have already seen, may wield trade restrictive measures against both strategic competitors and core partners like Canada, Mexico, and the European Union. Other jurisdictions in Europe, Asia, and the Americas are likely to deploy those same tools, either in retaliation against U.S. measures or in pursuit of their own strategic interests. After several years of closely coordinated measures in support of common objectives such as impeding Russia’s war in Ukraine, we anticipate a reshaped international trade landscape marked by friction among traditional allies and heightened uncertainty for the business community.

TABLE OF CONTENTS

I. U.S. Sanctions

A.    Russia
B.    Iran
C.    Syria
D.    Venezuela
E.    Cuba
F.    Crypto/Virtual Currencies
G.    OFAC Enforcement Trends

II. U.S. Export Controls

A.    China
B.    Russia and Belarus
C.    Multilateral Controls
D.    End-Use and End-User Controls
E.    Compliance Expectations
F.    Voluntary Self-Disclosures
G.    BIS Enforcement Trends

III. U.S. Foreign Investment Restrictions

A. Inbound Investment
B. Outbound Investment

IV. U.S. Import Restrictions

A. Uyghur Forced Labor Prevention Act
B. Tariffs

V. European Union

A.    Sanctions
B.    Export Controls
C.    Foreign Investment Restrictions

VI. United Kingdom

A.    Sanctions
B.    Export Controls
C.    Foreign Investment Restrictions

I. U.S. Sanctions

A. Russia

Following the Kremlin’s full-scale invasion of Ukraine in early 2022, the United States, in close coordination with its allies and partners, unleashed a historic barrage of trade restrictions on Russia. As the war in Ukraine stretched into a third year, the Biden administration in 2024 continued its shift from rapidly introducing new and often novel trade controls to incrementally expanding existing measures such as blocking sanctions, services prohibitions, import bans, and secondary sanctions. Such seemingly disparate measures were each calculated to deny Russia the capital and materiel needed to wage war in Ukraine.

Notably, President Biden during his final months in the White House sharply increased sanctions on Russia’s financial and energy sectors, including blacklisting major Russian banks and oil companies. Those actions, which aimed to restrict Moscow’s access to the international financial system and limit its chief source of hard currency, also potentially increase his successor’s leverage at the negotiating table. After his campaign trail vow to end the war in Ukraine on his first day in office failed to materialize, President Trump now at least appears poised to potentially further escalate sanctions and other trade measures in a bid to pressure the Kremlin (and Kyiv) into seeking a negotiated resolution to the conflict. Depending upon how events unfold, such U.S. measures could potentially include hiking tariffs on imported Russian goods, targeting additional oil producers, and wielding secondary sanctions against foreign banks that continue to engage with Russia. It is also likely that the Trump administration will seek to bring other, seemingly unrelated, issues—such as securing U.S. access to critical minerals—into any deal.

1. Blocking Sanctions

Since February 2022, the United States, in an unprecedented burst of activity, has added thousands of new Russia-related individuals and entities to OFAC sanctions lists. That trend intensified during the final year of the Biden administration as the United States, on eight separate occasions, added 100 or more new Russia–related targets to OFAC’s Specially Designated Nationals and Blocked Persons (“SDN”) List—an extraordinary pace considering that around 13,000 parties had been added to the SDN List over the preceding twenty years combined.

Blocking sanctions are arguably the most potent tool in a country’s sanctions arsenal, especially for countries such as the United States with an outsized role in the global financial system. Upon becoming designated an SDN (or other type of blocked person), the targeted individual or entity’s property and interests in property that come within U.S. jurisdiction are blocked (i.e., frozen) and U.S. persons are, except as authorized by OFAC, generally prohibited from engaging in transactions involving the blocked person. The SDN List therefore functions as the United States’ principal sanctions-related restricted party list. Moreover, the effects of blocking sanctions often reach beyond the parties identified by name on the list. By operation of OFAC’s Fifty Percent Rule, restrictions generally also extend to entities owned 50 percent or more in the aggregate by one or more blocked persons, whether or not the entity itself has been explicitly identified.

During 2024 and continuing into early 2025, the United States repeatedly used its targeting authorities to block Russian business elites, as well as substantial enterprises operating in sectors such as banking, energy, and technology seen as critical to financing and sustaining the Kremlin’s war effort. Notable designations included:

Oligarchs such as the chief executive officers of several major Russian oil companies;
Financial institutions, including Gazprombank, the Moscow Exchange, Russia’s National Settlement Depository, and dozens of Russian securities registrars, further severing Russia’s access to the international financial system;
Energy firms such as Gazprom Neft and Surgutneftegas, which were targeted to limit Russia’s current energy revenues and future extractive capabilities;
Shipping companies such as Sovcomflot and Rosneftflot, to impede the transport of Russian-origin petroleum and petroleum products to overseas buyers;
Military-industrial firms, including hundreds of companies operating in the technology, defense and related materiel, construction, aerospace, and manufacturing sectors of Russia’s economy; and
Third-country facilitators of sanctions and export control evasion, including shipping companies and vessels alleged to have violated the price cap on Russian crude oil and petroleum products, plus hundreds of parties located in major transshipment hubs such as Turkey, the United Arab Emirates, and the People’s Republic of China (“PRC”).

Substantially all of the parties described above were designated pursuant to Executive Order (“E.O.”) 14024, as amended, a measure that President Biden signed at the outset of his term that authorizes blocking sanctions against persons determined to operate or have operated in certain sectors of the Russian Federation economy identified by the U.S. Secretary of the Treasury. Throughout President Biden’s tenure, OFAC relied almost exclusively on E.O. 14024 to target new Russia-related parties. However, during its final days in office, the administration broadened its use of blocking sanctions in two novel respects.

The Biden administration in January 2025 added a further sanctions basis to over 100 Russian parties by re-designating key targets—including major oil companies, shippers, manufacturers, and banks—pursuant to an earlier Obama-era authority, Executive Order 13662. Sanctions on those entities under E.O. 14024 remained in place. Although imposing blocking sanctions under additional authorities did not result in those targets becoming subject to further restrictions, the use of E.O. 13662 raises the procedural bar for easing sanctions on such persons by triggering a unique congressional review mechanism in the Countering America’s Adversaries Through Sanctions Act (“CAATSA”). Consequently, the Trump administration is now obliged to submit a detailed report to Congress and, absent congressional action, wait a specified number of days before lifting sanctions on any parties that have been designated under E.O. 13662—which appears calculated to delay, and increase the domestic political costs of, a possible future effort by President Trump to relax sanctions on Russia.

Concurrent with that announcement, the Biden administration further expanded the potential bases upon which parties can become designated for engaging with Russia. Building upon the various sectors that had been identified in prior years, the Biden administration in January 2025 authorized the imposition of blocking sanctions on parties that operate in Russia’s energy sector, which OFAC broadly defines to include upstream, midstream, and downstream activities related to oil, natural gas, and other products capable of producing or transporting energy. Crucially, OFAC has indicated that parties operating in targeted sectors are not automatically sanctioned, but rather risk becoming sanctioned if they are determined by the Secretary of the Treasury to have engaged in targeted activities. That said, after years of treading lightly around Russian oil and gas producers to avoid roiling global markets, the Biden administration in its final weeks appears to have been emboldened by more stable energy supplies to sharply restrict dealings involving Russia’s extractive industries. Notwithstanding the considerable policy differences between the two administrations, President Trump, at least in the near term, appears likely to maintain and potentially expand U.S. sanctions on Russian energy to maximize U.S. leverage in future negotiations with Moscow.

2. Services Prohibitions

Since the opening months of the war in Ukraine, the United States has supplemented its use of blocking sanctions against targeted individuals and entities by banning U.S. persons from exporting to Russia certain professional, technical, and financial services—especially including services used to bring Russian energy to market.

Executive Order 14071 prohibits the exportation from the United States, or by a U.S. person, of any category of services as may be determined by the Secretary of the Treasury, to any person located in the Russian Federation. Acting pursuant to that broad and flexible legal authority, the United States during the first two years of the war barred U.S. exports to Russia of certain categories of services that, if misused, could enable sanctions evasion, bolster the Russian military, and/or contribute to Russian energy revenues.

In April 2024, the United States expanded upon those earlier prohibitions by barring the exportation to Russia of certain services related to the acquisition of Russian-origin aluminum, copper, or nickel to limit the trading of Russian metals on global exchanges. In June 2024, OFAC, in close coordination with the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”), restricted exports to Russia of information technology (“IT”) consultancy and design services, as well as IT support services and cloud-based services for certain types of widely used business software, to prevent U.S. technical expertise and Software as a Service (“SaaS”) offerings from being leveraged by Russia’s military-industrial base.

In conjunction with the imposition of blocking sanctions against several major Russian oil companies (discussed above), the Biden administration in January 2025 further limited U.S. person activities by, effective February 27, 2025, prohibiting the exportation to Russia of petroleum services, which OFAC defines in expansive terms to include “services related to the exploration, drilling, well completion, production, refining, processing, storage, maintenance, transportation, purchase, acquisition, testing, inspection, transfer, sale, trade, distribution, or marketing of petroleum, including crude oil and petroleum products.” As such, absent an exclusion—such as for services related to the maritime transport of Russian crude oil or petroleum products purchased at or below a specified price cap—or authorization from OFAC in the form of a license, U.S. persons starting in late February potentially risk U.S. sanctions exposure for providing services that enable Russia to exploit its hydrocarbon resources.

3. Import Prohibitions

Consistent with a whole-of-government approach to limiting Russian revenue, the United States during 2024 continued to expand prohibitions on the importation of certain Russian-origin goods—principally consisting of items closely associated with Russia or that otherwise have the potential to generate hard currency for the Kremlin.

In prior years, the Biden administration used this particular policy tool to bar imports into the United States of certain energy products of Russian Federation origin, fish, seafood, alcoholic beverages, non-industrial diamonds, and gold. As with other Russia-related sanctions authorities, the Secretary of the Treasury has broad discretion under Executive Order 14068, as amended, to, at some later date, extend the U.S. import ban to additional Russian-origin goods. The Biden administration during the past year wielded that authority to prohibit the importation into the United States of additional Russian commodities, including additional categories of diamonds and diamond jewelry, as well as aluminum, copper, and nickel.

Highlighting the degree of bipartisan support for limiting Russia’s access to the U.S. market, the U.S. Congress in May 2024 enacted legislation barring the importation into the United States of Russian-origin low-enriched uranium.

Although most other imports of Russian-origin items remain permissible under U.S. law, bilateral trade in goods between the United States and Russia plunged to a 30-year low in 2024 and appears unlikely to rebound absent a sea change in relations between Washington and Moscow. As it has been since the start of the 2022 invasion, the implications of trade restrictions will be felt much more by countries in Europe and Asia that have far more robust trading relationships with Moscow.

4. Secondary Sanctions

As part of a broader effort to limit sanctions and export control evasion, the United States in late 2023 authorized secondary sanctions on foreign financial institutions that, knowingly or unknowingly, facilitate significant transactions involving Russia’s military-industrial base. As we observe in a prior client alert, these restrictive measures are noteworthy not simply because they create new secondary sanctions risks for foreign banks and other financial institutions, but also because they expose these financial institutions to such risks based on the facilitation of their customers’ trade in certain enumerated goods, and do so under a standard of strict liability (i.e., without requiring any intent or even having knowledge of the activity).

This is a meaningful departure from historical practice. Under certain U.S. sanctions programs—namely, those targeting Iran, North Korea, Russia, Syria, Hong Kong, and terrorism—persons outside of U.S. jurisdiction that engage in enumerated transactions with certain targeted persons or sectors, including transactions with no ostensible U.S. nexus, risk becoming subject to U.S. secondary sanctions. Such measures target certain significant transactions involving, for example, Iranian port operators, shipping, and shipbuilding. In practice, secondary sanctions are highly discretionary in nature and principally designed to prevent non-U.S. persons from engaging in certain specified transactions that are prohibited to U.S. persons. If OFAC determines that a non-U.S. person has engaged in such transactions, the agency may impose punitive measures on the non-U.S. person which vary from the potentially relatively innocuous (e.g., blocking their use of the U.S. Export-Import Bank) to the severe (e.g., blocking use of the U.S. financial system or blocking all property interests—essentially adding them to the SDN List). Until December 2023, non-U.S. persons only potentially risked secondary sanctions exposure, under the small handful of sanctions programs that include such measures, for knowingly engaging in certain significant transactions.

The Biden administration in December 2023 issued Executive Order 14114 authorizing OFAC to impose secondary sanctions on foreign financial institutions that are deemed to have:

Conducted or facilitated a significant transaction involving a person that has been blocked for operating in certain sectors of Russia’s economy (such persons, “Covered Persons”); or
Conducted or facilitated a significant transaction, or provided any service, involving Russia’s military-industrial base, including the direct or indirect sale, supply, or transfer to Russia of specified items such as certain machine tools, semiconductor manufacturing equipment, electronic test equipment, propellants and their precursors, lubricants and lubricant additives, bearings, advanced optical systems, and navigation instruments (such items, “Covered Items“).

Upon a determination by the Secretary of the Treasury that a foreign financial institution has engaged in one or more of the sanctionable transactions described above, OFAC can (1) impose full blocking measures on the institution or (2) prohibit the opening of, or prohibit or impose strict conditions on the maintenance of, correspondent accounts or payable-through accounts in the United States. Such measures are a powerful deterrent to engaging in dealings involving Covered Persons or Covered Items, as the potential consequence of such a transaction (i.e., imposition of blocking sanctions or loss of access to the U.S. financial system) is tantamount to a death sentence for a globally connected bank.

In June 2024, in recognition of Russia’s transition to a wartime economy, the United States broadened the reach of U.S. secondary sanctions by publishing updated guidance that expands OFAC’s interpretation of “Russia’s military-industrial base” to include not only persons that have been blocked for operating in certain sectors of Russia’s economy—formerly, the technology, defense and related materiel, construction, aerospace, or manufacturing sectors—but all persons blocked pursuant to Executive Order 14024. As a practical matter, that shift both simplifies compliance for foreign financial institutions by eliminating the need to assess whether a transaction party is among a subset of Russian SDNs that can give rise to secondary sanctions exposure, and enhances the deterrent effect of U.S. sanctions by expanding the universe of Russia-related transactions that can place a foreign bank at risk of losing access to the U.S. financial system.

Notably, the Biden administration invoked that secondary sanctions authority for the first time in January 2025 by imposing blocking sanctions on a Kyrgyzstan-based bank for allegedly processing payments on behalf of a blocked Russian bank with close ties to Russia’s defense industry. Although the use of U.S. secondary sanctions against banks that continue to engage with Russia is so far limited and isolated, to the extent President Trump is inclined to escalate pressure on Moscow, that designation could offer the new administration a model for targeting progressively larger foreign financial institutions that continue to process Russia-related trade.

5. Prospects for Further Sanctions on Russia

As President Trump looks to deliver on his oft-repeated campaign pledge to end the war in Ukraine, the United States could soon further tighten trade restrictions in an attempt to push Moscow to the negotiating table. Options available to the Trump administration under such an approach include increasing tariffs on the limited volume of Russian goods still imported into the United States or, more consequentially, targeting Russia’s crucial financial and energy sectors by imposing blocking sanctions on all remaining Russia-based banks and oil majors Rosneft and Lukoil. It is also conceivable that the new administration could, in a bid to constrict Moscow’s oil revenues, threaten to impose secondary sanctions on foreign financial institutions (including especially in China and India) that continue to process payments involving Russian petroleum and petroleum products.

Conversely, if eventual talks among Washington, Moscow, and Kyiv show signs of progress, it would not be surprising if the White House just as quickly eases restrictions on dealings involving Russia. With the exception of the E.O. 13662 re-designations noted above, nearly all of the Biden-era measures targeting Russia (which were implemented via Executive Order) can be—as President Trump demonstrated in his first days in office—rescinded with the stroke of a pen. For example, President Trump could narrow or revoke existing measures such as the prohibition on “new investment” in the Russian Federation set forth in E.O. 14071 by issuing new or amended Executive Orders, or by issuing permissive general licenses. Any such relaxation of U.S. sanctions could, however, result in a split between the United States and its European allies and partners, who to date have shown little appetite for easing their own considerable restrictions on Russia.

President Trump’s return to power also casts into doubt an unprecedented effort to leverage Russia’s sovereign assets to fund Ukraine’s defense and reconstruction. As the cost of the war continued to mount, the United States and its partners during 2024 explored a range of options to deploy the nearly $300 billion in Russian central bank reserves, principally held in Europe, that the allies immobilized in the opening weeks of the conflict. At a June 2024 summit, the Group of Seven (“G7”) ultimately agreed on a novel mechanism whereby the allies would extend $50 billion in loans to Ukraine, to be paid down over time by the interest that is continuing to accrue on the Kremlin’s assets held abroad. That U.S.-led initiative—dubbed the Extraordinary Revenue Acceleration Loan program—resulted in the United States disbursing a $20 billion loan to Kyiv in December 2024, with a separate €3 billion loan from the European Commission following in January 2025. While stopping short, at least so far, of seizing Russian state property, the loan program nevertheless has potentially fundamental consequences for global finance, which heretofore held a nearly unshakable belief in the immunity of sovereign assets—especially of major states.

B. Iran

Iran suffered a series of strategic setbacks in 2024, including a deepening economic crisis, multiple rounds of Israeli airstrikes, the decimation of Hamas and Hezbollah’s senior leadership, and the collapse of the Assad regime in Syria. Following President Trump’s return to the White House, Tehran could soon be forced to decide whether to pursue negotiations aimed at securing sanctions relief, or race for a nuclear weapon to restore the Islamic Republic’s battered deterrence.

As these developments unfolded, the Biden administration during 2024 continued to aggressively use its sanctions authorities to add individuals and entities complicit in Iran’s destabilizing activities to the SDN List. Frequent targets of Iran-related designations included Iranian government officials, entities involved in unmanned aerial vehicle (“UAV”) and ballistic missile procurement, and entities and vessels involved in the Iranian petroleum and petrochemicals trade.

The pace of Iran sanctions designations could further increase under President Trump as part of the resumption of his first term’s “maximum pressure” economic campaign, which he announced on February 4, 2025. That effort aims to deny Tehran the resources needed to fund its terrorist proxies. An accompanying national security memorandum previewed the Trump administration’s likely targeting of third-country shipping companies, insurers, and port operators that enable Iranian oil exports. If need be, the pressure campaign could potentially invoke legislation enacted in April 2024, including the Stop Harboring Iranian Petroleum Act and the Iran-China Energy Sanctions Act of 2023, that authorizes the President to impose sanctions on non-U.S. persons, including especially in China, that are involved in bringing Iranian oil to market.

C. Syria

U.S. sanctions on Syria were largely quiet for much of the past year, until the sudden December 8, 2024 ouster of Syria’s longtime ruler Bashar al-Assad following a brutal, decade-long civil war. Despite the Assad regime’s collapse, Syria—alongside a small handful of other jurisdictions, presently including Cuba, Iran, North Korea, and certain Russian-occupied regions of Ukraine—remains subject to comprehensive U.S. sanctions, as a result of which U.S. persons are generally prohibited from engaging in transactions involving that country. Further complicating efforts to stabilize Syria and rebuild its shattered economy, the rebel group that in December 2024 became the country’s de facto governing authority, Hayat Tahrir al-Sham (“HTS”), and its leader Ahmed Hussein al-Sharaa (formerly known by the nom de guerre Abu Mohammed al-Jawlani), each remain subject to U.S. blocking sanctions for their historical ties to the Islamic State and al Qaeda.

In January 2025, the United States announced a narrow and time-limited suspension of certain U.S. restrictions to “ensure that sanctions do not impede essential services and continuity of governance functions across Syria, including the provision of electricity, energy, water, and sanitation.” In particular, OFAC issued a general license that authorizes U.S. persons, until July 7, 2025, to engage in certain transactions involving: (1) Syria’s post-Assad governing institutions; (2) the sale, supply, storage, or donation of energy, including petroleum, petroleum products, natural gas, and electricity, to or within Syria; and (3) processing the transfer of noncommercial, personal remittances to Syria, including through the Central Bank of Syria. The authorizations set forth in that license exclude, among other things, any transactions involving military or intelligence entities or new investment in Syria by U.S. persons. Notably, the license authorizes financial transfers to blocked persons such as HTS for specified purposes such as effecting the payment to governing institutions in Syria of taxes, fees, or import duties—suggesting a U.S. policy interest in enabling the continuing functioning of the Syrian state, notwithstanding HTS and al-Sharaa’s status as designated terrorists.

Both the Biden and Trump administrations appear to have otherwise adopted a wait-and-see approach to Syria sanctions relief, with the further easing of U.S. restrictions likely contingent upon HTS demonstrating tangible progress toward forming an inclusive transitional government, protecting the rights of ethnic and religious minorities, pledging not to serve as a conduit for the export of Iranian destabilization, and responsibly disposing of Syria’s chemical weapons. In light of President Trump’s aggressive use of U.S. counterterrorism sanctions authorities during his first week in office—including to target drug cartels and the Yemen-based Houthis—the United States seems unlikely to lift blocking sanctions on HTS and its leader Ahmed Hussein al-Sharaa, at least in the near future.

D. Venezuela

The United States in early 2024 withdrew two short-lived forms of sanctions relief after Venezuela’s President Nicolás Maduro failed to uphold his commitments to take concrete steps toward holding free and fair elections.

As we describe in a prior client alert, the Biden administration in October 2023 announced a significant relaxation of U.S. sanctions on Venezuela in an attempt to incentivize the Maduro regime to take concrete steps toward the restoration of Venezuelan democracy. When the regime failed to uphold its end of the bargain, including by refusing to lift a ban on a leading presidential candidate holding public office, the U.S. Government in January 2024 quickly revoked a general license that had authorized U.S. nexus transactions involving Venezuela’s state-owned gold mining company—and warned that, absent a change in behavior by the Maduro regime, a separate general license authorizing most dealings involving the country’s oil or gas sector would meet a similar fate. A further tightening of U.S. sanctions followed in April 2024 when the Biden administration made good on that threat and allowed Venezuela General License 44 to expire—with the result that, unless separately authorized by OFAC, U.S. persons are again generally prohibited from engaging in transactions involving the state-owned oil giant Petróleos de Venezuela, S.A. (“PdVSA”).

Following a July 2024 presidential contest marred by widespread irregularities, the United States recognized opposition candidate Edmundo González as the country’s president-elect—to little effect, as Maduro clung to power and was sworn in for a third term in January 2025.

While democratization efforts have historically been the guide by which prior administrations have assessed the need for sanctions on Caracas, under the new Trump administration it appears that willingness to stem illegal immigration may serve as a favored guide in this regard. Indeed, we assess that if there is a Washington-Caracas deal to stem the flow of Venezuelan migrants northward, the United States under President Trump and Secretary of State Marco Rubio could opt to institute some easing of measures. January 2025 meetings between the Trump administration’s envoy for special missions Richard Grenell and the Maduro government resulted in Venezuela’s release of several U.S. prisoners, suggesting that a deal may be sought. However, in the absence of such a deal, we assess it as likely that we will see a further tightening of sanctions on the Maduro regime, including a potential narrowing or revocation of existing authorizations to engage with Venezuela’s crucial oil sector or a resumption of President Trump’s first-term practice of aggressively designating shipping companies and vessels that bring Venezuelan oil to market.

E. Cuba

During 2024, U.S. sanctions on Cuba continued their decades-long trend of swinging sharply back and forth, depending upon whether Republicans or Democrats control the White House. During his waning months in power, President Biden modestly eased restrictions on Havana, including by authorizing U.S. banks to process certain Cuba-related payments and de-listing Cuba as a State Sponsor of Terrorism. However, that relief was short-lived, as President Trump unwound many of those same measures within hours of returning to the Oval Office.

Under the first Trump administration, the United States in 2019 prohibited U.S. banks from processing so‐called “U‐turn” payments. These transactions—which involve Cuban interests and originate from, and terminate, outside of the United States—enable Cuban entities doing business with non‐U.S. firms to access U.S. correspondent and intermediary banks and therefore to participate in U.S. Dollar‐denominated global trade. In May 2024, as part of a package of incremental changes to the Cuba regulations, the Biden administration issued a general license authorizing U.S. banks to again process such Cuba-related payments, provided that neither the originator nor the beneficiary, nor their respective banking institution, is a person subject to U.S. jurisdiction. From a policy perspective, the Biden administration appears to have been aiming to increase independent Cuban entrepreneurs’ access to the international financial system.

In a more sweeping—though, it turned out, temporary—reversal of Trump-era policy, President Biden on January 14, 2025 announced a Vatican-brokered agreement to secure the release of hundreds of Cuban political prisoners. In exchange, the United States rescinded Cuba’s designation as a State Sponsor of Terrorism, suspended a private right of action that had enabled lawsuits in U.S. courts against individuals and companies accused of “trafficking” in property confiscated by the Cuban government, and revoked a memorandum that underpins the U.S. ban on direct financial transactions involving certain entities identified on the State Department’s Cuba Restricted List. Reflecting the ongoing tug-of-war over Cuba policy, President Trump less than a week later rescinded each of those measures on his first day in office. As such, U.S. sanctions on Cuba are now, with modest exceptions, substantially similar to the restrictions that were in place when President Trump left office in 2021. To the extent President Trump and Secretary Rubio are inclined to further increase sanctions on Cuba, it is possible that the new administration could in coming months eliminate the authorization for “U-turn” payments, as well.

F. Crypto/Virtual Currencies

OFAC throughout the past several years has closely focused on illicit finance in the virtual currency sector, including through a mix of new sanctions designations and aggressive enforcement actions. However, a recent court decision finding that OFAC lacks authority to impose sanctions on immutable smart contracts, coupled with the Trump administration’s promises of lighter-touch regulation of the industry, could portend a shift in OFAC’s priorities away from digital assets and toward other sectors of the economy such as traditional finance.

In August and November 2022, OFAC imposed blocking sanctions on the virtual currency mixer Tornado Cash. Virtual currency mixers, as the name suggests, operate by mixing together funds deposited by many users before transmitting the funds to their individual recipients, thereby obfuscating the parties to a transaction. That designation represented a novel use of U.S. sanctions as, unlike a centralized platform in which a single company processes virtual currency transactions, Tornado Cash’s decentralized, smart contract model is essentially operated by self-executing code running on public blockchains without the need for human intervention. Tornado Cash users soon filed suit, arguing that there is no “person” or “property” for OFAC to sanction.

In November 2024, the U.S. Court of Appeals for the Fifth Circuit, in a still-rare successful court challenge to a U.S. sanctions determination, held that OFAC exceeded its authority when it designated Tornado Cash’s immutable smart contracts (i.e., unalterable, open-source, privacy-enabling software code) as blockable property. In particular, the Fifth Circuit in Van Loon v. U.S. Department of the Treasury reasoned that, to constitute “property,” something must be “capable of being owned,” which in turn requires that an owner be capable of exercising “dominion” over it. The Court concluded that immutable smart contracts are unownable and therefore not “property” because they cannot be altered nor can anyone be excluded from using them. The Van Loon decision is noteworthy as it adds to a growing body of jurisprudence (discussed further below) limiting the authority of administrative agencies and, absent intervention by Congress, could complicate OFAC’s ability to restrict dealings involving digital assets going forward. We expect more challenges to OFAC actions in the wake of the U.S. Supreme Court’s June 2024 decision in Loper Bright Enterprises v. Raimondo (discussed below), which eliminated the requirement that courts defer to agencies’ reasonable interpretations of the statutes that they administer, and on which the Van Loon Court relied in reaching its conclusion.

In contrast with the Biden administration’s aggressive regulatory approach to the virtual currency sector, a second Trump administration seems likely to usher in a more permissive regulatory environment. Underscoring the White House’s expected posture toward the virtual currency industry, President Trump shortly before taking office launched his own digital token and, once in the White House, quickly issued an Executive Order directing an overhaul of U.S. digital assets policy. Following several years of robust U.S. sanctions enforcement against virtual currency industry participants, it is possible that OFAC could in coming months recalibrate its enforcement approach to once again prioritize other sectors.

G. OFAC Enforcement Trends

1. Enforcement Actions and Compliance Lessons

During 2024, the combined amount of civil monetary penalties imposed by OFAC fell back in line with the agency’s long-term average after hitting a record-shattering $1.5 billion the year prior. That decline was principally driven by the absence of any blockbuster, nine-figure settlements. Across 12 enforcement actions resulting in monetary penalties, OFAC in 2024 levied an aggregate of $48.8 million in fines—an amount roughly on par with 2022 ($42.6 million) and modestly higher than 2021 or 2020 (both around $20 million). The two largest resolutions this past year involved monetary penalties of $20 million and $14.5 million, both stemming from alleged violations of U.S. sanctions on Iran. While enforcement actions are often a trailing indicator of OFAC enforcement priorities (given that matters can take several years to resolve after a violation has been found), this trend nonetheless suggests that dealings involving the Islamic Republic are likely to remain an area of continued focus for U.S. authorities during the months ahead.

We highlight below the most noteworthy compliance lessons from OFAC’s 2024 enforcement actions, many of which are thematically consistent with prior years. Some of these takeaways were explicitly communicated by OFAC through the “compliance considerations” section included in the web notice for each of its enforcement actions:

Dealings in and around Iran can present heightened risks: Half of OFAC’s 12 cases announced during 2024 involved apparent Iran sanctions violations and highlight the importance (and expectation) of effective due diligence. OFAC, for example, suggested in a November 2024 settlement that companies’ due diligence efforts should take into account that sanctioned Iranian parties might not necessarily appear by name on the SDN List and may often be based in nearby jurisdictions such as the United Arab Emirates. The Trump administration’s February 2025 resumption of the Iran “maximum pressure” campaign explicitly ordered the expansion of enforcement efforts.
Non-U.S. companies should ensure that their activities do not “cause” U.S. persons to violate U.S. sanctions restrictions: Five non-U.S. companies were penalized this past year for “causing” a U.S. person (such as a U.S. correspondent bank) to violate their own sanctions compliance obligations—a common fact pattern in recent years. OFAC has long maintained that non-U.S. companies are on notice of this obligation when they avail themselves of U.S. customers, goods, technology, or services. Non-U.S. companies should therefore be mindful that, even in cases in which an undertaking on its face has no readily discernable U.S. touchpoint, they must comply with U.S. sanctions when engaging in a transaction that involves even a fleeting U.S. touchpoint such as clearing a U.S. Dollar-denominated payment through a U.S. financial institution.
U.S. parent companies should take steps to ensure that their non-U.S. subsidiaries comply with applicable sanctions restrictions: OFAC has repeatedly recommended that multinational enterprises assess the sanctions risks of their foreign subsidiaries, particularly those operating in high-risk jurisdictions. The agency has cautioned against pursuing new business overseas without implementing and maintaining proper compliance controls, such as policies for U.S. person directors, officers, and employees to recuse themselves from prohibited activities and whistleblower mechanisms to identify prohibited conduct.
Companies should remain vigilant for efforts by persons in Russia and Russian-occupied regions of Ukraine to evade sanctions: Two of OFAC’s 12 published cases this past year alleged violations of its Ukraine- and Russia-related sanctions. Although that figure represents a much lower share of OFAC’s cases than during the prior year, a lower enforcement rate does not necessarily indicate that OFAC deprioritized Russia-related sanctions. Rather, given the volume and complexity of new restrictions on Russia announced since February 2022—and the amount of time that is often required for OFAC to conduct a fulsome investigation—it is highly likely that further Russia-related enforcement actions could be announced in coming months.

During January 2025, OFAC announced two further settlements resulting in civil monetary penalties, offering an early indication that OFAC is likely to continue aggressively enforcing U.S. sanctions prohibitions throughout the coming year.

2. Statute of Limitations and Supreme Court Cases

Although the Executive branch is responsible for enforcing U.S. sanctions, key developments out of the U.S. Congress and the Supreme Court in 2024, including an expanded statute of limitations for sanctions violations and a growing body of case law limiting judicial deference to administrative agencies, could further reshape both OFAC’s enforcement of violations and its designation of parties to sanctions lists going forward.

On April 24, 2024, President Biden signed into law the 21st Century Peace Through Strength Act, which extends the longstanding statute of limitations for civil and criminal violations of U.S. sanctions from five to ten years. That provision, which Congress quietly inserted into a foreign aid package, appears likely to increase the size of OFAC civil monetary penalties going forward by enabling the agency to reach a broader universe of violative transactions. Notably, OFAC in July 2024 published guidance affirming that the law did not revive civil or criminal sanctions violations that were time barred on the date that the new statute of limitations was enacted into law (i.e., April 24, 2024). As such, absent extenuating circumstances (such as a prior tolling agreement with OFAC), sanctions violations that occurred on or before April 24, 2019 are generally time barred and the new statute of limitations is, as a practical matter, being phased in over the next five years.

Nevertheless, the new ten-year statute of limitations quickly shifted the landscape for compliance-minded companies. Starting on March 12, 2025, parties that engage in transactions that implicate OFAC’s prohibitions will be required to retain relevant records for a period of ten years. The new statute of limitations also alters expectations concerning an appropriate “lookback” period for sanctions-related investigations, mergers and acquisitions due diligence, and representations and warranties in transactional agreements. In light of the potential for increased civil monetary penalties that sweep in twice as much conduct, the expanded statute of limitations could also affect parties’ calculus regarding whether, and under what circumstances, to voluntarily self-disclose to OFAC apparent violations of the agency’s regulations.

Meanwhile, two U.S. Supreme Court decisions announced in June 2024—Loper Bright Enterprises v. Raimondo and Securities and Exchange Commission (“SEC”) v. Jarkesy—threaten to complicate OFAC’s longstanding practices by potentially forcing the agency to litigate more frequently and with a lower degree of judicial deference.

As described more fully in a pair of prior client alerts, the Court in Loper Bright overruled Chevron v. Natural Resources Defense Council under which U.S. courts were formerly required to defer to agencies’ reasonable interpretation of ambiguous statutory terms. In place of Chevron, courts now must independently interpret statutes and are no longer obligated to defer to agencies, though they may afford agencies’ views a measure of “respect” to the extent those views are persuasive. In a separate opinion handed down that same week, the Court in Jarkesy held that the U.S. Constitution requires the SEC to sue in federal court, not an in-house administrative court, when seeking civil monetary penalties on a ground such as fraud that resembles a traditional action at common law.

As lower courts continue to wrestle with the implications of Loper Bright and Jarkesy, those two cases taken together have the potential to unsettle U.S. sanctions and export controls by encouraging prospective litigants to challenge agency action, channeling more such disputes into U.S. federal court, and resetting the balance of power between challengers and federal agencies such as OFAC and BIS. Accordingly, following a sustained two-decade rise in the use of sanctions and export controls as primary instruments of U.S. foreign policy, OFAC and BIS could soon be forced to weigh whether, in the face of potential legal challenges, they are prepared to continue pushing the limits of their authorities by levying substantial monetary penalties out of court.

II. U.S. Export Controls

U.S. export controls during 2024 continued their rise as indispensable and central tools to further U.S. national security and foreign policy objectives. A key focus of U.S. efforts involved developing new ways to restrict access to certain advanced technologies by perceived geopolitical competitors like China, while allowing for the continued exchange of these technologies among countries that adopt restrictions that parallel U.S. controls.

Rules issued by the U.S. Department of Commerce’s Bureau of Industry and Security have always been technical and fact-dependent; indeed, the rules have often required significant scientific knowledge to understand and implement them appropriately. While BIS rules have steadily become more complex, the regulations announced in 2024 accelerated this trend, underlining the sophisticated nature of export controls while emphasizing the need for exporters to have a highly nuanced and technically informed understanding of exactly what they are, directly or indirectly, exporting, reexporting, or transferring, and to whom. Developments in 2024 also highlighted the increasing risks for violations of these rules, with the U.S. Department of Justice (“DOJ”) and BIS both articulating new rules and expectations in order to avoid serious penalties.

Moreover, for the first time, the necessity of understanding these rules has been expanded from exporters themselves to financial intermediaries such as banks. As discussed below, BIS published an unprecedented set of expectations for financial institutions regarding their obligations to ensure compliance with export controls. This was a meaningful departure from past practice—which had placed the onus and risk for compliance chiefly on exporters. Financial institutions have started to develop protocols in this regard, but industry “best practices” remain a work in progress.

Technology is developing so rapidly that export control regulations are unable to keep pace. As such, we fully expect new regulations to be frequently issued, further refining and likely expanding areas of control.

A. China

Throughout 2024, BIS continued to focus on tightening controls on the People’s Republic of China and other countries posing diversion risks with respect to semiconductor manufacturing equipment (“SME”), advanced computing items, and quantum computing technology. These efforts led to a flurry of new rulemaking activity over the past year and created many new compliance obligations across industries. While the Trump administration’s export control priorities remain opaque, the compliance complexities associated with these efforts are unlikely to abate.

1. Advanced Computing Items, Semiconductor Manufacturing Equipment, and Supercomputers

Senior U.S. officials, including then-National Security Advisor Jake Sullivan, often described controlling semiconductors as among the Biden administration’s top foreign policy priorities and announced their intention to prevent China from acquiring the most sophisticated chips to slow Beijing’s military modernization. Consistent with that approach, BIS in April 2024 released an interim final rule imposing additional restrictions on SME, advanced computing items, and items supporting supercomputing end uses exported to the PRC and certain “Country Group D” destinations. This new rule also provided clarity to previous semiconductor and supercomputing-related rules issued in October 2022 and October 2023, which we describe in more detail in two prior client alerts.

Interim final rules relating to national security generally become effective immediately on the date that they are released for public inspection in the U.S. Federal Register. The public is invited to submit comments even while implementing the new rule, and these comments will be considered by the agency in drafting a final rule that will supersede the interim final rule once released. In recent years, both the U.S. Department of Commerce and the U.S. Department of the Treasury have used the rulemaking process to engage with various stakeholders in crafting rules on a variety of topics, often due to the breadth of proposed rules, even though such procedural steps are not required for most rules implicating national security concerns.

BIS’s April 2024 interim final rule amends the U.S. Export Administration Regulations (“EAR”)—which are the principal U.S. regulations governing exports of goods, software, and technology that have both military and civilian uses (commonly known as “dual-use” items)—in several notable respects, including:

The bifurcation of License Exception Notified Advanced Computing (“NAC”) into two new license exceptions.
A license exception authorizes otherwise licensable exports to specified end users, end uses, or destinations. In general, license exceptions are open to any non-restricted party, and they can be used without seeking specific approval from the U.S. Government, provided that any applicability and recordkeeping requirements are met.
In this case, License Exception NAC was split into:
- A revised License Exception NAC authorizing exports and reexports of specified items to (1) Country Group D:5 destinations—which includes destinations subject to a U.S. arms embargo (i.e., Afghanistan, Belarus, Burma/Myanmar, Cambodia, Central African Republic, China (including Hong Kong), Cuba, Democratic Republic of the Congo, Eritrea, Haiti, Iran, Iraq, Lebanon, Libya, Nicaragua, North Korea, Russia, Somalia, South Sudan, Sudan, Syria, Venezuela, and Zimbabwe)—plus Macau, and (2) entities headquartered in, or with an ultimate parent headquartered in, a Country Group D:5 destination or Macau, subject to a pre-export notification requirement and revised procedures. The rule also clarifies that notification requirements for covered integrated circuits apply to computers and other products incorporating such items.
- A new License Exception Advanced Computing Authorization (“ACA”) authorizing (1) exports, reexports, and transfers (in-country) of specified items worldwide (except to or within Country Group D:5 destinations, Macau, or an entity headquartered in, or whose ultimate parent is headquartered in, a Country Group D:5 destination or Macau, wherever located), and (2) transfers (in-country) within a Country Group D:5 destination or Macau. Exports, reexports, and transfers under License Exception ACA are not subject to the BIS notification requirement, partly in an attempt to minimize the compliance burden on industry.
Clarification that all exports, reexports, or transfers made pursuant to License Exceptions NAC or ACA require a written purchase order unless specifically exempted.
Clarification that License Exceptions NAC and ACA are in addition to, not in lieu of, the requirements of License Exception Encryption Commodities, Software, and Technology (“ENC”) and that License Exceptions NAC and ACA cannot be used if additional end-user or end-use restrictions (under 15 C.F.R. Part 744) or embargo restrictions (under 15 C.F.R. Part 746) apply.
Revisions to BIS’s license review policies specific to covered items, destinations, and end users.
Due to a previous inadvertent omission, addition of extreme ultraviolet lithography masks to controls targeting the activities of U.S. persons.
Revision of end-user controls to address support for indigenous “development” and “production” of front-end integrated circuit “production” equipment in Macau and destinations in Country Group D:5 countries, as well as confirmation that parts and components exported for ultimate incorporation into indigenous SME in the PRC also require a BIS license for the initial export.
Revisions to several Export Control Classification Numbers (“ECCNs”) to correct inadvertent errors, provide clarifications, and to control new items such as monolithic microwave integrated circuit amplifiers, missile-related items, pulse discharge capacitors, and superconducting solenoidal electromagnets, among others.

Collectively, these changes represent significant alterations to the earlier October 2022 and October 2023 controls and underscore the need to remain vigilant to frequent changes in the controls applicable to SME, advanced computing items, and quantum computing technology.

2. Quantum Computing

In September 2024, BIS released an interim final rule imposing additional controls, in conjunction with partner countries, on quantum computing (an emerging field within computer science that uses insights from physics to solve certain problems far faster than traditional computers) and other advanced technologies. This was a clear example of President Biden’s preference for multilateral actions (discussed further below), and also recognized that without joint action the effectiveness of any export restriction will be far reduced. Specifically, the new rule made the following key changes to the EAR:

Revision of several existing ECCNs and identification of a new subset of “900” series ECCNs (e.g., ECCN 3A901), signifying controls harmonized with the implemented export controls of partner countries. Compared to items subject to multilateral regimes controls (e.g., the Wassenaar Arrangement), these “900” series items have worldwide license requirements and more limited license exception availability. Such items include, among other things, certain additive manufacturing equipment designed to produce metal or metal alloy components, technology for the development or production of coating systems, complimentary metal-oxide semiconductor circuits, parametric signal amplifiers, cryogenic cooling systems and components, gate all-around field-effect transistor (“GAAFET”) technology, scanning electronic microscopes, cryogenic wafer probing equipment, various materials used to develop quantum items, software designed to extract Graphic Design System II or equivalent standard layout data, and quantum computers, as well as certain related equipment, software, and technology for such items.
Imposition of deemed export and deemed reexport license requirements for certain quantum, integrated circuit, additive manufacturing, and aerospace items, a significant departure from similar controls previously imposed on certain SME and advanced computing items. However, BIS continues to include deemed export and deemed reexport license exclusions with respect to ECCNs 3D001, 3D002, and 3E001 for anisotropic dry plasma etch equipment and isotropic dry etch equipment, and there is a limited exclusion for certain software or technology released to persons whose most recent citizenship or permanent residency is not a country in Country Group D:1 or D:5. Deemed exports are exports that the U.S. Government “deems” to occur between the United States and a foreign person’s home country when technology is shared with a foreign person physically located in the United States. Deemed reexports are exports that occur when technology is shared with a foreign person who has a nationality other than that of the foreign country where the release or transfer takes place. The list of software and technology eligible for this limited exclusion was amended in December 2024.
- In light of personnel shortages in critical quantum-related fields, foreign person employees and contractors that already have access to covered software and technology as of September 6, 2024—particularly those in Country Group A:5 and A:6 destinations—are “grandfathered” in to allow continued access to this information. These shortages are so severe that even foreign persons who are existing employees or contractors and whose most recent country of citizenship or permanent residency is in Country Group D:1 or D:5 may continue to access sensitive GAAFET technology under the general license in the EAR’s General Order No. 6. However, this is only the case if their employer conducts annual reporting. In some cases, personnel with experience in other kinds of quantum technology may even be eligible for that General License if they are newly hired.
Addition of License Exception Implemented Export Control (“IEC”) to authorize exports and reexports to specified destinations that have implemented similar controls to the United States. Such destinations and eligible items are identified on a list published on BIS’s website, and eligible ECCNs will also state “IEC: Yes” in the ECCN’s list-based license exception paragraph.

3. Validated End User Program

In September 2024, BIS announced the expansion of its Validated End User (“VEU”) program. The VEU program authorizes exports of covered items to pre-vetted end users in certain countries without a separate license required for each export, thereby expediting the export process for identified VEUs. Under the resulting October 2024 final rule, existing VEU authorizations remain available, but data centers in most countries (excluding Country Group D:5 countries) can now apply to be validated end users for exports of specified SME and advanced computing items. The new Data Center VEU program was created to ease the export and reexport burden associated with certain items controlled on BIS’s Commerce Control List (“CCL”)—including certain advanced computing items, but excluding “600” series items and items controlled for missile technology or crime control reasons—to pre-approved, trusted end users. As outlined in the final rule describing these changes, unlike pre-existing General VEU authorizations, in-country transfers among Data Center VEUs of items exported under a Data Center VEU authorization are not permitted.

Requests for Data Center VEU authorization must be submitted via an advisory opinion request to BIS, and such a request must disclose a significant amount of information, as described in 15 C.F.R. Part 748, Supplement No. 8, such as: the proposed VEU candidate’s ownership structure; the list of items for intended export; intended end users; recordkeeping practices; physical and logical (i.e., data) security requirements; current and potential customers; an overview of the data center’s information security plan; an explanation of the network infrastructure and architecture and service providers; an overview of the supply chain risk management plan, export control training program, and compliance program procedures; as well as a legally binding agreement to permit U.S. Government officials to conduct on-site reviews.

Upon review of an application, the End-User Review Committee (“ERC”)—an interagency panel consisting of representatives of the U.S. Departments of Commerce, State, Defense, Energy and, where appropriate, the Treasury—will consider a range of national security factors and may impose conditions upon granting the authorization, such as restricting access to the facilities and limiting the computing power of a given facility. End users that meet Data Center VEU authorization requirements are listed in 15 C.F.R. Part 748, Supplement No. 7, along with the eligible destinations and items. Even if a VEU is approved, however, exporters must obtain certifications from the VEU prior to export, provide the VEU with a written notification of the shipment containing specific details as outlined in 15 C.F.R. § 748.15(g), file semi-annual reports with BIS, and retain all relevant records for a period of at least five years. Likely due to the extensive pre-authorization requirements and substantial ongoing compliance obligations, no Data Center VEU authorization has been publicly granted to date. BIS further amended its Data Center VEU authorization, imposing additional security requirements among other changes, in a January 2025 interim final rule on AI discussed further below.

4. Advanced Semiconductors for Military Applications

In December 2024, BIS unveiled a new set of expansive regulations that the agency described as having been “designed to further impair the [PRC’s] capability to produce advanced-node semiconductors that can be used in the next generation of advanced weapon systems and in artificial intelligence . . . and advanced computing, which have significant military applications.” The accompanying interim final rule imposed broad new controls on SME and advanced computing items, implemented new Foreign-Direct Product (“FDP”) rules—which extend U.S. jurisdiction to foreign-made items that are the “direct product” of controlled U.S.-origin technology or software, or of a manufacturing facility or equipment derived from such controlled U.S. technology or software—and further revised the EAR to clarify the scope of related controls as follows:

New and revised ECCNs control certain SME equipment (including certain etch, deposition, lithography, ion implantation, annealing, metrology and inspection, and cleaning tools), software tools for developing or producing advanced-node integrated circuits, high-bandwidth memory stacks, electronic computer-aided design software and technology, and technology computer-aided design software and technology.
Two new FDP rules extend the scope of the EAR to include certain foreign-manufactured items that (1) are the direct product of, (2) are the product of a complete plant or major component of a plant that is itself the direct product of, or (3) contain a product of a complete plant or major component of a plant that is a direct product of, specified U.S.-origin software or technology. This third prong, capturing items “containing” a component that is a foreign direct product of U.S. software or technology, is a novel expansion of the FDP rule that as a practical matter renders such components ineligible for de minimis treatment when assembled into items produced abroad. From a policy perspective, these new rules are aimed at combatting efforts by the PRC to obtain foreign-manufactured SME and advanced computing items as follows:
- The new SME FDP rule applies to certain foreign-manufactured SME and related items whenever an exporter has “knowledge,” as defined under the EAR to cover actual knowledge and an awareness of a high probability, which can be inferred from acts constituting willful blindness, that a covered item is destined to a Country Group D:5 destination or Macau.
- Similarly, the new Footnote 5 FDP rule applies to specified foreign-manufactured items used to produce advanced-node integrated circuits whenever an exporter has “knowledge” that the item will be (1) incorporated into any part, component, or equipment produced, purchased, or ordered by any Entity List entity with a Footnote 5 designation or (2) when any such designated entity will be a party to a transaction involving the commodity (e.g., as a purchaser, intermediate consignee, ultimate consignee, or end user). BIS notes that the new Footnote 5 designation is calculated to help industry identify foreign parties involved in supporting the PRC’s efforts to produce advanced-node semiconductors, including for military end-uses. A companion final rule added 140 new entities to the Entity List and modified 14 existing entries, resulting in a total of 16 entities with the new Footnote 5 designation.
Adds corresponding licensing requirements to Parts 742 and 744 of the EAR to restrict the export, reexport, and transfer of items within the scope of the new FDP rules discussed above and the new and revised ECCNs discussed above, though certain exceptions are available, including for countries implementing equivalent controls listed in 15 C.F.R. Part 742, Supplement No. 4.
Revises the De Minimis rule—which allows foreign-made items that incorporate less than a certain de minimis amount of controlled U.S.-origin content to be exempt from most U.S. export restrictions—to specify there is no de minimis level for certain SME and advanced computing items that contain a U.S.-origin integrated circuit whenever such items are destined for a Country Group D:5 destination or Macau or to a Footnote 5 Entity List entity. These new provisions ensure that foreign-produced SME containing U.S.-origin integrated circuits (or other components) are controlled to the same extent as foreign-produced SME containing items controlled by the SME FDP rule and the Footnote 5 FDP rule.
New License Exception Restricted Fabrication Facility (“RFF”) permits the export of certain legacy SME and related items to certain fabrication facilities subject to end-user requirements, provided that these facilities are not engaged in the production of advanced node integrated circuits. Eligibility for License Exception RFF is tied to specific entities on the Entity List that contain a reference to 15 C.F.R. § 740.26, and its use is subject to various notification and reporting obligations as stipulated in that section.
New License Exception High-Bandwidth Memory (“HBM”) authorizes the export of certain HBM commodities controlled under the new ECCN 3A090.c under a narrow set of circumstances, provided that specified recordkeeping and notification requirements are met.
Eight new red flags were added to BIS’s “Know Your Customer Guidance” in 15 C.F.R. Part 732, Supplement No. 3 concerning due diligence efforts that must be undertaken by exporters in various scenarios before SME and advanced computing items subject to the EAR may be exported. In particular, Red Flag 26 and the accompanying text in the interim final rule make clear the sweeping implications of the new FDP rules. In Red Flag 26, BIS notes that, due to the prevalence of U.S.-origin tools in the global production of integrated circuits, exporters should operate under the presumption that any integrated circuit is likely produced from controlled U.S. software or technology. Thus, if a foreign-produced item is described in the relevant Category 3B ECCN and contains at least one integrated circuit, there is a presumption that the product meets the product scope of the applicable FDP rule. Accordingly, an exporter must resolve this red flag before proceeding with the transaction.
Clarified end-use controls related to the development and production of advanced-node integrated circuits, the definition of “advanced-node integrated circuit,” certain general prohibitions, and a temporary general license authorizing the export of certain less-sensitive SME and advanced computing items to account for the new controls.
Clarified that software license keys (e.g., software used to activate or renew licenses to access certain software or hardware) are classified and controlled under the same ECCNs as the software or hardware to which they provide access (or the corresponding software ECCN, in the case of access to hardware). For example, if a software license key provides access to ECCN 5A992 hardware, the key itself is classified under ECCN 5D992.

5. Mature-Node Semiconductors

In December 2024, BIS released its long-awaited Public Report on the Use of Mature-Node Semiconductors, concluding a process that began in January 2024. The report aimed to provide an overview of the use of mature-node semiconductors in supply chains that support U.S. critical infrastructure. The report based its findings on data collected from a sample of industry participants and highlighted the lack of visibility into semiconductor supply chains and the pervasive use of semiconductors manufactured by foundries located in the PRC—even though semiconductors represent a limited share of the total number of chips used in specific products. The report also highlighted how the expansion of production capacity in the PRC is beginning to impact the competitive position of U.S. chips in the global market.

6. Artificial Intelligence

The rapid rise and proliferation of artificial intelligence led the U.S. Government to implement sweeping export control regulations on AI technologies. The rules were so sweeping that they gave rise to unprecedented complaints from both U.S. hardware and software providers, as well as core U.S. allies, that the regulations were so draconian as to limit their ability to actually work on AI in manner that would be fast enough to compete with the technology emerging from China.

With respect to the regulations, in a break from the hardware-based controls on the semiconductors and semiconductor manufacturing equipment necessary to produce an AI application or large-language model, BIS in September 2024 proposed its first rule directly regulating AI itself.

The basis for this rule was unusual for BIS: Executive Order 14110, which was issued by President Biden in October 2023 to implement the Defense Production Act of 1950 (a Korean War-era statute that authorizes the President to ensure the supply of materials and services for the national defense of the United States). Consequently, the proposed rule focused on gathering information necessary to protect U.S.-origin AI products or to ramp up defense industry production of such products, rather than controlling the export of any commodities, hardware, or software. The rule would require companies, individuals, or other organizations or entities that acquire, develop, or possess a potential dual-use foundation AI or large-scale computing cluster to file a quarterly report with BIS regarding any such acquisition, development, or possession, including the existence and location of clusters and the amount of total computing power available in each cluster. This reporting requirement includes information regarding the characteristics, safety (e.g., self-replication or propagation constraints, constraints on use to influence real or virtual events, constraints on ability to use the model to develop, produce, or use weapons of mass destruction), reliability, training, and cybersecurity protections of the models and regarding ownership and protection of model weights.

Notably, the rule defines a “dual-use foundation model” as a model that is “trained on broad data; generally uses self-supervision; contains at least tens of billions of parameters; is applicable across a wide range of contexts; and that exhibits, or could be easily modified to exhibit, high levels of performance at tasks that pose a serious risk to security, national economic security, national public health or safety, or any combination of those matters.” This framing significantly limits the scope of covered models.

BIS followed up on January 13, 2025 by issuing an interim final rule on AI diffusion, which aims to maintain U.S. technological leadership over AI by reducing diversion of advanced AI models to Country Group D:5 destinations (which, as noted above, include China and Hong Kong) and Macau, and to support development of these models in validated entities in a small set of partner countries, where they will be stored under stringent security conditions.

Notably, this rule requires a license to export, reexport, or transfer (in-country) advanced computing integrated circuits or the model weights of the most advanced AI models to any end user in any destination. In particular, it controls the export of model weights for advanced, closed-weight dual-use AI models trained on more than 10²⁶ computational operations in a new ECCN 4E091, as well as the export of large clusters of advanced computing integrated circuits (which can support such models) in modified ECCNs 3A090.a and .z and 4A090.a and .z. (The model weights for open-weight models do not presently require a license, and the rule also does not impose new controls on application programming interfaces to access AI platforms.) BIS also provided guidance to exporters who need assistance self-classifying their models.

The rule focuses on model weights, rather than the models themselves, because model weights are more challenging to develop, require extensive model training, and are easy to copy and steal. Model weights with fewer than 10²⁶ computational operations are already widely published and therefore hard to control. There is, however, a recognition that the pace of technological development may render these various weights quickly out-of-date.

The U.S. Government will review applications for controlled exports, reexports, and transfers (in-country) based on the sensitivity of the destination, the quantity of compute power or performance of the AI model, and the security requirements agreed to by the recipient. The rule establishes a licensing policy of presumption of denial for both model weights and certain large quantities of advanced computing integrated circuits needed to train advanced AI models. Moreover, foreign-produced model weights of similarly advanced closed-weight models may also be controlled by this rule, through a new foreign direct product rule in 15 C.F.R. § 734.9(l). BIS expects such models to be subject to the rule, as it has “found that many foreign entities that are training advanced AI models or intend to train such models are using advanced computing [integrated circuits] and related items that were directly produced with U.S. technology.”

Despite the rule’s stringent licensing policy, BIS permits certain exports to proceed by providing:

License Exception Artificial Intelligence Authorization (“AIA”) authorizing the export, reexport, or transfer of both advanced integrated circuits and model weights to end users located anywhere other than Country Group D:5 or Macau if they are employed by an entity headquartered in destinations where (1) the government has implemented measures with a view to preventing diversion of advanced AI technologies, and (2) there is an ecosystem that will enable and encourage firms to use advanced AI models for activities that may have significant economic benefits. BIS and partner agencies have listed approved countries in paragraph (a) to 15 C.F.R. Part 740, Supplement No. 5. Notably, that list does not include all members of the Global Export Control Coalition, which has partnered together to implement “substantially similar” controls on Russia, nor does it include all countries eligible for License Exception IEC, described above. Instead, it presently covers only Australia, Belgium, Canada, Denmark, Finland, France, Germany, Ireland, Italy, Japan, Netherlands, New Zealand, Norway, Republic of Korea, Spain, Sweden, Taiwan, the United Kingdom, and the United States. Even within these countries, exporters and reexporters may not take advantage of this exception unless they ensure that the end user has instituted specific security measures that will reduce the risk of diversion, specified in 15 C.F.R. Part 748, Supplement No. 10, and exporters of advanced integrated circuits must first obtain a compliance certification from the ultimate consignee.
License Exception Advanced Compute Manufacturing (“ACM”) authorizing the export, reexport, or transfer of items controlled by the rule to private sector end users located outside of and not headquartered in (or with an ultimate parent company headquartered in) Country Group D:5 or Macau, for the development, production, or storage of the same kinds of items (when ultimately not destined to Country Group D:5 or Macau)—but not for any other activity, including training an AI model. Parties who use this license exception are expected to keep up-to-date inventory and distribution records.
License Exception Low Processing Performance (“LPP”) authorizing the export and reexport of certain advanced integrated circuits with low computational power—up to 26,900,000 Total Processing Performance (“TPP”) of advanced computing integrated circuits per-calendar year, in aggregate across all exporters for that year, to any individual ultimate consignee located outside of and not headquartered in (or with an ultimate parent company headquartered in) Country Group D:5 or Macau. Because this license exception covers the total amount of TPP an end user can receive in a year from all exporters and reexports, before using License Exception LPP, the exporter or reexporter must obtain (and ultimately provide to BIS) a certification from the ultimate consignee that the ultimate consignee has not received an aggregate of 26,900,000 TPP during the relevant calendar year and that the requested TPP for that specific transaction will not result in the ultimate consignee exceeding the TPP limit.
An expanded License Exception ACA, which now authorizes the export and reexport of covered items to any destination worldwide other than Country Group D:5 or Macau (or to related entities), and not just to destinations in Country Group D:1 or D:4.
A clarification of the questions BIS uses as its review criteria for License Exception NAC, which allows shipment of some advanced integrated circuits to Macau and Country Group D:5 with advanced notice to the U.S. government.
An expanded validated end-user status for data centers—now covering both “universal” validated end users and “national” validated end users, though there is a cumulative maximum installed base allocation of 790,000,000 TPP per year for each destination country, regardless of the number of validated end users in that country. Universal validated end user (“UVEU”) status will be limited to companies headquartered in or whose ultimate parent is headquartered in destinations specified in paragraph (a) of 15 C.F.R. Part 740, Supplement No. 5, and an approved UVEU cannot transfer or install more than 25 percent of its total AI computing power (i.e., the AI computing power owned by the entity and all its subsidiary and parent entities) to or in locations outside of countries listed in paragraph (a) to Supplement No. 5 to Part 740, and cannot transfer or install more than seven percent of its total AI computing power to or in any single country outside of those listed in paragraph (a) to Supplement No. 5 to Part 740. Additionally, a UVEU headquartered in the United States cannot transfer or install more than 50 percent of its total AI computing power outside of the United States. National validated end user (“NVEU”) status will be available to end users in other countries (except Country Group D:5 or Macau) with export limitations set on a per-company, per-country basis. Information required to be submitted to become a VEU is described in 15 C.F.R. Part 748, Supplement No. 8.

In addition, deemed exports and deemed reexports to persons employed by entities headquartered in or with an ultimate parent headquartered in this same approved country list (in paragraph (a) to 15 C.F.R. Part 740, Supplement No. 5) are not licensable.

Notably, as both AI-focused rules were promulgated under multiple authorities—including E.O. 14110, which has since been rescinded by President Trump—we anticipate that any final rule, though still likely aligned with Trump administration priorities regarding the containment of China, could be subject to delay or reconsideration in light of the rules’ shifting legal foundation.

7. Advanced Computing Integrated Circuits

Immediately following the expansive new regulations targeting AI discussed above, BIS on January 16, 2025 issued another interim final rule further restricting the worldwide export, reexport, and transfer of the most advanced integrated circuits classified under ECCN 3A090.a. That rule allows BIS to meticulously map global supply chains involving advanced integrated circuits through a combination of enhanced export restrictions, lists of authorized recipients for certain highly controlled items, and a quarterly reporting requirement for “front-end fabricators.” BIS touted the rules, which set a compliance date of January 31, 2025, as providing clearer guidelines for conducting due diligence to confirm that an integrated circuit does not meet the parameters of ECCN 3A090.a, as well as offering a method for combatting false representations from certain end users in restricted destinations. However, the rule’s complex compliance requirements will require affected companies to closely review their supply chains and third-party partners to ensure existing policies comport with the new restrictions.

Key aspects of the rule include:

Creation of a rebuttable presumption that integrated circuits meeting the parameters of ECCN 3A090.a exported by a front-end fabricator or outsourced semiconductor assembly and test (“OSAT”) company are designed and marketed for data centers and therefore subject to a worldwide licensing requirement. This license requirement can only be overcome by the front-end fabricator or OSAT in one of three ways:
- The item is destined for an approved integrated circuit designer listed in 15 C.F.R. Part 740, Supplement No. 6—which presently includes 33 U.S. Government-approved integrated circuit designers headquartered in a Country Group A:1 or A:5 destination or Taiwan—or an authorized integrated circuit designer that meets certain eligibility requirements;
- The item is packaged by an approved OSAT company listed in 15 C.F.R. Part 740, Supplement No. 7—which presently includes 24 U.S. Government-approved OSAT companies not located in a Country Group D:5 destination—who must attest that the transistor count of the final integrated circuit is below the relevant performance threshold; or
- The item is packaged by a front-end fabricator not located in a Country Group D:5 destination or Macau and the fabricator verifies that the transistor count of the final integrated circuit is below the relevant performance threshold.
Development of an extensive vetting process and listing renewal process to update and revise the approved entities included in 15 C.F.R. Part 740, Supplements No. 7 and 8, described above.
Modification of License Exceptions AIA and ACM to limit their use to approved or authorized integrated circuit designers listed above to comport with the new rebuttable presumption with respect to ECCN 3A090.a and to address diversion concerns.
Implementation of quarterly reporting requirements for front-end fabricators of integrated circuits meeting the parameters of ECCN 3A090.a, including completion of a required “Know Your Customer” vetting form by authorized integrated circuit designers. OSATs are not currently subject to this quarterly reporting requirement, but BIS noted in the interim final rule that it is evaluating extending this requirement in the future.
Extension of the Footnote 5 FDP rule and the De Minimis rule to bring within the scope of the EAR specified foreign-manufactured items destined for a facility in a Country Group D:5 destination or Macau where the production of advanced-node integrated circuits occurs (or when an entity located at such a facility is otherwise party to the transaction), even if the entity is not designated with a Footnote 5 on the Entity List—making the Footnote 5 list non-exhaustive.

This interim final rule was accompanied by the addition of 16 Chinese and Singaporean entities to the Entity List with a Footnote 4 designation for “supporting or directly contributing to the development of advanced computing integrated circuits” in China.

B. Russia and Belarus

The United States, in parallel with efforts to restrict China’s access to advanced technology, in 2024 continued to expand and refine export controls targeting Russia to stanch the flow of goods, software, and technology that can be used by the Kremlin to prosecute the war in Ukraine. Since Moscow launched its full-scale invasion in February 2022, BIS has placed wide-ranging controls on thousands of items destined for Russia and Belarus, though BIS’s recent efforts have principally focused on fine-tuning these restrictions to apply even greater pressure on Russia and its allies.

In January and April 2024, BIS expanded the product scope of the Iran FDP rule, which was initially implemented in February 2023 in response to Iran’s ongoing military support for Russia. The February 2023 rule specifically targeted items that could be used to create unmanned aerial vehicles sent by Iran to Russia by covering foreign-produced items in categories 3 through 5 or 7 of the CCL destined for Iran, and by covering certain foreign-produced EAR99 items based on their six-digit Harmonized Tariff Schedule (“HTS”) codes when destined for Russia, Belarus, or Iran.

The April 2024 expansion covered 39 additional foreign-manufactured items, identified by their six-digit HTS codes, thereby expanding controls over the entirety of the Common High Priority List. (The Common High Priority List is a set of items deemed by the United States, the European Union, Japan, and the United Kingdom to present especially high risk for diversion due to their potential use in Russian weapons systems.) These items are now subject to a licensing requirement whenever they are intended for export or reexport to Iran, Russia, Belarus, or the Crimea region of Ukraine.

In advance of a G7 summit in June 2024, BIS released an even more expansive list of controls by adding 522 items to the lists of items subject to Russian and Belarusian industry sanctions, resulting—together with prior controls—in license requirements for all HTS codes listed in 18 additional chapters of the HTS. These new controls, which we describe in detail in an earlier client alert, also imposed restrictions on certain riot control agents, implemented broad restrictions on certain types of EAR99 software when destined to or within Russia or Belarus, narrowed the scope of commodities and software covered by License Exception Consumer Communications Devices (“CCD”) for Russia and Belarus, and added new parties—and certain addresses that present heightened diversion risks—to the Entity List for supporting Russia’s military efforts. BIS described these efforts as being aimed at preventing distributors and transhippers from aiding Russia’s military-industrial base, including by separately informing over 130 distributors of additional restrictions on shipments to Russia.

Underscoring the extent of interagency collaboration to address Russia’s malign activities, the new EAR99 software controls apply to the same types of business software covered by OFAC’s June 2024 determination prohibiting the exportation to Russia of certain information technology and software services. However, the breadth of these controls is somewhat mitigated by exclusions for (1) entities engaged exclusively in the agriculture or medical industries and (2) entities wholly owned by companies headquartered in the United States and certain closely allied countries, as well as joint ventures involving U.S. entities and/or entities from the same closely allied countries.

In July 2024, BIS again expanded its Iran FDP rule pursuant to the No Technology for Terror Act to cover items in categories 3 through 9 (rather than only items in categories 3 through 5 or 7) of the CCL, when destined to Iran. The July rule also added a new end-user scope to the Iran FDP rule that applies when the exporter has knowledge that the Government of Iran is a party to any transaction involving the foreign-produced item.

In August and November 2024, BIS took further action by imposing license requirements on the export of software and software updates for the operation of computer numerical control machine tools (including software embedded in such tools), expanding the renamed Russia/Belarus-Military End User and Procurement FDP rule to include items destined for Russian and Belarusian procurement entities designated on the Entity List with a Footnote 3 designation wherever located (thereby subjecting such foreign-manufactured items to the licensing requirements of the EAR), imposing new controls on nine chemical precursors used in riot control agents and chloropicrin (which, according to the U.S. Government, have been used by Russia as a chemical weapon in Ukraine), and explicitly expanding the availability of License Exception ENC and the exclusions for EAR99 software for the official business of diplomatic or consular missions of governments listed in Country Groups A:5 and A:6 (i.e., U.S. allies and partners).

Despite imposing heavy restrictions on the flow of many items to Russia and Belarus, BIS has simultaneously sought to ensure that exports of medicine and medical equipment can proceed. In line with OFAC’s Russia General License 6D, which authorizes most U.S. nexus transactions related to the production, manufacturing, sale, transport, or provision of medicine or medical devices, BIS in April 2024 introduced License Exception Medical Devices (“MED”) to authorize exports of EAR99-designated “medical devices” and related items to Russia, Belarus, and certain regions of Ukraine that would otherwise be restricted by 15 C.F.R. Part 746, Supplement No. 4. Previously, many such items were subject to a licensing requirement, though BIS noted such license applications were generally approved. Importantly, License Exception MED does not authorize exports to restricted parties, to production facilities, or whenever the exporter has knowledge that the item is intended to develop or produce any items. Parts, components, and related items for medical devices may only be exported on a one-to-one basis to replace broken or nonoperational equivalent items, or because they are necessary and ordinarily incident for preventative maintenance. Despite these limitations, BIS anticipates that License Exception MED will significantly reduce the number of license applications related to medical devices and address ongoing humanitarian needs in affected destinations.

C. Multilateral Controls

As noted above, the Biden administration was heavily focused on moving away from unilateral sanctions and export controls and toward a multilateral system of regulations. This focus expanded following Russia’s full-scale invasion of Ukraine. Since then, the United States has frequently turned to its partners to implement similar export controls across many jurisdictions. Importantly, recognizing that using existing multilateral control regimes was either impractical or impossible (if certain member states were less willing to go along with U.S. wishes), these more recent efforts have been pursued on an ad hoc basis among like-minded countries and outside the bounds of the conventional agreements that have been built up over decades.

In April 2024, BIS issued an interim final rule amending the EAR to remove license requirements, expand the availability of license exceptions, and reduce the scope of end-use and end-user-based license requirements for exports, reexports, and transfers (in-country) to or within Australia and the United Kingdom as part of the AUKUS security partnership. The rule specifically focuses on significantly decreasing licensing burdens related to BIS-controlled military items, missile technology, and so-called hot section items for the development, production, or overhaul of commercial aircraft engines, components, and systems.

BIS also made a notable advancement when, in October 2024, the agency promulgated an interim final rule that reduces license requirements on less-sensitive items related to spacecraft to reflect the United States’ close relationship with certain countries. Specifically, the rule eases requirements for items related to remote sensing and space-based logistics, assembly, and servicing of spacecraft to better rationalize the controls and facilitate collaboration among the United States, Australia, Canada, and the United Kingdom.

These two actions taken together demonstrate BIS’s efforts to refine export controls, including in the defense and space sectors, to facilitate collaboration and decrease regulatory friction among like-minded nations, while further distancing itself, and these technologies, from nations with interests adverse to those of the United States.

D. End-Use and End-User Controls

In addition to novel measures such as stringent controls on semiconductors and supercomputers, the United States over the past several years has used traditional export controls such as the Entity List to limit dealings involving end uses and end users of concern, with China-based organizations a perennial focus of such restrictions. As noted in our 2023 Year-End Sanctions and Export Controls Update, the expanding size, scope, and profile of the Entity List now rivals OFAC’s SDN List as a tool of first resort when U.S. policymakers seek to exert strategic pressure, especially against significant economic actors in major economies. In 2024, BIS continued to aggressively leverage the Entity List and expanded its scope through new rules, like the addition of address-only entries. At the same time, BIS overhauled certain military, intelligence, and law enforcement end-user controls, significantly broadening the reach of these restrictions.

1. Notable Entity List Designations and Removals

Entities are added to the Entity List by the interagency End-User Review Committee. Designations occur when the ERC determines that the entities pose a significant risk of involvement in activities contrary to the national security or foreign policy interests of the United States. The evidentiary threshold for inclusion is “reasonable cause”—far below the “beyond a reasonable doubt” standard used in U.S. courts during criminal proceedings—yet the consequences can be severe. Through Entity List designations, BIS prohibits the export of specified U.S.-origin items to designated entities without BIS licensing, and BIS generally adopts either a policy of denial or ad hoc evaluation for license requests. Those exporting to parties on the Entity List are also precluded from making use of any BIS license exceptions. However, because the Entity List prohibition applies only to exports of items that are “subject to the EAR,” even U.S. persons are still free to provide many kinds of services to, and to otherwise continue dealing with, those added to the list in transactions that do not involve items subject to the EAR or certain categories of restricted U.S.-person-provided services.

The ERC has over the past several years steadily expanded the bases upon which companies and other organizations may be added to the Entity List. Further expanding the Entity List’s reach, a final rule released in June 2024 authorizes BIS to add mailing addresses to the Entity List without corresponding entity names to combat unlawful diversion by shell companies that change identities to evade export controls. As such, an export license requirement now applies to all items controlled on the CCL or listed in 15 C.F.R. Part 746, Supplement No. 7 when destined to any entity using a listed address, whether or not the entity is named on the Entity List. Moreover, even when a mailing address is not listed as a standalone entry, BIS considers a party’s use of the same address as a listed entity to be a “red flag,” requiring businesses to undertake sufficient due diligence to ensure that co-located entities are not listed entities or acting on their behalf. Pursuant to the new “address only” rule, BIS in June 2024 added to the Entity List eight addresses and five entities in China (which includes Hong Kong under the EAR). In August 2024, BIS added three more addresses in China and one in Turkey and, in October 2024, added further addresses in China linked to significant transshipment of sensitive goods to Russia and entities at risk of violating the EAR. These address-only listings suggest BIS is focused on the use of shell companies to evade export controls, and we expect more addresses to be added to the Entity List in the future.

In December 2024, BIS again broke new ground in its use of end-user controls by designating to the Entity List three China-based firms for making investments in semiconductors, citing their role in aiding the PRC’s efforts to acquire entities with sensitive semiconductor manufacturing capability with the objective of relocating these entities to China. Those designations were part of a wave of additions to the Entity List in which the United States, in a single day, curbed exports to 140 companies, including PRC semiconductor fabrication facilities and equipment manufacturers.

Removals from the Entity List, on the other hand, remain rare given the requirement of a unanimous vote by the ERC. However, in October 2024, BIS, in conjunction with the U.S. Department of State, announced the removal of Canada-based application and network intelligence firm Sandvine Incorporated (“Sandvine”) from the Entity List. The company was added to the Entity List in February 2024 on the basis of its products having been used for mass web-monitoring, censorship, and targeting human rights activists and dissidents. The removal followed Sandvine’s structural overhaul to address the misuse of its technology, including exiting non-democratic countries and adding human rights experts to its new leadership team, and offers an illustrative example of the extensive behavioral changes and remedial measures that can persuade U.S. authorities to reconsider a party’s inclusion on the Entity List.

2. Military, Intelligence, and Security End-Use and End-User Controls

In addition to broadening its use of the Entity List, BIS in July 2024 announced a proposed rule that would significantly expand existing military and military intelligence end-user controls to a broader set of intelligence end users (no longer just military intelligence end users), military-support end users, and—in a separate rule—foreign-security end users, including police and security services at all levels of government “with the authority to arrest, detain, monitor, search, or use force in the furtherance of their official duties” and related parties like forensic labs, prisons, detention facilities, and labor camps. These rules implement provisions of the National Defense Authorization Act for Fiscal Year 2023 and further underscore the Biden administration’s emphasis on placing “human rights at the center of [U.S.] foreign policy.”

As described in more detail in an earlier client alert, the proposed rules broaden restrictions under 15 C.F.R. § 744.21 on “military end users” and “military end uses.” Currently, the EAR prohibits the unlicensed export, reexport, or transfer (in-country) of certain items subject to the EAR to Myanmar (also called Burma), Cambodia, China, Nicaragua, or Venezuela whenever the exporting party has “knowledge” that the item is intended, entirely or in part, for a military end use in one of these destination countries or a military end user of one of these countries, wherever located. Covered items are listed in 15 C.F.R. Part 744, Supplement No. 2. In addition, military end-use and end-user restrictions currently apply to all items subject to the EAR when intended for end uses or end users located in Russia or Belarus (and to certain Russian/Belarusian entities located outside of Russia or Belarus, identified by a Footnote 3 designation on the Entity List).

The proposed changes would extend these prohibitions to cover all items subject to the EAR (including even low-sensitivity EAR99 items) to all countries specified in Country Group D:5 (i.e., a list of arms-embargoed countries that encompasses each of the jurisdictions that is presently subject to the Military End Use / End User (“MEU”) rule, plus many more) and Macau whenever the exporter has “knowledge” that the item is intended, entirely or in part, for a “military end use” or a “military end user.” Those terms would be redefined to include both traditional and non-traditional military actors and to encompass end uses involving defense articles and “600” series foreign items that are not themselves subject to the EAR.

Additionally, BIS would no longer list military end users on its non-exhaustive MEU List. Rather, all such entities would be transferred to the Entity List with either a Footnote 3 (for Russia/Belarus military end users subject to additional restrictions) or a Footnote 5 designation (for all other military end users). (If a final version of this rule is ultimately published, we anticipate that BIS would replace the “Footnote 5” designation with another number, as BIS elsewhere indicated that the agency would use Footnote 5 for parties involved in semiconductor manufacturing and advanced-node integrated circuit production.)

These July 2024 rules would also create or enhance restrictions on U.S. person support for these revised categories of end users. In particular, where U.S. persons previously could not provide support to military end users, going forward they would be unable to provide support to a broader universe of foreign-security end users, military-production activities, or to military-support end users to the extent identified within the end user’s Entity List entry. Military production activities include activities to develop or produce dual-use items which, if located in the United States, would be subject to the EAR, for the benefit of a military end user, but they do not include activities that are governed by the U.S. International Traffic in Arms Regulations (“ITAR”). The restriction on providing support to military-support end users replaces previous restrictions on supporting a military end use, where that end use could include support, which is calculated to reduce the research burden on exporters. Together, these restrictions would prohibit a U.S. person from facilitating a foreign-security, military, or military-support end user’s acquisition, procurement, repair, or maintenance of foreign-origin dual-use items. These U.S. person restrictions would not, however, cover provision of “published“trans technology or software that is otherwise excluded from the scope of the EAR, administrative services, commercial activities by common carriers to move goods (with some limitations), or U.S. Government activities.

3. Harmonization of BIS’s Entity List and OFAC’s SDN List

In March 2024, BIS announced end-user controls on entities named to OFAC’s SDN List under 11 additional sanctions programs, bringing the total number of sanctions programs subject to such restrictions to 14. These new controls apply a licensing requirement for all items subject to the EAR when exported to an individual or entity designated to the SDN List pursuant to certain U.S. sanctions authorities related to Russia’s invasion of Ukraine, terrorism, weapons of mass destruction, or narcotics trafficking or other criminal networks. These same restrictions apply whenever a covered SDN is a party to a transaction (i.e., as purchaser, intermediate consignee, ultimate consignee, or end user). In the final rule, BIS characterized these additional controls as a “backstop” to restrict activities otherwise not subject to OFAC jurisdiction and as a complement to OFAC’s prohibitions on the provision of “material support” to blocked persons. As a practical matter, these new controls restrict non-U.S. parties from engaging in transactions with certain OFAC-sanctioned persons whenever items subject to the EAR (including by application of one or more FDP rules) are involved. The controls also have the potential to impact organizations’ voluntary disclosure analyses as some transactions could now, depending upon the particular facts and circumstances, warrant parallel disclosure to both OFAC and BIS.

E. Compliance Expectations

1. U.S. Infrastructure as a Service Providers

In January 2024, BIS published a proposed rule that would require U.S. Infrastructure as a Service (“IaaS”) providers (also known as cloud services providers) to collect, verify, and maintain identifying information about foreign customers of their IaaS products. Specifically, under the proposed rule, IaaS providers and their foreign resellers would need to verify the identity of foreign customers by maintaining a customer identification program. Additionally, U.S. IaaS providers would be required to file a report with BIS when they have knowledge of any transaction which results or could result in the use of their products for large AI model training. Further, the proposed rule would allow BIS to prohibit or impose certain conditions on IaaS transactions in certain jurisdictions or with specific foreign customers found to be directly supporting the use of U.S. IaaS products in malicious cyber-enabled activities.

The proposed rule is based on two authorities, Executive Order 13984 signed by President Trump in January 2021, and Executive Order 14110 signed by President Biden in October 2023—the latter of which President Trump rescinded on the opening day of his second term. Consequently, a final rule could be delayed by the need to reassess the parameters of the IaaS reporting program. As we describe in a separate client alert, there are a number of practical steps IaaS providers can take to prepare for the regulations potentially becoming effective, including: reviewing and enhancing current customer identification and verification practices; taking stock of foreign resellers and foreign customers; and identifying AI-related accounts.

2. Boycott Requester List

In March 2024, BIS announced the creation of the Requester List, a new online resource for antiboycott compliance. The Requester List is a public repository of entities that have made a boycott-related request that has been reported to BIS. This list is intended to assist companies, financial institutions, freight forwarders, individuals, and other U.S. persons in complying with U.S. antiboycott laws set forth in Part 760 of the Export Administration Regulations.

Crucially, absent some other prohibition, U.S. persons are not restricted from engaging in dealings with entities identified on the Requester List. Rather, the list puts U.S. persons, and foreign persons subject to the reporting requirements imposed by Part 760 of the EAR, on notice that identified parties may be at elevated risk of making reportable boycott-related requests. Parties may be removed from the Requester List by submitting an attestation to the BIS’s Office of Antiboycott Compliance that they will remove all boycott-related requests from purchase orders, contracts, requests for purchase, letters of credit, or other communications with U.S. persons, including with foreign subsidiaries of U.S. persons. In that sense, publication of the Requester List also appears be calculated to incentivize parties that historically have made boycott-related requests to alter their behavior going forward.

3. Financial Institutions and General Prohibition 10

In October 2024, BIS issued guidance to financial institutions detailing best practices for compliance with the EAR, and specifically with General Prohibition (“GP”) 10. As we explain in more detail in an earlier client alert, GP 10 is a broad restriction on knowingly facilitating a violation of the EAR. GP 10 creates a special regulatory risk specifically for financial institutions acting as intermediaries by prohibiting the financing or servicing of an item subject to the EAR “with knowledge that a violation of the EAR has occurred, is about to occur, or is intended to occur in connection with the item.” This risk has increased for financial institutions following Russia’s full-scale invasion of Ukraine in 2022 and the subsequent expansion of U.S. export licensing requirements to cover broad new categories of items, including items that did not previously require financial institution scrutiny.

Due to the EAR’s broad jurisdictional scope, GP 10 can reach the activities of financial institutions globally, even when the parties to a transaction may not themselves be U.S. persons. The October guidance aims to help financial institutions avoid violations of GP 10 by highlighting best practices for adoption. Key compliance practices suggested by BIS include:

Reviewing customers and their counterparties against BIS’s restricted party lists, and lists of entities that have shipped Common High Priority List items to Russia since 2023, at onboarding and during risk-rating reviews;
Obtaining export compliance certifications;
Reviewing transactions on an ongoing basis for “red flags,” including by conducting post-transaction reviews, to avoid financing or servicing a transaction going forward with “knowledge” (including imputed knowledge) of a violation, as prohibited by GP 10; and
For certain transactions (such as cross-border payments that are likely to be associated with exports from the United States), real-time screening against certain BIS-administered restricted party lists (such as the Denied Persons List, certain persons on the Entity List, and certain military intelligence end users identified in the EAR), which generally restrict access to any item subject to the EAR.

F. Voluntary Self-Disclosures

In addition to setting heightened expectations concerning export controls compliance, multiple agencies, including the U.S. Department of Justice’s National Security Division (“NSD”) and BIS, during 2024 sought to incentivize companies to submit voluntary self-disclosures (“VSDs”) upon becoming aware of possible export controls violations.

1. U.S. Department of Justice Enforcement Policy

In March 2024, NSD—which, among other things, handles criminal enforcement of U.S. sanctions and export controls—announced an updated Enforcement Policy for business organizations. The policy articulates NSD’s treatment of voluntary self-disclosures related to potentially criminal violations of such laws, as well as potential violations of other criminal statutes related to national security (which are often seen alongside violations of sanctions and export controls), such as money laundering, bank fraud, and false statements.

Since 2016, NSD has maintained a policy encouraging industry to voluntarily self-disclose potentially criminal violations of these laws. That policy was previously updated in 2019 and 2023 to clarify incentives for disclosing companies and to emphasize that self-disclosure to a civil administrative agency (such as BIS, OFAC, or the U.S. Department of State’s Directorate of Defense Trade Controls) would not qualify as a disclosure to NSD.

The March 2024 updates to NSD’s Enforcement Policy principally involve extending DOJ’s Department-wide guidelines for VSDs in the context of mergers and acquisitions (the “M&A Policy“) to export controls and sanctions. Under the M&A Policy, companies that undertake a lawful, bona fide acquisition of another company and, through due diligence before or shortly after the transaction, identify potential criminal violations of export control, sanctions, or “other laws affecting U.S. national security” by the acquired company, may qualify for the protections of the M&A Policy by submitting a VSD, fully cooperating, and timely remediating the misconduct. Those protections include a presumption that DOJ will decline to prosecute the acquirer and will not seek criminal fines or forfeiture. Under the M&A Policy, self-disclosure will generally be considered “timely” if made within 180 days after the transaction is completed, and any appropriate remediation should generally be completed within one year.

The Enforcement Policy notes that NSD will be guided by similar principles when considering corporate criminal prosecution arising from violations of similar national security laws, including the Foreign Agents Registration Act, laws prohibiting material support to and financing of terrorists, and laws and regulations administered and enforced by the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”), or the Committee for the Assessment of Foreign Participation in the United States Telecommunications Services Sector (commonly referred to as Team Telecom).

2. BIS Voluntary Self-Disclosures

BIS, in a September 2024 final rule, also updated its process for evaluating VSDs from industry, revising prior rules in order to give the agency additional leeway to impose higher civil monetary penalties, impose non-monetary penalties even absent a fine (e.g., suspended denial orders), and incentivize companies to disclose “significant” violations of the EAR. The rule codified updates that were announced by BIS since 2022 via a series of internal memos, made available to the public, and made additional changes. Notably, BIS amended the EAR’s Penalty Guidelines to make the following changes, which we discuss in more detail in a separate client alert:

Streamlining self-disclosure of minor or technical violations by creating a dual-track system for processing VSDs;
Facilitating corrective action that might otherwise be prohibited by easing the ability to obtain authorization to return items to the United States that have been illegally exported;
Further incentivizing VSDs by treating a deliberate decision by a firm not to disclose a significant apparent violation to be an aggravating factor when determining what administrative penalty should be applied;
Enhancing BIS’s discretion in assessing penalties when warranted by removing prior caps on penalties, removing pre-set mitigation credit percentages, and allowing BIS to impose non-monetary penalties for non-egregious conduct that has not resulted in serious national security harm yet nonetheless merits a stronger response than a no-action or warning letter;
Explicitly adding as an aggravating factor transactions that enable human rights abuses; and
Motivating compliance-minded firms to report violations committed by other firms or competitors in order to create a “level playing field” for responsible corporate actors.

BIS also announced the appointment of the agency’s first Chief of Corporate Enforcement, who will serve as the primary liaison between BIS special agents, the Department of Commerce’s Office of Chief Counsel for Industry and Security, and DOJ with the aim of advancing significant corporate investigations.

G. BIS Enforcement Trends

BIS in 2024 entered into ten settlement agreements with business entities for export control violations, resulting in a combined total of approximately $10.5 million in civil penalties against six companies. The largest such penalty, a $5.8 million fine, was issued in August 2024 to a Pennsylvania-based electronics producer to resolve allegations that the company exported entirely EAR99 items to restricted end users, including five parties on the Entity List, and for restricted end uses in China. BIS also announced four antiboycott settlements during 2024 that resulted in combined civil penalties of around $400,000.

BIS enforcement activity this past year focused in particular on several key sectors, including freight forwarding, electronics, and industrial products, with companies that export semiconductors and related items seemingly subject to heightened scrutiny.

Key themes of BIS’s published enforcement actions during 2024 included:

BIS’s commitment to imposing stiffer consequences under its new enforcement guidelines, as well as the impact of aggravating factors such as end uses and end users of significant concern;
The expanded compliance burden on manufacturers of even low-sensitivity EAR99 items, which are now swept up in expanding export controls targeting China, Russia, Belarus, Iran, and other jurisdictions;
The compliance considerations that should attend the use of distributors, including validation of end users and end uses, attention to payment flows, and awareness of BIS’s guidance regarding “red flags”; and
The critical role of accurate transaction screening systems and the importance of ensuring all parties involved in the supply chain and all relevant data fields are properly vetted.

In addition to entering into settlement agreements to resolve alleged violations of its regulations, BIS also showed a continued willingness to impose denial orders, which are one of the agency’s most stringent enforcement measures.

When BIS determines that an individual or entity presents an imminent risk of violating the EAR or has been convicted of violating certain U.S. laws and regulations—including U.S. sanctions and export control laws and regulations—BIS may issue an order denying that person export privileges. The effect of a denial order is that the targeted person is typically prohibited from participating in any way in any transaction involving items subject to the EAR, including both exporting from the United States and receiving or benefiting from any export, reexport, or transfer of any item subject to the EAR. Accordingly, a denial order—which results in the target being added to the Denied Persons List—is an especially powerful tool as, in the case of a non-U.S. person, it completely severs their access to the U.S. supply chain.

In one colorful case, BIS in June 2024 imposed a denial order against an Oregon-based package forwarding company for continued violations of the EAR and for failure to adhere to a prior settlement agreement, illustrating the potentially severe consequences of repeated non-compliance with BIS regulations. In that case, the denial order was initially a suspended penalty under the terms of a 2021 settlement between the company and BIS. However, when the company failed to halt the shipment of items clearly marked as export controlled and requiring an export license, BIS lifted the suspension, imposed a denial order, and barred the company for a period of three years from participating in any export from the United States or any reexport of an item subject to the EAR. Businesses should therefore be mindful that failure to abide by the terms of a settlement agreement can result in severe monetary and non-monetary penalties, up to and including the possibility of a denial of U.S. export privileges.

With President Trump’s first term as a guide, we anticipate that aggressive enforcement of U.S. export controls will continue under the second Trump administration. China appears to be a near-certain target of additional export control measures as the Trump administration pursues strategic competition with Beijing. Further, the America First Trade Policy Memorandum that the President signed on his first day in office specifically calls on the Secretaries of State and Commerce to review the U.S. export control system in order to advise on modifications in light of developments involving strategic adversaries or geopolitical rivals. This directive includes instructions to identify and eliminate “loopholes” in existing export controls and to make recommendations regarding “enforcement mechanisms to incentivize compliance by foreign countries, including appropriate trade and national security measures.”

As described at length in two prior client alerts, we expect the second Trump administration to take a number of actions in this space, including a continued and enhanced focus on restricting exports of “emerging technologies” to China, as well as maintaining the United States’ relative advantage in certain key technologies such as AI and quantum computing. Secretary of Commerce nominee Howard Lutnick has made clear that robust export enforcement will be a priority.

III. U.S. Foreign Investment Restrictions

A. Inbound Investment

In addition to sanctions and export controls, the Committee on Foreign Investment in the United States—the interagency panel tasked with reviewing the national security risks associated with foreign investment in U.S. companies—remained active and aggressive during 2024. While the total number of CFIUS filings was down from 2023, the Committee enhanced its review of non-notified transactions (i.e., transactions that are potentially within CFIUS’s jurisdiction for which the parties have not filed a voluntary notice), monitored a significant number of mitigation agreements (i.e., deal-specific restrictive covenants upon which CFIUS often conditions its approval of transactions), and imposed a record number of penalties for violations of its regulations. Underscoring the Committee’s heightened focus on enforcement, CFIUS expanded its monitoring and enforcement authorities in 2024 through the promulgation of a new rule increasing maximum penalties and enhancing the Committee’s power to obtain information from parties with knowledge of a foreign direct investment transaction.

1. CFIUS Annual Report

In July 2024, CFIUS published its annual report to Congress detailing the Committee’s activity during calendar year 2023 (the “CFIUS Annual Report”). As noted in a prior client alert, key CFIUS-related developments include:

The total number of CFIUS filings decreased for the first time since the passage of the Foreign Investment Risk Review Modernization Act (“FIRRMA”), the 2018 statute that greatly expanded the types of transactions potentially under the Committee’s purview. While the downturn in the global mergers and acquisitions market was largely responsible for this decrease, the mounting burden and cost of CFIUS review, along with the increased risk of mitigation measures for even minority investments, may also be increasingly a concern for parties when assessing whether to make a voluntary filing.
CFIUS redoubled its efforts to review non-notified transactions, including, as discussed below, by expanding its subpoena authority to request information from parties involved in non-notified filings. CFIUS also issued a rare agency-submitted notice in 2023, underscoring its power to conduct unilateral reviews of transactions when parties forgo—or refuse to re-file—voluntary filings.
While the total number of filings decreased in 2023, CFIUS announced that it was monitoring a record-high 246 mitigation agreements.
As we note in an earlier client alert, CFIUS imposed a record number of civil monetary penalties for breaches of material provisions in mitigation agreements in 2023, followed in 2024 by a $60 million civil monetary penalty for breach of a mitigation agreement—the largest-ever penalty issued by CFIUS.
Finally, the CFIUS Annual Report noted the Committee’s expanded jurisdiction, particularly for real estate transactions, which we discuss below.

2. CFIUS Penalties

Shortly following publication of the CFIUS Annual Report, the Committee in August 2024 provided an update on civil monetary penalties issued in 2023 and 2024. In a banner year for enforcement, CFIUS during 2024 assessed a record number of penalties, in amounts ranging up to a staggering $60 million. In a statement accompanying the penalty update, Assistant Secretary for Investment Security Paul Rosen warned: “In the last few years, CFIUS has redoubled its resources and focus on enforcement and accountability, and that is by design: if CFIUS requires companies to make certain commitments to protect national security and they fail to do so, there must be consequences.”

Snapshot of CFIUS Penalties in 2024
On August 14, 2024, CFIUS shared an update on penalties issued in 2023 and 2024—including the largest penalty in CFIUS’s history, and the first penalty for material misstatements provided in connection with CFIUS filings. Importantly, also for the first time in its history, CFIUS published the names of the parties involved in one of these matters, which is noteworthy as CFIUS filings and negotiations are confidential. CFIUS anticipated the questions this development raises about its confidentiality obligations, highlighting in its update that in situations where (1) there is public disclosure of CFIUS matters and (2) the Committee assesses public disclosure serves broader enforcement and national security goals, the Committee may determine it is appropriate to disclose more information. We suspect the parties agreed to the disclosure pursuant to the terms of a settlement with the U.S. Government. In its update, CFIUS highlighted the three new penalties assessed in 2024:
Amount	$8.5 Million	$1.25 Million	$60 Million
Violation	Breach of agreement	Material misstatements	Breach of agreement
Snapshot of Violation	Majority shareholders caused removal of independent directors, leading to vacancy of CFIUS-mandated Security Director position, and causing government security committee to be defunct, resulting in failure to perform required compliance oversight.	Forged documents and signatures, as well as material misstatements in the joint voluntary notice and supplemental information submitted to CFIUS during their review, impairing CFIUS’s ability to assess transaction risk.	Failure to take appropriate measures to prevent unauthorized access to sensitive data and report incidents promptly, resulting in harm to U.S. national security equities.

3. Expanded Monitoring and Enforcement Authorities

In addition to vigorous monitoring and enforcement in 2023 and 2024, CFIUS also broadened the scope of its oversight and strengthened its ability to impose penalties, mitigation agreements, and other enforcement measures.

In April 2024, the U.S. Department of the Treasury, as chair of CFIUS, issued a proposed rule to update CFIUS’s monitoring and enforcement authorities. The Committee then published a final rule in November 2024, which, as we note in a separate client alert, largely retained the proposed rule’s provisions with several minor, but notable, additions. Key elements of the final rule, which went into effect on December 26, 2024, include:

The final rule expands the scope of information that CFIUS can request in non-notified transactions, reflecting the Committee’s continued attention to such transactions. Under the new rule, CFIUS can issue subpoenas not only to determine whether a non-notified transaction constitutes a “covered transaction,” but also to determine whether a transaction meets the criteria for a mandatory declaration or implicates national security concerns. Moreover, CFIUS can subpoena transaction parties and other parties with knowledge relevant to the transaction, which has substantially increased its ability to gather information about transactions it believes may be subject to review.
The final rule increases CFIUS’s ability to require information from relevant parties post-review. CFIUS can now require parties to provide information to monitor compliance with or enforce the terms of a mitigation agreement, order, or condition. Additionally, CFIUS can require parties to provide information to ascertain whether the parties made material misstatements or omissions during the Committee’s review of the transaction.
In addition to strengthening CFIUS’s monitoring and information-gathering capabilities, the final rule enhances the Committee’s enforcement powers, most notably by sharply increasing the civil monetary penalties that CFIUS can impose, as summarized below:

Violation	Former Maximum Civil Monetary Penalty	New Maximum Civil Monetary Penalty	Other Key Changes
Material misstatements and omissions in submissions	$250,000 per violation	$5,000,000 per violation	The new rule expands penalty coverage for material misstatements and omissions in responses to (1) CFIUS requests for information (“RFIs”) related to non-notified transactions, (2) RFIs related to monitoring and compliance, and (3) other CFIUS RFIs such as agency notices.
Failure to submit mandatory declarations	The greater of $250,000 or the value of the transaction	The greater of $5,000,000 or the value of the transaction	CFIUS can impose the newly increased maximum penalty not only for violations that occur as of the effective date of the rule (i.e., December 26, 2024), but also for violations resulting from transactions entered into or consummated prior to the effective date.
Material mitigation agreement violations (intentional or through gross negligence)	The greater of $250,000 per violation or the value of the transaction	The greater of $5,000,000 per violation or the value of the transaction	“Value of the transaction” now means the greater of (1) the value of the person’s interest in the business at the time of the transaction or (2) at the time of the violation, or (3) the value of the transaction as filed with CFIUS.

Finally, the rule alters the time for parties to respond to mitigation agreement proposals. As a general matter, parties are subject to a very aggressive timeframe—they have three business days to provide substantive responses to the terms of a mitigation agreement. However, they may be granted more time at the discretion of the CFIUS Staff Chairperson based on factors set out in the final rule, which include the statutory deadline and parties’ overall responsiveness to the Committee, as well as the national security risk arising from the transaction.

The November 2024 final rule enhances CFIUS’s ability to monitor and enforce foreign direct investment compliance and suggests that, despite the change in administration, the Committee is likely to continue (if not expand) its aggressive oversight and enforcement of foreign investment controls in the coming year.

4. Expanded Jurisdiction Over Real Estate Transactions

In December 2024, CFIUS began enforcing its final rule, published in November 2024, that expands the Committee’s jurisdiction over certain real estate transactions involving foreign persons. CFIUS’s Part 802 real estate regulations outline the Committee’s jurisdiction over “covered real estate transactions“ involving a foreign person purchasing, leasing, or gaining certain other land rights in property within specified proximities to military installations and other sensitive areas. These areas are grouped within four “Parts” outlined in Appendix A to Part 802 of the Committee’s regulations.

The final rule made the following updates:

Expanded CFIUS’s jurisdiction over real estate transactions to include 40 new military installations (bringing the total to 162) in Part 1, which covers real estate within “close proximity” to a listed military installation (i.e., within one mile);
Expanded CFIUS’s jurisdiction over real estate transactions to include 19 new military installations (bringing the total to 65) in Part 2, which covers real estate within the “extended range” of a listed military installation (i.e., up to 100 miles);
Moved eight military installations from Part 1 to Part 2;
Removed one installation from Part 1 and two installations from Part 2 due to their being located within other listed locations;
Revised the definition of the term “military installation” to bring it in line with existing terms and the locations covered; and
Updated the names of 14 installations and the locations of seven others.

Since the CFIUS real estate rules first became effective in 2020, CFIUS has conducted very few reviews of “covered real estate transactions.” CFIUS’s annual report to Congress for calendar year 2022 provided data showing that only one of the 286 notices and five of the 154 short-form declarations for that period were for covered real estate transactions. In 2023, two of the 233 notices and three of the 109 short-form declarations were for covered real estate transactions. The primary reason for the limited real estate filings is that most transactions that involve sensitive real estate are notifiable and reviewable under the Committee’s Part 800 regulations addressing “covered investments.”

Not every covered real estate transaction poses a risk to U.S. national security and, even when CFIUS does identify a threat, in many cases the threat can be mitigated through manageable conditions on the foreign investor’s physical access to, and use of, the land. As such, we do not expect the overall number of real estate reviews to rise substantially due to this new rule. We do, however, expect CFIUS to closely scrutinize the more limited universe of transactions that implicate covered real estate—regardless of whether those transactions result in voluntary filings with the Committee—and to take bold action with respect to such transactions when warranted by national security concerns.

For example, in May 2024, President Biden ordered Chinese-owned MineOne Partners Limited and affiliated companies to divest recently acquired real estate within “close proximity” to Warren Air Force Base in Wyoming. This action brought renewed public scrutiny to foreign person acquisitions of U.S. real estate located near U.S. military installations and other sensitive sites.

5. State Law Investment Restrictions

In addition to conducting CFIUS-focused risk analysis, transaction parties must consider state and local foreign investment reviews—at least for now. According to one recent study, approximately 20 states have implemented some form of restriction on foreign investment in real estate, and over a dozen states are considering bills that would establish similar restrictions.

Many of these state-level restrictions are currently being challenged in court. For example, in February 2024, the U.S. Court of Appeals for the Eleventh Circuit granted an injunction pending appeal to two plaintiffs challenging a Florida law that bars foreign principals from “countries of concern” (including China, Russia, Iran, North Korea, Venezuela, and Syria) from acquiring an interest in agricultural property or property near sensitive military sites. The Court reasoned that the plaintiffs showed a “substantial likelihood of success on their claim that [the Florida law is] preempted by federal law, specifically” FIRRMA—the statutory authority that delegates the power to regulate foreign investment in real estate to CFIUS. In a concurring opinion, one of the three panel judges suggested that plaintiffs also have a strong Equal Protection claim.

As we discuss in a prior client alert, state laws vary in their approaches to address the potential national security and economic implications of foreign ownership of U.S. land. Some states mandate disclosure of foreign ownership of U.S. land, while other states directly prohibit certain transactions and may require divestiture of foreign-owned land. Additionally, state laws differ as to who is subject to the restrictions, with some legislation seeking to regulate real property transactions with individuals and entities from a list of named countries, and other legislation seeking to govern purchases by all non-U.S. citizens.

These state measures add another complexity to the various restrictions at the federal level targeting trade and financial flows with China and other sensitive jurisdictions. For now, at least, international investors and multinational businesses must consider not only federal law when undertaking real estate transactions within the United States, but also state-specific restrictions that may impact their commercial engagements and exposure in the United States.

6. Prospects for CFIUS Reviews and Enforcement

Despite significant leadership turnover, we assess that substantial changes to CFIUS’s processes or enforcement focus are unlikely during the year ahead, though the new administration’s CFIUS priorities remain unclear. Both President Biden and President Trump during his first term adopted an aggressive posture toward Chinese investment into the United States, and the second Trump administration appears set to continue, and perhaps even intensify, this approach. In addition to a harsh climate for Chinese investment, we have seen—for many years—bipartisan calls to closely scrutinize Chinese investments in agricultural land near military bases.

While sweeping changes to CFIUS’s regulations and practices seem unlikely, there may be some shifts in the Committee’s priorities during the year ahead. For example, during the Biden administration, CFIUS increased scrutiny of investments from Saudi Arabia and other Middle Eastern government investors. Under President Trump, who previously enjoyed a close relationship with Riyadh, that trend may change. Indeed, it is noteworthy that President Trump’s first call with a foreign leader following his inauguration was with the Kingdom’s de facto ruler, Crown Prince Mohammed bin Salman; President Trump subsequently touted the Saudi leader’s promise to invest $600 billion in the United States over the next four years.

A second area of potential change concerns the personnel and potential politicization of CFIUS. Some observers cast the Biden administration’s order blocking Nippon Steel’s acquisition of U.S. Steel as an example of CFIUS decision-making being driven by political, rather than solely national security, considerations. It is unclear if CFIUS’s decisions will now more closely reflect certain political inclinations of the Trump administration. Newly confirmed Treasury Secretary Scott Bessent is a former hedge fund manager, whose public comments on the role of CFIUS have been minimal.

B. Outbound Investment

After years of discussions and attempts to impose restrictions on how U.S. persons deploy capital abroad, the Biden administration in October 2024 published a final rule restricting outbound investments (“covered transactions”) by U.S. persons into certain companies owned by, or affiliated with, Chinese persons (such companies, “covered foreign persons”) in the semiconductors and microelectronics, quantum information technology, and AI sectors. The regulations, which became effective on January 2, 2025, divide covered transactions into three categories:

Prohibited;
Requiring notification to the newly created Office of Global Transactions within the U.S. Department of the Treasury; or
Permitted under the various exceptions and carveouts provided in the regulations, with no further process required.

As we note in a prior client alert, while the outbound investment regulations have effectively created a new trade controls regime from scratch—and indeed, there is much that is truly novel in the regulations—they nonetheless draw heavily on existing processes, definitions, and penalties that will be familiar to sanctions, export controls, and CFIUS practitioners.

As with CFIUS, the penalties for violations of the outbound investment regulations are steep. Importantly, these regulations rely upon the same statute that authorizes almost all U.S. sanctions programs—the International Emergency Economic Powers Act (“IEEPA”). Consequently, the penalties for violations are the same. In particular, the Treasury Department may impose civil penalties of up to twice the value of the underlying violative transaction. Willful violations can result in criminal penalties of up to $1,000,000, imprisonment for up to 20 years, or both.

The outbound investment regulations apply globally to U.S. persons making certain acquisitions of equity in covered foreign persons, including contingent equity, equity-type rights, and joint ventures. Unlike CFIUS, the outbound investment regulations also apply to greenfield investments. The restrictions also extend to foreign entities that are controlled by a U.S. parent, requiring the U.S. parent to take all reasonable steps to prevent any transaction by its controlled foreign entity that is prohibited under the outbound investment regulations. U.S. persons are further prohibited from “knowingly directing” transactions by non-U.S. persons that would be prohibited for a U.S. person to conduct itself. Foreign subsidiaries of U.S. companies, however, are not necessarily subject to the regulations.

Covered foreign persons include not only entities that have their principal place of business, headquarters, or place of formation in China, but could also include entities with Chinese ownership and deemed control. In that sense, even though the outbound investment regulations are focused solely on China (including Hong Kong and Macau), their applicability is global.

The outbound investment regulations include a long list of exceptions from coverage to address industry concerns. For example, unless the investment affords the U.S. person rights beyond “standard minority shareholder protections,” a term that remains mired in some ambiguity, investments by U.S. persons in publicly traded securities (including on non-U.S. exchanges) or a security issued by an investment company (such as an index fund, mutual fund, or exchange-traded fund) are excepted, as are certain limited partner investments. Certain intracompany transactions between a U.S. parent and a controlled subsidiary are also permitted. The regulations further include an exception for certain transactions involving countries that have enacted similar outbound investment restrictions in national security technologies, which is noteworthy as the European Union has already taken material steps toward developing their own regime.

As described in a separate client alert, the Treasury Department in December 2024 published Frequently Asked Questions (“FAQs”), as well as guidance on the national interest exemption whereby the U.S. Government may, upon request, determine that a covered transaction is in the U.S. national interest and is therefore exempt from the outbound investment restrictions. More FAQs followed in January 2025 and Treasury launched a new website with enforcement guidelines and instructions for submitting notifications and requests for exemptions.

Although the outbound investment regulations are still in their infancy, investors have undertaken various measures to promote compliance, including:

Enhancing internal due diligence programs to identify whether potential investments involve prohibited or notifiable technologies, including by assessing specific design elements and end uses of technologies and products, as well as determining whether AI systems were trained using certain levels of computing power;
Seeking binding contractual assurances from investment targets that the capital invested will not, directly or indirectly, create a notifiable or prohibited transaction; and
Establishing processes whereby a U.S. person may recuse themselves from covered transactions in order to avoid exercising their authority to “knowingly direct” a transaction and run afoul of the outbound investment regulations.

The outbound investment regulations could soon play a meaningful, and growing, role in U.S. trade policy. Although the regulations are presently targeted at U.S. outbound investments in China, and are limited to a narrow group of critical technology sectors, the regime could easily be expanded. For example, the Trump administration could in coming months broaden the list of restricted investments to include additional sensitive sectors such as hypersonics, satellite-based communications, and networked laser scanning systems with dual-use applications. The President could also expand the countries of concern—investments to which would also be subject to these regulations—beyond China.

IV. U.S. Import Restrictions

In addition to standing up a new China-focused outbound investment regime, the Biden administration during 2024 continued to restrict imports from China through vigorous enforcement of the Uyghur Forced Labor Prevention Act (“UFLPA”). Meanwhile, import actions of another sort will play an early and prominent role in President Trump’s trade policy as the new administration has implemented increased tariffs of 10 percent on China and threatened (but not yet implemented) even more substantial increased tariffs of 25 percent on Canada and Mexico—among the United States’ closest allies and members of the United States-Mexico-Canada Agreement (the “USMCA”) signed by President Trump during his first term.

A. Uyghur Forced Labor Prevention Act

During 2024, the Biden administration sought to strengthen implementation of the Uyghur Forced Labor Prevention Act by expanding both the number of entities targeted under the law and the range of sectors identified as high priorities for enforcement. The expansion of the UFLPA also brings to light the expanded reliance by the U.S. Government on non-governmental sources of information in executing its policies and the consequent accretion of power by politically unaccountable actors in academia and the private sector in furthering government policies. This has been clear since Russia’s expanded invasion of Ukraine began in 2022 (after which private sector parties have pressed for government action) and has continued in the context of the UFLPA. Interestingly, the U.S. Government has not only admitted to this involvement but has celebrated its “partnerships” with non-governmental actors.

As discussed in a prior client alert, the UFLPA establishes a rebuttable presumption that all goods mined, produced, or manufactured even partially within China’s Xinjiang Uyghur Autonomous Region (“Xinjiang”), or by entities identified on the UFLPA Entity List, are the product of forced labor and are therefore prohibited from entry into the United States. The statute has put pressure on companies to implement effective supply chain diligence programs, tailored to meet the challenges of modern supply chains with intricate webs of sub-tier suppliers.

The interagency Forced Labor Enforcement Task Force (“FLETF”)—chaired by the U.S. Department of Homeland Security (“DHS”), which is the agency within which U.S. Customs and Border Protection (“CBP”) resides—is charged with administering the UFLPA Entity List. Following early criticism that additions to that list needed to be expanded, particularly in the face of non-governmental and academic research identifying thousands of companies that appear to meet the UFLPA’s criteria, the FLETF began designating in earnest during 2024. As of January 14, 2025, 144 entities are identified on the UFLPA Entity List—a nearly fivefold increase from the end of 2023. Notably, the vast majority of designated entities are located in areas of China other than Xinjiang, highlighting the need for effective diligence that is not solely focused on avoiding sourcing inputs and final goods directly from that region.

New additions to the UFLPA Entity List have spanned a range of industries, including cotton and textiles, agriculture products, metals and mining, seafood, aluminum, and footwear. The large number of designations in the cotton sector, one of the original high-priority sectors identified for enforcement under the UFLPA, dovetails with DHS’s broader strategy, announced in April 2024, to “level the playing field for the American textile industry.” This also indicates the dual purpose of these restrictions—to promote human rights-sensitive sourcing, while also addressing significant trade imbalances.

In its annual strategy update on UFLPA implementation, DHS for the first time since 2022 formally identified new “high-priority” sectors for enforcement. The 2024 update adds aluminum, seafood, and polyvinyl chloride (“PVC”) to a list that already included apparel, cotton and cotton products, silica-based products, and tomatoes and downstream products. Each of these additions follows in-depth non-governmental organization reporting on links between those products and Xinjiang forced labor, including aluminum in automotive supply chains, PVC in vinyl flooring supply chains, and seafood destined for the United States and the European Union. Similar reporting at the end of 2024 regarding pharmaceutical supply chains may portend a future target of enforcement.

In the two and a half years since the UFLPA went into effect, CBP has detained over 12,000 shipments under the law, valued at over $3.6 billion. Approximately half of those detained shipments have ultimately been released into the United States, an apparent result of successful “applicability review” submissions, whereby companies can seek the release of goods by demonstrating that they are not within the scope of the law’s prohibitions (i.e., because they are not made wholly or in part in Xinjiang or by entities on the UFLPA Entity List). The largest numbers of detentions were associated with the electronics, automotive and aerospace, and apparel, footwear, and textiles industries, per CBP’s classifications. A drop in the value, but not the volume, of shipments detained in the second half of 2024 may indicate a focus on lower-value inputs or component parts. Importantly, China has not been the leading originating nation from which detained shipments have derived. Rather, Malaysia and Vietnam have been—again highlighting the importance of supply chain diligence that goes further than merely inquiring as to the final country from which a good is exported.

To further strengthen forced labor enforcement, some U.S. lawmakers have called for changes to the de minimis exception—a customs law provision whereby certain low-value shipments are afforded lesser scrutiny at U.S. ports of entry and on which China-based “fast fashion” retailers often rely. Although not focused on the UFLPA, CBP in January 2025 published a notice of proposed rulemaking in which the agency announced plans to amend the de minimis exception, noting that the existing rules make U.S. supply chains more vulnerable to “goods potentially made with forced labor.”

While serving in the U.S. Senate, newly confirmed Secretary of State Marco Rubio co-authored the UFLPA and was one of the most vocal advocates in Congress for more aggressive enforcement. As such, although the State Department is not directly tasked with UFLPA enforcement, between his role as a leading member of the cabinet, the degree of broad bipartisan support for the law, and President Trump’s longstanding support for restricting Chinese imports, conditions appear to be ripe for sustained vigorous enforcement of the UFLPA throughout the year ahead.

B. Tariffs

Following years of relative quiet under President Biden, threatened and/or actual increased tariffs and trade wars have already emerged as a key part of the Trump administration’s approach to engaging on international economic and geopolitical issues.

Domestically, any executive action to impose increased tariffs on goods originating from specified jurisdictions such as USMCA members (Canada and Mexico), China, or the European Union, or conceivably all goods entering the United States (collectively, the “Proposed Tariffs”), will almost certainly be the subject of substantial legal challenges, particularly as the U.S. Constitution provides that Congress has general responsibility with respect to tariffs on imports. However, as noted below, Congress since 1930 has delegated substantial authority to the President that could support executive action to increase tariffs.

Accordingly, challenging the Proposed Tariffs could prove difficult, particularly those imposed pursuant to the International Emergency Economic Powers Act, which broadly authorizes the President to impose economic restrictions “to deal with any unusual and extraordinary threat . . . if the President declares a national emergency with respect to such threat.” (A somewhat analogous “international peace or security“2 exception in the USMCA could also substantially limit the prospects for success in a USMCA challenge to increased tariffs on imports from Canada and Mexico.) Despite the enhanced possibility of meaningful challenges to presidential action due to the overturning of Chevron deference and the emergence of the major questions doctrine, we assess that in other than truly unusual matters, it is likely that courts would continue to broadly defer to the Executive in matters involving claims of national security and foreign affairs.

Notably, President Trump in early February 2025 invoked IEEPA—the 1977 statute that underlies nearly all U.S. sanctions programs and which broadly authorizes the President to take action during a period of national emergency declared by the President—to announce increased tariffs on goods from Canada, Mexico, and China (with the increased tariffs on goods from Canada and Mexico paused for at least a month). While President Nixon in 1971 invoked a predecessor statute, the Trading With the Enemy Act, to briefly impose 10 percent tariffs on many goods imported into the United States, President Trump’s use of IEEPA to levy increased tariffs is unprecedented. The Trump administration has nevertheless taken this step, and quickly secured at least temporary concessions from Ottawa and Mexico City that could invite further threats of IEEPA-based tariffs going forward.

To the extent the White House is inclined to rely on delegations of authority other than IEEPA, there are a number of existing statutes that authorize the President to impose increased tariffs under certain circumstances that might provide support for at least some subset of the Proposed Tariffs:

Section 301 of the Trade Act of 1974 authorizes the President, following an investigation and determination by the Office of the U.S. Trade Representative (“USTR”), to impose tariffs in response to acts, policies, or practices of a foreign government that either violate trade agreements or are unjustifiable, unreasonable, or discriminatory and burden or restrict U.S. commerce. While Section 301 would authorize increased tariffs on imports from particular foreign jurisdictions based on findings of unfair trade practices, it is unlikely to authorize a broadly applicable tariff on all goods entering the United States, as it requires the identification of such acts, policies, or practices by a specific foreign country. Actions taken by the outgoing Biden administration demonstrate how Section 301 could be deployed. In December 2024, USTR announced that it was initiating a Section 301 investigation “regarding China’s acts, policies, and practices related to targeting of the semiconductor industry for dominance,” focusing on “legacy” semiconductors. If USTR under the new administration finds unreasonable or discriminatory practices that burden U.S. commerce, President Trump may impose tariffs targeting not only Chinese legacy semiconductors but also downstream products from other nations that contain such semiconductors. This could result in even further tariffs imposed on China-origin chips, which are already slated to be subject to 50 percent tariffs in 2025.
Section 232 of the Trade Expansion Act of 1962 authorizes the President to impose tariffs on imports of articles determined by a U.S. Department of Commerce investigation to undermine national security, and was used by the first Trump administration to impose 25 percent increased tariffs on imports of certain steel products and 10 percent increased tariffs on certain aluminum products. Those tariffs were initially applied to imports from all countries, but were later subject to special arrangements negotiated with Brazil, South Korea, Canada, Mexico, and Argentina, and an exemption for Australia. (The Biden administration maintained those Section 232 tariffs, and reached further agreements with the European Union, Japan, and the United Kingdom.) Thus, Section 232 could be an effective tool for the Trump administration to impose (and negotiate) increased tariffs or other restrictions on particular types of goods. However, such action would be delayed by a Commerce Department investigation and would not seem to authorize a broad tariff increase on all goods entering the United States even from a single specified country, much less a broad increased tariff on all articles from all countries.
Section 122 of the Trade Act of 1974 authorizes the President to impose tariffs up to 15 percent for 150 days in response to “balance-of-payments deficits.” Section 122 could authorize the Proposed Tariffs, but only temporarily and only for an increase of up to 15 percent.

Section 338 of the Tariff Act of 1930 authorizes the President to impose additional tariffs of up to 50 percent against particular countries that discriminate against U.S. exports (i.e., as compared with exports from other nations). However, the statute is ambiguous on the procedures required to rely on its authorization, including the role of the U.S. International Trade Commission, an independent, bipartisan agency, in investigating the underlying trade issues and setting the tariffs. Moreover, courts have not had an opportunity to clarify such ambiguity because the statute has not been used in over 90 years. On its face, Section 338 may authorize increased tariffs on goods from particular countries, but its uncertain terms and the apparent requirement to find that the country or countries discriminate against U.S. exports would not seem to support its use to authorize a broadly applicable tariff on all goods entering the United States.

Regardless of the authority the Trump administration might use to implement the Proposed Tariffs, such actions, along with likely retaliation by foreign governments (which has already included China’s addition of a major U.S.-based apparel company to a list of “unreliable entities”), would significantly impact global supply chains and could lead to decreases in the availability of certain goods and increases in the cost of goods around the world. China, Canada, Mexico, and the European Union have indicated they are prepared to retaliate should President Trump move forward with the Proposed Tariffs.

Moreover, elevated tariffs on Canada and Mexico would almost certainly face legal challenges, as they may violate the United States’ obligations under the USMCA, the successor to the Clinton-era North American Free Trade Agreement. Some observers have suggested that President Trump could be counting on the threat of tariffs to prompt an early re-negotiation of the USMCA, which re-negotiation is currently scheduled for 2026.

Alternatively, the Trump administration, in concert with the U.S. Congress, could look to effectuate the Proposed Tariffs legislatively—something that has not happened since the Smoot-Hawley Tariff Act of 1930. Although the prospects for congressional action are at best uncertain, should such legislation be passed through the Republican-controlled Congress and signed into law, it could be exceedingly difficult to challenge the result via litigation. On balance, however, we assess it as far more likely that the President will seek to use executive actions to this end.

V. European Union

A. Sanctions

1. Harmonization of EU Rules

As the European Union’s more than 40 sanctions regimes continue to expand and grow in complexity, a fundamental challenge has emerged: inconsistent sanctions enforcement across EU Member States. During 2024, Poland and the Netherlands led the charge with 22 and 10 enforcement actions, respectively. Conversely, Lithuania imposed the most substantial sanctions-related fines of the year: €13.6 million and €9.3 million for breaches of export prohibitions and the provision of crypto asset services to Russian persons. Despite such sporadic successes, these developments exemplify a growing disparity within the European Union, as over half of Member States this past year did not conclude a single successful sanctions-related enforcement action.

As the lack of uniformity creates gaps that can be exploited for evasion purposes, the Netherlands has published a “non-paper” (i.e., an informal discussion document) outlining seven key reforms to strengthen sanctions implementation and enforcement across the European Union. The Dutch proposal calls for, among other things, the creation of a centralized risk assessment hub to identify circumvention risks, the allocation of resources to EU Member States to support enforcement efforts, the adoption of baseline compliance rules for high-risk, large businesses to prevent breaches of sanctions, and the expansion of data available to the European Commission (the bloc’s executive branch) and EU Member States through the Sanctions Information Exchange Repository (e.g., on ownership and control structures to enable national competent authorities in Member States to make more informed and consistent licensing decisions). The Dutch non-paper, although not an official EU proposal, notably advances the debate over possible institutional reforms at the EU level.

That said, the European Union in 2024 made strides toward harmonizing sanctions enforcement. While historically less than half of EU Member States criminalized sanctions violations (in the other states, it has merely been a civil infraction), during 2024 the European Union adopted a directive establishing minimum rules on the definition of criminal offenses and penalties for violations of EU sanctions. Conduct constituting a criminal offense will include asset freeze violations (e.g., making funds or economic resources available directly or indirectly to, or for the benefit of, a designated person), as well as trade sanctions violations (e.g., providing services to a designated person). Circumvention, as well as inciting, aiding, and abetting the commission of an offense, will also constitute an offense. Under the directive, fines for corporates will be able to reach one percent or five percent of annual turnover or, alternatively, €8 or €40 million, depending on the offense. A new asset freezing and confiscation regime targeting instrumentalities and proceeds of EU sanctions violations was also introduced. EU Member States have until May 20, 2025 to transpose the new rules into national legislation.

To further minimize the potentially inconsistent interpretation of EU rules, the Council of the European Union (the grouping of ministers from each EU Member State that is responsible for negotiating and adopting EU legislation) issued a revised edition of its Best Practices for the Effective Implementation of Restrictive Measures. Key additions include thorough guidance on the concept of “control,” which is a constituent part of the European Union’s test for whether entities affiliated with sanctioned persons should be treated as sanctioned themselves. The Council’s guidance identifies as possible “red flags” for control the presence of a buyback option or a transfer of shares to non-designated persons close in time to a shareholder’s designation, which together suggest the level of detail that EU economic operators are expected to take into account in their diligence efforts. The exact contours of the “control” test, however, remain unclear.

The European Banking Authority (“EBA”) also contributed to the harmonization of sanctions rules during 2024 by issuing new guidelines that set common, EU-wide standards on the governance arrangements, policies, procedures, and controls financial institutions should have in place to comply with EU sanctions regulations. One set of guidelines applies to all institutions within the EBA’s supervisory remit and sets out requirements relating to governance and risk management systems to effectively address risks of non-compliance with, or evasion of, sanctions. A second set of guidelines applies to crypto asset service providers and payment services providers and specifies what such firms should do to comply with sanctions when performing transfers of crypto assets and funds, respectively, including restricted party screening and due diligence requirements. Both sets of guidelines will become effective on December 30, 2025.

The harmonization of EU sanctions rules could be further enhanced in the months and years ahead as the bloc’s newly established Anti-Money Laundering Authority (“AMLA”)—launched in June 2024 to supervise high-risk entities and coordinate among EU Member State financial intelligence units—begins to monitor compliance with sanctions-related measures by cross-border groups in the financial sector, and contribute to general sanctions compliance supervision. However, as AMLA will not become fully operational until 2028, it remains to be seen how the agency will interact with other supervisory and enforcement bodies across the European Union.

2. Russia

The European Union in 2024 adopted two new Russia sanctions packages, further targeting Russia’s military, defense, energy, and maritime sectors. Key new measures in the energy sector, which remains a major source of revenue for the Kremlin, include prohibitions on providing goods, technology, or services to liquified natural gas (“LNG”) projects under construction in Russia, the transshipment of Russian LNG through EU ports, and the importation of Russian LNG into specific terminals that are not connected to the EU gas pipeline network.

With fewer options for new restrictions left on the table, a recurring theme of recent EU sanctions packages is a focus on anti-circumvention tools. During the past year, the European Union designated companies actively involved in the evasion of EU sanctions. Entities incorporated and/or operating in transshipment hubs such as China, Kazakhstan, Turkey, the United Arab Emirates, and India were added to the list of entities associated with Russia’s military-industrial complex, subjecting them to stricter export restrictions.

As we note in an earlier client alert, the European Union also introduced a “best efforts” obligation on EU parent companies to ensure that their non-EU subsidiaries do not take part in activities that undermine EU sanctions. While that measure does not expand the jurisdictional reach of EU sanctions legislation, and therefore does not impose obligations on foreign entities, it is a consequential development in the fight against circumvention as it attempts to leverage EU corporate influence abroad in order to further the impact and effectiveness of sanctions measures (much as the United States has done for decades). Although a definition of “best efforts” is not included in binding legislation, the European Commission has suggested in public guidance that such actions may include the implementation of internal compliance programs, systematic sharing of corporate compliance standards, sending newsletters and sanctions advisories, setting up mandatory reporting, or organizing mandatory sanctions trainings for staff—all practices which European companies are encouraged to adopt.

We assess it as likely that President Trump will seek to end the war in Ukraine by attempting to negotiate a deal with Russia’s President Vladimir Putin—and sanctions relief would undoubtedly be part of any such deal. If the United States proceeds with significantly reducing sanctions on Russia and EU Member States remain unwilling to do so, we could see a meaningful divergence between the two regimes, which would result in compliance challenges for multinationals with footprints in both the United States and Europe.

3. Development of New Sanctions Regimes

The European Union during 2024 developed new tools to tighten the screws on Moscow by introducing two new Russia-related sanctions regimes.

One regime addresses Russia’s destabilizing activities against the European Union and its Member States, and is designed to target parties who, for example, engage in or facilitate the use of coordinated information manipulation and interference, or who engage in or facilitate the obstruction of the democratic political process, including by undermining elections or attempting to overthrow the constitutional order. The European Commission in December 2024 designated 19 new parties under that regime, with a focus on dismantling Russian disinformation networks in Africa and Europe. As key elections are set to be held across many major states in Europe in 2025, further designations under these regimes appear likely in coming months, and could conceivably leverage a noteworthy feature of the regime that—similar to the concept of “material support” in U.S. sanctions—contemplates designating persons “supporting” parties that engage in destabilizing activities.

The second new sanctions regime targets parties responsible for human rights violations, repression of civil society and democratic opposition, and the undermining of democracy and the rule of law in Russia. This regime is part of the European Union’s response to accelerating and systematic repression in Russia, which included the death of opposition leader Aleksey Navalny in February 2024. Under this regime—which has similarities with the United States’ Magnitsky and Global Magnitsky sanctions programs—the European Commission may take action against those responsible for the commission of human rights violations in Russia. To date, 20 designations have been announced under the regime, including targeting members of the Russian judiciary and the central authority managing Russia’s prison system, and new trade restrictions on equipment that might be used for internal repression or for use in information security and the monitoring or interception of telecommunication have been introduced.

4. Case Law and Referrals to the CJEU

2024 was also noteworthy for a significant rise in litigation implicating sanctions provisions, as well as national courts in EU Member States referring questions relating to EU sanctions interpretation to the Court of Justice of the European Union (“CJEU”). The increasing volume of case law on EU sanctions underscores the growing complexity of this area of law, its impact on commercial transactions, and the competing imperatives that courts face in balancing EU foreign policy objectives against the rights and interests of both individuals and companies within the Union.

a) Interpretation of “Brokering Services” in Russia Regulations

The CJEU has confirmed that the prohibition on the provision of brokering services in relation to military equipment to persons in or for use in Russia applies even where the goods subject to the brokering deal are never imported into EU territory. In the Court’s view, if the rule were otherwise, then the prohibition could easily be neutralized by arranging for the equipment to be routed via non-EU Member States. The Court further found that the automatic confiscation by Romanian authorities of the full payment received by the Romanian company in question for the provision of brokering services was an appropriate and proportionate step to ensure the effectiveness of the prohibitions and the deterrent effect of penalties.

b) Interpretation of Legal Advisory Prohibitions

In C-109/23, the CJEU held that notarial services do not fall within the definition of legal advice or legal advisory services under the European Union’s Russia sanctions regime, on the theory that such services amount to an official state function and not a legal advisory service to an individual. The Court further noted that the term “legal advice” generally refers to an opinion on a question of law, and found support for its interpretation in the recitals to the relevant EU regulation. Separately, the General Court rejected several challenges to the legality of the legal advisory prohibition (T-797/22; T-798/22; T-828/22), holding that the prohibition is consistent with the protection of professional secrecy, the right to a fair trial, and the principle of proportionality.

The CJEU’s judgment in C-109/23 is also noteworthy as it is a rare instance in which the Court directly contradicted a frequently asked question published by the European Commission, which indicates that notarial services are within the ambit of the legal advisory prohibition in the Russia sanctions regulations. That split of opinion underscores that guidance issued by the Commission is not legally binding, as the CJEU is the ultimate arbiter of EU law. That said, absent judicial interpretation to the contrary, it remains good practice for persons subject to EU jurisdiction to adhere to the guidance set forth in the Commission’s FAQs.

c) ECB Prudential Requirements for Russian Operations

The European Central Bank (“ECB”) over the past year has been engaging with European banks with significant exposure to Russia. The ECB has set a clear roadmap for banks to downsize their operations and eventually exit from Russia. The ECB’s imposition of prudential requirements on banks that continue to operate in Russia has been hotly contested and has generated significant practical challenges for companies that maintain legitimate (and still legal) business ties with Russia. However, the General Court rejected an application by a major Italy-based financial institution seeking to suspend an ECB decision establishing prudential requirements on its operations in Russia, which included restrictions on the grant of new loans and deposits. The Court’s reasoning focused on the risks for the bank resulting from an increasingly complex sanctions environment. The Court held that the decision by the ECB to impose such requirements was strictly within the powers conferred to it, which allow the ECB to restrict the business of institutions and/or request the divestment of activities that pose excessive risks to the soundness of an institution.

d) Referrals to the CJEU

EU Member State courts in 2024 often referred questions concerning EU sanctions regulations to the CJEU, including numerous pending queries regarding ownership and control such as:

Whether, under circumstances in which a designated person owns exactly 50 percent of the shares in a company, the company’s funds are presumptively owned or held or controlled by the designated person;
When a legal person can be deemed to be “associated” with a designated person;
Whether assets held in trust for a designated person can be regarded as belonging to, or being controlled by, the designated person where this is prohibited by the trust’s governing law or where dealing with such assets would breach EU law; and
Whether asset freezes mean that designated persons cannot exercise voting rights attached to depository receipts.

In December 2024, a Swedish court asked the CJEU for a preliminary ruling interpreting the “no claims” clause in the Russia sanctions regulations.

As of this writing, these questions remain pending before the Court.

5. Iran

During 2024, Iran continued to threaten European security through malign activities including providing military support to armed groups in the Middle East and supplying unmanned aerial vehicles and ballistic missiles to Russia. In light of these developments, the European Union widened its new Iran sanctions regime to target vessels and ports used for the transfer of UAVs, missiles, and related technologies and components. Further designations stemming from Iran’s missile transfers to Russia included the largest Iranian airline Mahan Air, Iranian flag carrier Iran Air, and shipping companies, including the national maritime carrier Islamic Republic of Iran Shipping Lines, involved in transporting Iranian-made weapons and ammunition, including UAV components, across the Caspian Sea to resupply Russian troops.

Some EU policymakers voiced concern that such measures do not go far enough in combatting the threat that Iran poses to European and international security, prompting a November 2024 European Parliament resolution calling for further sanctions. As such, a further expansion of EU sanctions targeting Iran appears likely in coming months.

Of note, while there was some concern that a return to the maximum pressure campaign implemented by President Trump in his first term would result in a meaningful divergence between EU and U.S. sanctions, Tehran’s continued troubling behaviors have moved the European Union much closer to the U.S. position. As such, we assess that a meaningful split between EU and U.S. sanctions on Iran—which could present substantial corporate compliance challenges—is less likely than might have been the case even a short while ago.

6. EU Member State Sanctions: Germany

Germany in 2024 remained an especially active EU Member State in the field of sanctions implementation and enforcement as German government agencies continued to be prolific sources of guidance and unique sources of general authorizations. Notably, Berlin has issued General Licenses (i.e., regulatory exemptions) within the framework of EU sanctions, despite the European Commission disapproving of this practice in public guidance. Nevertheless, Germany’s Federal Office for Economic Affairs and Export Controls (Bundesamt für Wirtschaft und Ausfuhrkontrolle) (“BAFA”) in 2024 continued undeterred as it extended General License No. 30 for a further year to authorize eligible persons to undertake otherwise restricted yet non-sensitive transactions involving Iranian persons located or headquartered in the European Union or the United Kingdom. BAFA also adopted the first General License within the framework of EU sanctions on Russia. General License No. 42 authorizes eligible persons, until December 31, 2025, to provide otherwise restricted services and/or software for the exclusive use of non-sensitive recipients in Russia, such as subsidiaries of companies incorporated in the European Union or partner countries.

Germany, across several government agencies, also continued to issue and update its independent guidance on EU sanctions, with a particular focus on Russia sanctions. For example, the German Federal Ministry for Economic Affairs and Climate Action (Bundesministerium für Wirtschaft und Klimaschutz) (“BMWK”) updated its FAQs on Russia sanctions and issued guidance on measures to prevent diversion of military items to Russia via non-EU subsidiaries of EU companies. Meanwhile, BAFA updated its leaflet on foreign trade with Russia, and the German Federal Bank (Deutsche Bundesbank) updated its FAQs on EU financial sanctions, which predominantly focus on sanctions against Russia and Belarus.

Germany has also continued to tighten enforcement with further development of the Central Department for Sanctions Enforcement (Zentralstelle für Sanktionsdurchsetzung) (“ZfS”). Established in 2023, the ZfS’s primary responsibility is to enforce the prohibitions around making funds and economic resources available to designated persons, for which the agency has been granted comprehensive powers. However, some observers have questioned ZfS’s capacity, as less than half of the agency’s open positions have reportedly been staffed as of May 2024.

In parallel, powerful Public Prosecutor’s Offices, of which Germany has more than one hundred, have established themselves as an unexpected driving force behind sanctions implementation by initiating numerous criminal enforcement actions. Some Public Prosecutor’s Offices have favored expansive and aggressive interpretation of sanctions regulations, considerably heightening risks for companies and individuals subject to German jurisdiction. Although criminal convictions have to date only involved individuals, German prosecutors and enforcement authorities appear poised to scale up their sanctions enforcement efforts during the coming year, with an eye toward eventually aiming for larger corporate targets.

The growing body of sanctions materials from Germany has been a welcome development for many companies that have long sought more clarity on the rules and the risks of EU sanctions. However, the uncertain relationship between German rules and those promulgated by the European Commission, let alone differences between German interpretations and those of other EU countries, could portend real challenges both for the power of EU sanctions (which derives in large part from there being a unified approach among all 27 Member States) and for corporate compliance going forward.

B. Export Controls

Following the U.S. lead, the European Union in 2024 increasingly sought to restrict the export of high-tech goods that have the potential to be misused by authoritarian regimes, even as EU Member States continued to struggle toward a coordinated, bloc-wide approach to export controls. In January 2024, the European Commission published a white paper on export controls to assess whether current rules could be improved in the face of geopolitical challenges and rapid technological advances. Much as with the potential balkanization of EU sanctions enforcement (discussed above), the white paper, which was announced as part of the Union’s Economic Security Strategy, identifies the fragmentation of the EU export control regime as a threat to EU economic security, as it risks creating loopholes, undermining the effectiveness of controls, and threatening the integrity of the single market. The white paper points in particular to the blocking of new controls by certain Member States, the increasing use of unilateral export controls, and a lack of a single EU-wide approach as significant challenges. In response, the Commission proposed adding new items to the EU Dual-Use List, creating a high-level forum to foster a common EU position regarding export controls, improving coordination of national control lists, and bringing forward to 2025 the next evaluation of the EU Dual-Use Regulation. Member States have likewise recognized the need for greater coordination of EU export controls, with the Dutch government publishing a paper supporting the Commission’s proposal.

Unsurprisingly, and in line with what we have seen across the world, technological advances have regularly outpaced legislation and regulation. This has led EU Member States to deploy their own national controls on the export of high-technology goods. At times, the advent of national-level controls has been a function of U.S. diplomatic pressure directed at specific EU Member States—such as the Netherlands, which plays a uniquely critical role in the production of high-end semiconductor manufacturing equipment. At the EU level, the European Commission in September 2024 added seven types of nuclear plants and equipment, as well as additional toxins and chemical precursors, to its regulations restricting exports of dual-use items. Following the United States’ lead, the Commission in October 2024 also issued new guidelines for cyber-surveillance exporters, which aim to minimize the risk of cyber-surveillance items being used for internal repression or the commission of serious violations of human rights and international humanitarian law. The guidelines require exporters to notify authorities when they learn that non-listed cyber-surveillance items are intended for use in connection with such activities.

Notwithstanding these efforts to make export controls more consistent across EU Member States, some members of the bloc continued to unilaterally implement controls on dual-use goods that extend beyond those specified in the EU Dual-Use Regulation. Following Spain and the Netherlands, which had already added semiconductor manufacturing equipment and technology to their national control lists, France in February 2024 imposed controls on goods and technologies associated with quantum computing, advanced electronic components, and semiconductors, and Italy and Germany in July 2024 adopted national control lists for dual-use goods that included semiconductor manufacturing equipment, chips, and quantum computers. The uncoordinated proliferation of national export controls by EU Member States further increases the compliance burden on industry who now, even within the common market, must contend with a patchwork of local laws.

C. Foreign Investment Restrictions

1. Inbound Investment

Foreign direct investment (“FDI”) activity picked up in the European Union during 2024 even as the number of formal screenings steadily increased and multiple EU Member States made moves to enact legislation or reform existing regimes.

The European Commission in January 2024 issued a proposal to reform the EU Foreign Direct Investment Regulation (the “EU FDI Regulation”), which includes a requirement for Member States to enact FDI legislation—similar in spirit to the United States’ CFIUS—within a 15-month timeline. Several EU Member States, including Bulgaria and Ireland, subsequently introduced FDI regimes, while Romania and France amended their existing mechanisms. This obligation will therefore principally impact Croatia, Cyprus, and Greece as they are presently the only Member States without an active regime, though all three jurisdictions have taken “concrete steps” to put a screening mechanism in place.

The Commission’s proposal would broaden the scope of the EU FDI Regulation to capture FDI by European entities whose ultimate owners are non-EU investors. The Commission also made strides towards greater consistency across EU Member States. Its proposal recommended both process harmonization, such as the introduction of minimum standards for screening processes, and substantive harmonization, such as a more prescriptive list of sectors and activities that will require authorization. As of this writing, the Commission’s proposed reforms have yet to clear the European Parliament’s legislative process, and it is uncertain when they might enter into force.

In October 2024, the European Commission published its fourth annual report on the application of the EU FDI Regulation, which sheds some light on key data and trends. According to the report, the European Union during calendar year 2023 experienced an increase of net FDI inflows. The United States and the United Kingdom together contributed the majority of foreign investment into the European Union at, respectively, 30 percent and 25 percent of all deals during 2023. Within the Union, Germany and Spain were the most common recipients of FDI inflows, as those two Member States attracted 19 percent and 17 percent of all deals. The volume of FDI screening across Member States also continued to increase. In 2023, 1,808 transactions were reviewed by national authorities (up from 1,444 in 2022), of which 56 percent were formally screened. However, as in prior years, the vast majority of investments were cleared unconditionally (i.e., with no required mitigation measures), with only 1 percent of transactions ultimately blocked. As such, it appears that while the number of formal screenings is increasing, the number of investments identified as posing a serious threat to security or public order remains low.

While the EU FDI Regulation does not set up a system for EU-wide FDI screening, it does include a mechanism for coordinating FDI reviews to allow the European Commission, as well as other EU Member States, to issue comments and opinions on FDI transactions in other Member States. While the host Member State retains the final word, in circumstances where investments are deemed to be of EU-wide interest, host Member States are required to give careful consideration to the Commission’s views and explain any departure from them.

Notifications under the EU FDI Regulation’s cooperation mechanism—pursuant to which EU Member States and the European Commission are able to exchange information and raise concerns in relation to specific investments—continued to increase in 2023. Sectors giving rise to the largest share of such notifications were similar to previous years, including manufacturing, information and communication technologies, wholesale and retail, financial activities, and professional activities. Of the cases referred under the cooperation mechanism, the European Commission closed 92 percent in Phase 1 (i.e., following a preliminary assessment) and issued an opinion in less than 2 percent of notified transactions. The most common ultimate origin of investors remained the United States and the United Kingdom, while the number of transactions where the ultimate investor was based in United Arab Emirates more than doubled as compared to the preceding year.

Moreover, EU Member States actively enforced their FDI regimes this past year. Germany in July 2024 blocked the acquisition of MAN Energy Solutions by CSIC Longjiang Guanghan Gas Turbine due to security concerns stemming from the buyer’s links to the Chinese defense industry. In August 2024, Spain issued its first-ever public veto in August 2024 to prevent the acquisition of Spanish train manufacturer Talgo. This case is noteworthy as the ultimate investor was Hungarian, and Spain blocked the acquisition on the basis that it “posed risks for the country’s national security and public order.” This may be an indication of some political fragmentation of the bloc as some Member States, such as Hungary, have a seemingly and radically different strategic and political outlook compared with others.

2. Outbound Investment

A year after a European Commission white paper found that EU Member States do not systematically review and assess outbound investments for national security purposes, apprehension relating to possible strategic technology leaks continued. Driven by these concerns, and no doubt borrowing from the United States’ outbound regime, the Commission in January 2025 published a recommendation calling on Member States to conduct outbound investment reviews in exactly the same technological sectors: semiconductors, AI, and quantum technologies. Each was identified as being of strategic importance and posing the highest national security risk. The recommendation forms part of the European Union’s Economic Security Strategy, and was prepared in tandem with the Commission’s ongoing work on inbound FDI screening (discussed above).

Although the European Union has historically refrained from explicitly referencing China in policy papers or legislative proposals, the Union has in recent years taken legislative steps to prepare for a more antagonistic relationship with Beijing and to equip the bloc with policy tools to protect its economic security.

As the recommendation is not legally binding, its chief purpose is to nudge EU Member States to assess risks to economic security stemming from outbound investments made by EU investors in the three key technologies in third countries, with a view to enabling the European Commission to propose further action. That review by Member States is set to cover both ongoing and past transactions dating back to January 1, 2021. Member States are asked to, by June 30, 2026, submit to the Commission a comprehensive report on their implementation of the recommendation and any risks identified—though the European Commission is widely expected to take further steps toward standing up an outbound investment regime before that review period is complete.

VI. United Kingdom

Marking five years since Brexit, the United Kingdom has now fully developed its independent sanctions and export controls mechanisms. Similar to those across the Channel, but arguably more in line with those emerging from Washington, London has become a robust issuer and enforcer of sanctions measures, second in the world only to the United States.

As it moves forward, and perhaps even more closely toward the United States, there are numerous ways in which this convergence can be seen. Growing closeness, collaboration, and cooperation between OFAC and the UK Office of Financial Sanctions Implementation (“OFSI”), information sharing with Washington (and Canberra) under AUKUS, and harmonization of certain controls are all examples of this trend toward closer alignment between the United Kingdom and its core allies. One perhaps even more significant measure relates to the use of the Pound as a medium of exchange in global transactions. While the United Kingdom has not gone as far as the United States in asserting jurisdiction over any transaction that relies on a correspondent bank, the United Kingdom has reiterated in published guidance that transactions using clearing services in the United Kingdom may establish a nexus with UK jurisdiction.

A. Sanctions

1. Russia

The UK Government in 2024 redoubled its commitment to isolate Russia economically by implementing targeted restrictive measures aimed at cutting off funding and support for Moscow’s war machine. As of May 2024, the United Kingdom has sanctioned over 2,000 parties under its Russia sanctions program, including more than 1,700 designations since February 2022.

Far from losing steam, the United Kingdom in November 2024 implemented its largest sanctions package of the year with the aim of further restricting the supply of equipment used by Russia’s military-industrial complex and targeting Russia’s global activities, in particular in Mali, the Central African Republic, and Libya. That package consisted of 56 new designations across five UK sanctions regimes. Targets included suppliers of equipment to the Russian military-industrial complex, including entities based in China, Kazakhstan, Uzbekistan, and Turkey, plus Russian-backed mercenary groups operating in sub-Saharan Africa. These new designations highlight the United Kingdom’s focus on both countering Russia’s extraterritorial influence and restricting the supply of goods and technology to Russia’s military.

While the United Kingdom and its allies have taken significant actions to sever Russia from the global financial system, limit its energy revenues, and target its military-industrial complex, Russia has employed intricate, costly strategies to bypass such measures. By developing complex supply chains through third countries to obtain restricted goods and creating parallel trade networks to maintain key exports such as oil, Russia has grown heavily reliant on external support. To deter such circumvention and evasion networks, the United Kingdom in 2024 continued to expand the criteria pursuant to which persons can be designated under its Russia sanctions program. Specifically, a person—regardless of their location or place of incorporation—may now be designated for providing financial services, or making available funds, economic resources, goods, or technology to persons involved in obtaining a benefit from or supporting the Government of Russia; and for owning or controlling, directly or indirectly, or working as a director, trustee, other manager, or equivalent of, a company involved in destabilizing Ukraine. That expansion of the United Kingdom’s designation criteria brought London into closer alignment with the United States—which continues to be eager to apply its own sanctions extraterritorially or designate persons in third countries for providing material support to OFAC-sanctioned parties.

Within the Russia sanctions program, the United Kingdom this past year devoted considerable attention to the maritime sector. This is a logical area of focus given the importance of the United Kingdom as a center for shipping insurance and the role of some of its Overseas Territories in the broader shipping sector. Among other measures, the United Kingdom in October 2024 implemented its largest package of sanctions against Russian shipping, designating over 30 oil tankers and entities, as well as 10 vessels in Russia’s so-called “shadow fleet”—an alternative ecosystem of hundreds of aging and questionably seaworthy oil tankers, backed by sub-standard insurers, that operate outside the jurisdiction of allied countries that have implemented substantially similar sanctions on Russia. Direct sanctioning of vessels is a recent innovation in the United Kingdom, as that power was only introduced in July 2024. Designating vessels has been a longstanding and effective practice in the United States, which undoubtedly provided inspiration for the United Kingdom’s measures. The UK Government has also reportedly launched 37 investigations into UK-linked entities—believed to include maritime insurance firms, plus ship owners, operators, and brokers—for alleged breaches of the Russia oil price cap, though no prosecutions or fines have yet been announced.

To help industry comply with sanctions on Russian shipping, the UK Government in 2024 published an unprecedented volume of industry-specific guidance, suggesting a sustained focus by London policymakers on the maritime sector. Key publications included guidance for the maritime sector generally, as well as specific guidance on tanker sales to third countries and a fact sheet on maritime shipping. Collectively, these publications call on industry participants to adopt a comprehensive approach to ensuring their compliance with UK financial sanctions that includes elements such as due diligence, use of advanced technology and screening tools, and increased collaboration. In light of the importance of oil sales and imported goods to Russia’s economy, it is widely expected that shipping will continue to be a sanctions policy priority for the United Kingdom and its allies throughout the year ahead.

2. Iran

The United Kingdom in 2024 continued to tighten restrictions on Iran in response to the Islamic Republic’s proliferation of advanced weaponry, aid to militant groups across the Middle East, and ongoing support for Russia’s war in Ukraine. In light of these developments, the United Kingdom in September 2024 amended its Iran sanctions regime to restrict goods and technologies used in the production of ballistic missiles, UAVs, and other weaponry. The United Kingdom also imposed a series of asset freezes against parties alleged to have facilitated Iran’s military support for Russia, including in November 2024 the state-owned airline, Iran Air, and the national shipping carrier, Islamic Republic of Iran Shipping Lines.

Although Iran’s new president Masoud Pezeshkian has expressed interest in reviving the 2015 nuclear accord between Tehran and a group of major powers, prospects for such an agreement appear remote, at least in the near term, following President Trump’s return to the White House and Iran’s continued human rights violations at home and regional destabilization activities abroad. Indeed, the United Kingdom could expand its measures against Iran with one option, put forward by an influential conservative think tank, involving the United Kingdom fully aligning with the U.S. sanctions regime on vessels involved in the illicit trade of Iranian oil, and coordinating with its allies to disrupt Iran’s “shadow fleet” by pressuring third countries to de-flag vessels deemed to have facilitated illicit sales of Iranian crude. Although the new Labor government’s foreign policy agenda continues to develop and the level of cooperation with the new Trump administration is uncertain, it appears likely that further UK restrictive measures on Iran will be imposed in the coming year, presumably in coordination with key allies.

3. Office of Trade Sanctions Implementation

In light of the growing overlap between trade sanctions and export controls as a result of the sweeping restrictions introduced under the Russia sanctions regime, His Majesty’s Revenue and Customs (“HMRC”) has been pursuing civil enforcement of both trade sanctions and export controls. As anticipated, the United Kingdom partly relieved HMRC of that double role with the October 2024 launch of a new agency dubbed the Office of Trade Sanctions Implementation (“OTSI”). As a formal matter, OTSI will complement HMRC’s powers, with HMRC retaining responsibility for criminal enforcement. However, as a practical matter, OTSI is expected to take on the bulk of the work relating to enforcement of UK trade sanctions, as most actions are taken on a civil basis.

OTSI sits within the UK Department for Business and Trade and its authorities are similar to those of the Office of Financial Sanctions Implementation, including the imposition of monetary penalties and public disclosures of breaches (which OTSI assesses, like OFSI, on a strict liability basis), enforcement of reporting obligations, and extensive information-gathering powers. OTSI’s ability to publicly disclose details of alleged breaches contrasts with the limited information that HMRC has historically published when it issues compound settlements, and is a welcome development to guide industry’s compliance efforts. OTSI will also play an advisory and licensing role, which it promptly started serving by publishing detailed guidance on civil enforcement and the assessment of breaches, which indicate that OTSI will consider a number of mitigating factors when evaluating potential breaches, including timely and voluntary disclosure, compliance with information requests, and a business’s sanctions risk profile.

OTSI offers a concrete example of the UK Government’s investment in sanctions implementation and enforcement. In light of the agency’s specialized focus and its authority to enforce on a strict liability basis, increased civil enforcement of UK trade sanctions—especially in relation to the provision of services and circumvention schemes—appears likely in coming months.

4. Cooperation and Multilateralism

The United Kingdom has been closely coordinating with its international partners to implement and enforce multilateral sanctions. Following a flurry of coordinated designations and restrictive measures, including a joint action targeting Russian metals, the burgeoning partnership between OFSI and its U.S. counterpart OFAC marked its second anniversary in November 2024 with a joint publication on the fruits of their collaboration and a memorandum of understanding on sanctions information sharing. That memorandum is noteworthy as it sheds light on the types of documentation and intelligence that the two agencies expect to share and confirms the official, and now codified, nature of the exchange.

Such collaboration was not limited to cooperation between London and Washington.

In February 2024, the G7 (of which the United Kingdom is a member), plus the European Union and Australia, published an alert detailing key Russian oil price cap evasion methods and recommendations for mitigating circumvention risks. In tandem with the G7, the United Kingdom in September 2024 issued first-of-its-kind joint guidance for industry on preventing the evasion of export controls and sanctions on Russia. That same month, as part of the Export Enforcement Five, alongside Australia, Canada, New Zealand, and the United States, the United Kingdom issued a joint statement reaffirming its commitment to coordinated export control and sanctions enforcement to prevent the diversion of dual-use items that support Russia’s war in Ukraine.

London’s approach to multilateralism is also flexible and adaptable. While coordination with allies remains a key priority, the United Kingdom could be more likely to closely align with the European Union and other core allies such as Australia or Canada during 2025 if policy differences emerge between the Starmer government and the new Trump administration.

5. Case Law Interpreting UK Sanctions

UK courts hold final authority to interpret legal texts, including UK sanctions regulations, and are being called upon with growing frequency to resolve disputes and provide clarity on matters related to sanctions implementation.

a) Ownership and Control

Following conflicting interpretations of the “ownership and control” tests—the UK legal concept under which sanctions restrictions extend to entities that are majority-owned or controlled by a designated party, whether or not the entity itself has been explicitly identified—the High Court in July 2024 discussed “control” in more detail in Hellard v OJSC Rossiysky Kredit Bank & Ors. Under UK law, “control” is found when it would be reasonable to expect that a designated party would be able, if it chose to, in most cases or in significant respects, by whatever means and whether directly or indirectly, to achieve the result that affairs of a non-designated company are conducted according to the designated party’s wishes.

The Court in Hellard broke down instances of “control” into four distinct categories:

De jure control occurs when there is a legal right to exercise control, as set out in a company’s constitution or governing documents. This is established through the examination of legal instruments or foundational documents.
Actual present de facto control refers to a situation where someone is effectively “calling the shots,” even though they do not have a formal legal right to do so, which can be evidenced by showing that the putative controller is exerting decisive influence over the company’s activities.
Potential future de jure control applies when a person has the legal means to gain ownership or control in the future, such as through options or forward contracts.
Potential future de facto control involves a situation where, although there is no present de facto control, it is reasonable to believe that the individual could exercise control in the future if they chose to. Such a belief could arise from specific circumstances that suggest the individual has the potential to exercise control in a manner that does not rely on a legal right or power. The Court noted that this type of control is likely rare in practice.

As such, the Hellard judgment provides a helpful roadmap to navigate the complexities of the notoriously opaque “control” test in UK sanctions legislation.

b) Divestment Transactions

In the Russia sanctions context, purported divestment transactions at or around the time a person becomes designated are not uncommon as parties attempt to shield entities that they own from the effect of sanctions, and often raise thorny questions regarding residual ownership and control. In Vneshprombank LLC v Bedzhamov, the High Court clarified that the presence of a “reasonable cause to suspect” that an entity continues to be owned or controlled by a UK-designated person, even after ownership has been formally transferred to a non-designated person, constitutes a “stepping stone” toward making a factual determination regarding ownership and control and does not, standing alone, make out the relevant offense unless the entity in question is in fact owned or controlled by the designated person.

The Vneshprombank case underscores the need for businesses to carefully scrutinize any changes in ownership of entities linked to designated individuals, as a “reasonable cause to suspect” can be established even without definitive evidence that a transaction is a sham. That case also sheds light on potential “red flags” that may suggest a sham transaction, including the lack of a commercial rationale for the purchase, the timing of the transaction, the acquisition price, and the role of the acquirer prior to the imposition of sanctions. Moreover, the case serves as a notable reminder that OFSI’s pronouncements are not determinative and can be overridden by the judiciary, as the Court in Vneshprombank expressly assigned little weight to OFSI’s guidance in relation to the ownership and control tests.

c) Force Majeure

In the eagerly awaited case of RTI Ltd v MUR Shipping BV, the UK Supreme Court considered whether acceptance of non-contractual performance can overcome a state of affairs caused by sanctions, therefore preventing application of a force majeure clause. The shipowner involved in the dispute had invoked a force majeure clause following the imposition of U.S. sanctions on its parent company, which made payments in U.S. Dollars—the currency contemplated by the contract—difficult. The Court confirmed that a “reasonable endeavours” provision in a force majeure clause does not require a party to accept non-contractual performance, absent clear wording to that effect. As such, “reasonable endeavours” does not require a contractual party to accept payment in Euros when a contract provides for payment in U.S. Dollars, even though U.S. sanctions impacting the other party mean contractual payment in U.S. Dollars would be cumbersome or impractical. MUR Shipping therefore underscores the difficulty in mitigating the impact of sanctions on commercial transactions and the importance of forward-looking drafting.

d) Financing and Financial Assistance

In Celestial Aviation Services Ltd v UniCredit Bank GmbH, the Court of Appeal clarified four key aspects of the UK sanctions regime:

The Court underscored the wide-reaching scope of the financial services restrictions that accompany many trade sanctions measures. Specifically, the Court of Appeal confirmed that restrictions on the provision of financing or financial assistance in relation to certain restricted items apply to exports that took place prior to the imposition of sanctions. That is, where restricted items are presently located in Russia, persons subject to UK jurisdiction are prohibited from providing ancillary services (including financial services) in relation to such items, regardless of when those items were exported to Russia. That approach aligns with the view taken by the European Commission in its published guidance.
The Court affirmed the importance of the UK specific licensing regime, noting that the UK Government has chosen to craft restrictive measures as “blunt instruments” which “cast the net sufficiently wide to ensure that all objectionable arrangements are caught,” preferring to grant authorizations on a case-by-case basis.
The Court highlighted the breadth of the general defense to liability for actions taken due to a “reasonable belief” that such actions were necessary to comply with sanctions, thus providing reassurance to those who may abide by a conservative interpretation of sanctions prohibitions in good faith.

Having found that the terms of the financial instrument in question did not contemplate payments in cash or any currency other than U.S. Dollars, the Court—drawing on the principle established in Ralli Bros—held that one of the parties had not made all “reasonable efforts” to avoid illegality, as it had only applied for a very narrow license from OFAC, which would have been unlikely to cover the dealings in question. This serves as a reminder that when parties face sanctions-related impediments to contractual performance, they should reasonably scope and calibrate proposed mitigation measures.

6. Enforcement Trends

a) Office of Financial Sanctions Implementation

Following an internal review of OFSI’s procedures, the UK Government in November 2024 introduced several key amendments to strengthen OFSI’s enforcement powers, equip the agency with improved intelligence on industry compliance with sanctions legislation, and streamline licensing applications. For instance, the amendments broaden the scope of financial sanctions reporting obligations by expanding the definition of relevant firms to cover high-value dealers, art market participants, insolvency practitioners, and letting agencies. Those changes were prompted by suspected breaches of sanctions within some of the affected sectors that were not proactively reported to OFSI. Further, the amendments expand reporting obligations to require relevant firms to report suspected beaches of sanctions regulations, in addition to (and regardless of whether amounting to) suspected criminal offenses. Previously, relevant firms were only required to report to OFSI where they knew, or had reasonable cause to suspect, that a person committed an offense under financial sanctions legislation. This extension aligns the reporting obligations on relevant firms with OFSI’s broader civil enforcement powers. These changes were accompanied by guidance for each of the newly added sectors.

The UK Government in January 2025 indicated that there were at that time 318 open investigations regarding potential violations of Russia sanctions, and that 388 cases relating to potential Russia-related breaches have been closed since February 2022. This data suggests that, although the degree of regulatory scrutiny by OFSI has substantially increased, most cases do not ripen into an enforcement action.

A letter from the Foreign, Commonwealth, and Development Office to the Chair of the House of Commons Foreign Affairs Committee noted that, from 2017 to March 2024, OFSI imposed ten monetary penalties, totaling £22 million—a significant achievement for the agency, but still significantly lagging its U.S. counterpart OFAC. OFSI subsequently imposed a penalty against Integral Concierge Services Limited (“Integral Concierge”) in September 2024, marking the agency’s first penalty in relation to Russia sanctions following Moscow’s full-scale invasion of Ukraine and the first imposed on a strict liability basis.

The Integral Concierge penalty notice provides insight into OFSI’s compliance expectations. The agency underlined that it is essential to understand one’s exposure to sanctions risks and take appropriate action to address them, and companies dealing with a high-risk client base must ensure they are thoroughly informed about the associated risks. The notice also stressed the importance of cooperation and voluntary self-disclosure to obtain a reduction in penalty.

b) Other Government Agencies

The past year offered a reminder that sanctions-related enforcement is broader than OFSI.

In a rare enforcement action, the UK Financial Conduct Authority (“FCA”) fined Starling Bank £29 million for systems and controls failures relating to sanctions compliance. According to the FCA, the bank allegedly failed to ensure that its financial sanctions screening systems were operating efficiently and appropriately. In its final notice, the FCA provided a practical overview of the necessary actions regulated entities should take to ensure that financial sanctions systems and controls are robust and effective. Similarly, the UK Gambling Commission, in a separate enforcement action, fined Bet365 £582,120 for betting license breaches, including alleged shortcomings in its financial sanctions controls such as a failure to undertake sanctions screening checks on new customers.

In a landmark development for UK sanctions enforcement, the National Crime Agency (“NCA”) in July 2024 secured the forfeiture of £780,000 of sanctioned funds under the Proceeds of Crime Act 2017 in the first known NCA investigation into alleged evasion of Russia sanctions. The funds, which the NCA deemed to be held for the benefit of a designated Russian oligarch despite not being in his name, had been frozen since 2022. The two-year investigation showcases the complex, resource-intensive nature of bringing sanctions evasion cases to trial. Nevertheless, the NCA appears likely to play a pivotal role in UK sanctions implementation and enforcement going forward.

Further, the UK Government during 2024 continued to collaborate across agencies to ensure cohesive implementation of UK sanctions, including through information sharing and the issuance of joint guidance. For example, in January 2024, multiple agencies, including the NCA, OFSI, and HMRC, issued an alert detailing the risks of financial sanctions evasion, money laundering, and cultural property trafficking through the art storage sector.

B. Export Controls

1. Dual-Use and Military Controls

The United Kingdom in 2024 followed its core allies, the United States and the European Union, in tightening protections around sensitive emerging technologies in recognition of their importance to national security. Beyond implementing in domestic legislation amendments to the Wassenaar Arrangement control lists, the United Kingdom also expanded its export control regime to include a number of key emerging technologies, including dilution refrigerators, quantum technologies, semiconductor technologies, and advanced materials.

AUKUS—the trilateral security partnership among Australia, the United Kingdom, and the United States aimed at strengthening defense and security cooperation in the Indo-Pacific region—represented a historic breakthrough in defense trade. After years of negotiations, the three countries agreed to relax certain export controls and restrictions on technology sharing. As part of this collaboration, the UK Department for Business and Trade in September 2024 introduced an open general license specifically for AUKUS that facilitates the export of dual-use items, military goods, software, and technology, and trade in military goods among the three closely allied countries. To avail themselves of that license, exporters and recipients must be listed as authorized users by the AUKUS nations.

Not all actions taken in the past year, however, were aimed at facilitating trade in controlled items. According to data released by the Department for Business and Trade, between September and December 2024, the United Kingdom rejected 17 military export license applications to Israel, a notable increase compared to no rejections in the preceding quarter. Sixteen of 368 active export licenses for Israel are presently suspended, including licenses for components used in fighter aircraft, unmanned aerial vehicles, naval systems, and targeting equipment. This rise in scrutiny of exports is part of a broader trend of tightening UK export controls, with refusals of standard individual export licenses reaching record levels. Separate data published by the Department for Business and Trade shows that each quarter since late 2022 has seen over 100 total refusals across all destinations, far surpassing the historical average of 74 refusals per quarter since 2008, and suggesting that close scrutiny of export licensing is likely here to stay.

2. Enforcement Trends

Although HMRC continues to monitor compliance with export control legislation, enforcement during 2024 lagged behind key allies such as the United States. HMRC offered compound settlements (i.e., civil penalties in lieu of prosecution), for a total of £1.9 million, to three exporters found to have engaged in unlicensed exports of military-listed goods and dual-use goods under the Export Control Order 2008. These resolutions followed seven settlement offers, totaling over £2.3 million earlier in the year, also relating to unlicensed exports. Despite having increased the issuance of substantial fines and reportedly aiming for larger targets, HMRC continues to abide by its longstanding practice of not disclosing the identity of parties found in violation of export control regulations, which limits industry’s ability to draw lessons from enforcement actions. Nevertheless, in an effort to support UK exporters, the UK Government updated its general guidance on export controls and encouraged exporters to voluntarily disclose breaches of export controls as well as trade sanctions legislation by offering the prospect of a penalty reduction of up to 50 percent. Cooperation with HMRC remains an effective means to avoid criminal prosecution. Conversely, failure to engage in a timely and proactive manner can have tangible consequences, as when an exporter failed to respond to HMRC’s compound settlement offer and was subsequently found guilty of breaching export controls (i.e., a criminal offense) and fined close to the maximum penalty available on the facts of £89,000.

C. Foreign Investment Restrictions

1. Inbound Investment

Following a sustained downward trend in inbound foreign direct investment flows, the United Kingdom adopted a more permissive approach to the application of the National Security and Investment Act 2021 (“NSIA”) as part of its foreign direct investment screening in 2024.

Only 4.4 percent of all notifications during the year to March 31, 2024 were called in for in-depth reviews. Notably, of the 906 notifications that were submitted (up from 865 in the prior year), no transactions were blocked or unwound. Four non-notified deals were issued a “call-in notice” to respond to Investment Security Unit (“ISU”) concerns about a prior transaction.

Just as the ISU continued its use of call-in powers, companies also made use of retrospective validation applications under the NSIA, in which filings can be submitted after the relevant transaction has already closed, if filed during the reference period. ISU did not issue any penalties in respect of the missing filings to which these applications related.

In previous years, the United Kingdom has prohibited transactions based on, among other factors, the country of origin of the acquirer. However, data from the most recent year shows that, while 41 percent of called-in transactions involved Chinese acquirers, 39 percent of called-in transactions concerned UK acquirers and 22 percent concerned U.S. acquirers. With nearly a quarter of called-in transactions related to a country of origin that has traditionally been a friend or close ally of the United Kingdom—and over a third related to domestic acquirers—this data suggests that the United Kingdom is prepared to exercise its FDI screening powers without regard to where the acquirer is based when it believes that UK national security is at stake. This data may also suggest that the United Kingdom’s focus, at least when deciding to call in a transaction, primarily depends upon the company’s business activities (i.e., whether its activities fall within the 17 sensitive sectors defined under the NSIA).

With respect to those sensitive sectors, the United Kingdom continued to focus in 2024 on protecting military and defense assets. Nearly 48 percent of all notifiable acquisitions concerned activities in the defense sector. The defense sector also accounted for the largest share of transactions subjected to an ISU call-in (at 34 percent), with activities in military and dual-use second (at 29 percent). The United Kingdom also continued to focus on companies active in the data infrastructure sector, having imposed requirements that such data must be solely maintained in the United Kingdom and not exported. It is also within the data infrastructure sector that the United Kingdom this past year saw its first High Court challenge of the NSIA, which remains under review.

In November 2024, the High Court handed down the first-ever judgment on the application of the NSIA. With a focus on procedural aspects, the Court upheld the ISU’s order that LetterOne, an investment company related to Russian investors, divest Upp Corporation Ltd (“Upp”), a broadband telecommunications company.

Notably, the initial Russian investors in LetterOne included individuals subject to UK sanctions due to their involvement in state-affiliated businesses and their close association with Russia’s President Vladimir Putin. The ISU appears to have been concerned by the ultimate beneficial owner’s susceptibility to influence from the Russian government. In particular, Upp’s involvement in UK critical infrastructure, including the anticipated rollout of the company’s full fiber broadband network, gave rise to national security concerns such as potential disruption of the broadband network’s operations, access to customer data for espionage purposes, and influence over Upp’s strategic decisions.

Although this judgment serves as a reminder of the deference that the courts afford the UK Government in national security matters in keeping with the broader UK principle of separation of powers, it also sets a high bar for future challenges to decisions under the NSIA. In particular, the High Court defended decisions made by the ISU and noted that the ISU could not be reprimanded for taking preventative actions to avoid the potential risk of Russian interference with critical infrastructure and the government need not have waited for those risks to materialize. The Court also dismissed arguments that the ISU lacks sector-specific expertise, and lauded its efforts to consult with other government agencies. It therefore appears likely that the ISU will continue to seek the views of other UK Government departments in future NSIA reviews.

Moreover, the Court set a high bar of deference despite various mitigation measures offered by LetterOne as an alternative to outright divestment, including restrictions on data flows (including personal information) between Upp and LetterOne, restrictions on physical and virtual access to Upp’s sites, data and personnel by certain LetterOne representatives, and limitations on Board appointees. The judgment suggests that companies may have a larger hurdle to overcome than proposing contractual measures, standing alone, to mitigate national security risk. Even though the High Court conceded that, in light of those measures, the risk of interference by the Russian state was at a “near vanishing point,” they did not suffice as other types of intervention, such as deceit, manipulation, or other forms of pressure, could still be applied.

Despite presenting avenues of possible recourse to LetterOne, the High Court offered little sympathy, noting that losing money on investments that threaten national security is “ultimately part of the economic landscape.” It will be interesting to see if this issue of financial compensation re-emerges in the current High Court appeal, as that body allowed financial compensation to be one of the bases on which permission to appeal was granted.

2. Outbound Investment

Finally, following speculation regarding the potential development of UK outbound investment controls, the UK Government amended its public guidance to clarify that the NSIA can apply to outward direct investment from the United Kingdom under certain circumstances. In particular, the NSIA potentially applies where a target entity outside the United Kingdom carries on activities in the United Kingdom or supplies goods or services to people in the United Kingdom, or where an asset being acquired from outside the United Kingdom is used in connection with activities in the United Kingdom or with the supply of goods or services to people in the United Kingdom. This guidance means that UK-based entities that acquire foreign entities or foreign assets, or that intend to enter into joint ventures with businesses that have no legal or physical presence in the United Kingdom, may nevertheless find their transactions subject to call in or, if relevant tests are met, mandatory notification. A sufficient connection to the United Kingdom includes, for example, research and development in the United Kingdom, an office located in the United Kingdom, or the supply of goods to a UK hub to send goods onward to other countries. Further, if an asset located outside the United Kingdom (including land, tangible moveable property, and intellectual property) is used by a party in the United Kingdom, by a party outside the United Kingdom to supply goods or services to the United Kingdom, or to generate energy or materials that are used in the United Kingdom, the asset is likely within the scope of the NSIA. Although the authority to review outbound investments is now theoretically available, it remains to be seen if and how these powers will be exercised by the UK Government, and how they will be balanced against the interests of the thriving UK investment community.

* * *

2024 was yet another extraordinarily active year in the world of trade controls. In light of President Trump’s early actions to impose trade restrictions on allies and adversaries alike, and reprisals by leaders of major economies, we anticipate that with respect to sanctions, export controls, import restrictions, and foreign investment reviews, 2025 is unlikely to be quiet. Compliance-minded multinational enterprises should expect the unexpected, fasten their seatbelts, and prepare for turbulence ahead.

The following Gibson Dunn lawyers prepared this update: Scott Toussaint, Irene Polieri, Adam M. Smith, Stephenie Gosnell Handler, Christopher T. Timura, Ronald Kirk, Donald Harrison, Benno Schwarz, Michelle Kirschner, Attila Borsos, Samantha Sewall, Claire Shepherd, Alana Tinkler, Michelle Weinbaum, Roxana Akbari, Tina Asgharian, Grace Atkinson, Karsten Ball, Dharak Bhavsar, Sarah Burns, Alexa Bussmann, Soo-Min Chae, Martin Coombes, Justin duRivage, Hui Fang, Mason Gauch, Anna Helmer, Molly Heslop, Erika Suh Holmberg, Neringa Juodkunaite, Zach Kosbie, Josephine Kroneberger, Hayley Lawrence, Vanessa Ludwig, Nikita Malevanny, Jayee Malwankar, Nicole Martinez, Jacob McGee, Chris Mullen, Sarah Pongrace, Nick Rawlinson, Reed Sawyers, Anna Searcey, Alana Sheppard, Elsie Stone, Audi Syarief, and Lindsay Bernsen Wardlaw.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or the following leaders and members of the firm’s International Trade practice group:

United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, rkirk@gibsondunn.com)
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, asmith@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Donald Harrison – Washington, D.C. (+1 202.955.8560, dharrison@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, ctimura@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202.887.3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, cmbrown@gibsondunn.com)
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, aneely@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202.887.3509, ssewall@gibsondunn.com)
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, mweinbaum@gibsondunn.com)
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, hdanilack@gibsondunn.com)
Mason Gauch – Houston (+1 346.718.6723, mgauch@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, cmullen@gibsondunn.com)
Sarah L. Pongrace – New York (+1 212.351.3972, spongrace@gibsondunn.com)
Anna Searcey – Washington, D.C. (+1 202.887.3655, asearcey@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, stoussaint@gibsondunn.com)
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, lwardlaw@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, szhang@gibsondunn.com)

Asia:
Kelly Austin – Denver/Hong Kong (+1 303.298.5980, kaustin@gibsondunn.com)
David A. Wolber – Hong Kong (+852 2214 3764, dwolber@gibsondunn.com)
Fang Xue – Beijing (+86 10 6502 8687, fxue@gibsondunn.com)
Qi Yue – Beijing (+86 10 6502 8534, qyue@gibsondunn.com)
Dharak Bhavsar – Hong Kong (+852 2214 3755, dbhavsar@gibsondunn.com)
Arnold Pun – Hong Kong (+852 2214 3838, apun@gibsondunn.com)

Europe:
Attila Borsos – Brussels (+32 2 554 72 10, aborsos@gibsondunn.com)
Patrick Doris – London (+44 207 071 4276, pdoris@gibsondunn.com)
Michelle M. Kirschner – London (+44 20 7071 4212, mkirschner@gibsondunn.com)
Penny Madden KC – London (+44 20 7071 4226, pmadden@gibsondunn.com)
Irene Polieri – London (+44 20 7071 4199, ipolieri@gibsondunn.com)
Benno Schwarz – Munich (+49 89 189 33 110, bschwarz@gibsondunn.com)
Nikita Malevanny – Munich (+49 89 189 33 224, nmalevanny@gibsondunn.com)
Melina Kronester – Munich (+49 89 189 33 225, mkronester@gibsondunn.com)
Vanessa Ludwig – Frankfurt (+49 69 247 411 531, vludwig@gibsondunn.com)

Gibson Dunn’s DEI Task Force is available to help clients understand what these and other expected policy changes will mean for them and how to comply with new requirements.

On February 5, 2025, Attorney General Pam Bondi issued 14 “first-day” directives, including two memos targeting diversity, equity, and inclusion (DEI) initiatives at private companies, among educational institutions, and within the Department of Justice (DOJ).

Both memos state in identical footnotes that their prohibitions do not extend to “educational, cultural, or historical observances—such as Black History Month, International Holocaust Remembrance Day, or similar events—that celebrate diversity, recognize historical contributions, and promote awareness.” Rather, the memos appear to target programs and policies that “engag[e] in exclusion or discrimination.” The memos are largely consistent with the requirements of President Trump’s Executive Order 14173, although certain aspects extend beyond President Trump’s EO—including by raising the possibility of criminal investigation into DEI initiatives, which EO 14173 does not contemplate.

The first memo, entitled “Ending Illegal DEI and DEIA Discrimination and Preferences,” directs the Department of Justice’s (DOJ) Civil Rights Division to “investigate, eliminate, and penalize illegal” DEI “preferences, mandates, policies, programs, and activities in the private sector and in educational institutions that receive federal funds.” The memo requires the Civil Rights Division and the Office of Legal Policy to jointly submit a report by March 1, 2025, containing recommendations for enforcing federal civil-rights laws and “taking other appropriate measures to encourage the private sector to end illegal discrimination and preferences.” Consistent with the requirements of Executive Order 14173, the report must, among other things, identify “specific steps or measures to deter the use of DEI” programs or principles that constitute illegal discrimination, “including proposals for criminal investigations and for up to nine potential civil compliance investigations of entities that meet the criteria outlined” in EO 14173. Those entities include publicly traded corporations, large non-profit corporations or associations, foundations with assets of $500 million or more, State and local bar and medical associations, and institutions of higher education with endowments over $1 billion. The report must also address “potential litigation activities (including interventions in pending cases, statement of interest submissions, and amicus brief submissions), regulatory actions, and sub-regulatory guidance.” While DOJ has enforcement authority under Title VI (which prohibits race discrimination by recipients of government funds) and the False Claims Act (applicable to government contractors and others who make claims for payment to the government, for false certifications of compliance with conditions of payment like the one specified in the EO), it enforces Title VII (which prohibits employment discrimination) only with respect to state and local government entities. However, it also sometimes files statements of interest in private sector Title VII cases. The Attorney General has also tasked DOJ with identifying other methods to pursue the memo’s aims—and those stated in President Trump’s recent executive orders—within the private sector.

The memo further states that the DOJ will work with the Department of Education to “issue directions, and the Civil Rights Division will pursue actions, regarding the measures and practices required to comply with” the Supreme Court’s decision in Students for Fair Admissions v. Harvard.

The second memo, entitled “Eliminating Internal Discriminatory Practices,” eliminates DEI initiatives within the Department of Justice. Citing Executive Order 14173, which terminated DEI programs within the federal government, the memo directs all DOJ components to “thoroughly evaluate consent decrees, settlement agreements, litigation positions (including those set forth in amicus briefs), grants or similar funding mechanisms, procurements, internal policies and guidance, and contracting arrangements” to implement the executive order. It specifically instructs the components to pay attention to any training and programs, including references to “unconscious bias,” “cultural sensitivity,” and “inclusive leadership.” In place of “race- or sex-based preferences, diversity hiring targets, or preferential treatment based on” DEI-related criteria, new DOJ guidance will avoid “identity-based considerations in employment, procurement, contracting, or other Department decisions.” The updated guidance will also “narrow the use of ‘disparate impact’ theories that effectively require use of race- or sex-based preferences” and emphasize that statistical disparities alone do not automatically constitute unlawful discrimination.

The memo directs each DOJ component to submit a report to the Attorney General by March 15, 2025, detailing the progress it has made in ending DEI initiatives within the DOJ. The report must further identify federal contractors, suppliers, vendors, and grantees who have provided DEI training or DEI training materials to agency or department employees since January 20, 2021, as well as federal grantees who received federal funding to provide or advance DEI or environmental justice programs, services, or activities since January 20, 2021. The memo appears consistent with Executive Order 14151, which directed federal agencies to “ terminate, to the maximum extent allowed by law . . . all ‘equity action plans,’ ‘equity’ actions, initiatives, or programs, ‘equity-related’ grants or contracts; and all DEI or DEIA performance requirements for employees, contractors, or grantees,” and to “provide the Director of the OMB” with related contractor and grantee information.

Attorney General Bondi’s other memos state a general policy of “zealous advocacy on behalf of the United States,” including “aggressively enforcing criminal and civil laws enacted by Congress”; prioritizing immigration enforcement; and ending DOJ funding for “sanctuary jurisdictions” that refuse to comply with federal immigration officials pursuant to 8 U.S.C. § 1373(a). The Attorney General has also restored the policy direction from the first Trump Administration that, “in the absence of unusual facts, prosecutors should charge and pursue the most serious, readily provable offense.”

The following Gibson Dunn lawyers assisted in preparing this update: Jason Schwartz, Katherine Smith, Gregg Costa, Stuart Delery, Mylan Denerstein, Cynthia Chen McTernan, Lindsay Paulin, Zakiyyah Salim-Williams, Zoe Klein, Cate McCaffrey, and Maxwell Peck.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s DEI Task Force, Labor and Employment practice groups, or the following authors and practice leaders:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group,
Washington, D.C. (+1 202.955.8242, jschwartz@gibsondunn.com)

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group,
Los Angeles (+1 213.229.7107, ksmith@gibsondunn.com)

Gregg Costa – Partner & Co-Chair, Trials Group,
Houston (+1 346.718.6649, gcosta@gibsondunn.com )

Stuart F. Delery – Co-Chair, Administrative Law & Regulatory Practice Group,
Washington, D.C. (+1 202.955.8515, sdelery@gibsondunn.com)

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group,
New York (+1 212.351.3850, mdenerstein@gibsondunn.com)

Cynthia Chen McTernan – Partner, Labor & Employment Group,
Los Angeles (+1 213.229.7633, cmcternan@gibsondunn.com )

Lindsay M. Paulin – Partner & Co-Chair, Government Contracts Group,
Washington, D.C. (+1 202.887.3701, lpaulin@gibsondunn.com)

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer,
Washington, D.C. (+1 202.955.8503, zswilliams@gibsondunn.com)

Molly T. Senger – Partner, Labor & Employment Group,
Washington, D.C. (+1 202.955.8571, msenger@gibsondunn.com)

Gibson Dunn’s Pro Bono Committee is thrilled to announce the winners of the 2024 Frank Wheat Memorial Awards. By harnessing their impressive legal skills, our winners were able to change their clients’ lives and make a positive impact on our global community. The stories of their accomplishments reflect the best of Gibson Dunn.

This year’s Frank Wheat Award winners showcase different aspects of the Firm’s diverse and vibrant pro bono practice, including work on behalf of immigrants, criminal justice reform, defense of survivors of domestic violence, and our newly-launched Justice for Women and Girls initiative. In 2024, more than 2,000 Gibson Dunn attorneys around the world have devoted more than 206,000 hours to pro bono work. In total, these matters were valued at approximately $251 million.

We are especially honored to include amongst this year’s honorees Scott Edelman as the recipient of a Lifetime Achievement Award. Scott recently retired from Gibson Dunn after decades as a Partner at the Firm. Scott served as the inaugural chair of Gibson Dunn’s Pro Bono Committee, a role he held from 2005 to 2021. Scott’s dedication to and stewardship of our pro bono practice led it to grow by leaps and bounds and become the pillar that it is today.

Frank Wheat was a former Los Angeles partner, a superb transactional lawyer, SEC commissioner, and president of the Los Angeles County Bar. He was also a giant in the nonprofit community, having founded the Alliance for Children’s Rights in addition to serving as a leader of the Sierra Club and as a founding director of the Center for Law in the Public Interest. He exemplified the commitment to the community and to pro bono service that has always been a core tenet of the Gibson Dunn culture. Recipients of the Frank Wheat Memorial Award each receive a $2,500 prize to be donated to pro bono organizations designated by the recipients.

View the Full Announcement

Reviewing key executive orders and administrative actions.

In his first two weeks in office, President Trump unleashed a series of executive orders (EOs) and other administrative actions signalling significant shifts in federal tech policy. Some of these changes will have immediate implications for the tech sector and are already shaping client engagement strategies with federal agencies and departments. Key changes include:

Artificial Intelligence: Revocation of President Biden’s signature AI EO, additional support for AI infrastructure, and a new directive prioritizing U.S. acceleration in AI with fewer regulatory constraints.
Content Moderation & Social Media: Prohibiting the federal government from interfering with social media platforms’ content moderation decisions, while launching a federal investigation into the prior administration’s efforts to pressure online platforms to address misinformation online.
Crypto & Digital Assets: A new EO emphasizing innovation and directing a review of current crypto regulations.
Cybersecurity: Reinforced efforts to shore up government computer systems and dismissal of members of a key cybersecurity board.
Deregulation Policies: Tech Impact: A moratorium and rollback of new and pending federal rules, including those affecting tech policy, a new EO designed to implement friction into rulemaking, including by reverting to pre-2023 methods for cost-benefit analysis, and a new EO directing an evaluation of regulations for rescission and a re-evaluation of the enforcement actions that are based on the regulations identified.
Federal Trade Commission: A promise of increased scrutiny of the agency after years of criticism, and a potential end to several Biden-era investigations.
Technology Investment: The launch of the $500 billion Stargate Project to expand U.S. AI infrastructure and computing power and the rechartering of the President’s Council of Advisors on Science and Technology with a focus on emerging technologies.

Below we review the EOs and actions impacting tech policy in the new Administration (as well as a few late Biden Administration actions).

Artificial Intelligence

President Trump’s executive actions confirm his campaign promises to chart a new deregulatory approach to federal AI policy, pivoting from the workforce displacement, AI transparency, privacy, and bias concerns that were a hallmark of President Biden’s AI policy. The President is intent on shifting the focus of federal AI policy to achieve global “dominance” in AI through a policy of reducing government friction to innovation and development of advanced AI. Below we review some of the recent pronouncements on AI and what they signal.

Executive Order Revoked: Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence

On his first day in office, President Trump revoked EO 14110 – the Biden Administration’s most extensive AI-related EO (Biden AI EO), which aimed to promote and formulate principles for the safe and ethical use of AI. Some of the stated goals of the rescinded Biden AI EO were to (i) develop standardized metrics to assess AI safety, (ii) facilitate watermarking and clear labeling of AI-generated content, (iii) promote responsible innovation and invest in AI-related training, (iv) ensure that American workers were not negatively affected by AI developments, (v) protect privacy and civil rights including by mitigating the use of AI to discriminate based on personal information, and (vi) manage the risks arising from the government’s use of AI.

New Executive Order: Removing Barriers to American Leadership in Artificial Intelligence

After revoking the Biden AI EO, President Trump issued a shorter one of his own, EO 14179, “Removing Barriers to American Leadership in Artificial Intelligence.” This new AI EO sets out the organizing principles for AI policy, aiming to “solidify [America’s] position as the global leader in AI.”

Key provisions and actions include:

Stating that the development of AI systems must be “free from ideological bias or engineered social agendas.”
Directing presidential advisors to identify and “suspend, revise or rescind” actions taken pursuant to the Biden AI EO to the extent inconsistent with the stated goals of the Trump Administration’s AI policy.
Ordering the Office of Management and Budget (“OMB”) to revise OMB Memoranda M-24-10 and M-24-18 (which created a set of requirements for federal agencies procuring AI) for consistency with the new AI policy.
Announcing the “policy of the United States to sustain and enhance America’s global AI dominance in order to promote human flourishing, economic competitiveness, and national security.”
Naming several officials (most importantly, the Assistant to the President for Science and Technology, the Special Advisor for AI and Crypto, and the Assistant to the President for National Security Affairs) responsible for developing an “action plan” to achieve the Administration’s AI goals.

These provisions, though vague, are intended to promote AI deregulation and reject Biden’s policies on AI equity, workforce protection, and “safe and responsible” innovation – including the OMB memorandum that required government agencies to consider equity, anti-discrimination, and environmental concerns when implementing AI.

While many of President Biden’s policies are being phased out, the new EO leaves some leeway to keep others in place. Notably, the Trump Administration has not yet announced its position on the Commerce Department’s recently announced export control rules for AI chips and frontier model weights (titled the “Framework for Artificial Intelligence Diffusion” (further discussed in our recent client alert)), leaving its fate uncertain.

No Repeal of President Biden’s Executive Order: Advancing United States Leadership in Artificial Intelligence Infrastructure

As of today, President Trump has not rescinded EO 14141, “Advancing United States Leadership in Artificial Intelligence Infrastructure,” which President Biden issued during his last week in office. EO 14141 directs certain federal agencies to implement procedures by which non-federal entities, including private-sector companies, can apply to lease certain federal sites for the purpose of constructing and operating “AI infrastructure.” The EO is largely consistent with President Trump’s AI priorities – in fact, as further outlined below, President Trump has announced even more aggressive investment to improve AI infrastructure. For more information about EO 14141, see our recent client alert.

Content Moderation & Social Media

President Trump’s EO 14149, “Restoring Freedom of Speech and Ending Federal Censorship,” prohibits federal action or the “use [of] any Federal resources” in a manner that “would unconstitutionally abridge the free speech of any American citizen” and, in the same stroke, directs the Attorney General, together with agencies, to investigate and report on “activities of the Federal Government” during the Biden Administration that “exert[ed] substantial coercive pressure on third parties, such as social media companies, to moderate, deplatform, or otherwise suppress speech that the Federal Government did not approve.” The EO primarily applies to federal agencies and their respective employees and agents, although the prohibition on using “taxpayer resources” to encroach on First Amendment protections could potentially extend to state, public, or private actors receiving federal funding.

Although the EO harshly criticizes the prior administration’s efforts to combat online misinformation as motivated by “advanc[ing] the Government’s preferred narrative about significant matters of public debate,” early signals from the Trump Administration suggest continued pressure on content policies of online media platforms that are in tension with the EO. In selecting Andrew Ferguson as FTC Chair, President Trump praised his “proven record of standing up to Big Tech censorship,” and Chair Ferguson has previously “urge[d] the Commission to investigate online platforms for unfair acts or practices relating to their opaque, unpredictable processes for banning users and censoring content,” noting that “President Trump himself asked the Commission in 2020 to investigate such practices.” (FCC Commissioner Carr has similarly criticized alleged tech censorship.)

During both the first Trump Administration and the Biden Administration, online platforms and social media companies have faced a stream of lawsuits, regulatory action, Congressional inquiries, and public pressure challenging the types of user content that are – or are not – available to be viewed among the billions of daily posts on their services. Gibson Dunn successfully has defended platforms’ immunity from government action targeting user content posted on their services, including under the First Amendment, see, e.g., Meta Platforms, Inc. v. District of Columbia, and the Supreme Court has indicated that efforts to divulge and constrain platforms’ approaches to content moderation likely intrude on protected speech. These and numerous other appellate decisions upholding platforms’ content-moderation policies on First Amendment grounds suggest a fundamental tension in the EO’s espoused commitment to freedom of speech and the underlying policy objectives of the Trump Administration.

Similarly, the EO’s mandate to investigate and “correct past misconduct by the Federal Government related to censorship of protected speech” could raise First Amendment concerns to the extent it seeks to invade or penalize the editorial decisions and content policies implemented by online platforms in response to a rapidly evolving policy and technical landscape or to leverage government resources to target viewpoints contrary to those supported by the current administration.

Cryptocurrency & Digital Assets

President Trump’s EO 14178, “Strengthening American Leadership in Digital Financial Technology,” according to the accompanying fact sheet, signals the Trump Administration’s interest in promoting innovation in “digital financial technology” and establishing America’s leadership in the space, and revokes President Biden’s 2022 EO outlining priorities for crypto regulation. President Trump’s EO establishes the President’s Working Group on Digital Asset Markets, tasked with evaluating current crypto regulations and issuing recommendations for modifying or rescinding them, with deadlines over the next few months.

President Trump has directed the group – chaired by David Sacks, the White House AI and Crypto Czar, and including the heads of the SEC and the Commodity Futures Trading Commission – to develop a framework for regulating digital assets and stablecoins, taking into account consumer protection, risk management, and market structure, and to evaluate the idea of creating a digital asset stockpile, which would be derived from “cryptocurrencies lawfully seized by the Federal Government through its law enforcement efforts.” On the campaign trail, President Trump floated the idea of a Bitcoin stockpile with the aim of making the U.S. the “crypto capital of the planet” and reducing the national debt. The recently issued EO does not specifically refer to a Bitcoin stockpile, but rather directs the working group to analyze the idea of a stockpile of digital assets, generally.

By contrast, the revoked 2022 EO 14067 from President Biden outlined six key priorities for crypto regulation: protecting U.S. interests, maintaining global financial stability, preventing illicit uses, promoting responsible innovation, enhancing financial inclusion, and ensuring U.S. leadership in the digital finance space. The Biden Administration’s regulatory framework faced criticism from cryptocurrency industry leaders, who argued that it created barriers for crypto firms and startups in accessing traditional banking services. President Trump’s EO appears oriented towards reversing these trends and making it easier for crypto companies to operate and access banking services. Additionally, the EO rescinds the Biden Treasury Department’s digital asset framework issued on July 7, 2022, which aimed to leverage central bank digital currencies to reinforce U.S. leadership in the global financial system while preventing illegal uses of digital currencies.

Cybersecurity

Biden’s Cybersecurity EOs Remain Intact

In his last week in office, President Biden issued EO 14144, “Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” building on his 2021 EO 14028 (“Improving the Nation’s Cybersecurity”). To date, President Trump has not rescinded either EO 14114 or EO 14028. EO 14114 directs federal government agencies to improve cybersecurity and defend digital infrastructure, promoting in particular secure software development and cloud security. The EO seeks to address persistent cyber threats from “adversarial countries and criminals” – in particular China – which, the EO states, disrupt the delivery of critical services and threaten Americans’ security and privacy. Given the bipartisan alignment on cybersecurity threats, especially from China, and National Security Advisor Mike Waltz’s statement that the Trump Administration is “hand in glove” with the Biden Administration on U.S. adversaries and national security issues, these EOs are likely to survive. Key provisions include:

Agencies, including the OMB and NIST, must issue guidance on cybersecurity standards, and the Federal Acquisition Regulation Council must amend its regulations to require federal contractors to follow the new minimum cybersecurity standards.
Agencies must adopt procedures to ensure that the software they use is secure and can be accessed only by appropriate parties.
Agencies must implement “strong identity authentication and encryption” to secure their internal communications.
To combat identity theft and benefits fraud, agencies are strongly encouraged to accept digital identity verification when determining eligibility for public benefits programs.
As part of a new comprehensive framework for integrating AI into federal cybersecurity efforts, DOE must launch a pilot program to evaluate AI-enhanced cyber defense capabilities. Similarly, the DOD must also establish an advanced AI cyber defense program within 270 days.
The types of cyber-related activities that will trigger sanctions have been expanded.

Key Appointments and Removals: Cybersecurity

Even while there are signals that the Trump Administration will continue to pursue similar cybersecurity policy objectives, there are important indicators of change. On January 20, 2025, Acting Secretary of Homeland Security Benjamine Huffman directed the termination of all current memberships on advisory committees within DHS, effective immediately. This had the effect of removing the private-sector representatives of the Cyber Safety Review Board (CSRB), a component of the DHS, established in May 2021 by President Biden’s EO 14028 (“Improving the Nation’s Cybersecurity”). The CSRB was charged with “review[ing] and assess[ing]” significant cyber incidents, and was composed of representatives from within the private sector and the U.S. Government. Since its establishment, the CSRB has published reports following reviews of three cyber incidents (Log4j, Lapsus$ and related threat actor groups, and the Summer 2023 Microsoft Exchange Intrusion).

The CSRB publicly confirmed in October 2024 that it would initiate a review of the “Salt Typhoon” incident, which involved attacks from a China state-backed threat actor, and held its first meeting to begin the investigation on December 6, 2024. The future membership of the CSRB is unknown, and it is uncertain whether the investigation into the “Salt Typhoon” incident will continue.

New Federal Acquisition Regulation: Controlled Unclassified Information

Just days before President Trump took office, the Department of Defense, General Services Administration, and National Aeronautics and Space Administration proposed new regulations related to Controlled Unclassified Information (CUI). The proposal would amend the Federal Acquisition Regulation that implements EO 13556, an Obama-era directive instructing agencies to create unified standards to define and protect CUI across all aspects of government. The proposed rule creates a standardized set of requirements to be incorporated into all government contracts that involve the handling of CUI. These requirements are comprehensive and broad in scope – covering (among other things) how CUI is identified, which cybersecurity standards apply to CUI, and how contractors must train employees and report CUI incidents.

The proposed rule carries both benefits and risks for government contractors. On the one hand, it aims to standardize the many existing cybersecurity requirements that vary across agencies, providing much-needed uniformity and clarity. However, the proposed rule also tightens many requirements, potentially creating new compliance risks for government contractors. Since the announcement of the DOJ’s Civil Cyber Fraud Initiative in October 2021, combatting cybersecurity-related fraud by government contractors under the False Claims Act has been a top priority for the DOJ, and the proposed rule could give rise to further enforcement actions if enacted.

The comment period expires on March 17, 2025. Although the proposed rule is subject to President Trump’s regulatory freeze memorandum (discussed below), given the ongoing importance of cybersecurity, it seems likely that the proposed rule will move forward in some form.

Deregulation Policies: Tech Impact

Regulatory Freeze

As is customary, President Trump (in addition to rescinding more than 70 EOs issued by the Biden Administration) issued a freeze of numerous Biden Administration policy and regulatory directives. His memorandum – which is similar to the regulatory freeze issued by the OMB on behalf of the President at the beginning of the Biden Administration – (1) places a moratorium on any new “rules” or “regulatory actions,” pending review by President Trump’s appointees; (2) directs agencies to immediately withdraw any rules sent out for publication but not yet published in the Federal Register; and (3) directs agencies to consider postponing, by 60 days, the effective dates of any rules that have been published but not taken effect.

The moratorium may affect several final rules or rule proposals during Biden’s Administration including executive actions on cybersecurity, data privacy, and AI, including:

The DOJ’s recent final rule on bulk U.S. sensitive personal data, which prohibits or restricts U.S. persons from engaging in covered data transactions involving certain categories of U.S. residents and/or government bulk sensitive personal data with covered persons and countries of concern (China, Cuba, Iran, North Korea, Russia, and Venezuela). Although the rule has an exception for certain corporate group transactions, the Biden Administration took a narrow view of the exception, and U.S. companies will need to proceed cautiously if the rule comes into effect as drafted.
The U.S. Commerce Department’s Bureau of Industry and Security’s connected-vehicles final rule, which bans certain imports and sales of vehicles from China (including Hong Kong) and Russia, as well as key hardware and software components, based on “undue or unacceptable risks” to U.S. national security.
The Information and Communications Technology and Services Supply Chain (ICTS) final rule, which permits the Secretary of Commerce to prohibit ICTS transactions or impose mitigation measures for ICTS transactions involving “persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries” posing certain “undue or unacceptable risks.”
The infrastructure-as-a-service (IaaS) notice of proposed rulemaking, which imposes restrictions on the activities of U.S. IaaS providers, including the training of large AI models, and relied significantly on the Biden AI EO.

For more information on the impact of the new administration’s regulatory freeze memorandum on regulations relevant to privacy, data, cybersecurity, technology, and artificial intelligence, see our recent client alert.

New Executive Order: Unleashing Prosperity Through Deregulation

On January 31, President Trump continued his deregulatory efforts, issuing an EO titled “Unleashing Prosperity Through Deregulation,” which aims to “promote prudent financial management and alleviate unnecessary regulatory burdens.” The EO directs:

Departments and agencies to identify 10 regulations for repeal for every new regulation issued,
Department and agency heads to ensure that the total cost of all new regulations for fiscal year 2025, including repealed regulations, is “significantly less than zero,”
OMB to issue guidance to agencies regarding the implementation of the above, including processes for standardizing the measurement and estimation of regulatory costs, and
OMB to revoke the Biden Administration’s 2023 version of OMB Circular No. A-4 and reinstate the prior version, which was issued in 2003. This action will return the threshold for conducting rigorous analysis to account for uncertainties about the benefits and costs of “significant” regulations from $200 million to $100 million, increasing scrutiny on more rules. The action also returns the discount rates for conducting cost-benefit analysis from a single 2% rate to a 7% rate for the cost of capital and a 3% rate for the social rate of time preference, meaning that rules with future, speculative benefits will be less likely to be considered cost-justified.

The EO demonstrates the Trump Administration’s commitment to across-the-board deregulation as a tool to reduce compliance costs, stimulate economic growth and innovation, and increase global competitiveness. It will have a significant impact on the rulemaking process during President Trump’s second term and increase the likelihood that many Biden Administration rules will be rescinded.

New Executive Order: Ensuring Lawful Governance and Implementing the President’s “Department of Government Efficiency” Deregulatory Initiative

On February 19, President Trump took the next step in his deregulatory efforts, issuing an EO titled “Ensuring Lawful Governance and Implementing the President’s ‘Department of Government Efficiency’ Deregulatory Initiative.” The EO has two main stated objectives: (1) to focus limited enforcement resources on “regulations squarely authorized by constitutional Federal statutes,” and (2) “to commence the deconstruction of the overbearing and burdensome administrative state.” The EO directs:

Evaluation of Regulations for Rescission
- Agency heads to coordinate with their DOGE Team Leads and Director of the Office of Management and Budget (OMB) to develop a process to review all regulations within their jurisdiction.
- Agency heads to identify—prioritizing those rules that qualify as “significant regulatory actions” under EO 12,866—(i) unconstitutional regulations; (ii) regulations based on unlawful delegations of legislative power; (iii) regulations based on anything other than the best reading of the relevant statute, in light of the Supreme Court’s decision in Loper Bright Enterprises v. Raimondo, 603 U.S. 369 (2024); (iv) socially, politically, or economically significant regulations not authorized by clear statutory authority; (v) regulations that impose significant costs on private parties not outweighed by public benefits; (vi) regulations that harm the national interest by significantly and unjustifiably impeding technological innovation, infrastructure development, disaster response, inflation reduction, research and development, economic development, energy production, land use, and foreign policy objectives; and (vii) regulations that impose undue burdens on small business and impede private enterprise and entrepreneurship.
- Agency heads to provide a list of all such regulations within 60 days (i.e., before April 20, 2025) to the Administrator of the Office of Information and Regulatory Affairs (OIRA) within OMB and to coordinate with the OIRA Administrator to develop a Unified Regulatory Agenda to rescind or modify the identified regulations, as appropriate.
Re-evaluation of Enforcement Priorities
- Agency heads to de-prioritize enforcement actions involving regulations that are not based on the best reading of a statute and that go beyond “the powers vested in the Federal Government by the Constitution.”
- Agency heads to determine whether ongoing enforcement of any of the identified regulations does not comport with “law and Administration policy.”
- Agency heads, in consultation with the OMB Director, to direct the termination of such enforcement proceedings, on a case-by-case basis and consistent with applicable law.

The EO provides three exemptions for: (i) any action related to a military, national security, homeland security, foreign affairs, or immigration-related function of the United States; (ii) any action related to the executive branch’s management of its employees; or (iii) anything else exempted by the Director of the Office of Management and Budget.

This most recent deregulatory EO is notable for two reasons. First, it provides agencies with the most specific guidance to date about which rules to prioritize for regulatory review and potential modification or rescission. Correlatively, it provides regulated entities with more insight into which regulations may receive scrutiny under the new Trump Administration. Second, it explicitly directs agencies to evaluate ongoing enforcement actions based on those regulations and to terminate them if they “do not comply with the Constitution, laws, or Administration policy.”

For more detailed analysis of this EO, please see our client alert here.

Federal Trade Commission

New Executive Order: Ending the Weaponization of Federal Government

President Trump’s EO 14147, “Ending the Weaponization of the Federal Government,” purports to address the Biden Administration’s “systematic campaign against its perceived political opponents.” The EO instructs the Attorney General to review all agencies with enforcement authority to identify any actions taken as part of this alleged campaign and prepare a report recommending remedial actions. The Director of National Intelligence must do the same for the intelligence community. Notably, the order singles out three agencies for scrutiny: the FTC, the DOJ, and the Securities and Exchange Commission (SEC).

This notable FTC callout comes on the heels of criticism of Chair Lina Khan’s leadership of the agency under the Biden Administration. In March 2023 and October 2024, Republican House staff issued two reports attacking Chair Khan’s purported mismanagement of the agency to pursue political and ideological aims, undermine agency norms, and centralize power.

Republican Commissioners had also been critical of former Chair Khan’s leadership. On February 14, 2023, Commissioner Christine Wilson publicly resigned in protest over what she alleged was Chair Khan’s “disregard for the rule of law and due process” that had made “it impossible to continue serving.” Similarly, in the waning days of the Biden Administration, Commissioner Andrew Ferguson (whom President Trump recently appointed as Chair) published multiple opinions criticizing the agency’s last minute actions as political, including one in which he described the FTC’s filing of a suit to be “one final insult to the Commission, its staff, and the rule of law” that was about “partisan politics, pure and simple.”

While the full implications of the EO are not yet clear, it provides support for the incoming Republican Commissioners to reevaluate ongoing or planned investigations, including several tech industry investigations launched under Chair Khan’s watch. At the very least, the EO signals that the FTC may move away from several of Chair Khan’s more ambitious enforcement initiatives and administrative changes.

New Executive Order: Ensuring Lawful Governance and Implementing the President’s “Department of Government Efficiency” Deregulatory Initiative

Evaluation of Regulations for Rescission
- Agency heads to coordinate with their DOGE Team Leads and Director of the Office of Management and Budget (OMB) to develop a process to review all regulations within their jurisdiction.
- Agency heads to identify—prioritizing those rules that qualify as “significant regulatory actions” under EO 12,866—(i) unconstitutional regulations; (ii) regulations based on unlawful delegations of legislative power; (iii) regulations based on anything other than the best reading of the relevant statute, in light of the Supreme Court’s decision in Loper Bright Enterprises v. Raimondo, 603 U.S. 369 (2024); (iv) socially, politically, or economically significant regulations not authorized by clear statutory authority; (v) regulations that impose significant costs on private parties not outweighed by public benefits; (vi) regulations that harm the national interest by significantly and unjustifiably impeding technological innovation, infrastructure development, disaster response, inflation reduction, research and development, economic development, energy production, land use, and foreign policy objectives; and (vii) regulations that impose undue burdens on small business and impede private enterprise and entrepreneurship.
- Agency heads to provide a list of all such regulations within 60 days (i.e., before April 20, 2025) to the Administrator of the Office of Information and Regulatory Affairs (OIRA) within OMB and to coordinate with the OIRA Administrator to develop a Unified Regulatory Agenda to rescind or modify the identified regulations, as appropriate.
Re-evaluation of Enforcement Priorities
- Agency heads to de-prioritize enforcement actions involving regulations that are not based on the best reading of a statute and that go beyond “the powers vested in the Federal Government by the Constitution.”
- Agency heads to determine whether ongoing enforcement of any of the identified regulations does not comport with “law and Administration policy.”
- Agency heads, in consultation with the OMB Director, to direct the termination of such enforcement proceedings, on a case-by-case basis and consistent with applicable law.

This most recent deregulatory EO is notable for two reasons. First, it provides agencies with the most specific guidance to date about which rules to prioritize for regulatory review and potential modification or rescission. Correlatively, it provides regulated entities with more insight into which regulations may receive scrutiny under the new Trump Administration. Second, it explicitly directs agencies to evaluate ongoing enforcement actions based on those regulations and to terminate them if they “do not comply with the Constitution, laws, or Administration policy.”

For more detailed analysis of this EO, please see our client alert here.

Technology Investment

New Federal Initiative: Stargate Project

On January 21, 2025, the Trump Administration announced the Stargate Project, a $500 billion AI infrastructure venture backed by leading technology and investment firms. The project represents a precedent-setting public-private partnership aimed at making the U.S. a global leader in AI infrastructure and compute capability.

This announcement builds on EO 14141, which, as noted above, similarly aims to accelerate AI infrastructure development via clean energy resources on federal lands. But in contrast to the Biden plan, Stargate seeks to deploy significantly more resources by leveraging private capital and private enterprise. Key takeaways include:

The project is structured as a phased investment, with an initial $100 billion deployment and a promise to hit $500 billion within five years. Among the projects mentioned at the press conference, the greatest focus was on an ongoing data-center development.
The project aims to secure U.S. technological dominance in AI processing capacity, support domestic and allied security interests, and mitigate reliance on foreign AI infrastructure.
From an economic standpoint, Stargate is expected to create over 100,000 jobs in AI infrastructure, cloud computing, and clean energy development.
Initial Stargate equity funders include OpenAI, which will lead AI model development and operations, SoftBank (which will oversee financing), and Oracle and MGX (which, alongside technology partners such as Microsoft, NVIDIA, and Arm, will provide the cloud, semiconductor, and compute capabilities necessary to scale operations).

New Executive Order: President Trump Revamps Science and Technology Advisory Council, With a Focus on Emerging Technologies and Promoting American Technological Leadership

On January 23, 2025, President Trump issued EO 14177, rechartering the President’s Council of Advisors on Science and Technology (PCAST) for a minimum of two years to advise on policies related to science, technology, and innovation, with a specific emphasis on emerging technologies including AI, quantum computing, and advanced biotechnology. The accompanying fact sheet explains that PCAST will “champion bold investments in innovation, the elimination of bureaucratic barriers, and actions to help the United States remain the world’s premier hub for scientific and technological breakthroughs.” The fact sheet also announces that the President’s science and technology policies will be “refocused” on “results-driven excellence and merit-based achievement” to combat the “threat from ideological agendas,” which, according to the EO, have “eroded public trust, undermined the integrity of research, stifled innovation, and weakened America’s competitive edge.” The EO additionally states that achieving and maintaining “unquestioned and unchallenged global technological dominance” is a “national security imperative,” and that PCAST’s advice will inform policies concerning national and homeland security, the American economy, and the American worker.

President Trump’s restructured PCAST will include up to 24 members and will be co-chaired by the White House A.I. and Crypto Czar (technology investor David Sacks) and the Assistant to the President for Science and Technology (President Trump’s former Chief Technology Officer Michael Kratsios), who may in turn designate up to two PCAST members as vice chairs. PCAST is tasked with meeting regularly to respond to requests for information and advice from the President or the co-chairs; soliciting information from a broad range of stakeholders; and serving as an advisory body related to high-performance computing and nanotechnology, and to the National Science and Technology Council. PCAST is also authorized to create standing subcommittees and ad hoc groups.

In his first term, President Trump waited nearly two years to recharter PCAST and appointed only seven members, many of whom had backgrounds in business rather than technology. The timing and structure of President Trump’s EO suggests that PCAST will play a more significant role during his second term, and that it will be fully staffed to support his administration’s efforts to cultivate emerging technologies and the artificial intelligence and cryptocurrency industries.

Looking Ahead

The Trump Administration has set a deregulatory, pro-innovation tone for domestic tech policy, with reversals from Biden-era policies on the approach to AI, content moderation, digital assets and regulation of the tech sector. There is more continuity on the international front, with the Trump Administration continuing the Biden Administration’s focus on cybersecurity and export controls of sensitive technology, particularly as to China, albeit while dismantling key public-private partnerships that focused on these areas.

As the Trump Administration fills in the details of its new tech policy agenda, Gibson Dunn lawyers will be watching closely and are ready to advise businesses on breaking developments.

Please click on the link below to view our previous alert and charts covering some of the most relevant recent rulemaking in the areas of data privacy, cybersecurity, and AI:

Read More

The following Gibson Dunn lawyers prepared this update: Ashlie Beringer, Vivek Mohan, Ashley Rogers, Stephenie Gosnell Handler, Frances Waldmann, Jane Horvath, Keith Enright, Cassandra Gaedt-Sheckter, Natalie Hausknecht, Wesley Sze, Abbey Barrera, Sara Weed, Stanton Burke, Eric Brooks, Maura Carey, Hugh Danilack, Michael Landell, Anne Lonowski, Emma Wexler, Christina Barta, Morgan Carter, and Shri Dayanandan.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Artificial Intelligence or Privacy, Cybersecurity & Data Innovation practice groups:

Artificial Intelligence:

Keith Enright – Palo Alto (+1 650.849.5386, kenright@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, cgaedt-sheckter@gibsondunn.com)
Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Robert Spano – London/Paris (+33 1 56 43 13 00, rspano@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)
Frances A. Waldmann – Los Angeles (+1 213.229.7914,fwaldmann@gibsondunn.com)

Privacy, Cybersecurity, and Data Innovation:

United States:
Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, aberinger@gibsondunn.com)
Ryan T. Bergsieker – Denver (+1 303.298.5774, rbergsieker@gibsondunn.com)
Gustav W. Eyler – Washington, D.C. (+1 202.955.8610, geyler@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, cgaedt-sheckter@gibsondunn.com)
Svetlana S. Gans – Washington, D.C. (+1 202.955.8657, sgans@gibsondunn.com)
Lauren R. Goldman – New York (+1 212.351.2375, lgoldman@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Natalie J. Hausknecht – Denver (+1 303.298.5783, nhausknecht@gibsondunn.com)
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, jhorvath@gibsondunn.com)
Martie Kutscher Clark – Palo Alto (+1 650.849.5348, mkutscherclark@gibsondunn.com)
Kristin A. Linsley – San Francisco (+1 415.393.8395, klinsley@gibsondunn.com)
Timothy W. Loose – Los Angeles (+1 213.229.7746, tloose@gibsondunn.com)
Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Rosemarie T. Ring – Co-Chair, San Francisco (+1 415.393.8247, rring@gibsondunn.com)
Ashley Rogers – Dallas (+1 214.698.3316, arogers@gibsondunn.com)
Sophie C. Rohnke – Dallas (+1 214.698.3344, srohnke@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)
Benjamin B. Wagner – Palo Alto (+1 650.849.5395, bwagner@gibsondunn.com)
Debra Wong Yang – Los Angeles (+1 213.229.7472, dwongyang@gibsondunn.com)

Europe:
Ahmed Baladi – Co-Chair, Paris (+33 (0) 1 56 43 13 00, abaladi@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33-180, kgesing@gibsondunn.com)
Joel Harrison – Co-Chair, London (+44 20 7071 4289, jharrison@gibsondunn.com)
Lore Leitner – London (+44 20 7071 4987, lleitner@gibsondunn.com)
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, vlukic@gibsondunn.com)
Lars Petersen – Frankfurt/Riyadh (+49 69 247 411 525, lpetersen@gibsondunn.com)
Robert Spano – London/Paris (+44 20 7071 4000, rspano@gibsondunn.com)

Asia:
Connell O’Neill – Hong Kong (+852 2214 3812, coneill@gibsondunn.com)
Jai S. Pathak – Singapore (+65 6507 3683, jpathak@gibsondunn.com)

We are pleased to provide you with the January edition of Gibson Dunn’s digital assets regular update. This update covers recent legal news regarding all types of digital assets, including cryptocurrencies, stablecoins, CBDCs, and NFTs, as well as other blockchain and Web3 technologies. Thank you for your interest.

ENFORCEMENT ACTIONS

UNITED STATES

Federal Judge Grants Coinbase Leave to Seek Interlocutory Appeal in SEC Enforcement Action
On January 7, in the SEC’s enforcement action against Coinbase, U.S. District Judge Katherine Polk Failla of the Southern District of New York granted Coinbase permission to seek an interlocutory appeal of the court’s ruling denying in part Coinbase’s motion for judgment on the pleadings. The district court authorized Coinbase to seek leave from the Second Circuit to resolve the issue “whether transactions involving crypto-assets of the kind Coinbase intermediates are ‘investment contracts,’ and thus securities, for purposes of the Securities Act.” The district court also stayed the enforcement action pending appeal. On January 21, Coinbase filed its brief in the Second Circuit seeking that court’s permission to proceed with the interlocutory appeal. Banking Dive; Denial of Judgment on the Pleadings; Grant of Interlocutory Appeal; Second Circuit Brief.
KuCoin Agrees to Pay Nearly $300 Million in Criminal Penalties
On January 27, 2025, Peken Global Limited—the Seychelles-based entity that operates “KuCoin”—pled guilty to one count of operating an unlicensed money transmitting business. According to the DOJ’s press release, KuCoin and its affiliates failed to implement effective AML and KYC programs in violation of the Bank Secrecy Act, failed to report suspicious transactions, and failed to register with the U.S. Department of Treasury’s Financial Crimes Enforcement Network (FinCEN). According to the DOJ, KuCoin had approximately 1.5 million registered users in the United States and earned approximately $184.5 million in fees from those users. KuCoin agreed to criminally forfeit $184.5 million and pay a criminal fine of approximately $112.9 million, however, the total monetary penalty is expected to be offset by a potential settlement with the U.S. Commodity Futures Trading Commission and a $5.3 million fine KuCoin already paid as part of a civil settlement with the New York Attorney General’s Office. KuCoin will also exit the U.S. market for at least the next two years, and KuCoin founders Chun “Michael” Gan and Ke “Eric” Tang, who were indicted along with Peken in March 2024, reached deferred prosecution agreements whereby they agreed to no longer have any role in KuCoin’s management or operations. DOJ; Law360; Reuters; The Block; MLex.
BitMEX Fined $100 Million For Bank Secrecy Act Violations
On January 15, crypto exchange HDR Global Trading Ltd., a/k/a BitMEX, was fined $100 million and ordered to serve two years of unsupervised probation for violating the Bank Secrecy Act by failing to establish an adequate anti-money laundering and know-your-customer program. BitMEX said in a statement that it is “glad to move past this matter, and look[s] forward to continuing to focus on innovation and delivering the best products and services to our users without further distraction.” DOJ; Global Investigations Review; Law360; BitMEX.
DCG and Ex-Genesis CEO Agree to Pay SEC $38.5 Million to Settle SEC Charges
On January 17, Digital Currency Group (DCG) and Sochiro “Michael” Moro, former CEO of DCG’s crypto trading subsidiary, Genesis Global Capital LLC, agreed to pay the SEC $38.5 million in civil penalties to settle securities fraud claims. DCG will pay $38 million to the SEC, with Moro paying the remaining $500,000. Both DCG and Moro also agreed to a cease-and-desist order; neither admitted liability. A spokesperson for DCG said that the company is “pleased to have concluded an extensive investigation process that was limited in its findings and focused on the social media posts and communications made by our former operating subsidiary.” SEC; Law360; CoinDesk.
NYAG Initiated Suit to Recover $2.2M from Crypto Scammers
On January 11, NY Attorney General Letitia James filed a lawsuit to recover $2.2 million of frozen cryptocurrency allegedly fraudulently solicited from New Yorkers. The complaint alleges a scheme whereby scammers sent text messages to New Yorkers promising them fake remote jobs as product reviewers: victims were told to create crypto accounts, deposit funds with their own bank accounts, and then review products on fake websites. They were told they would get their money back plus commission, but allegedly never received payment. None of the alleged scammers’ identities are named in the complaint. As the scammers are unidentified, James plans to serve process on them by airdropping an NFT to the wallets used to allegedly steal the victims’ cryptocurrency. According to the New York Attorney General, this would be the first time a state or federal regulator has proposed serving a lawsuit in this manner; New York courts have allowed a private plaintiff to serve process via NFT in the past. The Block; Cointelegraph; Complaint.
Operators of Cryptocurrency Privacy Services Charged with Money Laundering
Russian operators of the cryptocurrency privacy services Blender.io and Sinbad.io, have been indicted by a federal grand jury. According to the DOJ, Blender.io and Sinbad.io were used by cybercriminals “launder funds stolen from victims of ransomware, virtual currency thefts, and other crimes.” The government alleges that Blender.io and Sinbad.io, the operators, designed the services to hide the source of cryptocurrency, making them “save havens” for laundering criminally derived funds. The indictment of the individual operators come after Blender.io and Sinbad.io were sanctioned by the Department of Treasury’s Office of Foreign Assets Control (OFAC) in 2022 and 2023 respectively. According to the Department of Justice, Ostapenko and Oleynik have been arrested; Tarasov remains at large. DOJ; The Block.
Terraform Labs Co-founder Do Kwon Pleads Not Guilty to Criminal Charges in New York Following Extradition
On January 2, Do Kwon pleaded not guilty to charges including wire fraud, securities fraud, and money laundering following his extradition to the United States from Montenegro a few days before. The charges stem from Kwon’s alleged involvement with the stablecoin Terra USD, which fell dramatically in value in 2022. Montenegro extradited Kwon after months of debate on whether Kwon should face charges in the United States or in South Korea. The Block; DOJ.

REGULATION AND LEGISLATION

UNITED STATES

President Trump Signs Executive Order on Crypto to Promote U.S. Leadership in Blockchain and Digital Assets
On January 23, President Trump signed an Executive Order titled “Strengthening American Leadership in Digital Financial Technology” which outlines several key policies regarding crypto, including: ensuring access to open public blockchain networks, ensuring fair access to banking services for the crypto industry, providing regulatory clarity, and protecting against the risk of central bank digital currencies (CBDCs) by prohibiting their establishment in the U.S. This Executive Order revoked former President Biden’s Order on crypto and effectively rescinded all policies and directives issued pursuant to it. The Order also establishes a working group within the National Economic Council to craft a new federal regulatory scheme for digital assets. The Block; Cointelegraph.
President Trump Picks Caroline Pham as Acting Chair of the CFTC
Caroline Pham, who had been serving as a CFTC commissioner since April 2022 after being nominated by former President Biden, will be acting Chair of the financial regulator and replace Rostin Behnam. As a commissioner, Pham had called on the government to address crypto regulation and had proposed initiatives to protect investors. Pham nominated Harry Jung as Chief of Staff; according to the CFTC’s statement, Jung will lead the CFTC’s engagement with the crypto industry. CFTC; Cointelegraph; CoinDesk.
Trump Names Mark Uyeda Acting SEC Chair
On January 21, the SEC announced that President Trump designated Mark T. Uyeda as Acting Chairman of the agency, assuming the role left open by Gary Gensler’s resignation until the Senate confirmation of Paul Atkins as the nominated permanent Chair. Uyeda has been a strong critic of Gensler’s approach to regulating digital assets, and is expected to be much friendlier to the industry. “The environment we have created for the crypto asset markets, especially as it relates to secondary trading, is untenable,” said Acting Chairman Uyeda and Commissioner Hester M. Peirce in a March 5, 2024 statement. SEC; Reuters; AP; March 5, 2024 Statement.
SEC Launching Crypto Task Force
On January 21, SEC Acting Chairman Mark T. Uyeda launched a “crypto task force” “dedicated to developing a comprehensive and clear regulatory framework for crypto assets.” According to the press release, SEC Commissioner Hester Peirce will head the task force. “We look forward to working hand-in-hand with the public to foster a regulatory environment that protects investors, facilitates capital formation, fosters market integrity, and supports innovation,” said Peirce. Richard Gabbert, Senior Advisor to the Acting Chairman, and Taylor Asher, Senior Policy Advisor to the Acting Chairman, will serve as the task force’s Chief of Staff and Chief Policy Advisor. Significantly, the Commission’s press release announcing the task force noted that “[t]o date, the SEC has relied primarily on enforcement actions to regulate crypto retroactively and reactively, often adopting novel and untested legal interpretations along the way. Clarity regarding who must register, and practical solutions for those seeking to register, have been elusive. The result has been confusion about what is legal, which creates an environment hostile to innovation and conducive to fraud. The SEC can do better.” SEC; CoinDesk; The Hill.
SEC Rescinds Crypto Accounting Guidance SAB 121
The SEC’s Division of Corporate Finance and Office of the Chief Accountant have issued Staff Accounting Bulletin (SAB) 122, which rescinds the prior and controversial SAB 121. SAB 121 required firms that custody cryptocurrencies to record their customers’ holdings as liabilities on their balance sheet. The guidance had sparked much criticism in the industry in the past year. Last year, the House and Senate voted to repeal SAB 121, though the measure was vetoed by former President Biden. The Block; CoinDesk.
IRS Delays Implementing Crypto Cost-Basis Reporting Rules
The IRS announced that it is postponing the new tax reporting requirements for crypto until 2026. Under the proposed rule, if a taxpayer has not identified a preferred accounting method, the First-in, First-out (FIFO) will be used, treating the earliest acquired asset as sold first. Under this method, the IRS would maximize capital gains (and therefore tax) for investors. This temporary relief will give brokers a grace period during which they can develop other, more advantageous accounting methods. IRS; The Block.

INTERNATIONAL

Proposal to Mandate Swiss National Bank to Hold Bitcoin Underway
On December 31, 2024, the Swiss Federal Chancellery set in motion a proposal that, if adopted, would mandate the Swiss National Bank to hold Bitcoin on its balance sheet. In order to be put to a national referendum, the proposal must garner 100,000 signatures by June 30, 2026. Several other countries are considering adopting Bitcoin, notably the United States (where Senator Cynthia Lummis sponsored a Bitcoin reserve bill), Brazil, and Poland. Reuters; Cointelegraph.

CIVIL LITIGATION

UNITED STATES

Gibson Dunn Secures Win for Coinbase against the SEC in the Third Circuit
On January 13, a unanimous Third Circuit panel held that the SEC’s denial of Coinbase’s petition for rulemaking regarding digital assets was “conclusory and insufficiently reasoned” and therefore arbitrary and capricious under the Administrative Procedure Act. In an opinion penned by Judge Ambro, the Court remanded Coinbase’s petition to the SEC for a more complete explanation. A concurring opinion by Judge Bibas further took the SEC to task on due-process grounds. Judge Bibas faulted the agency for failing to provide “meaningful guidance on which crypto assets it views as securities,” adding that the SEC’s “silence and contradictory unofficial signals breed uncertainty,” target “a whole industry,” and risk “de facto banning it.” Judge Bibas added that the SEC’s “caginess” about how the securities laws apply to digital assets “creates a serious constitutional problem” that should be addressed in SEC enforcement actions against crypto firms. Westlaw Today; Opinion.
OKX Facing Nationwide Class Action
On January 13, a proposed nationwide class action was filed in the U.S. District Court for the Northern District of California alleging that OKX, one of the world’s largest crypto exchanges, violated the Bank Secrecy Act by allegedly failing to comply with anti-money laundering and know-your-customer rules. The class-action complaint also asserts RICO claims, among others. The proposed class is defined as U.S. users whose digital assets were taken from a non-OKX wallet and transferred to an account on the platform. Law360; Law.com.
Celsius to Challenge $445M Claim Denial in FTX Bankruptcy
On January 2, Celsius filed a notice in Delaware district court that it is appealing U.S. bankruptcy Judge John T. Dorsey’s findings that FTX had not received sufficient notice an avoidance claim was coming and that Celsius’ attempt to amend the claim a year after the claim deadline was improper. Celsius had filed a $2 billion proof of claim in June 2023, only one day before the claims deadline in the FTX bankruptcy. Celsius alleged that it might have had claims based on disparaging statements about Celsius made by FTX officers pre-bankruptcy and that it was investigating other potential claims, including some that might allow it to claw back asset transfers from Celsius. One year later, Celsius filed a revised proof of claim, alleging $445M in preferential transfers to FTX that were subject to clawback. Judge Dorsey issued an opinion holding that the June 2023 statement that Celsius was investigating other potential claims did not give FTX sufficient notice of the avoidance claim. Law360.

SPEAKER’S CORNER

UNITED STATES

Wisconsin Rep. Bryan Steil to lead U.S. House Subcommittee on Digital Assets
On January 9, Republican Representative FTX was announced as the new leader of the Subcommittee on Digital Assets, Financial Technology and Artificial Intelligence. Congressman Steil previously served as a member of the Subcommittee on Digital Assets, Financial Technology and Inclusion in the 118th Congress and is serving his fourth term on the Financial Services Committee. As a member of the Committee, Steil voted for both the FIT21 and the stablecoin bill. He has also been particularly critical of the SEC and their approach to crypto, under the Biden Administration. The Block.
Treasury Secretary Nominee Opposes U.S. CBDC
On January 16, during his nomination hearing before the Senate Finance Committee, Scott Bessent, who was confirmed as Treasury Secretary in a bipartisan vote, expressed strong opposition to the idea of a U.S. central bank digital currency (CBDC): “I see no reason for the U.S. to have a central bank digital currency. . . . In my mind, a central bank digital currency is for countries who have no other investment alternatives.” Separately, when asked about the Treasury’s financial-crimes arm, and in the context of terrorist financing, Bessent said: “I believe we have to have a 2025 approach to . . . digital currencies.” CoinDesk; Decrypt.
Congress To Investigate “Debanking” Practices
The House Oversight Committee and the Senate Banking Committee unveiled plans to investigate “debanking” practices, with a focus on those levied against digital asset businesses and founders. “Debanking,” or “de-risking,” in this context is the practice of government authorities issuing guidance or exerting pressure on financial institutions to close or refuse to open bank accounts on behalf of a certain class of business. On January 24, Representative James Comer, Chairman of the House Oversight Committee, published a letter he sent to six “leaders of digital asset corporations and associations,” writing that the “Committee is interested in engaging individuals who have been debanked and, specifically, how these actions hurt innovation, entrepreneurs, and workers,” and that “the Committee seeks to understand the financial institutions and regulators involved.” On the same day, Senator Tim Scott, Chair of the Senate Banking Committee, announced plans to hold a hearing on debanking on February 5, 2025, stating that “under Operation Chokepoint 2.0, Biden regulators abused their power and forced financial institutions to cut off services to digital asset firms.” Comer; Scott; The Block.
Senate Digital Assets Chair Warns FDIC Not To Destroy Materials Related To “Debanking”
On January 16, Senator Cynthia Lummis sent a letter to the Chair of the FDIC urging the agency to “preserve all existing materials . . . relating to the FDIC’s digital asset activities since January 1, 2022 . . . .” Senator Lummis asserted that whistleblowers at the FDIC informed her that “destruction of materials is occurring” and that “staff have been threatened with legal action to prevent them from speaking out.” Senator Lummis, Chair of the Senate Banking Subcommittee on Digital Assets, appears to be particularly concerned with the destruction of evidence related to an alleged FDIC effort to limit banks’ provision of services to digital asset businesses. Letter; Press Release; CoinDesk.

OTHER NOTABLE NEWS

New York Department of Financial Services Launches Transatlantic Regulatory Exchange with Bank of England
On January 13, the New York Department of Financial Services (DFS) launched the Transatlantic Regulatory Exchange (TRE), “an international secondment program which allows DFS and other regulators to exchange staff, enabling greater sharing of resources, knowledge, and regulatory approaches.” According to the DFS’ press release, the first secondment under the program will begin in February with DFS and the Bank of England exchanging staff with expertise in emerging payments and digital assets. The initiative is designed to strengthen regulatory frameworks, protect consumers, and support innovation by connecting New York and London, says DFS Superintendent Adrienne A. Harris. NYDFS; JD Supra.
New York Department of Financial Services Issues a Consumer Alert Warning of Risks Associated with Memecoins
On January 16, the NYDFS issued an alert on “rapidly proliferating, sentiment-based” cryptocurrencies, typically referred to as memecoins. The agency noted that the platforms used to create these coins are not regulated by the NYDFS and are thus not subject to the rules and regulations in place for other virtual currencies. The agency warned of significant price volatility and manipulation by the creators of the coins, including “pump-and-dump schemes” (artificially inflating price while selling one’s own supply) and “rug pulls” (removing the liquidity from a coin so that selling is no longer possible). The alert warned consumers that these virtual currencies present “exceptional risk of fraud and loss of funds.” NYDFS.
President Trump Pardons Silk Road Founder Ross Ulbricht
On January 21, President Trump pardoned the founder of what prosecutors had described as a “global, black-market bazaar” where over 100,000 individuals were able to purchase drugs and other illegal services before Ulbricht’s arrest in 2013. The network used the Tor network and accepted Bitcoin as payment to allow users to interact anonymously. Ulbricht was serving multiple life sentences without the possibility of parole. The Block; Reuters.

The following Gibson Dunn lawyers contributed to this issue: Jason Cabral, Kendall Day, Jeff Steiner, Sara Weed, Sam Raymond, Nick Harper, Jamie Miller*, Justin Fishman, Theo Curie, and Tin Le.

FinTech and Digital Assets Group Leaders / Members:

Ashlie Beringer, Palo Alto (+1 650.849.5327, aberinger@gibsondunn.com)

Michael D. Bopp, Washington, D.C. (+1 202.955.8256, mbopp@gibsondunn.com

Stephanie L. Brooker, Washington, D.C. (+1 202.887.3502, sbrooker@gibsondunn.com)

Jason J. Cabral, New York (+1 212.351.6267, jcabral@gibsondunn.com)

Ella Alves Capone, Washington, D.C. (+1 202.887.3511, ecapone@gibsondunn.com)

M. Kendall Day, Washington, D.C. (+1 202.955.8220, kday@gibsondunn.com)

Michael J. Desmond, Los Angeles/Washington, D.C. (+1 213.229.7531, mdesmond@gibsondunn.com)

Sébastien Evrard, Hong Kong (+852 2214 3798, sevrard@gibsondunn.com)

William R. Hallatt, Hong Kong (+852 2214 3836, whallatt@gibsondunn.com)

Martin A. Hewett, Washington, D.C. (+1 202.955.8207, mhewett@gibsondunn.com)

Sameera Kimatrai, Dubai (+971 4 318 4616, skimatrai@gibsondunn.com)

Michelle M. Kirschner, London (+44 (0)20 7071.4212, mkirschner@gibsondunn.com)

Stewart McDowell, San Francisco (+1 415.393.8322, smcdowell@gibsondunn.com)

Mark K. Schonfeld, New York (+1 212.351.2433, mschonfeld@gibsondunn.com)

Orin Snyder, New York (+1 212.351.2400, osnyder@gibsondunn.com)

Ro Spaziani, New York (+1 212.351.6255, rspaziani@gibsondunn.com)

Jeffrey L. Steiner, Washington, D.C. (+1 202.887.3632, jsteiner@gibsondunn.com)

Eric D. Vandevelde, Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)

Benjamin Wagner, Palo Alto (+1 650.849.5395, bwagner@gibsondunn.com)

Sara K. Weed, Washington, D.C. (+1 202.955.8507, sweed@gibsondunn.com)

*Jamie Miller, an associate in the firm’s New York office, is admitted to practice only in the District of Columbia.

We are pleased to share with you the Gibson Dunn 2024 Legal Retrospective Report, a comprehensive collection of our thought leadership and insights on the most significant legal developments of the past year. This report highlights our expert analysis on key judicial decisions, regulatory trends, and legislative shifts across the depth of our practices. As a corollary to our real-time updates, we hope this compendium will serve as a valuable resource in assimilating changes that transpired in 2024, and the shape of the legal landscape entering the new year. Looking to 2025, we remain dedicated to providing you practical guidance to navigate rapidly evolving circumstances, and to address the impact of legal developments on your business, operations, and strategic planning.

Our content is always intended as a touchstone to engage with our clients – thank you, and we eagerly anticipate continuing these critical conversations in the year ahead!

Click to View

Leading practitioners from our Los Angeles, Orange County, San Francisco, and Palo Alto offices hosted Gibson Dunn’s annual complimentary MCLE briefing, offering 10 hours of CLE credit, including specialty subjects such as Ethics, Elimination of Bias, Competence, and the new Technology and Civility requirements.

The three-day program featured discussions on key developments at the United States Supreme Court and SEC, labor and employment trends, litigating in the press, the use of AI by legal professionals, and new tools to promote civility, among other relevant topics.

Recordings, materials, and CLE details are available below.

For any questions regarding the program or future events, please contact LAEvents@gibsondunn.com. For inquiries about CLE accreditation, please reach out to cle@gibsondunn.com.

Imposter Syndrome in the Legal Profession

PANELISTS:

Tiaunia Henry
Miguel Loza Jr.
James Keshavarz

The Constitution, Homelessness, and the Supreme Court: Post Grants Pass Victory

PANELISTS:

Theane Evangelis
Bradley J. Hamburger
Jesse Sharf

SEC and Other Developments for Public Companies and Investment Advisers

PANELISTS:

Michael A. Titera
Kevin Bettsteller
Lauren M. Assaf-Holmes

Supreme Court Roundup

PANELISTS:

Lauren M. Blas
Samuel Eckman

The Pitfalls of Litigating in the Press

PANELISTS:

Michael H. Dore
Abbey A. Barrera
Wesley Sze

Enough Already! New Tools to Reduce Incivility

PANELISTS:

Presiding Justice Brian S. Currey
Poonam G. Kumar

Latest Trends & Hot Topics in CA Labor & Employment

PANELISTS:

Cynthia Chen McTernan
Megan Cooney

MCLE CREDIT INFORMATION:

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 6.0 credit hours, of which 0.25 credit hour may be applied toward the Elimination of Bias requirement, 1.0 credit hour may be applied toward the Wellness Competence requirement, 1.0 credit hour may be applied toward the Ethics requirement, 1.0 credit hour may be applied toward the Civility in the Legal Profession requirement, and 2.75 credit hours may be applied toward the General Practice requirement.

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 6.0 credit hours, of which 2.0 credit hours may be applied toward Ethics and Professionalism, 1.0 credit hour may be applied toward Law Practice Management, and 3.0 credit hours may be applied toward Areas of Professional Practice. These courses are approved for transitional/non-transitional credit.

Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. It is the opinion of this provider that this activity qualifies for up to 6.0 hours toward your annual CLE requirement in Connecticut, including 3.25 hours of ethics/professionalism.

From the Derivatives Practice Group: This week, the CFTC and SEC extended the Form PF amendments compliance date from March 12, 2025 to June 12, 2025.

New Developments

CFTC and SEC Extend Form PF Amendments Compliance Date. The Commodity Futures Trading Commission, together with the Securities and Exchange Commission, extended the compliance date for the amendments to Form PF that were adopted Feb. 8, 2024. The compliance date for these amendments, which was originally March 12, 2025, has been extended to June 12, 2025. Form PF is the confidential reporting form for certain SEC-registered investment advisers to private funds, including those that also are registered with the CFTC as commodity pool operators or commodity trading advisers. This extension will mitigate certain administrative and technological burdens and costs associated with the prior compliance date. This extension will also provide more time for filers to program and test for compliance with these amendments. [NEW]
Acting Chairman Pham Launches Public Roundtables on Innovation and Market Structure. On January 27, Acting Chairman Pham announced the launch of a series of public roundtables on evolving trends and innovation in market structure, including issues such as affiliated entities and conflicts of interest, prediction markets, and digital assets. Pham renewed calls for open public engagement and increased transparency by the CFTC on its policy approach to changes in derivatives markets last year. [NEW]
Acting Chairman Pham Announces CFTC Leadership Changes. On January 22, Acting Chairman Pham announced the following CFTC leadership changes: Acting Chief of Staff: Harry Jung; Acting General Counsel: Meghan Tente; Acting Director of the Office of Public Affairs: Taylor Foy; Acting Director of the Office of Legislative and Intergovernmental Affairs: Nicholas Elliot; Acting Director of the Division of Market Oversight: Amanda Olear; Acting Director of the Division of Clearing and Risk: Richard Haynes; Acting Director of the Market Participants Division: Tom Smith; Acting Director of the Division of Enforcement: Brian Young; Acting Director of the Office of International Affairs: Mauricio Melara.
SEC Acting Chairman Uyeda Announces Formation of New Crypto Task Force. On January 21, SEC Acting Chairman Uyeda launched a crypto task force that, according to the SEC, is dedicated to developing a comprehensive and clear regulatory framework for crypto assets. Commissioner Hester Peirce will lead the task force. Richard Gabbert, Senior Advisor to the Acting Chairman, and Taylor Asher, Senior Policy Advisor to the Acting Chairman, will serve as the task force’s Chief of Staff and Chief Policy Advisor, respectively. The SEC said that the task force will collaborate with SEC staff and the public to set the SEC on a sensible regulatory path that respects the bounds of the law and that the task force’s focus will be to help the SEC draw clear regulatory lines, provide realistic paths to registration, craft sensible disclosure frameworks, and deploy enforcement resources judiciously. The Sec indicated that the task force will operate within the statutory framework provided by Congress, coordinate the provision of technical assistance to Congress as it makes changes to that framework, and coordinate with federal departments and agencies, including the CFTC, and state and international counterparts.
CFTC Names Caroline D. Pham Acting Chairman. On January 20, the CFTC announced the members of the Commission have unanimously elected Commissioner Caroline D. Pham as Acting Chairman, effective January 20, 2025. Acting Chairman Pham was nominated to be a CFTC Commissioner on January 12, 2022 and unanimously confirmed by the U.S. Senate on March 28, 2022, for a term beginning on April 14, 2022 and expiring on April 13, 2027. She succeeds Rostin Behnam, who served as Chairman since January 4, 2022 and will remain a Commissioner until his departure on February 7, 2025. On January 21, Acting Chairman Pham made the following statement: “I’m humbled and grateful to be entrusted by President Trump to lead the CFTC as we approach a significant milestone in our history with tremendous opportunities ahead. For the past half century, the CFTC has proudly served our mission to promote market integrity and liquidity in the commodity derivatives markets that are critical to the real economy and global trade—ensuring American growers, producers, merchants and other commercial end-users can mitigate risks to their business and support strong U.S. economic growth. As the CFTC celebrates our 50th anniversary, we must also refocus and change direction with new leadership to fulfill our statutory mandate to promote responsible innovation and fair competition in our markets that have continually evolved over the decades. It’s time for the CFTC to get back to the basics. I’m honored to work alongside our dedicated CFTC staff, and I thank former Chairman Behnam and my fellow Commissioners for their service.”
CFTC and the Bank of England Comment on Report on Initial Margin Transparency and Responsiveness in Centrally Cleared Markets. On January 15, the Basel Committee on Banking Supervision (“BCBS”), the Bank for International Settlements’ Committee on Payments and Market Infrastructures (“CPMI”) and the International Organization of Securities Commissions (“IOSCO”) published the final report Transparency and responsiveness of initial margin in centrally cleared markets – review and policy proposals and the accompanying cover note Consultation feedback and updated proposals. This report is the culmination of work undertaken by BCBS, CPMI, and IOSCO, co-chaired by the Bank of England and the Commodity Futures Trading Commission.
CFTC Announces Review of Nadex Sports Contract Submissions. On January 14, the CFTC notified the North American Derivatives Exchange, Inc. (“Nadex”) d/b/a Crypto.com it will initiate a review of the two sports contracts that were self-certified and submitted to the CFTC on Dec. 19, 2024. As described in the submissions, the contracts are cash-settled, binary contracts. The CFTC determined the contracts may involve an activity enumerated in CFTC Regulation 40.11(a) and section 5c(c)(5)(C) of the Commodity Exchange Act. As required under CFTC Regulation 40.11(c)(1), the CFTC has requested that Nadex suspend any listing and trading of the two sports contracts during the review period.
CFTC Announces Departure of Clearing and Risk Director Clark Hutchison. On January 15, the CFTC announced Division of Clearing and Risk Director Clark Hutchison will depart the agency Jan. 15. Mr. Hutchison has served as director since July 2019.

New Developments Outside the U.S.

ESMA Provides Guidance on MiCA Best Practices. On January 31, ESMA published a new supervisory briefing aiming to align practices across the EU member states. The briefing, developed in close cooperation with National Competent Authorities (“NCAs”), promotes convergence and prevents regulatory arbitrage, providing concrete guidance about the expectations on applicant Crypto Asset Service Providers, and on NCAs when they are processing the authorization requests. [NEW]
ESMA Publishes Data for Quarterly Bond Liquidity Assessment. On January 31, ESMA published the new quarterly liquidity assessment of bonds. ESMA’s liquidity assessment for bonds is based on a quarterly assessment of quantitative liquidity criteria, which includes the daily average trading activity (trades and notional amount) and the percentage of days traded per quarter. [NEW]
Equivalence of UK CCPs Extended to June 30, 2028. On January 30, the European Commission determined that the regulatory framework applicable to central counterparties (“CCPs”) in the United Kingdom of Great Britian and Northern Ireland is equivalent, in accordance with Regulation No 648/2012 of the European Parliament and of the Council. [NEW]
Euribor Panel to include Finland’s OP Corporate Bank and the National Bank of Greece. OP Corporate Bank and the National Bank of Greece join the group of credit institutions that contribute to Euribor under its revised methodology, which is a substitute for the panel banks’ expert judgement. The methodology was adopted in a phased approach by all members across the Euribor panel between May and October 2024. [NEW]
New Governance Structure for Transition to T+1 Settlement Cycle Kicks Off. On January 22, ESMA, the European Commission (“EC”) and the European Central bank (“ECB”) launched a new governance structure to support the transition to the T+1 settlement cycle in the European Union. Following ESMA’s report with recommendations on the shortening of the settlement cycle, the new governance structure has been designed to oversee and manage the operational, regulatory and technological aspects of this transition. Given the high level of interconnectedness within the EU capital market, a coordinated approach across the EU, involving authorities, market participants, financial market infrastructures and investors, is desirable. ESMA said that the key elements of the new governance model include an Industry Committee, composed of senior leaders and representatives from market players, several technical workstreams, operating under the Industry Committee, focusing on the technological operational adaptations needed in the areas concerned by the transition to T+1 (i.e. trading, matching, clearing, settlement, securities financing, funding and FX, asset management, corporate events, settlement efficiency), and two more general workstreams that will review the scope and the legal and regulatory aspects of these adaptations, and a Coordination Committee, chaired by ESMA and with representation from the EC, the ECB, ESMA and the chair of the Industry Committee, intended to ensure coordination between the authorities and the industry, advising on challenges that may arise during the transition. Additionally, ESMA said that the Commission is currently considering the merits of a legislative change mandating a potential transition to a shorter settlement cycle.
ESMA and the EC Publish Guidance on Non-MiCA Compliant ARTs and EMTs (Stablecoins). On January 17, ESMA published a statement reinforcing the position related to the offer of ARTs and EMTs (also known as stablecoins) in the EU under Market in Crypto Assets regulation (MiCA). The statement provides guidance on how and under which timeline CASPs are expected to comply with the requirements of Titles III and IV of MiCA, as clarified in the EC Q&A. In particular, National Competent Authorities are expected to ensure compliance by crypto assets services providers (“CASPs”) regarding non-compliant ARTs or EMTs as soon as possible, and no later than the end of Q1 2025. ESMA indicated that the statement is intended to facilitate coordinated actions at the national level and avoid potential disruptions. The EC has also delivered a Q&A, intended to provide guidance on the obligations contained in titles III and IV of MiCA and how these obligations should apply to CASPs. The Q&A clarifies that certain crypto-asset services may constitute an offer to the public or an admission to trading in the EU and should therefore comply with titles III and IV of MiCA.
The EBA and ESMA Analyze Recent Developments in Crypto-Assets. On January 16, ESMA and the European Banking Authority (“EBA”) published a Joint Report on recent developments in crypto-assets, analyzing decentralized finance (“DeFi”) and crypto lending, borrowing and staking. This publication is the EBA and ESMA’s contribution to the European Commission’s report to the European Parliament and Council under Article 142 of the Markets in Crypto-Assets Regulation. EBA and ESMA find that DeFi remains a niche phenomenon, with value locked in DeFi protocols representing 4% of all crypto-asset market value at the global level. The report also sets out that EU adoption of DeFi, while above the global average, is lower than other developed economies (e.g. the US, South Korea).
BCBS, CPMI and IOSCO Publish Reports on Margin in Cleared and Non-cleared Markets. On January 15, BCBS, CPMI and IOSCO published three final reports on initial and variation margin in centrally cleared and non-centrally cleared markets. The three reports reflect feedback received further to the publication of consultation reports last year. BCBS, CPMI and IOSCO published the final report on transparency and responsiveness of initial margin in centrally cleared markets, setting out 10 final policy proposals relevant to central counterparties (“CCPs”) and clearing members. ISDA and the Institute of International Finance (IIF) submitted a joint response during the consultation. CPMI and IOSCO published the final report on streamlining variation margin in centrally cleared markets, setting out eight examples of effective practices for CCPs’ variation margin processes. ISDA and the IIF submitted a joint response during the consultation. BCBS and IOSCO published the final report on streamlining variation margin processes and initial margin responsiveness of margin models in non-centrally cleared markets, setting out eight recommendations. ISDA and the IIF submitted a joint response during the consultation. In relation to the BCBS, CPMI and IOSCO report on initial margin transparency and responsiveness in centrally cleared markets, the Bank of England and the CFTC have also published a joint statement expressing support for the findings and policy proposals.
EU Funds Continue to Reduce Costs. On January 14, ESMA published its seventh market report on the costs and performance of EU retail investment products, showing a decline in the costs of investing in key financial products. This report aims at facilitating increased participation of retail investors in capital markets by providing consistent EU-wide information on cost and performance of retail investment products.

New Industry-Led Developments

ISDA Publishes Joint Trade Association letter to SEC on US Treasury Clearing. On January 24, ISDA, the Alternative Investment Management Association, the Futures Industry Association (“FIA”), the FIA Principal Traders Group, the Institute of International Bankers, the Managed Funds Association and the Securities Industry and Financial Markets Association and its asset management group sent a letter to Mark Uyeda, acting chair at the US Securities and Exchange Commission (SEC) requesting an extension to the implementation dates for the Treasury clearing mandate by a minimum of 12 months. The associations believe this would give the SEC time to consider and address several critical issues and for the industry to implement clearing. In the letter, the associations highlight their concern that, without an extension, the success of the transition to central clearing will be compromised and may lead to disruptions in the cash Treasury securities and repo markets. [NEW]
ISDA and AFME Publish Joint Response to ECB Consultation on Options and Discretions under EU Law. On January 24, ISDA and the Association for Financial Markets in Europe (“AFME”) responded to the European Central Bank’s (“ECB”) consultation on its approach to options and discretions under EU law. In the response, the associations highlight the efforts of the ECB to establish consistent options and discretions that would harmonize rules and foster a level playing field in the euro area. The response also mentions that further actions are necessary, specifically on trading book boundary classifications and exemptions. [NEW]
ISDA Publishes Equity Definitions VE, Version 2.0. On January 21, ISDA published version 2.0 of the ISDA Equity Derivatives Definitions (Versionable Edition) on the MyLibrary platform. This publication includes, among other updates, provisions that can be used for documenting transactions with time-weighted average price or volume-weighted average price features, futures price valuation in respect of share transactions and benchmark provisions in respect of an index.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, jsteiner@gibsondunn.com)

Michael D. Bopp, Washington, D.C. (202.955.8256, mbopp@gibsondunn.com)

Michelle M. Kirschner, London (+44 (0)20 7071.4212, mkirschner@gibsondunn.com)

Darius Mehraban, New York (212.351.2428, dmehraban@gibsondunn.com)

Jason J. Cabral, New York (212.351.6267, jcabral@gibsondunn.com)

Adam Lapidus – New York (212.351.3869, alapidus@gibsondunn.com )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, sbrooker@gibsondunn.com)

William R. Hallatt , Hong Kong (+852 2214 3836, whallatt@gibsondunn.com )

David P. Burns, Washington, D.C. (202.887.3786, dburns@gibsondunn.com)

Marc Aaron Takagaki , New York (212.351.4028, mtakagaki@gibsondunn.com )

Hayden K. McGovern, Dallas (214.698.3142, hmcgovern@gibsondunn.com)

Karin Thrasher, Washington, D.C. (202.887.3712, kthrasher@gibsondunn.com)

On January 17, 2025, the Treasury Department issued new guidance on the Outbound Investment Security Program, which—for the first time—prohibits or requires notifications for certain U.S. investments in Chinese companies. And, across the Atlantic, the European Commission recently issued a recommendation to Member States to conduct their own outbound investment reviews.

I. Introduction

On January 2, 2025, the Outbound Investment Security Program (the umbrella term for the program under which the Rules are administered, herein, the Program) came into effect. The Program, administered by the U.S. Department of the Treasury (Treasury) pursuant to final regulations issued on October 28, 2024 (Rules), targets certain investments by U.S. persons into Chinese companies engaged in certain activities in the semiconductors and microelectronics, quantum information technology, and artificial intelligence (AI) sectors. The Rules specifically prohibit certain investments outright, and require post-closing notification to Treasury for others. Notably, the Rules also include a range of exemptions and exceptions. Please refer to our prior client alert for a detailed primer on the Rules.

In addition to the Rules, Treasury has provided informal guidance on the Program website. As part of the Rules’ rollout, Treasury released Frequently Asked Questions (FAQs) on December 13, 2024 and again on January 17, 2025. Through over 40 FAQs, Treasury attempts to clarify the scope and applicability of the Rules. Treasury includes, among other topics, guidance on the contours of “covered transactions” (i.e., transactions that are now prohibited or subject to notification under the Rules), assessing whether an individual or entity is a “covered foreign person” (i.e., a person of the type the Rules intend to target), and Treasury’s due diligence expectations for U.S. persons.

In this alert, we provide an update on treatment of the Program under the Trump Administration and a brief update on steps taken by Treasury to implement and administer the Rules. Next, we discuss select key takeaways from the FAQs and suggest some preliminary practices that can assist U.S. investors in complying with the Rules. Finally, we provide an overview of the development of outbound investment screening and restrictions in the EU.

II. What to Expect Under the New Trump Administration

On January 20, 2025, President Trump issued an order for a “Regulatory Freeze Pending Review.” While this order directed agencies to consider postponing the effective date for any rules that have been issued which have not taken effect, it will not impact the Program, which was already effective prior to President Trump taking office. However, the “America First Trade Policy“ memorandum (the Memorandum) calls for a review of Executive Order 14105, which provided the basis for the Program and the Rules, and may impact the Program. The Memorandum directs Treasury to assess whether the current controls in the Program are sufficient to address national security interests and make recommendations for any further modification by April 1, 2025. Some members of Congress have also called for additional or stronger restrictions on outbound flows of U.S. capital to China in sensitive industries. A failed amendment to the Senate draft of the FY 2025 National Defense Authorization Act proposed to expand the Rules’ “covered sectors” to also include hypersonics, satellite-based communications, and networked laser scanning systems with dual-use applications, suggesting that Treasury’s review could result in an eventual broadening of the Program.

Effective for only a few weeks, the Rules have already created meaningful compliance challenges as companies and financial institutions grapple with ways to implement and adjust policies, procedures, and corporate agreements to comply, and account for shifting legal and commercial risk profiles and appetites. While it is difficult to anticipate future actions by the new Trump Administration, there has been a steady consensus from the first Trump Administration through the Biden Administration – and with AI developments increasingly top of mind for national security and technological competitiveness reasons – there is a reasonable chance that the Program becomes more muscular after April 2025 following the aforementioned regulatory review.

III. Treasury Website and Outbound Notification System

The Program website provides the following information and features about the Rules:

Treasury published over 40 FAQs, described further below.
In addition to the FAQs, Treasury provided further detail on the process for requesting a national interest exemption—an exemption from the Rules for transactions that the U.S. government determines are in the national interest.[1] Treasury notes that these exemptions, which will be determined by the Secretary of the Treasury in consultation with the Secretaries of Commerce and State and heads of other relevant agencies, will be made “only in exceptional circumstances,” and will be assessed based on the totality of relevant facts and circumstances.[2]
Treasury launched the Outbound Notification System portal for reportable transactions, which functions very similarly to the portal used by the Committee on Foreign Investment in the United States (CFIUS). Templates for each type of notification are available on the Treasury website here.
An Enforcement Overview and Guidance document for the Program, enumerating aggravating and mitigating factors to be used in enforcement actions, and an update to the civil monetary penalty amounts.
Treasury provides several ways to contact the Office of Investment Security, including to ask questions about the Rules, report a transaction, or request a national interest exemption.

IV. Key Takeaways from the FAQs

The FAQs are organized along eight categories: general, defined terms, covered transactions, notifiable and prohibited transactions, U.S. person due diligence, the knowledge standard and “knowingly directing,” excepted transactions, and operational considerations.

The FAQs expand upon due diligence expectations for U.S. persons, including what efforts constitute a “reasonable and diligent inquiry.”

The Rules place compliance requirements on U.S. persons including diligence, recordkeeping, and notification requirements, and Treasury “anticipates that U.S. persons should be able to comply with the Rules through a reasonable and diligent transactional due diligence and compliance process.”[3] The FAQs provide some insight into what a reasonable and diligent approach may entail, but Treasury declines to provide discrete instructions to U.S. persons, in part because “each transaction is different.”[4]

In the FAQs, Treasury acknowledges that relevant information about the ownership and activities of transaction counterparties may, in some cases, be difficult to obtain through due diligence. However, Treasury nevertheless expects U.S. persons to make concerted efforts to gain, verify, and consider relevant information from an investment target to ascertain the applicability of the Rules including through publicly available information, public and commercial databases, and available non-public information. Where information is difficult to ascertain and/or verify, Treasury recommends efforts to obtain representations or warranties from the target regarding its ownership, investments, and activities as part of a “reasonable and diligent” compliance process. It is important to note that, while contractual representations and warranties from an investment target do not necessarily create a safe harbor for a U.S. person in the event of a violation of the Rules, they can provide an indication—absent other red flags—that a U.S. person lacked a “reason to know” that it was undertaking a covered transaction.[5]

The FAQs provide relevant indicators for how Treasury will assess a U.S. person’s “plans” when evaluating a greenfield or brownfield transaction.

In a departure to the so-called “greenfield exception” under the CFIUS regulations, under the Rules, a covered transaction includes a U.S. person’s direct or indirect acquisition, leasing, or other development of land, property, or other assets in a country of concern that the U.S. person “plans” to result in the establishment of a covered foreign person or the engagement of a person of a country of concern in a covered activity.[6] In the FAQs, Treasury explains that it will assess a U.S. person’s “plans” by considering, among other things: correspondence with the investment target or relevant government counterparty, written business plans, board presentations, and presentations to potential investors.[7] Examples of activities that demonstrate a U.S. person’s plans to establish a covered foreign person include researching the feasibility of undertaking covered activities and securing financing for covered activities.[8]

The FAQs address how a U.S. person can assess whether an investment target “intends” to use its AI system for certain end uses.

For covered transactions involving the development of an AI system, the covered foreign person’s “intended” end use of the system can inform whether a transaction is prohibited. The development of AI systems intended by the covered foreign person to be used for cybersecurity applications, digital forensic tools, penetration testing tools, or the control of robotic systems may be notifiable on that basis.[9] The development of AI systems that the covered foreign person intends to be used for a military end use, government intelligence use, or mass surveillance may be prohibited on that basis.[10] In the FAQs, Treasury suggests that “pre-transaction discussions and meetings with counterparties” will inform the U.S. person’s understanding of the covered foreign person’s intent.[11] In practice, U.S. person diligence will likely include directly asking a counterparty about their plans for the technology they are developing, as well as considering other sources of available information that could demonstrate intent.

The FAQs clarify that underwriting services alone do not give rise to a covered transaction.

Underwriting services provided by a U.S. person to a covered foreign person that do not involve an acquisition of equity interest in the covered foreign person by the U.S. person would not be a covered transaction – i.e., such services are not prohibited, nor do they trigger the notification requirements under the Rules.[12]

The FAQs elaborate on what the phrase “engages in” means with respect to a “covered activity,” which excludes the mere purchase of goods or services.

For the Rules to apply to a transaction, the person of a country of concern must be someone who “engages in” a covered activity.[13] Treasury notes that the term “engages in” should be understood as capturing activities like “designs, fabricates, packages, develops, [and] produces, among others.”[14] The FAQs clarify that the mere purchase of a good or service, absent other facts, is not considered “engaging in” a covered activity.[15]

The FAQs address U.S. persons’ responsibilities to prevent their controlled foreign entities from engaging in transactions that would be prohibited for a U.S. person.

A U.S. person must take “all” reasonable steps to prohibit and prevent any transaction by its controlled foreign entity that would be prohibited if engaged in by a U.S. person.[16] If a controlled foreign entity engages in a transaction that would be prohibited if conducted by a U.S. person, Treasury will consider, among other factors, the following in order to assess whether the U.S. person took all reasonable steps to prohibit and prevent such transaction:

Agreements with respect to compliance between the U.S. person and its controlled foreign entity;
Governance or shareholder rights of the U.S. person with respect to the controlled foreign entity;
Periodic training and internal reporting requirements on compliance by the U.S. person and its controlled foreign entity;
Internal controls, including internal policies, procedures, or guidelines that are periodically reviewed internally, by the U.S. person and its controlled foreign entity; and
A documented testing and/or auditing process of internal policies, procedures, or guidelines.[17]

The FAQs provide guidance on how to evaluate an entity that has multiple covered foreign person subsidiaries or minority investments.

An entity can be classified under the Rules as a “covered foreign person” based on (i) being headquartered, based, or incorporated in China and (ii) engaging in a covered activity. Alternatively, an entity can be classified as a “covered foreign person” based on the equity it holds in another entity that is a covered foreign person. For example, Entity X would be a covered foreign person if Entity X (a) owns an equity interest in a “covered foreign person,” say Entity Y, and (b) either (i) derives over 50% of its revenue and/or net income from Entity Y or (ii) over 50% of its capital expenditures and/or operating expenses are attributable to Entity Y.[18] If Entity X has equity ownership in multiple covered foreign persons, then each of the four financial metrics noted above would be aggregated across the covered foreign persons for the 50% test. In effect, an investment target’s existing ownership of equity in other companies presents additional, and potentially significant, risk considerations for U.S. investors.

The fact that a higher-tier entity can be a covered foreign person based on characteristics of its subsidiaries tends to increase the burden on U.S. parties who must reasonably conduct diligence not only of a counterparty, but also of its subsidiaries. Treasury has clarified that, when conducting due diligence on downstream entities of an investment target to determine whether they are covered foreign persons, there is not necessarily an expectation of an individualized inquiry for every single entity in which an investment target has or may have an interest.[19] That said, Treasury has provided clarification on the expected standards for conducting due diligence, which we discuss in more detail below.

The FAQs reiterate Treasury’s expansive view of who can be a “person of a country of concern.”

Being a “person of a country of concern” is one of two required prongs for a person to be deemed a covered foreign person (the other requirement is engaging in a covered activity).[20] The FAQs make clear Treasury intends for U.S. persons to pierce the corporate veil and assess an investment target’s ownership and control structure, including the nationalities of its directors (or equivalent individuals) to make this assessment. The FAQs clarify that an entity could be a “person of a country of concern” even if it does not have its principal place of business, headquarters, or place of formation in a country of concern.[21] For U.S. persons, this imposes added due diligence burdens as, technically, an investment target in any jurisdiction could ultimately fall within these broad parameters, and therefore assessments would need to be conducted on a global basis.

The FAQs address post-closing transaction due diligence expectations, including when a target or fund investment pivots to conducting a covered activity after closing.

The Rules and FAQs provide multiple examples of transactions that are covered transactions based on the knowledge the U.S. person investor has at the time of the transaction. For example, an investment by a U.S. person limited partner into a fund which, in turn, later acquires equity interests in a covered foreign person is a covered transaction if, at the time of the investment into the fund, the U.S. person has a reason to know that the fund was likely to invest in a covered foreign person.[22]

Separately, Treasury acknowledges situations may arise where certain changes occur after a transaction closes or where a U.S. person becomes aware of information that was not known at the time of the transaction that may result in a U.S. person owning equity interests in a covered foreign person. In these situations, Treasury outlines post-closing due diligence expectations in the FAQs, stating that the Rules are “not intended to create an ongoing obligation for a U.S. person to monitor or prevent post-closing transaction changes to an investment target’s activities.”[23] However, if an investment target pivots to a covered activity post-closing, and the U.S. person later acquires actual knowledge of a fact or circumstance that, if known to the U.S. person at the time of the transaction would have resulted in a notifiable or prohibited transaction, the U.S. person must submit a notification under the Rules within 30 days of acquiring such actual knowledge.[24]

The FAQs provide examples of how a U.S. person “knowingly directs” a transaction, including through participation on a committee, and how to properly recuse oneself.

The Rules prohibit U.S. persons from “knowingly directing” a transaction by a non-U.S. person when that transaction would be prohibited if conducted by a U.S. person.[25] Mere employment by or engagement as a consultant or service provider to a non-U.S. person is insufficient to rise to the U.S. person “directing” the transaction. The FAQs provide the example of an accountant conducting standard financial due diligence as an example of an individual providing support to a transaction that does not rise to the level of “directing” the transaction.[26] In order to “knowingly direct” a transaction, the U.S. person must (i) have the authority to make or substantially participate in decisions to approve a transaction and (ii) exercise such authority.[27] Under the Rules, a U.S. person may have authority to “direct, order, decide upon, or approve a transaction” when that U.S. person is “an officer, director, or otherwise possesses executive responsibilities at a non-U.S. person.”[28] In the example of the accountant, the accountant does not have that role-based authority.

The FAQs also elaborate on the scope of authority necessary to “knowingly direct” a transaction in the context of an advisory board or committee of an investment fund. If the board or committee has the authority to approve or disapprove certain transactions, then a member of the board or committee has the authority to “substantially participate in the decisions” of the fund.[29] Thus, a U.S. person on that advisory board or committee who participates in certain aspects of decision-making regarding a covered transaction—even if that person does not hold a majority vote on the relevant committee—is responsible for “knowingly directing” such a transaction.[30]

The Rules provide the option for a U.S. person to recuse themselves from specific activities to negate their authority to direct a transaction. The U.S. person would do so by recusing themselves from all of the following: participating in deliberations and making recommendations; reviewing, editing, commenting on, approving or signing relevant transaction documents; and engaging in negotiations with the investment target or other transaction counterparty.[31]

The FAQs provide clarity on who can be considered a “U.S. Person” under the Rules.

The FAQs clarify that, while foreign located branch offices of U.S.-incorporated companies are considered “U.S. persons” under the rules,[32] foreign subsidiaries of U.S. companies are not considered “U.S. persons” as a definitional matter,[33] although, as discussed above, the Rules impose responsibilities on a U.S. parent to take all reasonable steps to ensure its foreign subsidiary does not engage in transactions that would be prohibited for a U.S. person. A foreign company is not rendered a “U.S. person” merely by employing U.S. persons[34] (although the U.S. person employees themselves would be subject to the Rules), nor does the presence of a U.S. subsidiary render the foreign parent a “U.S. person”[35] (although, again, the U.S. subsidiary itself would be a U.S. person subject to the rules). Thus, it is essential to carefully review the defined terms in the Rules when evaluating individual parties to a transaction to determine if a potential transaction is prohibited or subject to a notification requirement.

V. Looking Ahead: Compliance Considerations for U.S. Persons

U.S. person investors contemplating potential acquisitions of equity (including contingent equity) of covered foreign persons should consider the following list of preliminary steps to facilitate compliance with the Rules. As a reminder, engaging in prohibited transactions and failing to submit required notifications can subject U.S. persons to civil and criminal penalties, up to and including divestment of completed acquisitions or fines of up to twice the value of a transaction. U.S. person investors should:

Implement comprehensive Rules-related compliance policies and procedures, including due diligence procedures tailored to assess potential covered foreign person counterparties and recusal policies for U.S. persons employed by foreign subsidiaries;
Set clear standards for pre-transactional due diligence and ensure that such standards satisfy Treasury’s “reasonable and diligent inquiry” expectations;
Include Rules-related representations, warranties, and covenants in contracts with relevant counterparties;
Train relevant employees on the types of factors that could subject potential transactions to the Rules and provide them with pre-transaction questionnaires and guidance designed to apprise them of Rules-related risks;
Given the broad definition of a “person of a country of concern,” implement Rules-related compliance measures on a global basis, and not just within China- or Asia-focused divisions/teams; and
Comprehensively review current investments and operations to determine whether any add-on investments or other corporate activity could be captured as a covered transaction. Some ambiguity remains as to what specific activities constitute an excepted “ongoing operation” of a company versus a new activity covered by the Rules. Note that Treasury has clarified that the following types of transactions completed after January 2nd are not subject to the Rules based on activities occurring prior to January 2, 2025:
- Transactions made pursuant to a binding, uncalled capital commitment to a fund or similar investment entity made prior to the effective date, even if the capital is called after the effective date.
- Certain intracompany transfers between a U.S. person and its controlled foreign entity that occur after the Rules are in effect, if the transfer supports either (i) ongoing operations with respect to covered activities or (ii) ongoing or new activities that are not covered activities.
- The conversion of a contingent equity interest that was acquired by the U.S. person before January 2, 2025.

VI. European Union Initiatives to Regulate Outbound Investment

A year after a European Commission (Commission) White Paper found that European Union (EU) Member States do not systematically review and assess outbound investments for national security purposes, apprehension relating to possible strategic technology leaks continued to brew in Brussels. Driven by these concerns, the Commission has now published a Recommendation calling on Member States to conduct outbound investment reviews relating to semiconductors, artificial intelligence and quantum technologies—technology areas identified as being of strategic importance and posing the highest national security risk. The Recommendation forms part of the EU’s Economic Security Strategy, and was prepared in tandem with the Commission’s ongoing work on inbound foreign direct investment screening.

Despite neither identifying particular countries nor actors driving the concerns which led to the issuance of the Recommendation, the Recommendation was published just weeks after the Rules went into effect. Indeed, as with the Rules, the Commission’s press release makes explicit its intention to coordinate with allies. The EU has historically refrained from explicitly referencing China in policy papers and legislative proposals but, in recent years, steps have been taken to prepare for a more antagonistic relationship with Beijing and equip the EU with tools to protect its economic security.

As the Recommendation is not legally binding, its main purpose is to nudge Member States to assess risks to economic security potentially arising from outbound investments made by EU investors in the three key technologies in third countries, with a view of enabling the Commission to propose further action. The review by Member States is set to cover both ongoing and past transactions, going back to January 1, 2021. Member States are asked to submit to the Commission a comprehensive report on their implementation of the Recommendation and any risks identified by June 30, 2026. Further developments are expected before such date.

[1] See 31 C.F.R. § 850.502.

[2] See U.S. Department of the Treasury, National Interest Exemption Submission Instructions, https://home.treasury.gov/policy-issues/international/outbound-investment-program/national-interest-exemption-submission-instructions.

[3] See U.S. Department of the Treasury, Frequently Asked Questions (“FAQs”) [hereinafter Rules FAQs], (last updated January 17, 2025) https://home.treasury.gov/policy-issues/international/outbound-investment-program/frequently-asked-questions, Section I, FAQ No. 7.

[4] See id.

[5] See id., Section VI, FAQ No. 2.

[6] See 31 C.F.R. § 850.210(a)(4).

[7] See Rules FAQs, Section III, FAQ No. 2.

[8] See id. Section III, FAQ No. 1.

[9] See 31 C.F.R. § 850.217.

[10] See id. § 850.224.

[11] Rules FAQs, Section IV, FAQ No. 2.

[12] Rules FAQs, Section III, FAQ No. 1, Example 1.3.

[13] 31 C.F.R. § 850.209.

[14] Rules FAQs, Section II, FAQ No. 3.

[15] See id.

[16] See 31 C.F.R. § 850.302(a).

[17] See Rules FAQs, Section V, FAQ No. 1.

[18] See 31 C.F.R. § 850.209.

[19] See Rules FAQs, Section V, FAQ No. 4.

[20] See 31 C.F.R. § 850.209.

[21] See Rules FAQs, Section II, FAQ No. 2.

[22] See id. Section III, FAQ No. 49, Example 4.3.

[23] Id. Section III, FAQ No. 31.

[24] See id.

[25] See 31 C.F.R. § 850.303(a).

[26] See Rules FAQs, Section II, FAQ No. 2, Example 2.9.

[27] Id.

[28] 31 C.F.R. § 850.303(a).

[29] See Rules FAQs, Section VI, FAQ No. 1.

[30] See id. Section II, FAQ No. 2, Example 2.8.

[31] 31 C.F.R. 850.303(b).

[32] See Rules FAQs, Section II, FAQ No. 2, Example 2.4.

[33] See id. Example 2.5.

[34] See id. Example 2.6.

[35] See id. Example 2.7.

The following Gibson Dunn lawyers prepared this update: Sarah Burns, Dharak Bhavsar, Chris Mullen, Irene Polieri, Michelle Weinbaum, David Wolber, and Stephenie Gosnell Handler.

United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, rkirk@gibsondunn.com)
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, asmith@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Donald Harrison – Washington, D.C. (+1 202.955.8560, dharrison@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, ctimura@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202.887.3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, cmbrown@gibsondunn.com)
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, aneely@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202.887.3509, ssewall@gibsondunn.com)
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, mweinbaum@gibsondunn.com)
Karsten Ball – Washington, D.C. (+1 202.777.9341, kball@gibsondunn.com)
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, hdanilack@gibsondunn.com)
Mason Gauch – Houston (+1 346.718.6723, mgauch@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, cmullen@gibsondunn.com)
Sarah L. Pongrace – New York (+1 212.351.3972, spongrace@gibsondunn.com)
Anna Searcey – Washington, D.C. (+1 202.887.3655, asearcey@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, stoussaint@gibsondunn.com)
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, lwardlaw@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, szhang@gibsondunn.com)

We are pleased to provide you with the January edition of Gibson Dunn’s monthly U.S. bank regulatory update. Please feel free to reach out to us to discuss any of the below topics further.

KEY TAKEAWAYS

The financial services regulatory agencies’ leadership, agendas and regulatory priorities under the new administration have started to take shape.
- The Senate confirmed Scott Bessent as Secretary of the Treasury in a 68-29 vote, with 16 Democrats supporting the nomination.
- Travis Hill was named Acting Chairman of the Federal Deposit Insurance Corporation (FDIC). Acting Chairman Hill announced the FDIC’s upcoming regulatory agenda, including a “wholesale review” of regulations and guidance, withdrawal of “problematic” proposals, including the brokered deposits and corporate governance proposals, improving the bank merger approval process and encouraging de novo activity.
- Kyle Hauptman was designated as Chairman of the National Credit Union Administration (NCUA) board and announced his priorities as Chairman of the NCUA.
- Mark Uyeda was named Acting Chairman of the Securities and Exchange Commission (SEC). Acting Chairman Uyeda quickly announced the formation of a new crypto task force to be led by Commissioner Hester Peirce and the SEC rescinded SAB 121.
- Caroline Pham was named Acting Chairman of the Commodity Futures Trading Commission.
The Federal Reserve Board announced that Vice Chair for Supervision Michael Barr will step down from his position effective February 28, 2025 (or earlier if a successor is confirmed); Barr will continue to serve as a member of the Federal Reserve Board for his unexpired term ending January 31, 2032 (Barr’s four-year term as Vice Chair for Supervision was to end July 13, 2026). In its press release announcing his resignation as Vice Chair for Supervision, the Federal Reserve Board indicated it “does not intend to take up any major rulemakings until a vice chair for supervision successor is confirmed.”
Chairman Tim Scott (R-S.C.) remained consistent in his criticisms of the Consumer Financial Protection Bureau (CFPB) and announced the Senate Banking Committee’s priorities which include working “to build a regulatory framework that establishes a tailored pathway for the trading and custody of digital assets” and promoting national security “through advancing sanctions and export control policies.”
The House Financial Services Committee published its authorization agenda previewing areas in which the Committee intends to conduct oversight, which includes areas such as supervision and regulation, regulatory efficiency, capital and liquidity, debanking, access to financial services, digital assets, artificial intelligence and “examining proposals affecting the operations” of Fannie and Freddie and their ongoing conservatorships.
The New York State Department of Financial Services (NYDFS) proposed new regulations limiting overdraft and non-sufficient funds fees charged by state-chartered banks.
The CFPB (i) issued a report offering the states several recommendations for strengthening state-level consumer protection laws and (ii) issued a proposed interpretive rule governing emerging payment mechanisms under the Electronic Fund Transfer Act and Regulation E.

DEEPER DIVES

Financial Services Leadership and Regulatory Agenda in the New Administration Have Started to Take Shape. While there has been a flurry of executive orders and other announcements from the White House during President Trump’s first days in office, many executive orders have not implicated the financial services sector directly, with the exceptions of the executive orders on artificial intelligence, digital assets, blockchain technology and related technologies and the freeze or postponement of rulemakings pending review. (For up-to-date information on executive orders and other significant announcements made by the new administration, please visit our Executive Order Tracker. For additional insights, please visit our resource center, Presidential Transition: Legal Perspectives and Industry Trends.)

Nonetheless, messaging from leadership of the Senate Banking and House Financial Services Committees and the financial services regulatory agencies generally has aligned and clear areas of regulatory and supervisory priorities in the new administration have emerged. Further, with the confirmation of Secretary Bessent, attention in the coming weeks should turn to confirmation of nominees (i.e., SEC), identifying personnel for key leadership roles (i.e., Vice Chair for Supervision) and filling those leadership positions still held by agency heads appointed by President Biden (i.e., OCC and CFPB).

Insights. In general, areas of regulatory and supervisory priorities across the regulatory agencies and oversight committees include: regulatory efficiency; supervision; tailoring regulatory proposals; capital and liquidity requirements; bank M&A; encouraging de novo activity; issues surrounding debanking and access to financial services; fintech partnerships, innovation and faster payments; developing a digital assets framework; tokenization; artificial intelligence; regulatory and supervisory transparency; right-sizing obligations under the Bank Secrecy Act; sanctions and export controls; Treasury market resilience; and proposals related to Fannie and Freddie.
Specifically worth noting, Acting Chairman Hill’s regulatory agenda for the FDIC included a clear intent to withdraw “problematic proposals from the last three years,” including the FDIC’s brokered deposits and corporate governance proposals and replace the FDIC’s 2024 policy statement on bank mergers. Acting Chairman Hill’s agenda also includes “enhancements” to the FDIC’s resolution activities and processes, which both Hill and Director Jonathan McKernan have been critical of. Meanwhile, Governor Michelle Bowman, who has emerged as a likely candidate for the Vice Chair for Supervision role, remained consistent discussing pragmatism in regulatory and supervisory reform efforts, a “renewed commitment to tailoring” and the need for increased transparency in the supervisory process in her January 9, 2025 remarks before the California Bankers Association.

Vice Chair for Supervision Barr to Resign as Vice Chair for Supervision; Will Remain Federal Reserve Board Governor. On January 6, 2025, Vice Chair for Supervision Michael Barr submitted his letter of resignation to President Biden resigning his position as Vice Chair for Supervision effective as of February 28, 2025 (or earlier if his successor is confirmed). Barr’s four-year term as Vice Chair for Supervision would have expired July 13, 2026. According to his letter of resignation, Barr intends to continue to serve as a member of the Federal Reserve Board. Barr’s term as a Governor of the Federal Reserve Board ends January 31, 2032.

Insights. Since the election, media reports have indicated President Trump’s team has weighed removing or demoting Barr from his role as Vice Chair for Supervision—the authority for which is unclear and could have resulted in litigation. Barr’s statement in the Federal Reserve Board’s press release announcing his resignation as Vice Chair for Supervision alludes to that, citing the “risk of a dispute over the position could be a distraction from our mission.” Because the Federal Reserve Board indicated in its announcement it “does not intend to take up any major rulemakings until a vice chair for supervision successor is confirmed,” the administration will now have greater influence over the Federal Reserve Board’s supervisory and regulatory agenda by either promoting one of the remaining Republican members of the Federal Reserve Board (Governors Bowman or Waller (both President Trump appointees)) to the role of Vice Chair for Supervision or waiting for a vacancy to arise. Barring removals, retirements or resignations, the administration’s first meaningful chance at a new nominee to the Federal Reserve Board comes upon the expiration of Governor Kugler’s term January 31, 2026; Chair Powell’s term as Chair (appointed as Chair by President Trump) ends May 15, 2026 (though his term as Governor ends January 31, 2028 were he to stay on).

NYDFS Proposes Overdraft Regulations. On January 22, 2025, the NYDFS proposed regulations limiting overdraft, non-sufficient funds (NSF) and return deposit item fees charged by state-chartered banking institutions. The proposed rule would prohibit institutions from, among other things: (i) charging overdraft fees on overdrafts of less than $20; (ii) charging overdraft fees that exceed the overdrawn amount or NSF fees that exceed the amount of the NSF transaction; (iii) charging more than three overdraft or NSF fees per consumer account per day; (iv) charging an overdraft fee for an electronic transaction when the consumer’s account indicates sufficient funds at the time the transaction was initiated; (v) processing electronic debit transactions in a manner intended to maximize the number of overdraft and NSF fees; or (vi) setting an amount of NSF fees that is greater than the amount of overdraft fees.

Insights. As we highlighted in our last Monthly Bank Regulatory Report, we expect certain states will be more aggressive in their regulatory, supervisory and enforcement efforts in the areas of consumer protection and consumer compliance, particularly in the case of a weakened CFPB. The NYDFS’ proposal is timely in that regard. It also closely follows on the heels of the CFPB’s December 2024 final rule on overdraft fees applicable to banks and credit unions with more than $10 billion in assets. Under the CFPB’s final rule, covered institutions would have to choose one of the following three options when charging for overdrafts: (i) capping overdraft fees at $5; (ii) capping fees at an amount that covers costs and losses; or (iii) disclosing the terms of overdraft loans like any other loans subject to Regulation Z. The CFPB’s final rule is already the subject of litigation in the U.S. District Court for the Southern District of Mississippi and could be subject to rescission under the Congressional Review Act.

CFPB Issues Report/Recommendations to States to Strengthen Consumer Protection Framework. On January 14, 2025, the CFPB issued a report titled “Strengthening State-Level Consumer Protections.” The report includes seven recommendations to states to strengthen state-level consumer protection: (i) incorporating “abusive” into their consumer protection laws to fill in gaps under existing prohibitions on unfair or deceptive practices; (ii) strengthening investigative tools and enforcement powers; (iii) eliminating requirements to prove monetary loss or “reliance” on a deceptive statement; (iv) extending consumer protections to businesses; (v) supplementing public enforcement resources with private enforcement; (vi) strengthening consumer data and privacy protections, including by “remov[ing] exemptions in state consumer data privacy laws for financial institutions or data covered by the Gramm-Leach-Bliley Act;” and (vii) creating “bright-line” prohibitions on junk fees.

Insights. The report in title alone reinforces the notion that certain states will be more aggressive in their enforcement efforts in the areas of consumer protection and consumer compliance and seemingly encourages those states to do so. Note that Section 1042 of the Consumer Financial Protection Act of 2010 (CFPA) (Title X of the Dodd-Frank Act) generally authorizes states to enforce the CFPA’s provisions. Finally, states that historically have taken an active role in the areas of consumer protection and consumer compliance enforcement will have enforcement tools at their disposal, but the recommendations are a reminder that stakeholders should be prepared to engage with those states that seek to implement changes to their enforcement framework in these areas.

CFPB Issues Proposed Interpretive Rule Governing Emerging Payment Mechanisms Under Reg E and EFTA. On January 10, 2025, the CFPB issued a proposed interpretive rule related to requirements that apply to emerging payment mechanisms, such as stablecoins and other digital assets that operate as a medium of exchange or as a means of paying for goods and services, under the Electronic Fund Transfer Act (EFTA) and Regulation E (Reg E). Among other interpretive issues raised by the proposal, the proposed interpretive rule broadly interprets key EFTA/Reg E terms such as “funds” to mean “stablecoins, as well as any other similarly-situated fungible assets that either operate as a medium of exchange or as a means of paying for goods or services” and, quoting a pre-EFTA 1960 decision, to “include not only currency but also other types of pecuniary resources which are readily converted into cash;” and “account” or “other consumer asset account” to broadly include “video game accounts used to purchase virtual items from multiple game developers or players; virtual currency wallets that can be used to buy goods and services or make person-to-person transfers; and credit card rewards points accounts that allow consumers to buy points that can be used to purchase goods from multiple merchants.”

Insights. Although the proposed interpretive rule is not likely to be finalized under the new administration, it demonstrates how the CFPB interprets the EFTA and Reg E. The proposal also highlights that “the application of Federal consumer financial protection laws, such as EFTA, to new methods of payments is often developed through case-by-case adjudications by courts,” a reminder that both state regulators and attorneys general, as well as plaintiffs’ lawyers, may leverage the CFPB’s expanded interpretations in the proposed interpretive rule in their own arguments that traditional or digitally-native financial services providers are subject to and/or have violated the EFTA, Reg E or state law equivalents.

OTHER NOTABLE ITEMS

SEC Rescinds Staff Accounting Bulletin 121. On January 23, 2025, the SEC published Staff Accounting Bulletin (SAB) 122, which rescinds SAB 121. SAB 121 provided that an entity should recognize a liability and corresponding asset on its balance sheet to reflect its obligation to safeguard crypto-assets held for its users. Previously, the Senate and House voted to repeal SAB 121, though the votes did not garner the required two-thirds majority from both houses of Congress to survive a veto. And, on May 31, 2024, President Biden vetoed the resolution that would repeal SAB 121.

Agencies Announce Public Outreach Meeting on Review of Regulations. On January 31, 2025, the federal banking agencies announced they will hold a virtual public outreach meeting on March 6, 2025 as part of the agencies’ required review of regulations. The outreach meeting is an opportunity for interested stakeholders to present their views on the six categories of regulations: applications and reporting; powers and activities; international operations; consumer protection; directors, officers and employees; and money laundering. Those interested in providing oral comments must register by February 14, 2025.

Federal Reserve, FDIC Announce Withdrawals from Global Regulatory Climate Change Group. On January 17, 2025, the Board of Governors of the Federal Reserve System (Federal Reserve) announced its withdrawal from the Network of Central Banks and Supervisors for Greening the Financial System (NGFS), citing the wider range of issues covered by the NGFS as “outside of the [Federal Reserve’s] statutory mandate.” On January 21, 2025, the FDIC also announced its withdrawal, citing the work of the NGFS as “not within the FDIC’s authorities and mandate.”

Vice Chairman Hill Outlines Policy and Supervisory Priorities. On January 10, 2025, then-FDIC Vice Chairman Travis Hill gave a speech titled “Charting a New Course: Preliminary Thoughts on FDIC Policy Issues” at the ABA Banking Law Committee Meeting. Hill’s speech focused on five issues he anticipated “the agency to begin addressing in the coming weeks and months”: supervision; innovation and technology; debanking; climate; and capital. On January 20, 2025, Hill was named Acting Chairman of the FDIC (see above).

Speech by Former Chairman Gruenberg on Bank Failures. On January 14, 2025, former Chairman of the FDIC, Martin Gruenberg, gave a speech titled “Three Financial Crises and Lessons for the Future.” In his speech, Mr. Gruenberg spoke about the common causes of and lessons learned from three banking crises: the thrift and banking crisis of the late 1980s and early 1990s; the global financial crisis; and the spring 2023 regional bank failures. In his speech, Mr. Gruenberg offered that “while innovation can greatly enhance the operation of the financial system, experience suggests it be tempered by careful and prudent management and appropriate regulation and supervision.”

FDIC Announces Retirement of Doreen Eberley, Director of Division of Risk Management Supervision. On January 17, 2025, the FDIC announced that Doreen Eberley, Director of Division of Risk Management Supervision, would retire following a 38-year career with the FDIC. Ms. Eberley will retire March 29, 2025.

Speech by Governor Cook on Financial Stability. On January 6, 2025, Federal Reserve Board Governor Cook gave a speech titled “An Assessment of the Economy and Financial Stability.” In her speech, Governor Cook highlighted her four areas of focus in monitoring financial stability: private credit, stablecoins, cyber attacks and artificial intelligence.

The following Gibson Dunn lawyers contributed to this issue: Jason Cabral and Ro Spaziani.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. Please contact the Gibson Dunn lawyer with whom you usually work or any of the member of the Financial Institutions practice group:

Jason J. Cabral, New York (212.351.6267, jcabral@gibsondunn.com)

Ro Spaziani, New York (212.351.6255, rspaziani@gibsondunn.com)

Stephanie L. Brooker, Washington, D.C. (202.887.3502, sbrooker@gibsondunn.com)

M. Kendall Day, Washington, D.C. (202.955.8220, kday@gibsondunn.com)

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, jsteiner@gibsondunn.com)

Sara K. Weed, Washington, D.C. (202.955.8507, sweed@gibsondunn.com)

Ella Capone, Washington, D.C. (202.887.3511, ecapone@gibsondunn.com)

Sam Raymond, New York (212.351.2499, sraymond@gibsondunn.com)

Rachel Jackson, New York (212.351.6260, rjackson@gibsondunn.com)

Zack Silvers, Washington, D.C. (202.887.3774, zsilvers@gibsondunn.com)

Karin Thrasher, Washington, D.C. (202.887.3712, kthrasher@gibsondunn.com)

Nathan Marak, Washington, D.C. (202.777.9428, nmarak@gibsondunn.com)

Expect sweeping changes ahead. But when looking back, an aggressive enforcement agenda continued as the SEC reported record high financial remedies, although—like all numbers that high—the SEC’s enforcement measures in 2024 require context and came alongside a drop in new actions.

I. Introduction

The dichotomy of an aggressive enforcement agenda tempered by litigation setbacks set forth in our mid-year 2024 SEC Enforcement update persisted through the end of the SEC’s 2024 fiscal year. The SEC filed a flurry of enforcement actions up until the very end of the previous administration. Now that the Gensler-led SEC has ended and the incoming administration has nominated Paul Atkins as its new Chairman and appointed Commissioner Mark Uyeda as Acting Chairman, change is coming. To be clear, the Commission’s three-part mission and the critical role that enforcement plays in that mission will remain the same. But, from those who have worked with Atkins—and as covered in a Gibson Dunn webcast—shifts are coming at the agency.

A. 2024 Enforcement Results: The Ups and Downs

While measuring success goes beyond numbers, the reported drop in new actions piqued interest given the Commission’s aggressive enforcement posture.

As reported by the SEC on November 22, the enforcement statistics for the fiscal year ending September 30, 2024 reflect that the Commission filed a total of 583 actions, compared to 784 actions the prior year, a drop of 26 percent.[1] Of those 583 actions, the agency reported 431 stand-alone enforcement actions—the most significant measure of activity, involving cases independently charged and not linked to a prior finding of violation—as compared to 501 stand-alone enforcement actions filed the prior year, a 14 percent drop.

While the Commission obtained orders for an all-time aggregate high of $8.2 billion— consisting of $6.1 billion in disgorgement and prejudgment interest, the highest amount on record, and $2.1 billion in civil penalties, the second-highest amount on record—the 2024 financial remedies stem in large part from the continued off-channel communications settlements ($600 million) and a single crypto judgment ($4.5 billion in disgorgement, interest, and penalty), that received unanimous Commission support but appears uncollectible.[2] Consistent with its general pattern over the last several years, in 2024, the SEC again recovered over twice as much in disgorgement as compared to penalties.

Another important metric to highlight includes $345 million in money distributed to harmed investors in fiscal year 2024, a drop from $930 million distributed to harmed investors in fiscal year 2023. And the agency also reported fiscal year 2024 orders barring 124 individuals from serving as officers and directors of public companies, the second-highest number of such bars following the prior year’s 133 such orders.

The distribution of actions across subject matter remained generally consistent with prior years. The SEC brought 97 stand-alone actions against investment advisers and investment companies (23 percent of actions in 2024) reflecting a continued focus on investment adviser and company regulation and enforcement, and an increase from the prior year (86 cases, 17 percent of actions in 2023). The 94 stand-alone enforcement actions relating to securities offerings reflected a decrease from the prior year (22 percent of actions in 2024, compared to 164 cases and 33 percent of actions in 2023), while broker-dealer enforcement remained relatively steady (61 cases and 14 percent of actions in 2024, compared to 60 cases and 12 percent of actions in 2023). There were also decreases year-over-year in the areas of issuer reporting (49 cases and 11 percent of actions in 2024, compared to 86 cases and 17 percent of actions in 2023) and—as conveyed in more detail within Gibson Dunn’s forthcoming 2024 FCPA Year-End Update—FCPA matters (two cases and zero percent in 2024, compared to 11 cases and two percent of actions in 2023). In fact, the combined number of issuer reporting and FCPA matters is the lowest since at least 1998. Finally, there was a slight increase in the percentage of stand-alone actions relating to insider trading in 2024 (34 cases and eight percent of actions in 2024, compared to 32 cases and six percent of actions in 2023).

B. Explaining the Numbers: Jarkesy

Impacts of recent court cases remain important to watch for the SEC and all agencies.

In a November podcast, the SEC’s former enforcement director remarked that the numbers show the impacts of, among other things, the U.S. Supreme Court decisions from last year including SEC v. Jarkesy (June 2024). The director, who announced his departure in October,[3] stated after the decisions, “we [enforcement] basically needed to hit pause” and “assess the impact of Jarkesy” on resolved, pending, and pipeline matters, which took “several months between June, July and even creeping into August.” The former director continued that “if we want to see how the last fiscal year [ending September 30] was, you should look at October and November [cases filed] because those are the two months or more that we lost as a result of Jarkesy ….” The agency filed 200 enforcement actions in the first fiscal quarter of 2025 (October to December 2024), with 75 actions in October 2024 alone. Of note, the agency sent out a press release on the last business day of the Gensler administration, touting the record number of enforcement actions in fiscal Q1 2025 (October through December 2024), and the 40 actions filed in the first two business weeks of January 2025.[4]

The CFTC similarly reported decreased enforcement numbers for its recent fiscal year, 58 new actions as compared to 96 the prior year, although the impacts of any litigation setbacks on the CFTC’s pipeline may not have been as pronounced (it filed three actions in October 2024 and no actions in December 2024).[5] At the same time, a similar trend surfaced concerning financial remedies: like the SEC, the CFTC reported record-breaking monetary results for its fiscal year, though there, too, a single crypto case played a leading role in the monetary relief.

While explaining the SEC numbers further may involve other factors such as a review of resource allocation and case priorities, former acting enforcement director Sanjay Wadhwa (who stepped down effective on January 31) stated that “[w]hat our numbers do not reflect, however, are countless investigations that may not have resulted in an enforcement action for evidentiary or other reasons, or where we declined to pursue an enforcement action, but that shined a spotlight on potentially problematic conduct and caused responsible market participants to cease engaging in it.”

Finally, other litigation setbacks remain on radar, including SEC v. Govil. That Second Circuit case, covered in detail in a prior client alert, held the SEC is not entitled to disgorgement unless it can show the allegedly defrauded investors suffered pecuniary harm. This important holding emerged in the past year in a litigated SEC case where the Southern District of New York denied the agency’s request for roughly $1 billion in disgorgement and interest based on Govil.[6] Another notable setback was in Coinbase v. SEC where the Third Circuit recently faulted the Commission for failing to provide “meaningful guidance on which crypto assets it views as securities.” In light of the Coinbase decision and the SEC’s new leadership, we expect to see significant change in the Commission’s approach to crypto assets in the coming year. Indeed, within a day of the inauguration, Acting Chairman Mark Uyeda launched a new crypto task force, led by Commissioner Hester Peirce, with the stated mission of “developing a comprehensive and clear regulatory framework for crypto assets.”[7]

C. What the Past Might Tell Us: Looking Back to the Future

Past Republican Commissioner statements note that the “vast majority of SEC enforcement actions are straightforward.”

Although steady commentary suggests a pullback on crypto and off-channel communication cases, sweeps for technical violations, and the overuse of internal controls and certain other provisions of the securities laws, other areas highlighted in the 2024 results will most likely remain in focus. Those “straightforward” areas include major fraud, individual accountability, gatekeeper accountability, and certain public company cases, among others. Moreover, investigations typically take time to complete even under the best of circumstances, with the average of all investigations taking slightly over two years. And while case outcomes might look different, the past administration’s matters (including on subject matter similar to cases filed in 2024) will most likely remain active for some time. Notwithstanding new priorities, those legacy matters may mature into actions filed in the future and shape early trends for the new administration.

Whistleblowers

The topic of whistleblowers remains an important one. Although the potential for decreased penalties in the new administration may impact the analysis for some whistleblowers, given that any bounty paid to the whistleblower derives from monetary relief, expect continued tips to the SEC and others. Credible allegations of misconduct will always be investigated vigorously under any administration.

Highlights from 2024 regarding whistleblowers:

The SEC reported receipt of 24,000 whistleblower tips and announced awards of more than $255 million to 47 individuals, a decline from the prior year, and reportedly more than 14,000 of the 24,000 tips came from two individual whistleblowers.[8]
The SEC also continued to aggressively enforce whistleblower protections. In an enforcement sweep announced in September 2024, the SEC ordered over $3 million in penalties against seven companies for allegedly violating whistleblower protection rules by, for example, requiring employees to waive their right to receive whistleblower awards, asking customers to agree to not contact the SEC, and requiring signees to certify that they had not provided information to the government in the past.[9]
In one case, as reported in our mid-year update, and which received unanimous Commission support for action, a broker-dealer paid an $18 million penalty for allegedly impeding “hundreds of advisory clients and brokerage customers from reporting potential securities law violations to the SEC” by having them sign an agreement prohibiting them from “affirmatively reporting” information to the Commission staff.[10]

Artificial Intelligence

Another important area from 2024 includes cases involving emerging technologies and emerging risks. This same subject area appears in the SEC’s 2025 examination priorities. While internal agency referrals (from other SEC divisions including Exams) might change in the years ahead, they will not cease—and thus examination priorities are likely to continue to shape and become enforcement priorities.

Highlights from 2024 regarding emerging technologies and emerging risks:

Like many other agencies, the SEC messaged a strong focus on artificial intelligence.
The SEC’s enforcement results highlighted this particular area, and numerous speeches and other statements touched upon this significant technology. As covered in our mid-year 2024 update, the SEC announced two enforcement actions in March 2024 against investment advisers for “AI-washing” and violations of the Marketing Rule (another area of focus during the last administration) for marketing the use of AI in certain ways that were not accurate.
The types of AI matters the Commission has brought so far are uncontroversial fraud cases. Although the new administration will have its own priorities, a focus on straightforward material misstatements by any market participant to investors will remain of significant interest to the agency.

Individual Accountability

When looking at SEC enforcement reports for years during the previous Trump administration, this topic received rightful attention given that charging culpable individuals, where appropriate, hits at the core of accountability and deterrence and also because corporate entities act through individuals. That leads to dynamic charging considerations, which as we look ahead might tip the balance of Commission thoughts towards the side of pursuing even more individual cases. In any event, while the SEC’s 2024 report reviewed multiple cases involving individual accountability, a rough through-line indeed involved allegations of fraud.

Market Abuse and MNPI

The SEC’s report further highlighted a mix of actions related to market abuse and insider trading, an area that for the most part proves less controversial for the SEC (save for certain recent cases, including one litigated in 2024). In 2024, the SEC brought or settled charges against investment adviser representatives for a “cherry-picking” scheme that allegedly “defrauded their clients out of millions,” against a hacker for illegally obtaining and trading on a public company’s MNPI, and against several investment advisers for failing to implement and enforce policies and procedures to prevent MNPI misuse. Notably, after the fiscal year end, the SEC filed a litigated matter against an investment adviser for such compliance failures.[11]

Other Notes

With respect to the largest area of enforcement cases in 2024, investment advisers and companies, and notwithstanding the strike-down of the private funds rule, these important market participants will remain in focus for egregious cases and continued examinations. With respect to new(er) rules that survived or did not receive challenges, while some added grace period may be more likely in the coming years, those areas will ripen to enforcement risk.

A note on off-channel communication cases: numerous takes foresee fewer, if any, such stand-alone technical matters. However, the communications might resurface as more and more investigations uncover the substance of any unreviewed communications where indeed the reasons for going off-channel extended beyond the mundane.

On balance, there are at present more questions than answers on what the future holds, as we all await priority pronouncements, personnel appointments of directors, what’s to come from the Department of Government Efficiency, and how litigation setbacks like Jarkesy and Govil, among others, impact the way in which the SEC and others litigate, which might be particularly important as the SEC likely pursues even more individual accountability. Nevertheless, when issues arise and bad actors reveal themselves, the SEC will come calling.

D. Senior Staffing Update

Beyond the more covered staffing changes—such as the nomination of Paul Atkins as Chairman, former Chair Gary Gensler’s announced retirement along with Mark Uyeda’s naming as Acting Chairman, and Gurbir Grewal’s announced departure from the Enforcement Director position along with Sanjay Wadha’s appointment as Acting Enforcement Director—there were further changes at the senior staff level and in regional leadership. Many of these changes accompanied, or immediately preceded, the change in administration.

In July, Keith E. Cassidy was named Interim Acting Director of the Division of Examinations while Director Richard Best took a leave of absence to focus on his health. Cassidy concurrently serves as the National Associate Director of the Division’s Technology Controls Program, where he oversees the SEC’s CyberWatch program and the Cybersecurity Program Office.[12]
In September, the SEC announced that Richard R. Best would transition to the role of Senior Advisor to the Director of the Division of Examinations from his role as Director of the Division of Examinations. Before becoming the Director of the Division of Examinations in 2022, Mr. Best served as the Director of the SEC’s New York Regional Office and also previously served as the Director of the SEC’s Atlanta Regional Office and the SEC’s Salt Lake Regional Office.
In December, the SEC announced the departure of Trading and Markets Division Director Haoxiang Zhu. During Mr. Zhu’s tenure, the SEC shortened the settlement cycle for equities, corporate bonds, and municipal bonds to one day, expanded central clearing for Treasury repurchase and cash transactions, and updated execution rules under Regulation National Market System (NMS). David Saltiel, formerly a deputy director in the Office of Analytics and Research, assumed the role of Acting Director upon Mr. Zhu’s departure.[13]
In December, Erik Gerding left his position as Director of the Division of Corporate Finance.[14] Gerding joined the SEC as Deputy Director of the Division of Corporate Finance in October 2021 and became the Division’s Director in February 2023. For the time being, Cicely LaMothe—who was serving as Deputy Director for Disclosure Operations within the division—will serve as Acting Director.

More staffing changes occurred at the turn of the year, in relatively quick succession, before the change in administration.

Chief Accountant Paul Munter retired after serving in his role for two years.[15] Munter joined the Commission in 2019, was named as Acting Chief Accountant in 2021, and was appointed to Chief Accountant in early 2023. Ryan Wolfe currently serves as Acting Chief Accountant.[16]
Chief Economist and Director of the Division of Economic and Risk Analysis (DERA) Jessica Wachter departed the Commission around the same time, announcing that she would return to the Wharton School at the University of Pennsylvania to serve as the Dr. Bruce I. Jacobs Chair of Quantitative Economics.[17] Robert Fisher currently serves as the Acting Director of DERA.[18]
General Counsel Megan Barbero also departed the Commission. She had served as General Counsel since February 2023 and joined the SEC in July 2021 to serve as the Principal Deputy General Counsel.[19] Jeffrey Finnel currently serves as Acting General Counsel.[20]
The Director of the Office of International Affairs, YJ Fisher, also left the Commission after serving in her position since August 2021.[21] Kathleen Hutchinson currently serves as Acting Director of the Office of International Affairs.[22]
The Commission’s Chief of Staff, Amanda Fisher, similarly announced her departure from the Commission.[23] She first joined the Commission in June 2021 as Senior Counselor, then served as Chief of Staff from January 2023 until her departure.
The SEC Policy Director, Corey Klemmer, also announced that she would step down from her role, which she held since May 2024.[24] Klemmer joined the Commission in July 2021 to serve as Corporate Finance Counsel.
Director of the Office of Public Affairs, Scott Schneider, also left the SEC.[25] Schneider had served in this role since April 2021 and had also served as a counselor to Chair Gensler.
Finally, Sanjay Wadha—who has been serving as Acting Director of the Division of Enforcement—announced that he would depart the Commission as of January 31, 2025. Wadha first joined the SEC as a staff attorney in 2003.[26] Between then and his being named Acting Enforcement Director in October 2024, Mr. Wadha served in many roles at the Commission, including Senior Associate Director of the Division of Enforcement in the New York Regional Office (NYRO), Deputy Chief of the Market Abuse Unit, and Assistant Director in the NYRO. Samuel Waldon, the previous Acting Deputy Director, currently serves as the Acting Director; and Antonia Apps as the Acting Deputy Director.[27]

E. Whistleblower Actions

As noted above, 2024 trends demonstrated that the Commission continued to make whistleblowers an important aspect of its enforcement agenda throughout the year. In three separate enforcement actions in September, the SEC announced settled charges against over 10 entities in total for alleged violations of Rule 21-F, the SEC’s whistleblower protection rule. These actions notably demonstrated that the Commission continued to interpret Rule 21-F’s scope to be broad. For example, in the first action described below, the SEC found that the whistleblower protection rule pertained to agreements made with clients, and not with employees. This action marks the second time—the first being the Commission’s settled charges against a large broker-dealer, as noted in our mid-year update—that were brought with respect to agreements made outside of the employment context. These actions further show that the Commission has interpreted the rule from asking signees to certify that they, retrospectively, had not provided information to the government in the past, before signing the agreement at issue. The Commission has taken the position that such clauses violate the whistleblower protection rules, even where other aspects of the agreement allow signees to provide information to the government prospectively, and to reap related whistleblower awards.

The first action announced settled charges against a broker-dealer and two affiliated investment advisors for entering into confidentiality agreements with retail clients containing provisions that allegedly limited clients’ ability to provide information to the SEC by permitting communications only where the SEC first initiated an inquiry.[28] Without admitting or denying the allegations, the broker-dealer agreed to pay a civil penalty of $240,000 to settle the charges.
The second action announced settled charges against seven entities for allegedly using employment and other agreements that either limited the signees’ ability to willingly and voluntarily provide information to the SEC, required signees to affirm that they had not provided information to the government in the past, or prevented signees from receiving whistleblower awards in return for providing information.[29] Without admitting or denying the SEC’s allegations, the entities agreed to pay civil penalties of over $3 million in the agreement, with individual penalties ranging from $19,500 to $1.4 million.
The third action announced settled charges against a Florida-based investment advisor for allegedly entering into agreements with candidates for employment that, though allowing the candidates to provide information to the government in response to inquiries, prevented the candidates from making such disclosures voluntarily.[30] Without admitting or denying the allegations, the investment adviser agreed to pay a civil penalty of $500,000 to settle the charges.

The Commission relatedly continued to provide sizable awards to individuals that provided useful information through the whistleblower program.

In July, the SEC announced two separate whistleblower awards, each coincidentally for approximately $37 million, to two different whistleblowers that provided information that purportedly facilitated successful enforcement actions. In one of the matters, the whistleblower purportedly provided information directly to the Commission and further conserved the Staff’s time and resources by identifying potential witnesses and documents.[31] In the other matter, the respective whistleblower initially reported their concerns internally, which led their employer to conduct an internal investigation and also eventually helped prompt the SEC to open up its own investigation. The whistleblower then purportedly facilitated the Staff’s investigation by providing ongoing, extensive, and timely assistance.[32]
In August, the SEC announced two whistleblower awards totaling more than $98 million for information and assistance that led to an SEC enforcement action and an action brought by another agency. The first whistleblower received an award of $82 million for making the tip that prompted the opening of the investigations and for providing critical ongoing assistance to the investigations. The second whistleblower received an award of $16 million for, at a later stage of the investigations, providing information that significantly contributed to one aspect of the actions.[33]
Also in August, the SEC awarded $24 million to two whistleblowers who, after reporting conduct internally, provided information that prompted an SEC enforcement action and an action by another agency. Although the first whistleblower’s information prompted the SEC investigation, the second whistleblower received a higher award, purportedly because their “information played a more significant role in the investigation.” The second whistleblower provided, among other things, “important information about key witnesses and their roles in the schemes,” which purportedly was “heavily” relied on by the SEC during the investigation. The $24 million award was based on the entire amount ordered by the Commission, including disgorgement and prejudgment interest, as well as on the amount collected by the other agency in its separate action.[34]
In October, the SEC announced a $12 million award to three whistleblowers who provided critical assistance to an SEC enforcement action. In determining the amount of the award, the SEC considered, among other things, the significance of the information provided to the commission, the assistance provided, the law enforcement interest in deterring violations, and participation in internal compliance systems.[35]

II. Public Company Accounting, Financial Reporting, and Disclosure

A. Purported Fraudulent Schemes

In June 2024, the SEC announced settled charges against an advanced materials and nanotechnology company, and filed related charges against its former CEOs, for alleged violations of fraud, reporting, internal accounting controls, and books and records provisions.[36] The alleged scheme involved the two former CEOs issuing a special dividend—the value of which was allegedly overstated by the former CEOs—and effecting a merger between their former companies. When the company’s stock price did indeed rise, the company sold over 16 million shares, raising $137.5 million. The SEC alleges the true purpose of the merger and dividend were to create a short squeeze, which was allegedly never communicated publicly. The company neither admitted nor denied the findings and agreed to pay a $1,000,000 penalty. The charges against the former CEOs are pending in the U.S. District Court for the Southern District of New York, and the SEC is seeking permanent officer-and-director bars, disgorgement of ill-gotten gains, and civil penalties from them.

In August, the SEC announced that an Alabama-based shipbuilder and its Austrian parent company had agreed to settle charges brought by the SEC in the U.S. District Court for the Southern District of Alabama.[37] The SEC’s complaint alleged that the companies conducted a purportedly fraudulent revenue recognition scheme from January 2013 to July 2016 to artificially reduce the estimated cost of completion of projects for the U.S. Navy by tens of millions of dollars. As a result, the companies allegedly prematurely recognized revenue. To settle the charges, both companies consented to permanent injunctions, and the Alabama-based shipbuilder agreed to pay a $24 million civil penalty. The Department of Justice also announced settled charges against the Alabama-based shipbuilder.

B. Financial Reporting

In August, the SEC announced settled charges against an electric vehicle company, its current CEO, former Chairman and CEO, and former CFO for allegedly reporting misleading information about the company’s financial performance from 2017 to 2019.[38] Specifically, the SEC alleged that the company and the former Chairman and CEO reported 2017 revenue guidance of $300 million despite known issues that would negatively impact revenue, and misled the company’s auditor by allegedly providing a fraudulent letter of intent from a buyer in order to avoid writing down certain assets. The SEC also alleged that the company and all three individuals improperly accounted for a cryptocurrency deal in 2019, resulting in an overstatement of revenues by more than $40 million, and made false representations in the company’s financial statements. Finally, the SEC alleged that the former Chairman and CEO hid from the auditor his personal interest in two companies that received millions of dollars in cash and stock in deals with the company. Without admitting or denying the SEC’s findings, the company agreed to pay a $1.4 million penalty and retain an independent compliance consultant; the current CEO and former CFO each agreed to pay a $75,000 penalty, and the former CFO further accepted a two-year accounting suspension; in addition, the former Chairman and CEO agreed to a $200,000 civil penalty, more than $3.3 million in disgorgement, and a 10-year officer-and-director bar.

In September, the SEC charged the former CFO; former audit committee chair; and former Chair, CEO, and President of a software company in connection with the company’s alleged overstated revenue as part of two public stock offerings.[39] The complaint, filed in the U.S. District Court for the Southern District of New York, alleged that the former Chair, CEO, and President fabricated reports of successful testing of a software program, which resulted in the company’s recognizing $1.3 million in revenue—nearly all of its revenue leading up to its IPO. The SEC also alleged that the former CFO and former audit committee Chair learned that these reports were false during the company’s secondary stock offering, but continued to make false statements about revenue, and, along with the third defendant, made related misrepresentations to the company’s auditor. The former Chair, CEO, and President has agreed to a partial settlement of a permanent injunction, but continues to litigate the appropriate remedies. The SEC is seeking injunctions and civil penalties against the other two defendants, as well as disgorgement and prejudgment interest and reimbursement from the former CFO. The U.S. Attorney’s Office for the Southern District of New York also announced charges against the former Chair, CEO, and President.

In November 2024, the SEC announced settled charges against a major logistics company for allegedly misrepresenting its earnings by failing to follow generally accepted accounting principles (GAAP) in valuing one of its business units.[40] Though the company had booked a goodwill impairment with respect to the business unit at issue, the SEC alleged that the company should have booked the impairment earlier than it had, and that its late recognition of the impairment was due to purported overreliance on an allegedly inadequate analysis by a third-party consultant showing no loss in value. Without admitting or denying the findings, the company agreed to pay a $45 million civil penalty and committed to certain undertakings, including the adoption of training requirements for certain officers and employees, as well as retention of an independent compliance consultant to review and make recommendations about its fair value estimates and disclosure obligations.

C. Public Statements and Disclosures

In mid-August, the SEC announced settled charges against a publicly traded Florida-based company and its founder for allegedly failing to disclose information related to pledges of company securities.[41] In its order, the SEC alleged that the company’s founder had pledged approximately 51 to 82 percent of the company’s securities as collateral to secure personal loans and had allegedly failed to disclose such beneficial ownership to the SEC. Further, the SEC alleged that the company had also failed to disclose the founder’s pledges of securities in its filings to the Commission and its investors. In agreeing to settle the charges, the Commission considered the cooperation of the company and the founder, including providing to the Commission compilations of relevant documents, information, and data. Without admitting or denying the charges, the company and the founder agreed to pay civil penalties of $1.5 million and $500,000, respectively.

In early September, the SEC announced settled charges against a publicly traded Massachusetts- and Texas-based company for allegedly making inaccurate statements to the SEC and its investors regarding the recyclability of its product.[42] The SEC alleged that in the company’s 2019 and 2020 annual filings, the company indicated that its product was recyclable despite allegedly having some potential knowledge to the contrary. Without admitting or denying the charges, the company agreed to pay a civil penalty of $1.5 million.

Later in September, the SEC announced settled charges against a biotechnology company related to alleged misrepresentations and omissions made during and after the company’s IPO.[43] According to the SEC, the company misled investors regarding a large market opportunity, revenue prospects, and a customer pipeline for its products. Despite allegedly receiving contradictory analysis from its sales team which valued the company’s total market opportunity at five to 10 percent of the initial published projection, the company allegedly failed to reassess the market opportunity it touted to investors. Similarly, in the leadup to its IPO, the company allegedly shared revenue projections with research analysts that lacked a reasonable basis and were materially higher than the projections prepared by the company’s own sales team. Lastly, the company allegedly misled investors about the strength of its customer pipeline, omitting key adverse facts known to the company’s sales team, including delays, dropouts, and growing concerns about potential purchases. The company settled the charges without admitting or denying the SEC’s findings, agreeing to continue cooperating with the SEC’s investigation and to pay a $30 million civil penalty. The settlement is subject to bankruptcy court approval because of the company’s pending bankruptcy proceeding.

Also in September, the SEC announced settled charges against the former CEO and independent director of a publicly traded consumer goods company, alleging violations of the proxy disclosure provisions of the federal securities laws.[44] The SEC filed a complaint in the U.S. District Court for the Southern District of New York alleging that the former CEO—who was elected an independent director in 2020—failed to disclose that he maintained a close personal friendship with an executive at the company. The former CEO also allegedly asked the executive to hide the fact of their relationship to avoid the appearance of bias, so that the former CEO could, as part of his independent director role, participate in the CEO succession process, in which the executive was being evaluated for appointment as the next CEO. The former CEO settled the charges without admitting or denying the SEC’s allegations, agreeing to a five-year officer-and-director bar, permanent injunction, and civil penalty of $175,000.

In October, the SEC announced settled charges against four current and former publicly traded technology companies for allegedly making materially misleading disclosures to the Commission and investors regarding significant cybersecurity incidents that the companies had experienced in 2020.[45] The SEC alleged that, despite investigating and disclosing the cybersecurity incidents in their public filings, the companies inaccurately disclosed the incidents by minimizing their significance and not providing detailed information related thereto. The SEC further alleged that one company failed to maintain proper disclosure controls and procedures surrounding cybersecurity incidents, leading to materially misleading disclosures to the SEC and investors. In agreeing to settle the charges, the SEC considered the cooperation and remedial measures taken by the companies, including, among others, providing Commission staff with detailed explanations, analysis, and summaries of multiple specific factual issues, promptly following up on the staff’s requests for additional documents and information, and conducting internal investigations regarding the incidents. Without admitting or denying the SEC’s findings, the four companies agreed to pay civil penalties of $990,000, $995,000, $1 million, and $4 million.

In December, the SEC announced settled charges against a publicly traded Texas-based biotherapeutics company, its former CEO, and its former CFO for allegedly failing to disclose material information about two of the company’s drug candidates.[46] The Commission alleged that the company failed to disclose to the SEC and its investors that two of the company’s drug candidates had been placed on an FDA clinical hold—an order to delay proposed clinical investigations—before, during, and after a 2021 public offering. The company neither admitted nor denied the charges, and was not ordered to pay civil penalties, purportedly because of its self-reporting, cooperation, and remediation. The individual defendants, however, agreed to pay civil penalties of $125,000 and $20,000, respectively, and the company’s former CEO further agreed to a three-year officer-and-director bar.

Also in December, the SEC announced settled charges against a New Jersey-based medical device manufacturer for allegedly misleading investors between 2016 and 2020 regarding risks associated with one of its medical devices, and for allegedly overstating the company’s income and understating its costs.[47] The Commission alleged that the company knew that it could not obtain FDA clearance for the device, failed to make the necessary changes to the device to obtain FDA clearance, and failed to inform investors of the risk that the FDA would block sales of the device. Further, the SEC alleged that the company misled investors regarding its profitability in 2019 by failing to follow GAAP and not accounting for costs associated with potentially recalling the device. Without admitting or denying the charges, the company agreed to retain an independent compliance consultant to review and make recommendations concerning its disclosure controls and procedures, and to pay a civil penalty of $175 million.

Later in December, the SEC announced settled charges against a fashion retailer for allegedly failing to disclose nearly $1 million in perks to its former CEO.[48] The SEC order alleged that the company failed to disclose the perks, mostly associated with company-authorized expensing of personal travel on privately chartered aircraft in 2019, 2020, and 2021. In April 2023, the company released its fiscal year 2022 proxy statement, which included updated disclosures about perks in 2020 and 2021, and disclosed that the CEO voluntarily reimbursed the company around $454,000 for personal expenses. The SEC noted the company’s self-reporting, cooperation, and remedial efforts, and therefore did not impose a civil penalty.

D. External Accountants and Internal Accounting Controls

In early September, the SEC charged the former finance director of a technology manufacturer for allegedly manipulating the company’s internal accounting records to falsify financial results ahead of inclusion in the company’s financial statements, and that he further fabricated documents to conceal his misconduct.[49] Through its complaint filed in the U.S. District Court for the District of Massachusetts, the SEC is seeking a permanent injunction, civil penalty, and disgorgement and prejudgment interest. The SEC also announced settled charges against the technology manufacturer for allegedly failing to maintain sufficient internal accounting controls that could have prevented the alleged fraud and the company’s overstatement of its financial performance for 2019, 2020, and through Q3 2021, but did not charge the company with fraud. The company was not charged a civil penalty, purportedly because the company self-reported the violations to the SEC following an internal investigation, provided substantial cooperation to Commission staff, and implemented remedial measures. Without admitting or denying the SEC’s findings, the company agreed to cease and desist from further violations.

In mid-September, the SEC announced that two related accounting firms had agreed to settle charges in two separate cases filed by the SEC.[50] In the first case, filed in the U.S. District Court for the Southern District of Florida, the SEC alleged that the firms improperly included indemnification provisions in engagement letters for more than 200 audits, reviews, and exams in violation of auditor independence requirements. The SEC sought a permanent injunction, civil penalty, and disgorgement and prejudgment interest, and the firms agreed to permanent injunctions and to pay a combined $1.2 million in civil penalties and disgorgement. In the second case, filed in the U.S. District Court for the Southern District of New York, the SEC alleged that the firms misrepresented that they complied with Generally Accepted Auditing Standards (GAAS) in two audits of FTX, including by failing to understand the risk associated with the relationship between FTX and a hedge fund controlled by FTX’s CEO. Without admitting or denying the charges, the firms agreed to permanent injunctions and a $745,000 civil penalty—both of which the SEC sought in its complaint—and to retain an independent consultant.

In December, the SEC announced settled charges against a Louisiana-based utility company for alleged failure to maintain internal accounting controls.[51] The SEC alleged that, starting in mid-2018, the utility company included materials and supplies at their average cost as an asset on its balance sheets despite allegedly having been warned by employees and management consultants that this asset included a substantial amount of surplus. The SEC alleged that the utility company failed to follow GAAP by not establishing a process to identify surplus, remeasure it, and record as an expense the differences between the remeasured cost and the average cost. Without admitting or denying the allegations in the SEC’s complaint, which was filed in the U.S. District Court for the District of Columbia, the utility company agreed to a permanent injunction, to adopt recommendations from an independent consultant, and to pay a $12 million civil penalty.

III. Private Companies

In July, the SEC charged the founder and former CEO of a defunct social media startup for allegedly defrauding investors by making false and misleading statements about the startup’s growth and operating expenses.[52] According to the SEC, the individual misleadingly ascribed the startup’s rising userbase to viral popularity and organic growth when, in reality, the CEO allegedly paid millions of dollars through third parties for “incent” advertisements, which offered users incentives to download the app. The SEC also alleged that the founder and former CEO and his wife hid from investors hundreds of thousands of dollars in personal expenses related to clothing, home furnishings, travel, and everyday living expenses charged to the startup’s business credit cards. The SEC’s complaint, filed in the U.S. District Court for the Northern District of California, seeks a permanent injunction, an officer-and-director bar, disgorgement, and civil monetary penalties.

In September, the SEC announced settled charges against a large, privately held family company and its founder, Chairman, and former CEO in connection with the public announcement of a tender offer that the company allegedly did not have the cash to purchase.[53] The SEC alleged that the company, at the direction and approval of the founder, made a public tender offer to purchase a large, public industrial manufacturing company at $35 per share, which would have required $7.8 billion in cash to complete. The day after the public offer was made, the founder allegedly appeared on a large national news program and stated that the company had over $10 billion in cash committed to the deal, and would not put up any company assets as collateral. The SEC further alleged that the company had only one percent of the required $7.8 billion in cash, and that neither the company nor founder had a reasonable belief that the company had the financial means to complete the tender offer. The tender offer was allegedly withdrawn nine days after it was first announced. The SEC alleged violations of Section 14(e) of the Securities Exchange Act of 1934 and Rule 14e-8 thereunder. Without admitting or denying the SEC’s findings, the founder and company agreed to cease and desist from further violations and agreed to pay civil penalties of $100,000 and $500,000 respectively.

In September, the SEC filed charges in U.S. District Court for the Northern District of California against the former CEO of a technology startup, alleging that he defrauded investors by overstating revenue and forging bank statements.[54] The SEC’s complaint details that the CEO allegedly raised over $30 million from investors by falsely inflating the company’s annual recurring revenue in the millions of dollars, despite the actual recurring revenue never exceeding $170,000. The complaint further alleges that the CEO misappropriated at least $270,000 of investor funds for personal expenses such as mortgage payments and home renovations. The SEC seeks permanent injunctions, including a conduct-based injunction, disgorgement, civil penalties, and an officer-and-director bar. The U.S. Attorney’s Office for the Northern District of California also announced criminal charges against the former CEO.

Later in September 2024, the SEC charged three former executives of a digital pharmacy startup, alleging that they defrauded investors by overstating revenue with fake prescriptions while raising over $170 million.[55] The complaint filed in the U.S. District Court for the Eastern District of New York alleges the company used a subsidiary in India for accounting and financial analysis while barring U.S.-based employees from accessing financial systems in an alleged effort to conceal the fraud. The SEC seeks permanent injunctions, civil money penalties, disgorgement, and officer-and-director bars against all three defendants.

In December, the SEC announced settled charges against two private companies and one registered investment adviser for failing to file Forms D on time for multiple unregistered securities offerings.[56] The SEC alleged that over the last several years, the two private companies and the registered investment adviser independently engaged in unregistered securities offerings, soliciting hundreds of potential investors and raising close to $300 million. In reaching a settlement, the SEC credited the parties’ remedial acts and cooperation during the investigation. Without admitting or denying the allegations, the two private companies and the registered investment adviser agreed to pay a total of $430,000 in civil penalties.

IV. Investment Advisers

A. Purportedly Fraudulent Schemes

In July, the SEC charged an activist short seller and his firm for violating antifraud provisions of the federal securities laws by allegedly engaging in a $20 million scheme from March 2018 through December 2020 to defraud followers by publishing false and misleading statements regarding stock trading recommendations.[57] According to the complaint, the short seller allegedly used his website and related social media platforms to publicly recommend taking long or short positions in various companies and held out the positions as consistent with his own and his firm’s positions. The complaint goes on to allege that following the short seller’s recommendations, the price of the target stocks moved more than 12 percent on average, and that once the recommendations were issued and the stocks moved, the short seller and his firm allegedly reversed their positions to capitalize on the stock price movements. Additionally, the SEC alleged that the short seller and his firm made several false and misleading statements in connection with the scheme and that they falsely represented that the short seller’s website had never received compensation from third parties to publish information about target companies when, in fact, it had. The complaint seeks disgorgement and civil penalties against both the short seller and his firm and an officer-and-director bar, a penny stock bar and permanent injunctions against the short seller. The Fraud Section of the Department of Justice and the U.S. Attorney’s Office for the Central District of California announced charges against the short seller as well.

In September, the SEC announced settled charges against a registered investment adviser and subsidiary of a global financial services company for alleged violations of antifraud and compliance provisions of the federal securities laws.[58] The SEC’s order alleged that the adviser overvalued collateralized mortgage obligations and overstated the performance of client accounts holding those positions. The order separately alleged that the adviser executed unlawful cross trades to limit certain investor losses, favoring some investors over others. Without admitting or denying the SEC’s findings, the adviser agreed to pay a penalty and disgorgement totaling almost $80 million and to retain a compliance consultant to review its policies and procedures.

In November, the SEC charged an investment advisory firm and its owner for defrauding nearly two dozen investors out of approximately $2.1 million.[59] The SEC alleged that the firm and owner raised $10.5 million from investors to be invested in short-term loans to professional athletes and sports agents. However, the owner and his firm allegedly made misrepresentations to investors on undisclosed fees and took hundreds of thousands of dollars from these investments for themselves. The owner and his firm also allegedly misappropriated $1.5 million that was supposed to be returned to investors, allegedly using the misappropriated funds for personal expenses, such as cars, rental homes, country club dues, and college tuition. The SEC seeks a permanent injunction, disgorgement, civil monetary penalties, and a conduct-based injunction and officer-and-director bar against the firm’s owner.

In December, the SEC announced settled charges against an investment advisory firm for allegedly failing to reasonably supervise four investment advisers and registered representatives who allegedly stole millions of dollars from advisory clients and brokerage customers.[60] The SEC alleged that the firm failed to adopt policies that could have detected and prevented the alleged theft. Specifically, the SEC’s order alleged that the firm failed to prevent the advisers from using authorized third-party disbursements, which allowed hundreds of unauthorized transfers from customer and client accounts to adviser accounts. Without admitting or denying the SEC’s findings, the firm consented to undertakings, including engaging a compliance consultant to review all forms of third-party cash disbursements from customer and client accounts, and to pay a $15 million penalty.

B. Misleading Statements and Disclosures

In August, the SEC charged a China-based investment adviser, its U.S.-based holding company, and the company’s CEO with fraud violations involving the marketing of AI-based investments.[61] The SEC’s complaint alleges that the companies and the CEO misled clients about the safety of their investments, made false claims about relationships with reputable financial and legal firms, and misled investors to believe the company would soon be listed on the NASDAQ. The SEC further alleges that the company collected over $6 million from individual investors before cutting off client communication and taking down access to client accounts through their website. The SEC’s complaint in the U.S. District Court for the District of South Dakota seeks a permanent injunction, disgorgement, civil penalties, and an officer-and-director bar.

In September, the SEC announced settled fraud charges against an Idaho-based investment adviser for allegedly misleading investors and failing to comply with its own investment strategy.[62] The adviser positioned itself as having a “biblically responsible” investment strategy by utilizing a data-driven methodology to evaluate companies and exclude any companies that did not align with biblical values. Instead, according to the SEC, from at least 2019 to March 2024, the adviser allegedly used a manual research process that did not always evaluate companies based on eligibility under the investment adviser’s own investing criteria. The SEC also alleged that the adviser lacked written policies or procedures setting forth a process for evaluating companies’ activities as part of its investment process, which caused inconsistent application of criteria and led to investments in companies that failed to align with the adviser’s own stated criteria. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $300,000 civil penalty and to retain a compliance consultant.

In October, the SEC announced settled charges against an investment adviser for violating antifraud provisions of the federal securities laws by allegedly misrepresenting that certain environmental, social, and governance factors (ESG) exchange-traded funds would not be used to invest in companies that were involved in fossil fuel or tobacco.[63] Between 2020 and 2022, the investment adviser allegedly used data from third-party vendors that did not screen out these company types. This practice allegedly led to fund investments in fossil fuel and tobacco-related companies, including in coal mining and transportation, natural gas extraction and distribution, and retail sales of tobacco products. The SEC also alleged that the adviser did not have any policies and procedures over the screening process that would exclude those company types. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $4 million civil penalty.

In November, the SEC announced settled charges against an investment advisory firm for allegedly making misleading statements about the percentage of its parent company’s assets that were ESG integrated.[64] The SEC order alleged that though the marketing materials claimed that between 70 and 94 percent of its parent company’s assets were ESG integrated, the firm did not have a policy defining ESG integration and a substantial number of assets were allegedly held in passive ETFs that did not consider ESG factors in investment decisions. Without admitting or denying the SEC’s findings, the firm agreed to pay a $17.5 million penalty.

C. Safeguards and Policies

In August, the SEC announced settled charges against a New York-based registered transfer agent for allegedly failing to assure that client securities and funds were protected against theft or misuse.[65] The SEC claimed that the alleged failures led to the loss of more than $6.6 million of client funds as a result of two separate cyber intrusions in 2022 and 2023. Without admitting or denying the SEC’s findings, the registered agent agreed to pay an $850,000 civil penalty. The SEC’s order made note of the registered agent’s cooperation and remedial efforts, including the full reimbursement of all clients and accounts for losses resulting from the cyber incidents.

Also in August, the SEC announced settled charges against a New York-based registered investment adviser for failing to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information concerning its trading of collateralized loan obligations.[66] According to the SEC’s order, the adviser maintained a credit business through which it obtained material nonpublic information (MNPI) about companies whose loans were held in collateralized loan obligations that the adviser traded, but did not establish, maintain, or enforce any written policies or procedures concerning the potential impact of the MNPI for over five years. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $1.8 million civil penalty. The SEC’s order made note of the adviser’s prompt remedial acts and cooperation.

In September, the SEC announced settled charges against 11 institutional investment managers for allegedly failing to file Forms 13F, which report quarterly holdings and are required for institutional investment managers that have discretion over $100 million in certain types of securities (Section 13(f) securities).[67] Two of the managers were also charged with allegedly failing to file Forms 13H, a form required for large traders with a substantial number of transactions of securities listed on national securities exchanges. All 11 managers settled without admitting or denying the SEC’s findings. Nine of the managers agreed to pay an aggregate of more than $3.4 million in civil penalties, with individual penalties ranging from $175,000 to $725,000. Two of the managers were not ordered to pay any civil penalties, however, purportedly because they self-reported the alleged violations.

D. Recordkeeping

The Commission continues to bring heavy fines against a multitude of broker-dealers, investment advisors, and dual registrants for failing to preserve electronic communications. As demonstrated below, this trend persisted through the second half of 2024, and the SEC has already announced settled charges related thereto so far in 2025 with Gensler as the Chair.[68]

In September, the SEC resolved three separate enforcement actions involving recordkeeping violations. In the first action, the SEC announced settled charges against six nationally recognized statistical rating organizations for failing to maintain and preserve electronic communications.[69] All six firms admitted to the SEC’s findings and agreed to pay an aggregate of more than $49 million in civil penalties, with firms agreeing to pay between $100,000 and $20 million individually. Five of the firms further agreed to retain a compliance consultant. In the second action, the SEC announced settled charges against 12 municipal advisors for failing to preserve electronic communications sent or received by personnel related to their activities as municipal advisors.[70] Because the failures included personnel at the supervisory level, the advisors were also charged with supervision failures. All 12 advisors admitted to the SEC’s findings and agreed to pay an aggregate of more than $1.3 million in civil penalties, with individual penalties ranging from $40,000 to over $300,000. In the third action, the SEC announced settled charges against an investment advisory firm for allegedly failing to keep records, including off-channel communications, related to recommendations and advice to purchase and sell securities.[71] Without admitting or denying the SEC’s findings, the firm agreed to a cease and desist and a censure. The SEC did not impose a penalty because the firm self-reported the conduct, promptly remediated the violations, and cooperated on the third-party investigation.

E. Custody Rule

In September, the SEC announced settled charges against a registered investment adviser for allegedly failing to comply with requirements related to the safekeeping of client assets from at least 2018 through 2022 and for its use of allegedly impermissible liability disclaimers in advisory and private fund agreements beginning in 2019.[72] According to the SEC’s order, the adviser allegedly violated the “custody rule” under the Advisors Act—which requires advisers to implement various safeguarding measures unless the adviser instead distributes audited financials prepared in accordance with GAAP—because it failed to implement the enumerated safeguards or timely distribute annual audited financial statements to investors in certain private funds that it advised. In addition, the SEC alleged that the adviser included liability disclaimers in its advisory agreements and certain private fund partnership and operating agreements that could have led a client to incorrectly believe that the client had waived non-waivable causes of action against the adviser. The order further alleged that certain of the liability disclaimers also contained misleading statements regarding the adviser’s otherwise unwaivable fiduciary duty. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $65,000 civil penalty. According to the order, the SEC considered the adviser’s remedial acts—which included revising its procedures regarding compliance with the custody rule, and removing problematic clauses from its advisory and private fund agreements—when deciding upon settlement.

Also in September, the SEC announced settled charges against a privately held Florida-based advisory firm for allegedly violating the custody rule by purportedly failing to ensure that certain crypto assets held by its client were maintained with a qualified custodian.[73] The SEC further alleged that the firm misled certain investors by representing to them that redemptions required at least five business days’ notice before month-end while allowing other investors to redeem with fewer days’ notice. The firm agreed, without admitting or denying the allegations, to a civil penalty of $225,000.

F. Marketing Rule

In September, the SEC announced settled charges against nine registered investment advisers for violating the new Marketing Rule by allegedly disseminating advertisements that included untrue or unsubstantiated statements of material facts, testimonials, endorsements, or third-party ratings without required disclosures.[74] All nine advisers settled without admitting or denying the SEC’s findings and agreed to pay an aggregate of $1.24 million in civil penalties, with individual penalties ranging from $60,000 to $325,000, and to review their advertisements and certify compliance with the Marketing Rule.

V. Broker-Dealers

A. Regulation Best Interest and Pricing

In September, the SEC announced settled charges against a Tennessee-based broker-dealer for failing to maintain and enforce policies and procedures reasonably designed to achieve compliance with Regulation Best Interest (Reg BI).[75] The SEC alleged that, in 2021, the company merged with another broker-dealer, but due to incompatibilities between the two parties’ systems, the company lacked accurate customer information for more than 5,000 customer brokerage accounts that migrated to its platform. Additionally, the SEC alleged the new registered representatives that joined the company post-merger did not have access to the site the company used to review structured notes transactions flagged as non-compliant and that, as a result, the company approved such note recommendations without all the documentation required by its own Reg BI policies and procedures. Without admitting or denying the allegations, the broker-dealer agreed to a civil penalty of $325,000.

In October, the SEC announced settled charges against two affiliates of a large multinational financial services firm in five separate enforcement actions for allegedly misleading disclosures to investors, breach of fiduciary duty, prohibited joint transactions and principal trades, and failure to make recommendations in the best interest of customers.[76] Without admitting or denying the SEC’s findings, the affiliates agreed to pay more than $151 million in combined civil penalties and voluntary payments to investors.

The first three enforcement actions pertained to one affiliate. The first of these orders alleged that the affiliate made misleading disclosures to investors about the extent to which it had discretion over when to sell and the number of shares to be sold, subjecting customers to market risk and failing to sell certain shares for months, which resulted in a decline in value. The second order alleged that the affiliate failed to fully and fairly disclose the financial incentive that it and its advisers had when recommending their own portfolio management programs over third-party programs between July 2017 and October 2024. The third SEC order alleged that, in violation of Reg BI, the affiliate recommended certain mutual fund products to its retail brokerage customers despite the fact that materially less expensive ETF products already existed, and offered the same portfolio as being available between June 2020 and July 2022. No civil penalty was imposed in this third order, as the affiliate promptly self-reported, conducted an internal investigation, provided substantial cooperation, and voluntarily repaid impacted customers approximately $15.2 million.

The other two enforcement actions pertained to the second affiliate. The first of these orders alleged that the affiliate caused $4.3 billion in prohibited joint transactions that advantaged an affiliated foreign money market fund. The second SEC order alleged that this same affiliate engaged in or caused 65 prohibited principal trades with a combined notional value of approximately $8.2 billion between July 2019 and March 2021. The order alleged that the affiliate directed an unaffiliated broker-dealer to buy commercial paper or short-term fixed income securities from the affiliate, which the affiliate then purchased back on behalf of its clients.

B. Market Manipulation

In September, the SEC announced settled charges against a registered broker-dealer for allegedly manipulating the U.S. Treasury cash securities market through an illicit trading strategy known as spoofing.[77] The SEC order alleged that between April 2018 and May 2019, a trader employed by the broker-dealer entered orders on one side of the market that they had no intention of executing in order to obtain more favorable execution prices on bona fide orders on the other side of the market. Allegedly, once the bona fide orders were filled, the spoofed orders were then canceled. The broker-dealer allegedly lacked adequate controls and failed to take reasonable steps to scrutinize the trader after receiving warnings of his potentially irregular trading activity. The broker-dealer settled the charges and agreed to pay a penalty and disgorgement totaling more than $6.9 million, which will be credited from a monetary sanction of more than $15 million from a deferred prosecution agreement the broker-dealer entered into with the DOJ. The broker-dealer separately agreed to pay a $6 million fine to FINRA to resolve related charges.

C. Safeguards and Policies

In July, the SEC announced settled charges against a California-based parent company of a cryptocurrency bank, its former CEO, and former Chief Risk Officer for allegedly misleading investors.[78] The Commission alleged that from 2022 to 2023, the company and its officers misled investors about the strength of its Bank Secrecy Act/Anti-Money Laundering compliance program and falsely stated in its SEC filings that it conducted ongoing monitoring of its high-risk crypto customers. The SEC further alleged that following the collapse of one of its customers, the company misrepresented its financial condition. Without admitting or denying the charges, the company agreed to pay a civil penalty of $50 million, and its officers agreed to pay civil penalties of $1 million and $250,000, respectively, in addition to five-year officer-and-director bars. In parallel actions, the company also settled charges with the Federal Reserve System (FRB) and the California Department of Financial Protection and Innovation (DFPI).

In August, the SEC announced settled charges against a New York-based broker-dealer for allegedly failing to adopt or implement reasonably designed anti-money laundering policies and procedures between March 2020 to May 2023.[79] As a result, the broker-dealer allegedly did not surveil certain types of purportedly risky transactions for red flags of potentially suspicious conduct, nor did it allocate sufficient resources to review alerts generated from its automated surveillance of other types of transactions. Without admitting or denying the alleged facts, the broker-dealer agreed to a censure and a cease-and-desist order, in addition to paying a $1.19 million penalty.

In September, the SEC announced settled charges against two investment adviser firms for allegedly exceeding clients’ designated investment limits over a two-year period beginning in March 2016.[80] The SEC order alleged that one of the firms was the primary investment adviser and portfolio manager for a trading strategy in which options were traded in a volatility index with the aim of generating incremental returns. The firm allegedly allowed many accounts to exceed the exposure levels that investors had set, including dozens of accounts that exceeded the limit by 50 percent or more. The other firm allegedly introduced its clients to the trading strategy despite knowing that investors’ exposure levels were being exceeded, and purportedly failed to adequately inform affected investors. Both firms allegedly received management and incentive fees, as well as trading commissions from the trading strategy. The SEC also alleged that both firms neglected to adopt and implement policies and procedures reasonably designed to ensure that they kept their clients abreast of material facts and excessive exposure. Without admitting or denying the findings, both firms agreed to civil penalties and disgorgement totaling $5.5 million and $3.8 million, respectively.

In November, the SEC announced settled charges against three broker-dealers related to suspicious activity reports (SARs) filed by the broker-dealers that allegedly lacked certain important, required information.[81] Over a four-year period beginning in 2018, the three broker-dealers filed multiple allegedly deficient SARs in violation of Section 17(a) of the Exchange Act, as well as Rule 17a-8 promulgated thereunder. Without admitting or denying the charges, the firms agreed to civil penalties of $125,000, $75,000, and $75,000, respectively, and two of the broker-dealers further agreed to have their anti-money laundering programs reviewed by compliance consultants.

In December, the SEC filed charges against a registered investment adviser for allegedly failing to establish, implement, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information (MNPI) relating to its participation on ad hoc creditors’ committees.[82] The SEC’s complaint focused on one of the investment adviser’s attorney-consultants, who sat on the private side of the investment adviser’s information barrier, which was the subject of extensive policies and procedures. The SEC alleged that this attorney-consultant sat on an ad hoc creditors’ committee in connection with certain distressed municipal bonds and received MNPI pursuant to a customary confidentiality agreement. According to the complaint, the attorney-consultant then allegedly had unspecified communications with the investment adviser’s public trading desk when he had MNPI and while the firm continued to buy the distressed issuer’s bonds. The SEC did not allege, and presumably had no evidence, that any MNPI was communicated by the attorney-consultant to the public-side investment team; nor did the SEC allege any improper trading violation of any kind nor any harm to investors. The investment adviser is charged with allegedly violating provisions of the Investment Advisers Act of 1940 related to establishing and enforcing reasonably designed compliance policies and procedures. The SEC is seeking a civil penalty and permanent injunctive relief. The investment adviser has stated that it fully cooperated with the SEC in its years-long investigation and would not agree to settle a dispute in which there was no wrongdoing nor any deficiency in its detailed information barrier policies or its compliance program.

D. Recordkeeping

In August, the SEC announced settled charges against 26 broker-dealers and investment advisers for alleged widespread and longstanding failures by the firms and their personnel to maintain and preserve electronic communications.[83] The firms admitted to the facts alleged against them and agreed to pay civil penalties of $392.75 million in the aggregate, ranging between $400,000 and $50 million each. Three of the firms self-reported their violations and resultingly incurred lower civil penalties. The CFTC also announced settlements for related conduct with three of the entities.

In September, the SEC announced settled charges against 12 broker-dealers and investment advisers for failures to maintain and preserve electronic communications.[84] The firms admitted to the facts alleged against them and agreed to pay civil penalties of over $88 million in the aggregate, ranging between $35 million and $325,000. One firm will not pay a penalty because it self-reported, self-policed, and demonstrated substantial efforts at compliance. Two other firms similarly self-reported and incurred lower civil penalties as a result. The CFTC announced a settlement for related conduct with an additional entity on the same day.

E. Failure to Register

In September, the SEC announced settled charges against three sales agents from a Delaware investment advisor for unregistered broker activity, including selling membership interests in LLCs that purported to invest in shares of pre-IPO companies.[85] The SEC alleged that the sales agents engaged in broker activities—including providing investors with marketing materials, advising investors on the merits of investments, and receiving transaction-based compensation—despite not being registered as brokers. Without admitting or denying the findings, each sales agent agreed to industry and penny stock bars, and to pay disgorgement ranging from $431,287 to $1,392,367, along with a civil penalty ranging from $90,000 to $300,000. One of the sales agents also settled related fraud charges that the SEC had previously announced in March 2023.

F. Technical Violations

In December, the SEC announced settled charges against two broker-dealer firms for failing to provide complete and accurate securities trading information to the SEC, known as blue sheet data.[86] The SEC orders found that, over a period of several years, due to a number of errors, one broker-dealer made approximately 11,195 blue sheet submissions to the SEC with missing or inaccurate data, while the other firm made approximately 3,679 submissions with misreported or missing data. The SEC orders did find that both broker-dealers engaged in remedial efforts to correct and improve their blue sheet reporting systems and controls, and that one of the broker-dealers self-identified and self-reported all but one of the errors affecting its blue sheet submissions. The broker-dealers admitted the findings, agreed to be censured, and to each pay a $900,000 penalty. The broker-dealers separately settled with FINRA for related conduct.

Also in December, the SEC announced settled charges against a registered broker-dealer for failing to file certain Suspicious Activity Reports (SARs) in a timely manner.[87] According to the order, in certain instances between April 2019 and March 2024, the broker-dealer received requests in connection with law enforcement or regulatory investigations/litigation but allegedly failed to conduct or complete SARs investigations within a reasonable period of time. The broker-dealer settled the charges and agreed, without denying or admitting the allegations, to pay a $4 million civil penalty, to a censure, and to cease and desist.

VI. Cryptocurrency

A. Purported Fraud

In July, the SEC filed fraud charges against a high-profile software engineer and social media platform founder.[88] The SEC accused the individual of raising more than $257 million from unregistered offers and sales of crypto assets, while falsely telling investors that proceeds would not be used to compensate him or other employees. The SEC alleged that the individual nonetheless spent more than $7 million of investor funds on personal expenditures, and further misled investors by portraying his company as a decentralized project. The individual was charged with violating the registration and anti-fraud provisions of the Securities Act of 1933 and the anti-fraud provisions of the Securities Exchange Act of 1934.

In August, the SEC announced partially settled fraud charges against a privately held entity, the entity’s co-owner and CEO, its co-owner and COO, and its promoters.[89] The SEC alleged that, from 2019 through 2023, the entity was operated as a multi-level marketing and crypto asset investment program. The SEC further alleged that the entity and individuals misled investors by claiming they would invest their funds on crypto assets and foreign exchange markets despite using the majority of investor funds to make payments to existing investors and to pay commissions to promoters. The co-owners further allegedly siphoned millions of dollars of investor assets for themselves, allegedly raising more than $650 million in crypto assets from more than 200,000 investors worldwide. The SEC charged most parties involved with violations of the registration regulations and antifraud provisions of the federal securities laws, and seeks permanent injunctive relief, disgorgement of ill-gotten gains, and civil penalties. The case is still ongoing against the entity and co-owners, but one of the parties involved agreed, without admitting or denying the allegations, to a $100,000 civil penalty and an injunction.

B. Unregistered Offerings

In August, the SEC charged a privately held Georgia-based crypto asset lender for allegedly operating as an unregistered investment company and for offering unregistered securities.[90] The SEC Complaint alleged that, in and around 2020, the company used their crypto lending program to offer and sell a product, which the SEC alleged qualified as a security, that allowed U.S. investors to tender their crypto assets in exchange for the company’s promise to pay a variable interest rate. The SEC further alleged that the company operated for at least two years as an unregistered investment company because it issued securities and held more than 40 percent of its total assets, excluding cash, in investment securities, including its loans of crypto assets to institutional borrowers. The company agreed, without admitting or denying the allegations, to an injunction and to pay a civil penalty of $1,650,000.

In September, the SEC announced settled charges against a privately held New Jersey-based investment platform.[91] The SEC alleged that since at least 2020, the company operated as a broker and clearing agency by providing U.S. customers the ability, through the company’s online trading platform, to trade crypto assets allegedly being offered and sold as securities without complying with the registration provisions of the federal securities laws. The company agreed, without admitting or denying the allegations, to the entry of a cease-and-desist order, to pay a penalty of $1.5 million, and to liquidate any crypto assets being offered and sold as securities that the company is unable to transfer to its customers, and return the proceeds to the respective customers. The company publicly announced that the only crypto assets that will continue to be traded on their platform will be Bitcoin, Bitcoin Cash, and Ether.

Also in September, the SEC announced settled charges against a decentralized finance protocol and its three co-founders for allegedly misleading investors and engaging in unregistered broker activity.[92] The SEC order alleged that the protocol conducted unregistered offers and sales of securities by offering investors crypto asset investment funds using tokens that earned returns as well as offering certain investors governance tokens. The SEC also alleged that the protocol and its co-founders misled investors by touting high annual percentage yields without accounting for the various fees charged and by telling investors their assets would be rebalanced automatically, when in actuality the rebalancing mechanism often required manual input, which was, in some cases, not initiated. The protocol and its co-founders, without admitting or denying the SEC’s allegations, agreed to various forms of relief to settle the SEC’s charges, including permanent injunctions, conduct-based injunctions, civil penalties, disgorgement, and equitable officer-and-director bars against the co-founders for a period of five years.

Later in September, the SEC announced settled charges against an issuer of a purported stablecoin and the developer and operator of a lending protocol.[93] The SEC alleged that the companies, from November 2020 until April 2023, engaged in the unregistered offer and sale of investment contracts, which the SEC alleged qualified as securities, in the form of the stablecoin. The SEC further alleged that the companies falsely marketed the investment contracts as safe and trustworthy by claiming that the stablecoin was fully backed by U.S. dollars or their equivalent, despite investing a substantial portion of the assets purportedly backing the stablecoin in a speculative and risky offshore investment fund to earn additional returns for the companies. The companies agreed, without admitting or denying the allegations, to the entry of final judgments enjoining them from violating applicable provisions of the federal securities laws and to pay civil penalties of $163,766 each. The issuer of the stablecoin also agreed to pay a disgorgement of $340,930.

At the end of September, the SEC announced settled charges against two affiliated entities, one a purported decentralized autonomous organization, and the other a Panamanian entity.[94] The SEC alleged that the entities engaged in the unregistered offer and sale of certain crypto assets, which the SEC alleged qualified as securities, since August 2021, raising more than $70 million. According to the SEC Order, the entities engaged in unregistered broker activity related to the allegedly unregistered securities by actively soliciting and recruiting users to trade securities, providing advice and valuations as to the merits of an investment in securities, and helping to facilitate securities transactions on their platform by assisting customers in opening accounts and regularly handling customer funds and securities. The entities settled the charges and agreed, without admitting or denying the allegations, to injunctions and orders to collectively pay nearly $700,000 in civil penalties. The entities further agreed to destroy certain crypto tokens, to request the removal of those tokens from trading platforms, and to refrain from soliciting any trading platform to allow trading in, offering, or selling those tokens.

In October, the SEC filed charges against a privately held Chicago-based crypto market-maker.[95] The SEC alleged that the company operated as an unregistered dealer in more than $2 billion of crypto assets offered and sold as securities from at least March 2018 through the present. According to the SEC’s Complaint, public statements made by the issuers and promoters of the crypto assets, and retransmitted by the company, would have led investors to reasonably believe that the crypto assets were being offered as investment contracts that, according to the SEC, qualified as securities. Therefore, the SEC alleged that, because the company did not register its offering of the crypto assets, it failed to comply with the Securities Exchange Act of 1934’s registration requirements for dealers of securities. The SEC is seeking permanent injunctive relief, disgorgement of ill-gotten gains, prejudgment interest, and civil penalties.

VII. Insider Trading

Insider Trading proved yet again to be a consistent area of enforcement for the Commission in 2024. Indeed, the Commission has already announced settled insider trading charges in 2025 under Gensler,[96] and nothing suggests that this area will receive any less attention under the new administration.

In September, the SEC filed insider trading charges against a former employee of a national consulting firm, his father, and his two friends.[97] In the complaint, the SEC alleged that the employee obtained material nonpublic information (MNPI) indicating that his firm’s client was interested in purchasing an infrastructure business, and that the employee tipped that information to his father and friend, who then shared the information with another mutual friend. The employee’s father and friends then traded on this MNPI and collectively realized approximately $1.1 million in ill-gotten profits. The defendants agreed to a to-be-determined civil penalty and the father and two friends agreed to disgorgement of the ill-gotten gains. The U.S. Attorney’s Office for the Southern District of Florida also filed parallel criminal charges against all four individuals.[98] Three of the defendants entered guilty pleas and one entered a joint motion with the government for pretrial diversion.

Also in September, the SEC filed charges against a U.K. citizen, alleging that he had violated the antifraud provisions of the federal securities laws by engaging in a “hack to trade” scheme.[99] As part of that scheme, the individual allegedly hacked into computer systems of five U.S. public companies—by allegedly resetting several senior-level executives’ email passwords—to obtain MNPI about the companies’ corporate earnings, including draft earnings releases, press releases, and scripts. The SEC alleges that the individual used such information to earn $3.75 million in illicit profits by establishing large and risky option positions in the companies and then later selling his positions after the companies made impactful public earnings announcements. The Commission seeks injunctive relief, disgorgement, and civil penalties. In a parallel action, the U.S. Attorney’s Office for the District of New Jersey announced criminal charges against the individual.[100]

Also in September, the SEC announced settled charges against 23 entities and individuals for alleged failures to timely report information about their holdings and transactions in public company stock.[101] The charges came as a result of the SEC’s enforcement initiatives on (1) Schedules 13D and 13G reports, which provide information about the holdings and intentions of investors who own more than five percent of the registered voting shares of a public company stock, and (2) Forms 3, 4, and 5, which are required to be filed by certain corporate insiders who own more than 10 percent of their company’s stock. The SEC alleged that the charged entities and individuals filed the required reports late. Without admitting or denying the SEC’s findings, all of the entities and individuals agreed to cease and desist from further violations and have agreed to pay an aggregate of more than $3.8 million in civil penalties; the entities have agreed to pay between $40,000 and $750,000, while the individuals have agreed to pay between $10,000 and $200,000. Two of the entities are public companies that the SEC alleged contributed to the filing failures, and each has agreed to pay $200,000 in civil penalties.

In December, the SEC and DOJ filed insider trading charges against the former CEO of a publicly traded telecommunications company.[102] The SEC’s complaint alleges that the CEO received a confidential presentation regarding the company’s upcoming earnings results, and that several days later, the CEO learned he would be terminated for cause. Shortly after being terminated, and while being subject to two trading blackout periods, the CEO allegedly sold shares of the company and directed his financial advisor to sell shares held in a joint account. A week later, the company announced negative quarterly earnings, which caused its stock price to fall more than 25 percent. The SEC alleges that, because the SEC sold shares in advance of the negatively impactful earnings release, the CEO avoided losses of over $12,400. Moreover, according to the SEC’s complaint, although the CEO’s financial advisor was unable to trade the shares within the CEO’s joint account due to a blackout period, the CEO would have avoided an additional $110,000 of losses had the financial advisor proceeded with the trades. The complaint seeks permanent injunctions, disgorgement, civil penalties, and an officer or director bar.

[1] SEC Press Release, SEC Announces Enforcement Results for Fiscal Year 2024 (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-186.

[2] See Dave Michaels, SEC Writes Off $10 Billion in Fines it Can’t Collect, The Wall Street Journal (Dec. 31, 2024), available at https://www.wsj.com/finance/regulation/sec-fines-penalties-collection-write-off-071cb768.

[3] SEC Press Release, SEC Announces Departure of Enforcement Director Gurbir S. Grewal (Oct. 2. 2024), available at https://www.sec.gov/newsroom/press-releases/2024-162.

[4] SEC Press Release, SEC Announces Record Enforcement Actions Brought in First Quarter of Fiscal Year 2025 (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-26.

[5] CFTC Press Release, CFTC Releases FY 2024 Enforcement Results (Dec. 4, 2024), available at https://www.cftc.gov/PressRoom/PressReleases/9011-24; CFTC Press Release, CFTC Releases FY 2023 Enforcement Results (Nov. 7, 2023), available at https://www.cftc.gov/PressRoom/PressReleases/8822-23.

[6] See SEC v. Ripple Labs, Inc. 2024 WL 3730403 (S.D.N.Y. Aug. 7, 2024).

[7] SEC Press Release, SEC Crypto 2.0: Acting Chairman Uyeda Announces Formation of New Crypto Task Force (Jan. 21, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-30.

[8] SEC Press Release, SEC Announces Enforcement Results for Fiscal Year 2024 (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-186.

[9] SEC Press Release, SEC Charges Seven Public Companies with Violations of Whistleblower Protection Rule (Sept. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-118.

[10] SEC Press Release, J.P. Morgan to Pay $18 Million for Violating Whistleblower Protection Rule (Jan. 16, 2024), available at https://www.sec.gov/news/press-release/2024-7.

[11] In the Matter of Marathon Asset Management, L.P., Inv. Advisers Act Rel. No. 6737 (Sept. 30, 2024), available at https://www.sec.gov/files/litigation/admin/2024/ia-6737.pdf.

[12] SEC Press Release, Keith E. Cassidy Named Interim Acting Director of the Division of Examinations (July 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-87.

[13] SEC Press Release, SEC Announces Departure of Trading and Markets Division Director Haoxiang Zhu (Dec. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-191.

[14] SEC Press Release, SEC Announces Departure of Corporation Finance Division Director Erik Gerding (Dec. 13, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-200.

[15] SEC Press Release, SEC Announces Chief Accountant Paul Munter to Retire From Federal Service This Month (Jan. 14, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-9.

[16] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.

[17] SEC Press Release, SEC Announces Departure of Chief Economist Jessica Wachter (Jan. 15, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-11.

[18] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.

[19] SEC Press Release, SEC Announces Departure of General Counsel Megan Barbero (Jan. 16, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-13.

[20] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.

[21] SEC Press Release, SEC Announces Departure of Director of International Affairs YJ Fischer (Jan. 16, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-14.

[22] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.

[23] SEC Press Release, SEC Announces Departure of Chief of Staff Amanda Fischer (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-23.

[24] SEC Press Release, SEC Policy Director Corey Klemmer to Step Down (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-24.

[25] SEC Press Release, SEC Announces Departure of Public Affairs Head Scott Schneider (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-25.

[26] SEC Press Release, SEC Announces Departure of Acting Enforcement Director Sanjay Wadhwa (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-28.

[27] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.

[28] SEC Press Release, SEC Charges Broker-Dealer Nationwide Planning and Two Affiliated Investment Advisers with Violating Whistleblower Protection Rule (Sept. 4, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-115.

[29] SEC Press Release, SEC Charges Seven Public Companies with Violations of Whistleblower Protection Rule (Sept. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-118.

[30] SEC Press Release, EC Charges Advisory Firm GQG Partners With Violating Whistleblower Protection Rule (Sept. 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-150.

[31] SEC Press Release, SEC Awards More Than $37 Million to a Whistleblower (July 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-85.

[32] SEC Press Release, SEC Awards Whistleblower More Than $37 Million (July 29, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-90.

[33] SEC Press Release, SEC Issues Awards Totaling $98 Million to Two Whistleblowers (Aug. 23, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-103.

[34] SEC Press Release, SEC Issues $24 Million Awards to Two Whistleblowers (Aug. 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-104.

[35] SEC Press Release, SEC Issues $12 Million Award to Joint Whistleblowers (Oct. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-168.

[36] SEC Press Release, SEC Charges Meta Materials and Former CEOs With Market Manipulation, Fraud and Other Violations (June 25, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-77.

[37] SEC Press Release, SEC Charges U.S. Navy Shipbuilder Austal USA with Accounting Fraud (Aug. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-108.

[38] SEC Press Release, SEC Charges Ideanomics and Three Senior Executives with Accounting and Disclosure Fraud (Aug. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-94.

[39] SEC Press Release, SEC Charges Former Chairman and CEO of Tech Co. Kubient with Fraud and Lying to Auditors (Sep. 16, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-131.

[40] SEC Press Release, UPS to Pay $45 Million Penalty for Improperly Valuing Business Unit (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-184.

[41] SEC Press Release, SEC Charges Carl Icahn and Icahn Enterprises L.P. for Failing to Disclose Pledges of Company’s Securities as Collateral for Billions in Personal Loans (Aug. 19, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-99.

[42] SEC Press Release, SEC Charges Keurig with Making Inaccurate Statements Regarding Recyclability of K-Cup Beverage Pod (Sept. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-122.

[43] SEC Press Release, SEC Charges Zymergen Inc. With Misleading IPO Investors About Company’s Market Potential and Sales Prospects (Sept. 13, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-129.

[44] SEC Press Release, SEC Charges Independent Director and Ex-CEO of Church & Dwight With Concealing Close Friendship with Company Executive (Sept. 30, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-161.

[45] SEC Press Release, SEC Charges Four Companies With Misleading Cyber Disclosures (Oct. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-174.

[46] SEC Press Release, SEC Charges Kiromic BioPharma and Two Former C-Suite Executives with Misleading Investors about Status of FDA Reviews (Dec. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-189.

[47] SEC Press Release, Becton Dickinson to Pay $175 Million for Misleading Investors About Alaris Infusion Pump (Dec. 16, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-201.

[48] SEC Press Release, SEC Charges Express, Inc. with Failing to Disclose Nearly $1 Million in Perks Provided to Former CEO (Dec. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-203.

[49] SEC Press Release, SEC Charges Former Finance Director at CIRCOR International with Accounting Fraud (Sep. 5, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-116.

[50] SEC Press Release, Audit Firm Prager Metis Settles SEC Charges for Negligence in FTX Audits and for Violating Auditor Independence Requirements (Sep. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-133.

[51] SEC Press Release, SEC Charges Utility Company Entergy Corp. with Internal Accounting Controls Violations (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-206.

[52] SEC Press Release, SEC Charges Founder of Social Media Company “IRL” with $170 Million Fraud (July 31, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-92.

[53] SEC Press Release, SEC Charges Esmark Inc. and Chairman James Bouchard with Announcing False Tender Offer to Purchase U.S. Steel Corp. (Sept. 6, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-117.

[54] SEC Press Release, SEC Charges Former CEO of Tech Startup SKAEL with $30 Million Fraud (Sept. 24, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-146.

[55] SEC Press Release, SEC Charges Three Former Executives of Pharmacy Startup Medly Health Inc. with Defrauding Investors (Sept. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-128.

[56] SEC Press Release, SEC Files Settled Charges Against Multiple Entities for Failing to Timely File Forms D in Connection With Securities Offerings (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-210.

[57] SEC Press Release, SEC Charges Andrew Left and Citron Capital for $20 Million Fraud Scheme (July 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-89.

[58] SEC Press Release, SEC Charges Advisory Firm Macquarie Investment Management Business Trust with Fraud (Sept. 19, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-140.

[59] SEC Press Release, SEC Charges Advisory Firm La Mancha and its Owner David Kushner with Fraud (Nov. 21, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-183.

[60] SEC Press Release, SEC Charges Morgan Stanley Smith Barney for Policy Deficiencies that Resulted in Failure to Prevent and Detect its Financial Advisors’ Theft of Investor Funds (Dec. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-193.

[61] SEC Press Release, SEC Charges China-based QZ Asset Management Ltd. and its CEO in Pre-IPO Fraud Scheme (Aug. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-109.

[62] SEC Press Release, SEC Charges Advisory Firm Inspire Investing With Misleading Investors Regarding Its Investment Strategy (Sept. 19, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-139

[63] SEC Press Release, SEC Charges Advisory Firm WisdomTree with Failing to Adhere to Its Own Investment Criteria For ESG-Marketed Funds (Oct. 21, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-173.

[64] SEC Press Release, SEC Charges Invesco Advisers for Making Misleading Statements About Supposed Investment Considerations (Nov. 8, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-179.

[65] SEC Press Release, SEC Charges Transfer Agent Equiniti Trust Co. with Failing to Protect Client Funds Against Cyber Intrusions (Aug. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-101.

[66] SEC Press Release, SEC Charges Sound Point Capital Management for Compliance Failures in Handling of Nonpublic Information (Aug. 26. 2024), available at https://www.sec.gov/newsroom/press-releases/2024-106.

[67] SEC Press Release, SEC Charges 11 Institutional Investment Managers with Failing to Report Certain Securities Holdings (Sept. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-135.

[68] SEC Press Release, Twelve Firms to Pay More Than $63 Million Combined to Settle SEC’s Charges for Recordkeeping Failures (Jan. 13, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-6.

[69] SEC Press Release, SEC Charges Six Credit Rating Agencies with Significant Recordkeeping Failures (Sept. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-114.

[70] SEC Press Release, SEC Charges 12 Municipal Advisors With Recordkeeping Violations (Sept. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-132.

[71] SEC Press Release, Advisory Firm Atom Investors, Charged with Recordkeeping Violations, Avoids Civil Penalty Because of Self-Reporting, Substantial Cooperation, and Prompt Remediation (Sept. 23, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-143.

[72] SEC Press Release, SEC Charges Advisory Firm ClearPath with Custody Rule and Liability Disclaimer Violations (Sept. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-113.

[73] SEC Press Release, SEC Charges Crypto-Focused Advisory Firm Galois Capital for Custody Failures (Sept. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-111.

[74] SEC Press Release, SEC Charges Nine Investment Advisers in Ongoing Sweep into Marketing Rule Violations (Sept. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-121.

[75] SEC Press Release, SEC Charges Broker-Dealer First Horizon With Regulation Best Interest Violations (Sept. 18, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-136.

[76] SEC Press Release, JP Morgan Affiliates to Pay $151 Million to Resolve SEC Enforcement Actions (Oct. 31, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-178.

[77] SEC Press Release, TD Securities Charged in Spoofing Scheme (Sept. 30, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-160.

[78] SEC Press Release, SEC Charges Silvergate Capital, Former CEO for Misleading Investors about Compliance Program (July 2, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-82.

[79] SEC Press Release, SEC Charges OTC Link LLC with Failing to File Suspicious Activity Reports (Aug. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-96.

[80] SEC Press Release, SEC Charges Merrill Lynch and Harvest Volatility Management for Ignoring Client Instructions (Sept. 25, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-147.

[81] SEC Press Release, SEC Charges Three Broker-Dealers with Filing Deficient Suspicious Activity Reports (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-185.

[82] SEC Press Release, available at https://www.sec.gov/newsroom/press-releases/2024-209.

[83] SEC Press Release, Twenty-Six Firms to Pay More Than $390 Million Combined to Settle SEC’s Charges for Widespread Recordkeeping Failures (Aug. 14, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-98.

[84] SEC Press Release, Eleven Firms to Pay More Than $88 Million Combined to Settle SEC’s Charges for Widespread Recordkeeping Failures (Sept. 24, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-144.

[85] SEC Press Release, SEC Files Settled Charges Against Three StraightPath Sales Agents for Unregistered Broker Activity (Sept. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-127.

[86] SEC Press Release, Wells Fargo and LPL Financial Charged for Submitting Deficient Trading Data to SEC (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-207.

[87] SEC Press Release, Deutsche Bank Subsidiary to Pay $4 Million for Untimely Filing Certain Suspicious Activity Reports (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-208.

[88] SEC Press Release, SEC Charges Nader Al-Naji with Fraud and Unregistered Offering of Crypto Asset Securities (Jul. 30, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-91.

[89] SEC Press Release, SEC Charges Alleged Crypto Company NovaTech and its Principals and Promoters with $650 Million Fraud (Aug. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-95.

[90] SEC Press Release, SEC Charges Abra with Unregistered Offers and Sales of Crypto Asset Securities (Aug. 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-105; Order Granting Parties’ Consent Motion for Final Judgment, SEC v. Plutus Lending, LLC, 1:24-cv-02457-BAH (D.D.C. 2025).

[91] SEC Press Release, eToro Reaches Settlement with SEC and Will Cease Trading Activity in Nearly All Crypto Assets (Sept. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-125.

[92] SEC Press Release, SEC Charges DeFi Platform Rari Capital and its Founders With Misleading Investors and Acting as Unregistered Brokers (Sept. 18, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-138.

[93] SEC Press Release, SEC Charges Crypto Companies TrustToken and TrueCoin With Defrauding Investors Regarding Stablecoin Investment Program (Sept. 24, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-145.

[94] SEC Press Release, SEC Charges Entities Operating Crypto Asset Trading Platform Mango Markets for Unregistered Offers and Sales of the Platform’s “MNGO” Governance Tokens (Sept. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-154.

[95] SEC Press Release, SEC Charges Cumberland DRW for Operating as an Unregistered Dealer in the Crypto Asset Markets (Oct. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-169.

[96] SEC Press Release, SEC Charges Former Public Company Officer and His Sister-In-Law with Insider Trading (Jan. 13, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-4.

[97] SEC Press Release, SEC Charges Former Financial Consultant for Providing Father and Friends Inside Information Regarding Firm’s Client (Sept. 13, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-130.

[98] U.S. Attorney’s Office Press Release, Four Miami Residents Charged with Reaping Over $1 Million From Friends and Family Insider Trading Scheme (Sept. 13, 2024), available at https://www.justice.gov/usao-sdfl/pr/four-miami-residents-charged-reaping-over-1-million-friends-and-family-insider-trading.

[99] SEC Press Release, SEC Charges U.K. Citizen in Hacking and Trading Scheme Involving Five U.S. Public Companies (Sept. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-153.

[100] U.S. Attorney’s Office Press Release, U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme (Sept. 27, 2024), available at https://www.justice.gov/usao-nj/pr/uk-national-charged-multimillion-dollar-hack-trade-fraud-scheme.

[101] SEC Press Release, SEC Levies More Than $3.8 Million in Penalties in Sweep of Late Beneficial Ownership and Insider Transaction Reports (Sept. 25, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-148.

[102] SEC Press Release, SEC Charges Ken Peterman, Former Comtech CEO, with Insider Trading in Advance of Negative Earnings Announcement (Dec. 11, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-195.

The following Gibson Dunn lawyers prepared this update: Mark Schonfeld, David Woodcock, Osman Nawaz, Tina Samanta, Timothy Zimmerman, Lauren Jackson, Michael Ulmer, Monica Woolley, Veronica Altabef, Priya Datta, Ina Kosova, Hayden McGovern, Nicholas Whetstone, Sara Zamani, Lauren Hernandez, Ty Shockley, Nell Tooley, Timoteo L’Esperance, Danilo Risteski, Trey Shomin, and Grace Summers.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Securities Enforcement practice group, or the following authors:

Mark K. Schonfeld – Co-Chair, New York (+1 212.351.2433, mschonfeld@gibsondunn.com)
David Woodcock – Co-Chair, Dallas (+1 214.698.3211, dwoodcock@gibsondunn.com)
Osman Nawaz – New York (+1 212.351.3940, onawaz@gibsondunn.com)
Tina Samanta – New York (+1 212.351.2469, tsamanta@gibsondunn.com)
Lauren Cook Jackson – Washington, D.C. (+1 202.955.8293, ljackson@gibsondunn.com)
Timothy M. Zimmerman – Denver (+1 303.298.5721, tzimmerman@gibsondunn.com)

While the new regulations were issued during the closing days of the Biden Administration, they are the product of a broad interagency process and of policy drivers that will continue to motivate Trump Administration officials. Companies should take steps now to evaluate the impact of the regulations on their plans for AI model training and deployment, and to develop and implement the procedures that will be required to win export licenses or to qualify for licensing exceptions.

On January 13, 2025, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued an interim final rule titled “Framework for Artificial Intelligence Diffusion” (the Framework)[1] that lays the groundwork for expansive new controls targeting frontier Artificial Intelligence (AI) models themselves and the computing power to create them. The Framework, taken together with recent U.S. Government actions targeting AI, seeks to use the current leading role played by companies based in the U.S. and a select group of allied countries in the design and production of computing power as a point of leverage to force companies, research institutes and other organizations develop AI models inside an ecosystem closely monitored by the United States and the handful of other countries that have agreed to impose similar controls. In several ways, the Framework bookends a multiyear effort by Commerce officials and their interagency peers to control access to, and impede the indigenous development of, computing power by China, and other countries perceived to pose a threat to U.S. national security and foreign policy interests.

To this end, the Framework, through a multi-part control structure, aims to reduce the risk that “countries of concern” (i.e., countries listed in Country Group D:5, which includes Hong Kong now treated by export regulations as part of China, and Macau) obtain advanced U.S. and allied closed-weight AI models by broadly (i) expanding licensing requirements for the export of advanced integrated circuits (ICs) (ii) imposing controls on frontier AI models, and (iii) closing a significant loophole that previously allowed persons in countries of concern rent access to computing power outside their countries. At the same time, the Framework creates a three-tiered licensing policy with a more permissive structure allowing exports to and among countries whose export controls are aligned with the U.S., imposing an effective embargo against countries the U.S. perceives as threats, and detailing a conditional policy for countries yet to adopt certain safeguards against the unchecked development of frontier AI models. Thus, the Framework seeks to strike a balance between the goal of keeping advanced AI capabilities out of the hands of strategic competitors while facilitating the diffusion of AI technology and its benefits within a U.S.-structured AI ecosystem.

BIS uses several familiar tools to fashion the new Framework, including a new foreign direct product rule that could reach AI frontier models globally and a powerful new nationality-based license exception that conditions the powerful authorization it provides on building certain amounts of computing power within the countries whose companies are eligible to use it. While the Trump Administration has issued an executive order[2] that authorizes the Department of Commerce to postpone the implementation of the Framework, the Framework’s export controls may meet the criteria set in President Trump’s America First Trade Policy memoranda of deploying export controls that help the United States to “maintain, obtain, and enhance” the United States’s “technological edge” and to “identify and eliminate loopholes.” Because of this, and because the Framework is the product of a broad and sustained interagency efforts focused addressing geopolitical threats that have not changed with the new Administration, we expect that enough of the Framework will be implemented that companies in the AI model development, advanced IC manufacturing and distribution, and data center sectors should plan now for its implementation.

I. Background (Prior Actions)

The Framework in many ways bookends a series of measures aimed at targeting AI development capabilities of China and others. In 2022, the Biden Administration’s National Security Strategy identified China as “the only competitor with both the intent to reshape the international order and increasingly, the economic, diplomatic, military, and technological power to advance that objective” and specifically identified export controls as a key tool to “ensure strategic competitors cannot exploit foundational American and allied technologies, know-how, or data to undermine American and allied security.” In October 2022, BIS put in play a “chokepoint” strategy to target indigenous Chinese semiconductor development. It identified, broadly, within the semiconductor ecosystem, four chokepoints where the U.S. and its allies maintained significant technological advantage and crafted export controls around them: (i) ICs, (ii) semiconductor manufacturing equipment (SME), (iii) SME parts and components, and (iv) design and other software for ICs and SME. A leading rationale for imposing these controls was to address China’s use of AI for military modernization as well as surveillance. In October 2023, BIS updated the October 2022 controls, again specifically noting China’s use of “advanced computing ICs and supercomputing capacity in the development and deployment of [] AI models to further its goal of surpassing the military capabilities of the United States and its allies.” Over the course of 2024, BIS clarified the scope of AI and SME controls and, expanded Authorization Validated End User (VEU) to enable data centers to receive VEU authorizations in order to facilitate the responsible diffusion of advanced AI technology. In November 2024, the Biden Administration issued a National Security Memorandum on AI that called for, among other, ensuring the “safety, security, and trustworthiness of American AI innovation writ large.” And, as BIS notes in the Supplemental Information to the Framework, the Department of Commerce has engaged in an extensive and ongoing policy process with partners across the U.S. Government to consider strategic, tailored, and effective controls on the diffusion of advanced AI technology to entities and destinations around the world.

II. The Framework: New Controls and Jurisdiction-Based Rules

a. “Chokepoint” Strategy for AI Development

The Framework attempts to control access to three elements critical for AI model training:

1. Advanced ICs: Training advanced AI models requires large clusters of advanced computing ICs capable of handling large quantities of data and models containing large numbers of parameters. The Framework expands current restrictions and imposes a global export licensing requirement for advanced ICs.
2. Compute Power: These advanced IC clusters are housed within data centers, which provide processing power to run AI applications, including training and inference applications. The Framework creates multi-year quotas that meter access to computing power in most countries. It also creates a revamped validated end user (VEU) authorization system for data centers which is premised on nationality of those seeking to procure computing power and data center country location and which conditions VEU authorization both on ensuring that the computing power required to train frontier AI models remains in installed in only a handful of countries and on the adoption of significant physical and cyber security controls.
3. Model Weights: Model weights are numerical parameters that define the internal logic of an AI model and which are the product of model design and training. The Framework creates a new Export Control Classification Number (ECCN) 4E091 for certain advanced closed-weight AI models and imposes a global licensing requirement for such model weights (subject to license exceptions discussed below). At present, the controls apply to model weights trained with 10^26 computational operations or more, a threshold which BIS will likely increase through amendments of the regulations over time.

b. Three-Tiered Destination-Based System

The Framework established a three-tier destination-based system that will trigger different controls based on the end user:

Tier 1:

Tier 1 is comprised of entities located in the United States and allied jurisdictions identified in paragraph (a) of supplement no. 5 of Part 740 (currently, Australia, Belgium, Canada, Denmark, Finland, France, Germany, Ireland, Italy, Japan, the Netherlands, New Zealand, Norway, Republic of Korea, Spain, Sweden, Taiwan, and the United Kingdom). BIS and interagency drafters of the Framework deem these governments to have “implemented measures to prevent the diversion of advanced technologies” and to have created “ecosystems that will enable and encourage firms to use advanced AI models to advance the common national security and foreign policy interests of the United States and its allies and partners.”[3]

However, an entity headquartered outside these jurisdictions or whose ultimate parent is headquartered outside these jurisdictions would not be deemed to fall within Tier 1.

These countries continue to retain almost unrestricted access to controlled ICs and will generally have no restrictions on their access to model weights and compute power.

Tier 3:

Tier 3 is comprised of entities headquartered in, or whose ultimate parent company is headquartered in, Macau or destinations specified in Country Group D:5 (currently, China (including Hong Kong), Afghanistan, Belarus, Burma, Cambodia, Central African Republic, Democratic Republic of the Congo, Cuba, Cyprus, Eritrea, Haiti, Iran, Iraq, North Korea, Libya, Lebanon, Russia, Somalia, Republic of South Sudan, Republic of the Sudan, Syria, Venezuela, and Zimbabwe).

The Framework maintains the current restrictions on the supply of advanced ICs to these countries continue to remain in place and adds additional restrictions. For example, model weights cannot be supplied to Tier 3 countries and data centers in Tier 3 countries are not eligible for VEU Authorization (discussed below).

Security requirements for Tier 2 entities incentivizes Tier 2 countries to not only adopt a posture similar to the U.S. toward Tier 3 countries, but also, in the long run, to align themselves technologically with the U.S. In addition to de facto export controls, this would mean adoption of other elements of the U.S. technological landscape such as security controls, computing and other standards and integration with existing U.S.-origin technologies.

Tier 2:

Tier 2 encompasses entities not specified in Tier 1 or Tier 3 and includes entities located in most countries in the world.

The Framework permits the export of AI chips and associated compute power without a license up to a capped amount of Total Processing Performance (TPP). Data center companies in these jurisdictions can apply for a BIS license to access more compute power, subject to satisfying certain security and other requirements.

Tier 1 entities may export their model weights to Tier 2 destinations, provided that the end user has instituted specified security measures that will reduce the risk of diversion.

Notably, Tier 2 includes both countries that are otherwise considered close allies of the United States (including countries in NATO and the European Union, Israel and Singapore) and countries that are often treated by U.S. export controls and licensing decisions as posing higher evasion risks. The common thread among Tier 2 countries is the U.S. Government’s belief that their governments have not yet adopted the kinds of export controls on advanced AI chips and access to computing power that the U.S. and other Tier 1 countries have put in place in recent years.

III. The Framework Addresses Certain Evasion Activities to Limit Access to Advanced ICs and Model Weights.

a. Worldwide Licensing Requirements

According to BIS, Chinese companies have circumvented existing restrictions by using “foreign subsidiaries in a range of uncontrolled destinations to buy ICs subject to [Export Administration Regulations (“EAR”)] controls.” BIS views the risk of evasion through the use of subsidiaries in uncontrolled jurisdictions to be even greater for AI model weights as they can be sent anywhere in the world instantaneously once copied.

The Framework consequently imposes a license requirement to supply (i.e., export, reexport, or transfer (in-country)) controlled ICs and model weights to any end user in any destination. However, the Framework also provides license exceptions and other mechanisms to enable access to advanced IC to certain end users and designations which pose a comparatively low risk of diversion. The licensing requirements are thus based on the tier system described above, with permissive conditions for Tier 1 countries.

Critically, the Framework conditions access to computing power on the closing of a loophole that has troubled BIS drafters for the last several years—how to control access by Tier 3 country governments and entities to AI Infrastructure-as-a-Service (IaaS) offered by data centers outside of Tier 3 countries. Through the imposition of this worldwide licensing requirement, and the Framework’s conditioning of parallel licensing exceptions for those procuring computing power in Tier 1 and Tier 2 countries on not providing AI IaaS to Tier 3 country users, BIS is hoping to close this loophole.[4]

b. The AI Model Weights Foreign Direct Product Rule

Tier 3 entities have increasingly turned to data centers outside the United States and cloud services to remotely access computing power as a result of regulations on advanced ICs introduced in October 2022 and October 2023, along with the financial and logistical challenges of obtaining large clusters of ICs through subsidiaries and other third parties.

Another way in which BIS attempts to limit Tier 3 access to AI IaaS is through its creation of a new foreign direct product (FDP) rule with breathtaking scope. BIS attempts to address this evasion, through an FDP rule that claims jurisdiction over closed-weight AI models trained anywhere in the world with the use of controlled ICs. Given that most advanced ICs manufactured globally remain dependent on at least some U.S. software, technology, and on items produced by U.S. software and technology, and that BIS has claimed jurisdiction over these advanced ICs through prior FDP rules, there will be few closed-weight AI models that would not be subject to the new licensing requirements imposed by this FDP rule.

BIS’s use of FDP rules in recent years arguably has far outpaced its ability to enforce its FDP rules outside of the United States, however, and it is unclear whether and how non-U.S. developers of new AI models will become aware of this new jurisdiction claim and whether they will submit to U.S. licensing authority.

IV. The Frameworks Offers Multiple Pathways for Exporting Advanced ICs

Despite BIS’s imposition of global licensing requirements on advanced ICs or closed weight AI models, the Framework offers several exclusions, exceptions, and favorable licensing policies that it argues will facilitate more responsible diffusion of advanced AI technology and benefits to certain end users and jurisdictions.

a. Exclusion for Open Weight Models

BIS “determined that a reasonable proxy for the performance of an AI model is the amount of compute—i.e., the number of computational operations—used to train the model.” Accordingly, the Framework places restrictions on the export of the model weights of the most advanced AI models.

The Framework’s new restrictions on the export of model weights only applies to closed-weight models trained with 10^26 computational operations or more. The Framework explicitly excludes “open” model weights of any AI model that have been “published” as defined in 15 C.F.R. § 734.7(a) and any closed models that are less powerful than the most powerful open-weight model.

b. License Exceptions

Existing License Exceptions (NAC/ACA)

The Export Administration Regulations (EAR) existing license exceptions for Notified Advanced Computing (NAC) and Advanced Computing Authorized (ACA) will apply to authorize the export of advanced ICs classified under ECCNs 3A090, 4A090, and corresponding .z items (except for 3A090.a items designed or marketed for use in a datacenter).

License Exception Low Processing Performance (LPP)

The Framework creates License Exception LPP to permit exports of advanced computing ICs and corresponding computing power up to a per-entity allocation of 26,900,000 TPP per-calendar year to any individual Tier 2 entity. This annual TPP limit applies to shipments to any individual Tier 2 entity even if the shipments are made by multiple exporters or reexporters or through more than one intermediate consignee.

License Exception Artificial Intelligence Authorization (AIA)

The Framework created License Exception AIA to permit exports of advanced computing ICs and corresponding computing power to Tier 1 countries.

The license exception also permits exports of otherwise controlled closed AI model weights, without an authorization, by companies headquartered in the United States and allies listed in paragraph (a) of supplement no. 5 and (i) the entities obtaining the items are located outside Macau or destinations specified in Country Group D:5; and (ii) the items will be stored in a facility that complies with the certain security standards that are set forth in supplement no. 10 to part 748.

License Exception Advanced Compute Manufacturing (ACM)

The Framework created License Exception ACM to permit exports of advanced computing ICs to “private sector end users” for the purposes of “development,” “production,” and storage (in a warehouse or other similar facility) of such ICs. However, the license exception does not cover exports for the purpose of training an AI model or exports to Tier 3 countries.

“Private sector end user” defined as either (1) an individual who is not acting on behalf of any government (other than the U.S. Government), or (2) a commercial firm (including its subsidiary and parent firms, and other subsidiaries of the same parent) that is not wholly owned by, or otherwise controlled by any government (other than the U.S. Government).

Summary of New Licensing Requirements, License Exceptions and Exclusions and Licensing Policy

ECCN	Tier	License Exceptions and Exclusions	License Application Review Policy
Advanced ICs (ECCNs 3A090.a, 4A090.a, and corresponding .z items)	Tier 1	ACA* / AIA / ACM / LPP	Presumption of Approval
	Tier 2	ACA* / ACM / LPP	Presumption of Approval up to TPP cap Presumption of Denial in excess of TPP cap
	Tier 3	NAC*	Presumption of Denial
Advanced ICs (ECCNs 3A090.b, 4A090.b, and corresponding .z items)	Tier 1	N/A (not restricted)	N/A (not restricted)
	*Tier 2* D:1 and D:4 countries, excluding destinations also specified in A:5 or A:6	ACA*	Presumption of Approval
	*Tier 3* D:5 countries, excluding destinations also specified in A:5 or A:6	NAC*	Presumption of Denial
Closed-Weight AI Models (ECCN 4E091)	Tier 1	AIA / Open-weight AI models	Presumption of Approval
	Tier 2	Open-weight AI models	Presumption of Denial
	Tier 3	Open-weight AI models	Presumption of Denial

* Except for 3A090.a items designed or marketed for use in a datacenter.

c. License Review Policy (Tier 1 Presumption of Approval; Tier 2 Per-Country Allocation)

The Framework creates a presumption of approval for exports of advanced ICs and closed-weight AI models to Tier 1 countries.

The Framework provides a favorable license review policy for exports of advanced ICs and corresponding computing power up to a per-country allocation of 790,000,000 TPP for Tier 2 countries for the period from 2025 to 2027. BIS will review applications for the supply of advanced ICs to Tier 2 countries under a presumption of approval, up to this amount.

d. Revamped VEU Authorizations

In October 2024, BIS introduced a Data Center VEU Authorization to facilitate the supply of advanced ICs to end users in destinations that do not raise national security or foreign policy concerns. The Framework bifurcates the Data Center VEU Authorization into a Universal VEU (UVEU) Authorization and National VEU (NVEU) Authorization.

The UVEU Authorization is available only to Tier 1 entities, and, subject to certain geographic allocation limits, enables UVEU to deploy data center in Tier 2 destinations. Specifically, a UVEU cannot transfer or install more than 25% of its total AI computing power—i.e., the AI computing power owned by the entity all its subsidiary and parent entities—to or in locations outside of Tier 1 countries. U.S. UVEUs are required to maintain at least 50% of their total AI computing power in the United States. Moreover, UVEUs cannot transfer or install more than 7% of its total AI computing power to or in any single Tier 2 country. This kind of AI computing power location requirement has no precedent within the EAR, but more broadly tracks policy efforts by the Department of Commerce and interagency partners to induce the world’s leading advanced IC manufacturers to locate more of their production capacity in the United States.

The NVEU Authorization, on the other hand, is available to Tier 2 entities on a per-company, per-country basis (i.e., separate authorizations required for each Tier 2 country, even if undertaken by the same company), subject to quarterly caps. BIS explains that these allocation caps represent computing power clusters that are approximately 12 months, or one generation, behind the cluster size it believes will be needed to train the most advanced dual-use AI models. Importantly, the total amount of computing power authorized for exports to NVEUs will not count towards the amount of computing power allocated to a Tier 2 country.

In order to receive NVEU Authorization, a data center operator that owns its advanced computing capacity must apply to BIS and go through an intensive application process that will be subject to interagency review. The criteria for NVEU approval are extensive and span over two pages of the Federal Register (published at least initially in a smaller font size) and include requirements on data center ownership, physical security, supply chain security, personnel security, and acceptable use criteria that are subject to documentation, auditing and reporting requirements. Approved applicants for the NVEU Authorization will be listed in the EAR.

V. Conclusion

The Framework is a sweeping and unprecedented attempt to regulate the global diffusion of AI technology, especially to countries that pose national security and foreign policy challenges to the United States. It reflects the U.S. Government’s recognition of the strategic importance of AI as a transformative and disruptive technology that can have profound implications for military, economic, and social domains. It also reflects the U.S. Government’s determination to maintain its leadership and competitive edge in AI innovation, while preventing the misuse and exploitation of AI by adversaries and competitors.

The Framework drafters have acknowledged the heavy lifts that stakeholders impacted by these new regulations will be required to make by staggering its implementation dates. The new worldwide licensing requirements on computing power and on closed-weight AI models, and associated license exceptions will not be implemented until May 15, 2025, and the significant security and other requirements associated with the VEU license exceptions will not be required to be in place until January 15, 2026. Even if new Commerce officials opt to postpone the implementation of these new regulations by two months under authority of President Trump’s Regulatory Freeze Pending Review Executive Order, the sweeping nature of these new regulations will require many companies and other industry stakeholders to begin taking steps now to reflect new controls and to be in a position to take advantage of the different authorizations the Framework makes available.

The Framework, however, is not without its challenges and uncertainties. It is likely to face significant critique by at least some types of AI sector stakeholder during the public comment period, which is currently scheduled to close on May 15, 2025. It is also likely to face technical, and political hurdles, as well as potential backlash and countermeasures from affected countries and entities, as it is implemented. On a technical level, its efficacy is premised in part on widespread awareness of the new export controls it puts in place, especially by stakeholders located outside of the United States, and it is unclear whether the Trump Administration will expend the resources required to publicize and educate non-U.S. persons on how the regulations will work, including convincing those training AI models outside the United States that their closed-weight AI models may be subject to U.S. licensing controls based on the computing power and infrastructure required to train them. There are also data center business model and associated contract-related changes that some Tier 2 country stakeholders would be required to make to take advantage of the NVEU and LPP authorizations that will take many months to implement.

The perceived efficacy of the Framework is also challenged by the release of the Chinese company DeepSeek’s r1 open-weight AI model, which DeepSeek released after BIS published the interim final rule establishing the Framework. In allowing exports of open-weight models without a license, BIS “assess[ed] that the most advanced open-weight models are currently less powerful than the most advanced closed-weight Models.” However, the availability of powerful open-weight AI models like DeepSeek that approximate the capabilities of the most advanced closed-weight, and the possibility that powerful AI models could be trained with lower levels of compute power, both challenge key assumptions underlying the Framework..

Moreover, implementation of the regulations will also require extensive coordination and cooperation among U.S. allies. On the intergovernmental level, the BIS and U.S. Government agency partners such as the Department of State will need to act and think multilaterally to continue to enjoy the cooperation of Tier 1 countries and to attract support for a U.S.-lead AI ecosystem in Tier 2 countries, which may be more difficult to do amidst threats and other actions that the Trump Administration may take unilaterally to advance the America First Trade Policy.

[1] Framework for Artificial Intelligence Diffusion, 90 Fed. Reg. 4544 (Jan. 13, 2025) (hereinafter the Framework).

[2] President Donald, J. Trump, Regulatory Freeze Pending Review Executive Order, Jan. 20, 2025 (available at https://www.whitehouse.gov/presidential-actions/2025/01/regulatory-freeze-pending-review/).

[3] Framework at 4548.

[4] For example, the Framework requires Tier 2 compute providers to institute exacting security measures, including new security measures in supplement no. 10 to part 748, to prevent the use of their compute power by Tier 3 entities.

The following Gibson Dunn lawyers prepared this update: Christopher Timura, Dharak Bhavsar, Mason Gauch, Frances Waldmann, David Wolber, and Adam M. Smith.

United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, rkirk@gibsondunn.com)
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, asmith@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Donald Harrison – Washington, D.C. (+1 202.955.8560, dharrison@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, ctimura@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202.887.3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, cmbrown@gibsondunn.com)
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, aneely@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202.887.3509, ssewall@gibsondunn.com)
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, mweinbaum@gibsondunn.com)
Karsten Ball – Washington, D.C. (+1 202.777.9341, kball@gibsondunn.com)
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, hdanilack@gibsondunn.com)
Mason Gauch – Houston (+1 346.718.6723, mgauch@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, cmullen@gibsondunn.com)
Sarah L. Pongrace – New York (+1 212.351.3972, spongrace@gibsondunn.com)
Anna Searcey – Washington, D.C. (+1 202.887.3655, asearcey@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, stoussaint@gibsondunn.com)
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, lwardlaw@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, szhang@gibsondunn.com)

We are pleased to provide you with Gibson Dunn’s Accounting Firm Quarterly Update for Q4 2024. The Update is available in .pdf format at the below link, and addresses news on the following topics that we hope are of interest to you:

Presidential and SEC Transitions Begin
PCAOB Adopts Firm Reporting and Firm and Engagement Metrics Requirements
Corporate Transparency Act Subject to Multiple Legal Battles
PCAOB Adopts Rule to Address Filing and Fee Deficiencies
One of Three Pending PCAOB Constitutional Challenges Dismissed
U.K. Publishes Guidance on New Failure to Prevent Fraud Offense
Other Recent PCAOB Regulatory and Enforcement Developments

Please let us know if there are topics that you would be interested in seeing covered in future editions of the Update.

Download Full Newsletter

Warmest regards,

Jim Farrell
Monica Loseman
Michael Scanlon

Chairs, Accounting Firm Advisory and Defense Practice Group, Gibson, Dunn & Crutcher LLP

In addition to the practice group chairs, this update was prepared by David Ware, Timothy Zimmerman, Monica Limeng Woolley, Bryan Clegg, Douglas Colby, Hayden McGovern, John Harrison, Nicholas Whetstone, and Ty Shockley.

Accounting Firm Advisory and Defense Group Chairs:

Jim Farrell – Co-Chair, New York (+1 212-351-5326, jfarrell@gibsondunn.com)

Monica K. Loseman – Co-Chair, Denver (+1 303-298-5784, mloseman@gibsondunn.com)

Michael Scanlon – Co-Chair, Washington, D.C.(+1 202-887-3668, mscanlon@gibsondunn.com)

This guidebook offers an overview of the numerous decision points, procedures and vital considerations a company should contemplate before, during and after the IPO process.

Completing an Initial Public Offering (IPO) is a significant milestone for many business owners, executives, directors and stockholders. However, the journey towards going public can be fraught with complexities and unexpected challenges. For companies seeking to raise capital, whether through an IPO or other alternatives, it is critical to understand the road ahead.

The insights in this guidebook are derived from Gibson Dunn’s vast experience representing clients across various sectors in many IPOs over the years. We capitalize on our representation of large and seasoned public companies to implement leading-edge corporate governance and public reporting practices.

The involvement in the IPO process of our unmatched Securities Regulation and Corporate Governance team is core to the IPO process. This enables our IPO teams to anticipate potential problems in drafting the registration statement and to reach key decision-makers at the Securities and Exchange Commission on an expedited basis to seek tailored guidance, waivers, or resolution of challenging comments.

You can download a PDF of Gibson Dunn’s IPO Guidebook (2025 Edition) at the link below.

Read More

The following Gibson Dunn lawyers prepared this update: Andrew Fabens, Hillary Holmes, Stewart McDowell, Harrison Tucker, Peter Wardle, Marie Kwon, Bryan McCutcheon, and Justine Robinson.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding the guidebook or how we may assist in navigating your journey to going public. To learn more, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Capital Markets practice group, or the following practice leaders:

Andrew L. Fabens – New York (+1 212.351.4034, afabens@gibsondunn.com)
Hillary H. Holmes – Houston (+1 346.718.6602, hholmes@gibsondunn.com)
Stewart L. McDowell – San Francisco (+1 415.393.8322, smcdowell@gibsondunn.com)
Peter W. Wardle – Los Angeles (+1 213.229.7242, pwardle@gibsondunn.com)

Gibson Dunn is proud to launch an Immigration Task Force, which will bring together the firm’s expertise in humanitarian immigration law, employment law, appellate and constitutional law, and administrative law and policy.

One primary goal of the Immigration Task Force will be to provide our clients with timely, thoughtful updates on immigration developments, including newly issued executive orders, court decisions, and other developments across both the business and humanitarian immigration sectors.

This work will, of course, dovetail with our robust pro bono immigration practice, which has long stood for the belief that lawyers have a responsibility to promote safety, freedom, and justice for those seeking refuge from persecution, safety from physical and sexual violence, and the chance to build a better life. In the past, that practice has included representing Dreamers at the Supreme Court, mobilizing firmwide efforts to assist Afghans seeking safety from the Taliban, and assisting vulnerable child migrants obtain legal status. You can learn more about our pro bono immigration practice here.

We are closely monitoring developments in the area and will prepare regular updates to help our clients, nonprofit partners, and our larger community navigate a rapidly evolving landscape. The first of these updates appears below.

Should you have any questions about developments in this space, including how changes might impact your workforce or your community, please do not hesitate to reach out to any member of our Immigration Task Force, listed below.

Stuart F. Delery – Co-Chair, Administrative Law & Regulatory Practice Group,
Washington, D.C. (+1 202.955.8515, sdelery@gibsondunn.com)

Naima L. Farrell – Partner, Labor & Employment Practice Group,
Washington, D.C. (+1 202.887.3559, nfarrell@gibsondunn.com)

Nancy Hart – Partner, Litigation Practice Group,
New York (+1 212.351.3897, nhart@gibsondunn.com)

Katie Marquart – Partner & Chair, Pro Bono Practice Group,
Los Angeles (+1 213.229.7475, kmarquart@gibsondunn.com)

Laura Raposo – Associate General Counsel, Gibson Dunn,
New York (+1 212.351.5341, lraposo@gibsondunn.com)

Matthew S. Rozen – Partner, Appellate & Constitutional Law Practice Group,
Washington, D.C. (+1 202.887.3596, mrozen@gibsondunn.com)

Ariana Sañudo – Associate, Pro Bono Practice Group,
Los Angeles (+1 213.229.7137, asanudo@gibsondunn.com)

Betty X. Yang – Partner & Co-Chair, Trials Practice Group,
Dallas (+1 214.698.3226, byang@gibsondunn.com)

Immigration Updates: One Week After Inauguration

Immigration and border security, which were central themes of Donald Trump’s 2024 presidential campaign, have been clear priorities during the first days of his new administration.[1] Within hours of taking office, President Trump signed numerous executive orders (EOs) and other similar documents addressing various aspects of immigration enforcement and border security.[2] EOs—official documents through which the President directs and manages the federal government’s operations—have become a frequently-used tool enabling presidents to change government policy in the early days of a new administration with immediate effect. Several of President Trump’s day-one EOs will have far-reaching implications for immigrants in the United States, refugees seeking safety in the United States, mixed-status families across the country.

Although the EOs issued so far do not directly address non-immigrant employment-based visas (like H1-Bs), some provisions may be relevant to the visa process generally or have other indirect effects on non-immigrants with employment-based visas. For example, certain EOs seem to impose enforcement cooperation requirements on individuals or companies who interact with noncitizens; others impose broad new requirements on all aliens seeking to enter the country, even nonimmigrants on temporary visas. The impact of many of those orders will only be magnified by other EOs, new agency rules, and legislative actions anticipated for the coming weeks and months

While the immigration enforcement landscape is rapidly evolving, this Client Alert provides an overview of certain noteworthy recent developments. Section I analyzes recent EOs (1) restricting U.S. citizenship; (2) imposing changes to border enforcement; (3) increasing immigration detention and removal of noncitizens; and (4) suspending refugee admissions. Section II provides an overview of recent guidance and directives issued by federal agencies that oversee and interact with the immigration system under President Trump. Section III details the Laken Riley Act, a measure increasing immigration detention that is soon expected to be signed into law. Finally, Section IV provides an update regarding a court challenge to the Deferred Action for Childhood Arrivals (DACA) program.

I. Executive Orders

1. Citizenship

“Protecting the Meaning and Value of American Citizenship”[3]

This EO declares that an individual born in the United States is not a citizen if, at the time of their birth, (1) their mother is “unlawfully present” or (2) their mother’s presence is “lawful but temporary,” if in either circumstances their father is not a U.S. citizen or lawful permanent resident. The EO applies to any child born after thirty days from its issuance on January 20, 2025.[4] The EO posits that the Citizenship Clause of the Fourteenth Amendment to the U.S. Constitution (“Citizenship Clause”) was not meant to extend “universally to everyone born” in the United States, and that it has “always excluded from birthright citizenship persons who were born in the United States but not ‘subject to the jurisdiction thereof.’”[5] The EO then asserts that “[a]mong the categories of individuals born in the United States and not subject to the jurisdiction thereof” are the two described above.

This reading of the Citizenship Clause is contrary to longstanding legal, social, and historical precedent on the issue; the Constitution has long been interpreted in law and policy to guarantee citizenship to those born on American soil regardless of race, creed or class.[6] By way of background, the Citizenship Clause was born out of the Reconstruction Era following the Civil War and the end of slavery, guaranteeing the citizenship of all persons born in the United States.[7] This guarantee was clarified in United States v. Wong Kim Ark, a landmark 1898 Supreme Court case that confirmed the Citizenship Clause extended to children born in the United States to noncitizen parents – the exact population targeted by this EO.[8] Wong Kim Ark excluded children born in the United States to foreign diplomats from the Citizenship Clause, establishing the paradigmatic class of persons “not subject to the jurisdiction” of the United States.[9] Individuals who are “not fully subject to the sovereign authority of the United States,” better understood as those that “enjoy[] common law immunity from local law,” would be excluded from the automatic guarantees of the Citizenship Clause.[10]

This longstanding interpretation of the Citizenship Clause has not been without its opponents. Several (unsuccessful) legislative efforts at narrowing the “subject to the jurisdiction” requirement have been made over the years.[11] The issue of birthright citizenship has not been directly taken up by the Supreme Court in the past 125 years, but conservative judges on lower appellate courts have indirectly opined on the issue.[12] Further, there is a body of legal scholars who have long argued that the Citizenship Clause’s guarantee of birthright citizenship lacks legitimacy.[13]

On January 20, the same day the EO was issued, the American Civil Liberties Union (ACLU) and other immigration nonprofits filed a lawsuit against the Trump Administration, arguing that the order violates the Citizenship Clause and other statutory provisions.[14] Relying on Supreme Court precedent, the ACLU seeks an injunction against the order, asking for the continued protection of “America’s most fundamental promise.”[15] The following day, on January 21, eighteen states similarly filed suit against the Trump Administration.[16] That complaint details the longstanding history of the right of citizenship to all persons born in the United States, arguing that there are no other exceptions in the Citizenship Clause besides limited exclusions to those “not fully subject to United States law.”[17] The complaint also alleges that President Trump acted outside of his authority because a president’s power to set immigration policy does not extend to the actions detailed in the order.[18] On the same day, four additional states brought a separate lawsuit in a different jurisdiction.[19] In establishing that the EO will cause “immediate and irreparable harm,” the complaint discloses that in 2022, approximately 153,000 children were born in the United States to two undocumented parents.[20] Both suits are seeking a preliminary injunction to block the order before it is implemented. Last week, other immigrants-rights organizations also filed similar suits seeking an injunction against the order.[21]

On January 23, a federal judge in Seattle, Washington presiding over the four-state suit granted a temporary restraining order against the implantation of order, calling it “blatantly unconstitutional.”[22] The order will remain in effect for fourteen days and applies nationally.

Notably, other EOs issued on the same day are based on the premise that this category of individuals – noncitizens, including those born on United States soil – are, in fact, subject to the jurisdiction of the United States. For example, one other EO issued the same day requires noncitizens to register and present their fingerprints to the U.S. government[23]; another subjects them to the death penalty for qualifying offenses.[24]

2. Border Enforcement

In his inaugural address, President Trump stated that the U.S. government “fails to protect our magnificent, law-abiding American citizens but provides sanctuary and protection for dangerous criminals, many from prisons and mental institutions, that have illegally entered our country from all over the world.”[25] He went on to say that “all illegal entry will immediately be halted, and we will begin the process of returning millions and millions of criminal aliens back to the places from which they came.”[26] Immediately following his inauguration, President Trump issued several presidential actions with stated goals of repelling “invasions” of migrants at the country’s borders, expanding funding and power for border security, and increasing militarization at the southern border space overlap significantly and provide related, similar, or identical directives. Certain pertinent directives are outlined below.

“Declaring a National Emergency at the Southern Border of the United States; “Clarifying the Military’s Role in Protecting the Territorial Integrity of the United States”

Invoking Sections 201 and 301 of the National Emergencies Act (50 U.S.C. 1601 et seq.), the first of these presidential actions is a proclamation that “declare[s] that a national emergency exists at the southern border of the United States [27] This proclamation reinstated the national emergency President Trump declared in his first term and rescinded the Biden Administration EO that terminated that earlier emergency.[28] In February 2019, President Trump declared a national emergency at the southern border as a way to direct the construction of a border wall.[29] That declaration faced legal challenges on the basis that using the National Emergencies Act without a true emergency was a contravention of Congress’s will.[30] Because crossings at the southern border have fallen dramatically in the last year,[31] similar challenges are likely here, although historically presidents have received substantial deference in the definitions of national emergencies.

The emergency declaration and a second EO, “Clarifying the Military’s Role in Protecting the Territorial Integrity of the United States,” direct an expansion of the military’s role in border enforcement. The national emergency declaration (1) directs the Secretary of Defense to order members of the U.S. military to support the Secretary of Homeland Security’s efforts at the southern border, including by providing detention space and transportation and logistical support; (2) directs the Secretaries of Defense and Homeland Security to construct additional physical barriers along the southern border; and (3) directs the Secretaries of Defense and Homeland Security, in consultation with the Attorney General, to prioritize the impedance and denial of unauthorized entry at the southern border.[32] The proclamation directs the U.S. military that 10 U.S.C. Section 12302 (the Ready Reserve provision) and 10 U.S.C. Section 2808 (the emergency military construction provision), are both in effect.[33]

Further, it is notable that this proclamation does not mandate the construction of a “border wall,” but rather “additional physical barriers” at the border. During the first Trump administration, Congress passed a funding bill specifically to construct a 55-mile-long border wall;[34] no such legislation is currently in effect.

In the “Clarifying the Military’s Role” EO, President Trump ordered that, within 10 days of its effective date, the Secretary of Defense will assign U.S. Northern Command[35] “the mission to seal the borders and maintain the sovereignty, territorial integrity, and security of the United States by repelling forms of invasion including unlawful mass migration, narcotics trafficking, human smuggling and trafficking, and other criminal activities.”[36] The EO further directs that several requirements be added to the Contingency Planning Guidance and Guidance for the Employment of the Force, including (1) a requirement to “seal the borders . . . by repelling forms of invasion, including unlawful mass migration”; (2) a requirement “to provide steady-state southern border security”; and (3) “[c]ontinuous assessments of all available options” to further the purpose of the order.[37]

Active-duty military had already been used in support functions at the border during previous administrations, including during the Biden administration,[38] but this executive order appears to contemplate expanding the military’s presence and role in border security in a way, and to a degree, not previously seen. On January 22, the Department of Defense (DOD) announced a deployment of 1,500 troops to the southern border, in addition to the 2,500 troops already at the borders.[39] DOD anticipates executing additional missions to the border, following an internal Customs and Border Protection announcement to dispatch around 10,000 troops.[40] DOD also announced that it will provide airlift support for the deportation of over 5,000 individuals detained by CBP in California and Texas.[41]

During the first Trump administration, the Department of Justice’s (DOJ) Office of Legal Counsel (OLC) issued an opinion concluding that DHS’s request that DOD perform various duties to support Customs & Border Protection at the southern border was permitted.[42] The OLC opinion found that several specific requests for DOD to support DHS efforts at the border[43] did not violate the Posse Comitatus Act, which “generally prohibits the use of the military to engage in civilian law enforcement activities,” or DOD regulations.[44] It is unclear whether the OLC will sanction additional activities resulting from these new orders, which appear to be broader on their face than that at issue during the first Trump administration.

“Securing Our Borders”

The stated goal of the EO titled “Securing Our Borders”[45] is to “marshal all available resources and authorities to stop [an] unprecedented flood of illegal aliens into the United States.” This EO provides less detailed operational guidance than others, and it includes some elements discussed elsewhere in this alert (and outlined in other overlapping orders)—notably directing the Secretary of Defense and the Secretary of Homeland Security to build “temporary and permanent physical barriers” on the border (though as noted above, not explicitly to build a “wall” along the entire border); and directing those secretaries to “deploy sufficient personnel along the southern border of the United States to ensure complete operational control.”[46] The “Securing Our Borders” EO does include several additional directions. It (1) commands the Secretary of Homeland Security to detain individuals violating immigration laws “to the fullest extent permitted by law,” including the prompt removal of aliens who enter or remain in the United States in violation of federal law and by terminating “the practice commonly known as ‘catch-and-release,’” where individuals in immigration detention may be released on bond as they await immigration court proceedings; (2) orders enforcement actions against those who are in the United States unlawfully and those who “facilitate their unlawful presence in the United States”; and (3) requires migrants and asylum-seekers to “remain in Mexico” as they await adjudication of their cases.[47]

The latter of these steps was accomplished through rescinding a Biden-era EO and revamping the first Trump administration’s Migrant Protection Protocols (‘MPP’),[48] a program that went into effect in January 2019 and resulted in sending nearly 70,000 migrants back to Mexico in its first wave (creating massive logistical issues and exacerbating human rights violations and violence at the border).[49] The reinstatement of MPP will again require border officials to instruct migrants seeking asylum to wait in Mexico for their hearings in immigration court. MPP requires the cooperation of the government of Mexico; on January 22, Mexico’s president Claudia Sheinbaum stated that Mexico had not agreed to accept non-Mexican migrants.[50] She clarified that Mexico was prepared to offer some forms of humanitarian aid to migrants of other nationalities as well as voluntary repatriation.

Finally, this EO includes a requirement of full cooperation with immigration enforcement – presumably including by companies and their representatives. While it is presently unclear how and to what extent this EO will be implemented in the corporate sphere, it appears to open the door to require companies to participate in enforcement actions against noncitizens by the federal government.

“Guaranteeing the States Protection Against Invasion”

In this far-reaching proclamation, President Trump “determined that the current situation at the southern border qualifies as an invasion under Article IV, Section 4 of the Constitution” and “suspend[ed] the physical entry of aliens involved in an invasion into the United States across the southern border until I determine that the invasion has concluded.”[51] This proclamation disallows migrants from “invoking provisions of the [Immigrant and Nationality Act] that would permit their continued presence in the United States.”[52]

President Trump grounds his authority for this proclamation in Article IV of the Constitution, which guarantees that the federal government will protect the States from “invasion,” and the president’s Article II power over foreign affairs (as well as section 212(f) of the Immigration and Nationality Act, which allows a president to “suspend the entry of all aliens or any class of aliens as immigrants or nonimmigrants, or impose on the entry of aliens any restrictions he may deem to be appropriate.”[53] Thus, the combination of these powers, according to the proclamation, allows President Trump to declare that there is an active “invasion” against the states at the southern border, and gives him the “ability to prevent the physical entry of aliens involved in an invasion into the United States, and to rapidly repatriate them to an alternative location.”[54]

Notably, the President seems to recognize in the proclamation that many of the directives in this (and other) orders arguably conflict with the language of the INA, setting up a direct conflict between statutes and the President’s constitutional authority. The President noted that Congress “created a complex and comprehensive Federal scheme” in the INA. He argued that “[i]n routine circumstances, this complex and comprehensive scheme can protect the national sovereignty of the United States by facilitating the admission of individuals whose presence serves the a national interest and preventing the admission of those who do not,” but that “screening under those provisions can be wholly ineffective in the border environment” and “[t]he sheer number of aliens entering the United States has overwhelmed the system and rendered many of the INA’s provisions ineffective.” While “[t]he INA provides the President with certain emergency tools,” the statute “does not, however, occupy the Federal Government’s field of authority to protect the sovereignty of the United States, particularly in times of emergency when entire provisions of the INA are rendered ineffective by operational constraints, such as when there is an ongoing invasion into the United States.” These robust assertions of inherent constitutional authority to override provisions of statute are reminiscent of earlier debates about the scope of the President’s authority vis-à-vis Congress in foreign affairs and as Commander in Chief.[55]

President Trump previously relied on section 212(f) in his first term to ban travelers from seven predominantly Muslim countries from entering the United States—this faced numerous court challenges, but the Supreme Court ultimately upheld his ban.[56] While he has not yet issued another “travel ban,” he has signed an EO requiring the “enhance[d] vetting and screening of illegal aliens.”[57] It is possible that this could presage an upcoming travel ban for individuals from certain countries to be issued in the near future.

More broadly, this proclamation relies on sections 212(f) and 215(a) of the INA to require noncitizens who enter the country to provide sufficient and verifiable documentation of medical and criminal history “as to enable fulfillment of the requirements of sections 212(a)(1)-(3) of the INA” before being granted such permission.[58] President Trump reasoned that “the Federal Government currently lacks an effective operational capacity to screen all illegal aliens crossing the southern border for communicable diseases of public-health concern” and “[a]s a result, innumerable aliens potentially carrying communicable diseases of public health significance illegally cross the southern border and enter communities across the United States.”[59] Notwithstanding the rationale outlined in the preamble, however, the proclamation is not limited to noncitizens entering through the southern border and may therefore impose additional medical and criminal background check requirements on those entering the United States even on non-immigrant visas and via different ports of entry. This may result in processing delays for noncitizen travel to the United States.

This provision may connect back to President Trump’s first term where he sought to limit entry and remove migrants under 42 U.S.C. §§ 265 and 268 (Title 42) during the COVID-19 pandemic.[60] Relying on the rationale that crowded ports of entry could lead to the spread of COVID-19 and the entrance of migrants into the country could have exacerbated the pandemic, the Trump Administration recommended that Title 42 be invoked and enforced to disallow migrants from entering the country and remove those without legal status, suspending migrants’ right to seek asylum at this time.[61] The decision to prohibit entry under Title 42 continued under President Biden[62]; under both administrations, it was criticized as both ineffective from a public health perspective and counterproductive from a border security perspective.[63] Nevertheless, this proclamation seeks to continue to appeal to public health concerns in deciding to impose additional burdens on those seeking to enter the United States.

Later on the same day he issued the EOs and proclamations, President Trump’s administration started the process of implementing these directives. Within hours of his inauguration, for example, U.S. border authorities shut down the CBP One mobile application.[64] CBP One is a Biden-era program that allowed migrants to submit advance information and schedule appointments to seek lawful entry into the United States, allowing them to assert claims for asylum or other forms of relief authorized under international and national law at designated ports of entry.[65] Prior to June 2023, the program granted appointments to 1,000 migrants per day and, since then, 1,450 migrants were granted appointments daily.[66] On January 20, 2025, however, a notice on the CBP website stated that the application is no longer available and that existing appointments made through the application have been cancelled.[67] In practice, the shutdown of the CBP One system has effectively shut off asylum access at the southern border entirely, including for families who have been waiting for months for their chance to get to safety in the United States.

In response, the ACLU, which has been litigating a case since the Biden administration (Las Americas Immigrant Advocacy et al. v. U.S. Dep’t of Homeland Sec. et al.) moved for an emergency status conference to address the abrupt cancellation of the CBP One mobile application and program.[68] The original suit challenged the Biden administration’s mandatory usage of the CBP One app to apply for asylum, alleging that it was violating 8 U.S.C. § 1158(a)(1) which provides any noncitizen who arrives in the United States the right to seek asylum, whether or not they enter through a designated point of entry.[69] However, now with the complete elimination of the CBP One app and the suspension of entry through the border altogether, the ACLU argues in its motion for an emergency hearing that “the right to seek asylum at the border no longer exists, no matter how great the danger faced by migrants, including families with children.”[70] It also argues that such a result is a further violation of 8 U.S.C. § 1158(a)(1) because now no one can seek asylum at the border, through the app or otherwise.

3. Detention and Removal of Noncitizens, and Other Enforcement Actions

“Protecting the American People Against Invasion”

Similar to other orders described in this alert, this order’s preamble recites claims of danger to native-born U.S. citizens by “criminal aliens” and of the ills of continued strain on government resources posed by noncitizens’ presence in the country.[71] This sweeping order contains numerous provisions that will impact the logistical and legal frameworks for processing and evaluating migrants’ claims for immigration relief. Certain of the key sections of this EO are outlined here:

Section 2: This section includes a policy statement that immigration laws should be enforced against “all inadmissible and removable aliens, particularly those aliens who threaten the safety or security of the American people” and that “it is the policy of the United States to achieve the total and efficient enforcement of those laws.”[72]

Section 4: This section calls on DHS to set enforcement priorities—presumably in recognition of the fact that the government lacks the resources to carry out the policies outlined in Section 2.[73] In fact, the Supreme Court recognized in United States v. Texas (2023) that “the Executive Branch does not possess the resources necessary to arrest or remove all of the noncitizens covered by” arrest and removal statutes, and “[f]or the last 27 years . . . all five Presidential administrations have determined that resource constraints necessitated prioritization in making immigration arrests.”[74]

Section 6: This section directs the Secretary of Homeland Security and the Attorney General to create Homeland Security Task Forces (HSTFs), comprised of representatives from various law enforcement agencies, in all States nationwide.[75] The purpose of these task forces is to address crimes associated with immigration and execute immigration laws. The announcement of these task forces follows models used in other areas by other agencies, and, as discussed further in Section II below, DOJ has instructed that FBI Joint Terrorism Task Forces will be used to fill this mandate until the HSTFs are established.[77] Companies who employ noncitizens or individuals with temporary work authorization may want to consider preparing for enforcement actions by these task forces (such as workplace raids), including by establishing action plans, points of contact, and trainings for management-level employees.

Sections 7 and 8: These sections impose requirements that certain noncitizens register their presence with the U.S. government or risk prioritized enforcement actions against them or the levying of fines and penalties.[78] This is arguably analogous to the post-9/11 National Security Entry Exit Registration System program which, for many years, also required registration of certain people present in the United States, mostly those from Muslim and Arab-majority nations.[79] That program was ended in 2016 following findings of its ineffectual nature and unlawful racial profiling.[80] A registration requirement that applies to all noncitizens without regard to nationality may avoid such concerns.

Section 9: This section requires the increased usage of expedited removal procedures whereby certain noncitizens are quickly removed from the country without ever seeing a judge or being permitted to raise claims for relief in a court.[81] Before this EO, expedited removal was only available to individuals who crossed a land border if they were apprehended within 14 days of their arrival in the country within 100 miles of the border; now, this is available anywhere in the country against any undocumented individual who cannot prove they have been in the United States for at least two years before apprehension.[82] On January 22, 2025, an immigrant advocacy group called Make the Road New York filed a lawsuit claiming that this expansion of expedited removal violates the Fifth Amendment’s Due Process Clause, the INA, and the Administrative Procedure Act.[83]

Section 10: This section reflects the stated policy of the Trump administration that all migrants be detained pending resolution of their removal proceedings (although, as reflected elsewhere, this is currently an impossibility based on existing detention facility capacity).[84]

Section 11: This section expands the use of the 287(g) program, named for the section of the INA that allows DHS to enter into written agreements with state or local law enforcement agencies to deputize selected law enforcement officers to perform functions of federal immigration agents.[85] This program existed before the Trump administration; as of December 2024, ICE had 287(g) agreements with 135 state or local law enforcement agencies across 21 states, but we can expect those numbers to increase.[86]

Section 16: Indirectly, this section calls for limiting grants of humanitarian parole, Temporary Protected Status (TPS), and employment authorization to existing statutory requirements.[87] From context, this appears to be based on the assumption that the Biden administration did not comply with statutory requirements when granting these forms of relief to noncitizens.[88] It is unclear how this will be specifically enforced in practice; however, it does signal the Trump administration’s general intent to restrict the usage of these mechanisms.

Section 17: This section seems to broadly curtail the disbursement of all federal funds to so-called “sanctuary jurisdictions” (a nonlegal term generally referring to a policy that limits the extent to which a local or state government will share information with federal immigration law officers).[89] During the first Trump administration, following a similar order, then-Attorney General Jeff Sessions narrowed the funds at issue to DOJ and DHS funds only, rather than all federal funds.[90] It remains to be seen whether a similar narrowing will take place here.

Section 19: In addition to the enforcement tactics directly targeted against immigrants in the United States, the order seeks to remove resources that support those individuals via ancillary resource curtailing. For example, this section directs DHS and the Office of Management and Budget (OMB) to review/audit funding to non-government organizations supporting or providing services to noncitizens and pause distribution of further funds to those organizations until the review is complete.[91]

Section 20: Relatedly, this section requires the OMB to take action to stop agencies from making public benefits available to noncitizens who are not authorized by statute to receive them.[92]

“Designating Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists”

This order declares a national emergency to deal with the “extraordinary threat to the national security, foreign policy, and economy of the United States” that drug cartels and other similar organizations pose.[93] Although the order does not itself designate these organizations as terrorist organizations, it “creates a process” to designate cartels and other organized criminal organizations, such as Tren de Aragua and MS-13, as terrorist organizations.[94] Foreign Terrorist Organization (FTO) status and Specially Designated Global Terrorist (SDGT) status have serious consequences. Among other things, FTO and SDGT members are not admissible to the United States, persons subject to U.S. jurisdiction face criminal liability for knowingly providing FTOs “material support or resources,” and there are certain private rights of action against FTOs.[95]

The order does not specify the intended consequences of the terrorist designations in the immigration context, but such designations could present an obstacle for asylum-seekers and others who enter the United States through the southern border, as individuals often pay money to a cartel at some point in their journey to the United States, because cartels have cornered the migrant-smuggling market. Anyone who pays a designated organization, even just to secure their own safe passage to the United States, may be found to have “engaged in terrorist activity” by providing “material support” (including money) to a “terrorist organization,” thereby making them inadmissible to the United States.[96]

“Restoring the Death Penalty and Protecting Public Safety”

This EO requires the Attorney General to “seek the death penalty regardless of other factors” for every federal capital crime involving a “capital crime committed by an alien illegally present in this country.”[97] The Attorney General is also directed to take all necessary actions to encourage state attorneys general and district attorneys to pursue the death penalty with the same intensity.[98]

4. Refugee Admissions

“Realigning The United States Refugee Admissions Program”

The US Refugee Admissions Program (USRAP) is a program managed by the Department of State, Department of Homeland Security, and Department of Health and Human Services by which refugees registered with the United Nations High Commissioner for Refugees (UNHCR) are resettled in the United States.[99] The number of refugees admitted each year through USRAP is decided by the President in consultation with Congress.[100] In the 2024 fiscal year, around 100,000 refugees resettled in the United States, the most in nearly three decades. A hallmark of the refugee admissions process is the extensive vetting that these individuals receive before being approved to relocate to the United States – they can enter the country only after receiving a referral from a government agency or U.S.-based NGO and passing serious security screenings.

EO’s purpose section states: “The United States lacks the ability to absorb large numbers of migrants, and in particular, refugees, into its communities in a manner that does not compromise the availability of resources for Americans, that protects their safety and security, and that ensures the appropriate assimilation of refugees.”[101] The order therefore “direct[s] that entry into the United States of refugees under the [United States Refugee Admissions Program (USRAP)] be suspended” beginning at 12:01am EST on January 27, 2025.[102] The order provides for very limited, small-scale exceptions, whereby “the Secretary of State and the Secretary of Homeland Security may jointly determine to admit aliens to the United States as refugees on a case-by-case basis, in their discretion, but only so long as they determine that the entry of such aliens as refugees is in the national interest and does not pose a threat to the security or welfare of the United States.”[103] The order also requires the Secretary of Homeland Security to suspend decisions on applications for refugee status until the program is resumed.[104]

The EO also directs the Secretary of Homeland Security to “examine existing law to determine the extent to which, consistent with applicable law, state and local jurisdictions may have greater involvement in the process of determining the placement or resettlement of refugees in their jurisdictions, and shall devise a proposal to lawfully promote such involvement.”[105] It also requires the Secretary of Homeland Security and the Secretary of State to, within 90 days of the order, “submit a report to the President through the Homeland Security Advisor regarding whether resumption of entry of refugees into the United States under the USRAP would be in the interests of the United States, in light of the policies outlined in section 2 of this order.”[106] It further requires additional reports of the same nature “every 90 days thereafter until [President Trump] determine[s] that resumption of the USRAP is in the interests of the United States.”[107]

II. Agency Guidance

1. Department of Homeland Security

In the first week of the administration, President Trump’s Acting Department of Homeland Security Secretary Benjamine Huffman issued two notable directives.

The first rescinds the Biden-era Sensitive Locations Memorandum, a policy of that administration’s DHS instructing Immigrations and Customs Enforcement and Border Patrol agents to not arrest undocumented individuals at or near various sensitive locations where people access “essential services” or engage in “essential activities” – including schools, places of worship, healthcare facilities, shelters, and public demonstrations.[108] The now-defunct policy was first adopted in 2011 and later expanded in 2021 by the Biden Administration. Currently, organizations who operate or facilitate attendance at these sorts of locations (including schools and hospitals) should be prepared for the strong possibility of increased enforcement activity. It is unclear whether an earlier version of sensitive location guidance will be reinstated or whether DHS will have free rein to engage in enforcement activity regardless of location. Note that various state and local governments (including the so-called “sanctuary jurisdictions” mentioned above) may provide their own versions of sensitive location protection.

The other DHS directive implements one of the EO’s mandates to rescind categorical eligibility for humanitarian parole for nationals of certain countries, requiring case-by-case assessment for all humanitarian parole applications (which is already the case for the vast majority of those applications).[110] The order specifically ends categorical parole for Cubans, Haitians, Nicaraguans, and Venezuelans.[111] It is not clear whether parole will be revoked for current parolees.

2. Immigration and Customs Enforcement

The guidance supersedes a 2021 Biden Administration memorandum that limited immigration enforcement actions in or near courthouses, on the basis that such actions have “a chilling effect on individuals’ willingness to come to court or work cooperatively with law enforcement.”[113] The new guidance authorizes enforcement actions in or near courthouses when agents “have credible information that leads them to believe the targeted alien(s) is or will be present at a specific location, and where such action is not precluded by laws imposed by the jurisdiction.” [114] However, the guidance instructs that agents “should generally avoid enforcement actions in or near courthouses . . that are wholly dedicated to non-criminal procedures.” Though ICE is meant to “target[]” individuals with these enforcement actions, they may sweep in “[o]ther aliens encountered . . . such as family members or friends accompanying the target alien to court appearances or serving as a witness in a proceeding.” [115]

3. Department of Justice

On January 21, 2025, Acting Deputy Attorney General Emil Bove sent a memorandum to all DOJ employees regarding interim policy changes impacting immigration enforcement. Section II of this memorandum specifically references cooperation with state and local law enforcement in support of enforcing President Trump’s immigration priorities, including directing the Organized Crime Drug Enforcement Task Force and Project Safe Neighborhoods program to establish “national initiatives to provide focused resources and attention to immigration-related prosecutions at the federal, state, and local levels.”[116] The memorandum additionally directs the FBI’s Joint Terrorism Task Force to coordinate with DHS and state and local law enforcement regarding President Trump’s immigration priorities until the announced Homeland Security Task Forces (addressed above) are in place. This coordination will include the circulation of identifying information and biometric data in order to identify noncitizens present illegally in the U.S.[117]

Though the memorandum asserts that the “Supremacy Clause and other authorities require state and local actors to comply with” the President’s immigration orders and forbid obstructing them,[118] the ultimate impact of these directives will depend on the degree of cooperation states afford DOJ, as well as if and how DOJ pursues coercive action against uncooperative states. Such actions may include criminal prosecution by the U.S. Attorney’s Offices and civil investigations by the Sanctuary Cities Enforcement Working Group within the DOJ’s Civil Division. During President Trump’s first term, DOJ sent letters to jurisdictions with sanctuary city policies indicating that they may be in violation of 8 U.S.C. 1373, which bars states and localities from prohibiting the sharing of immigration status information with INS.[119] If the new administration pursues coercive action, it may face legal challenges, given the Tenth Amendment anti-commandeering principle, to attempts to compel state and local governments to carry out federal law enforcement.[120] In the first Trump Administration, the Department of Justice attempted to circumvent this limiting principle by barring sanctuary cities from its annual grant program for local law enforcement, with mixed results in the courts.[121]

III. The Laken Riley Act

Laken Riley Act would amend the INA to require mandatory detention of any undocumented individual who “is charged with, is arrested for, is convicted of, admits having committed, or admits committing acts which constitute the essential elements of” theft or related crimes, including burglary, larceny, or shoplifting.[123] An amendment offered by Senator John Cornyn of Texas and approved in the Senate expanded this list to also include “assault of a law enforcement officer offense, or any crime that results in death or serious bodily injury to another person.”[124] The bill also provides for state attorneys general to be able to sue the Secretary of Homeland Security for failure to enforce provisions of the INA related to the inspection, apprehension, and detention of immigrants.

The House passed the original version of the bill on January 7, 2025, and the Senate passed their version of the bill on January 21, 2025.[125][126]

The Act would require a massive expansion of resources at ICE. The latest ICE estimate indicates that the agency would need 110,000 additional detention beds, 10,000 additional removal personnel, and 7,000 additional attorneys and support personnel for immigration proceedings.[127] ICE estimates that the bill will cost approximately $27 billion in the first year. Absent additional funding to meet these expanded resource needs, ICE has indicated it may have to release thousands of immigrants currently being detained, including some who have been deemed to be public safety threats.[128]

Various groups have raised due process concerns with the Act’s detention provisions and standing concerns with the Act’s state attorneys general provisions, suggesting that the Act may face legal challenges.[129]

IV. Texas v. United States

On Friday, January 17, 2025, the Fifth Circuit affirmed a 2023 district court ruling in Texas v. United States that held parts of the Biden Administration’s 2022 Deferred Action for Childhood Arrivals (DACA) rule are unlawful—but the Circuit’s order contains significant limitations that will allow DACA to continue in most of the country.[130]

The DACA policy was started by the Obama Administration with a 2012 memorandum. The policy allows persons with generally good records and proof of educational attainment, attendance, or military service, to seek deferred action, a practice in which the government elects not to seek removal of certain individuals.[131] The policy also permits participants to obtain work authorization.[132] The first Trump Administration purported to rescind the policy, but in 2020, the Supreme Court held in Department of Homeland Security, et al. v. Regents of the University of California, et al. that the rescission was unlawful.[133] Gibson Dunn represented six individual DACA recipients in obtaining and defending on appeal the first nationwide preliminary injunction halting the termination of DACA. The late Gibson Dunn partner Ted Olson represented DACA recipients, businesses, and nonprofits challenging the policy in presenting oral argument before the Supreme Court.

In 2021, following the Regents decision, a Texas district court enjoined the DACA policy as operated through the 2012 DACA memorandum.[134] In 2022, the Department of Homeland Security engaged in formal rulemaking and issued a Final Rule that continued the DACA policy,[135] and the Fifth Circuit ordered the Texas district court to revisit its ruling in light of the Final Rule.[136] The district court again found the DACA policy substantively unlawful and enjoined the DACA policy nationwide.[137]

On appeal of the nationwide injunction, the Fifth Circuit affirmed that the Final Rule is substantively unlawful, but limited its ruling, allowing the DACA policy to remain in effect everywhere except Texas and preserving the “deferred action” component of the rule that allows federal officials to deem DACA recipients a low priority for removal and to decide not to remove them.[138] The order also allows current DACA recipients (even in Texas) to renew their DACA status while the case remains on appeal, in anticipation of a potential petition for certiorari that could bring the DACA policy back before the Supreme Court.[139]

In parallel with the Texas lawsuit, in May 2024, the Biden Administration issued a separate final rule that for the first time permits DACA recipients to purchase healthcare plans through Affordable Care Act (ACA) exchanges.[140] DACA recipients had previously been barred from accessing those exchanges as a result of regulations promulgated when the DACA policy was first adopted.[141] Seventeen states challenged the regulation in the District of North Dakota, and Gibson Dunn has moved to intervene on behalf of DACA recipients, to defend the rule.[142] In December, the district court granted a preliminary injunction and stay of the rule that continues to block DACA recipients in the nineteen states challenging the regulation from accessing the ACA exchanges.[143] The rule remains in effect in the remaining thirty one states. An appeal from the preliminary injunction and stay is currently pending before the Eighth Circuit Court of Appeals.

[1] “Seal the border and stop the migrant invasion” and “Carry out the largest deportation operation in American history” were the first and second of President Trump’s “20 Core Promises to Make America Great Again.” See Agenda 47, DonaldJTrump.com (last accessed Jan. 21, 2025), available at https://www.donaldjtrump.com/platform. And “Make America Safe Again” along with seven action items related to immigration and border security, is the first of four priorities listed on the White House website. See The Trump-Vance Administration Priorities, White House (last accessed Jan. 21, 2025), available at https://www.whitehouse.gov/issues/.

[2] Lexie Schapitl & Franco Ordoñez, Trump Signs Executive Actions on Jan. 6, TikTok, Immigration and More, NPR (Jan. 20, 2025), https://www.npr.org/2025/01/20/g-s1-43698/trump-inauguration-executive-orders-2025-day-1; see also Initial Rescissions of Harmful Executive Orders and Actions, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/initial-rescissions-of-harmful-executive-orders-and-actions/.

[3] https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-meaning-and-value-of-american-citizenship/

[4] Id.

[5] Id.

[6] Complaint at 78, State of New Jersey et al. v. Donald J. Trump, No. 1:25-cv-10139 (D. Mass. filed Jan. 21, 2025).

[7] Citizenship Clause, U.S. Const. amend. XIV § 1.

[8] 169 U.S. 649 (1898).

[9] Id.

[10] Complaint at 84, State of New Jersey et al. v. Donald J. Trump, No. 1:25-cv-10139 (D. Mass. filed Jan. 21, 2025).

[11] H.R. 1940, § 2(b); Sandra L. Rierson, From Dred Scott to Anchor Babies: White Supremacy and the Contemporary Assault on Birthright Citizenship, 38 Georgetown Imm. L. J. 1, 46 (2023).

[12] U.S. v. Abbot, (W.D. Tex., 2024) (Ho, J., concurring),.

[13] See, e.g., John C. Eastman, Born In The U.S.A.? Rethinking Birthright Citizenship In The Wake Of 9/11, 42 Univ. Richmond L.R. 955, 964 (2008).

[14] Id.

[15] Id. at 1.

[16] The eighteen states include the following: New Jersey, Massachusetts, California, Colorado, Connecticut, Delaware, Hawai’i, Maine, Maryland, Michigan, Minnesota, Nevada, New Mexico, New York, North Carolina, Rhode Island, Vermont, Wisconsin, as well as Washington, D.C. and the City and County of San Francisco. Complaint, State of New Jersey et al. v. Donald J. Trump, No. 1:25-cv-10139 (D. Mass. filed Jan. 21, 2025).

[17] Id. at 78-94.

[18] Id. at 95-105.

[19] These four states include Washington, Arizona, Illinois and Oregon. Complaint, State of Washington et al. v. Donald J. Trump, No. 2:25-cv-00127 (W.D. Wash. filed Jan. 21, 2025).

[20] Id. at 3

[21] See e.g., Complaint, Casa, Inc. et al., v. Donald J. Trump, No. 8:25 (D. Md. filed Jan. 21, 2025).

[22] Order, State of Washington et al. v. Donald J. Trump, No. 2:25-cv-00127 (W.D. Wash. filed Jan. 21, 2025).

[23] Securing Our Borders, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/securing-our-borders/

[24] Restoring the Death Penalty and Protecting Public Safety, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/restoring-the-death-penalty-and-protecting-public-safety/

[25] Donald J. Trump, The Inaugural Address (Jan. 20, 2025), available at https://www.whitehouse.gov/remarks/2025/01/the-inaugural-address/.

[26] Id.

[27] Proclamation, “Declaring A National Emergency at the Southern Border of the United States” (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/declaring-a-national-emergency-at-the-southern-border-of-the-united-states/.

[28] Id.

[29] Proclamation No. 9844, 84 Fed. Reg. 4949 (Feb. 15, 2019).

[30] Border Wall Emergency Declaration Litigation, Brennan Ctr. (Oct. 16, 2020), available at https://www.brennancenter.org/our-work/court-cases/border-wall-emergency-declaration-litigation (collecting cases).

[31] John Gramlich, Migrant encounters at U.S.-Mexico border have fallen sharply in 2024, Pew Rsch. Ctr. (Oct. 1, 2024), available at https://www.pewresearch.org/short-reads/2024/10/01/migrant-encounters-at-u-s-mexico-border-have-fallen-sharply-in-2024/.

[32] Proclamation, “Declaring A National Emergency at the Southern Border of the United States” (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/declaring-a-national-emergency-at-the-southern-border-of-the-united-states/.

[33] Id.

[34] H.R.J. Res. 31, 116th Cong. (Feb. 15, 2019).

[35] The U.S. Northern Command is responsible for “provid[ing] command and control of Department of Defense homeland defense efforts and to coordinate defense support of civil authorities.” Our Story, U.S. N. Command, available at https://www.northcom.mil/About/ (last visited Jan. 24, 2025).

[36] Exec. Or., “Clarifying the Military’s Role in Protecting the Territorial Integrity of the United States” (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/clarifying-the-militarys-role-in-protecting-the-territorial-integrity-of-the-united-states/

[37] Id.

[38] Fact Sheet: The Biden-Harris Administration Takes New Actions to Increase Border Enforcement and Accelerate Processing for Work Authorizations, While Continuing to Call on Congress to Act, Dep’t of Homeland Sec. (Sept. 20, 2023), available at https://www.dhs.gov/archive/news/2023/09/20/fact-sheet-biden-harris-administration-takes-new-actions-increase-border (“The Department of Defense is providing additional military personnel – on top of the 2,500 steady state National Guard personnel – to support the Department of Homeland Security (DHS).”).

[39] Matthew Olay, DOD Orders 1,500 Troops, Additional Assets to Southern Border, Dep’t of Def. (Jan. 22, 2025), available at https://www.defense.gov/News/News-Stories/Article/Article/4037935/dod-orders-1500-troops-additional-assets-to-southern-border/.

[40] Camilo Montoya-Galvez, Trump administration weighs sending 10,000 troops to border, using bases to hold migrants, CBS News (Jan. 22, 2025), https://www.cbsnews.com/news/trump-troops-us-mexico-border/

[41] Id.; Olay, supra note 38.

[42] Military Support for Customs and Border Protection Along the Southern Border Under the Posse Comitatus Act, 45 Op. O.L.C. 1–3, 13 (2021) (slip op.).

[43] Id. at 2 (“[T]he rail-support duty would have military personnel assist CBP personnel responsible for inspecting unoccupied, unlocked vehicles being transported across the southern border in bulk on rail cars. The seal-check duty would involve visually verifying whether commercial cargo trucks and containers have intact and unbroken seal tags, which CBP requires for trucks and containers passing through ports of entry. The port-of-entry and checkpoint observers would monitor the output of CBP’s electronic systems that automatically collect and process data, such as license-plate information, about individuals and vehicles passing through a port of entry or U.S. Border Patrol checkpoint, and display an alert message if the system identifies a concern.”).

[44] Id. at 2–3.

[45] Securing Our Borders, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/securing-our-borders.

[46] Id.

[47] Id.

[48] Initial Rescissions of Harmful Executive Orders and Actions, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/initial-rescissions-of-harmful-executive-orders-and-actions.

[49] Trump revives ‘remain in Mexico’ policy as part of anti-immigration crackdown, Guardian (Jan. 21, 2025), https://www.theguardian.com/us-news/2025/jan/21/trump-remain-in-mexico-program.

[50] Mexico has not agreed to accept non-Mexican US asylum seekers, says president, Reuters (Jan. 22, 2024), https://www.reuters.com/world/americas/mexico-has-not-agreed-accept-non-mexican-us-asylum-seekers-says-president-2025-01-22.

[51] Guaranteeing the States Protection Against Invasion, White House (Jan. 20, 2025), https://www.whitehouse.gov/presidential-actions/2025/01/guaranteeing-the-states-protection-against-invasion

[52] Id.

[53] Id.; 8 U.S.C. § 1182(f).

[54] Id.

[55] See, e.g., Youngstown Sheet & Tube Co. v. Sawyer, 343 U.S. 579, 635, 644 (1952) (Jackson, J., concurring) (“Presidential powers are not fixed but fluctuate, depending upon their disjunction or conjunction with those of Congress… That military powers of the Commander-in-Chief were not to supersede representative government of internal affairs seems obvious from the Constitution and from elementary American history.”); Zivotofsky ex rel. Zivotofsky v. Kerry, 576 U.S. 1, 17 (2015) (“…. Congress has an important role in other aspects of foreign policy, and the President may be bound by any number of laws Congress enacts. In this way ambition counters ambition, ensuring that the democratic will of the people is observed and respected in foreign affairs as in the domestic realm”).

[56] Trump v. Hawaii, 585 U.S. 667, 683–84 (2018).

[57] Protecting the United States from Foreign Terrorists and Other National Security and Public Safety Threats, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-united-states-from-foreign-terrorists-and-othernational-security-and-public-safety-threats/

[58] Guaranteeing the States Protection Against Invasion, White House (Jan. 20, 2025), available: https://www.whitehouse.gov/presidential-actions/2025/01/guaranteeing-the-states-protection-against-invasion/

[59] Id.

[60] Remarks by President Trump, Vice President Pence, and Members of the Coronavirus Task Force in Press Briefing, The Trump White House Archives (Mar. 20, 2020), available at https://trumpwhitehouse.archives.gov/briefings-statements/remarks-president-trump-vice-president-pence-members-c-oronavirus-task-force-press-briefing/; Order Suspending Introduction of Certain Persons from Countries Where a Communicable Disease Exists, Ctr. Disease Control (Mar. 20, 2020), https://immpolicytracking.org/policies/covid-19-cdc-order-authorizes-border-patrol-expulsion-of-all-persons-arriving-by-land-from-mexico-or-canada-without-valid-documents-under-42-usc-265-public-health-act/#/tab-policy-documents.

[61] 85 Fed. Reg. 59, 17060 (Mar. 26, 2020).

[62] 86 Fed. Reg. 148, 42828 (Aug. 5, 2021); see also 86 C.F.R. § 9942 (2021).

[63] Michael Ulrich & Sondra Crosby, Title 42, asylum, and politicizing public health, 7 Lancet Reg. Health Am. 1 (March 2022); Public Health and Former CDC Experts Warn Against Renewed Misuse of Title 42 Public Health Authority, Physicians for Human Rights (Jan. 17, 2025), available at https://phr.org/news/public-health-and-former-cdc-experts-warn-against-renewed-misuse-of-title-42-public-health-authority/.

[64] CBP One Mobile Application, U.S. Cust. & B. Protection (Jan. 20, 2025), https://www.cbp.gov/about/mobile-apps-directory/cbpone.

[65] Id.

[66] Press Release, CBP One™ Appointments Increased to 1,450 Per Day, U.S. Cust. & B. Protection (June 30, 2023), https://www.cbp.gov/newsroom/national-media-release/cbp-one-appointments-increased-1450-day.

[67] CBP One Mobile Application, U.S. Cust. & B. Protection (Jan. 20, 2025), https://www.cbp.gov/about/mobile-apps-directory/cbpone; Rebecca Santana, Elliot Spagat & Gisela Salomon, Trump seeks to remake border security but his efforts will face challenges, Associated Press (Jan. 20, 2025, 6:44 PM), https://apnews.com/article/trump-deportation-immigration-homan-asylum-inauguration-ac10480dc636b758ab3c435b974aeb19.

[68] Motion for Emergency Status Conference and for Leave to File Supplemental Briefing in Light of President Trump’s January 20 Action Ending CBP One, Las Americas Immigrant Advocacy et al. v. U.S. Dep’t of Homeland Sec. et al., No. 1:24-cv-01702-RC (Jan. 20, 2025), https://www.aclu.org/cases/las-americas-immigrant-advocacy-center-v-u-s-department-of-homeland-security?document=Motion-for-Emergency-Status-Conference

[69] Complaint, Las Americas Immigrant Advocacy et al. v. U.S. Dep’t of Homeland Sec. et al., No. 1:24-cv-01702-RC (June 12, 2024), https://www.aclu.org/cases/las-americas-immigrant-advocacy-center-v-u-s-department-of-homeland-security?document=Complaint

[70] See Motion for Emergency Status Conference and for Leave to File Supplemental Briefing in Light of President Trump’s January 20 Action Ending CBP One at 2, Las Americas Immigrant Advocacy et al. v. U.S. Dep’t of Homeland Sec. et al., No. 1:24-cv-01702-RC (Jan. 20, 2025).

[71] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[72] Id.

[73] Id.

[74] United States v. Texas, 599 U.S. 670, 680 (2023).

[75] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[76] Id.

[77] Josh Gerstein and Dasha Burns, Trump DOJ Gears Up for Immigration Enforcement, Politico (Jan. 22, 2025), available at https://www.politico.com/news/2025/01/22/donald-trump-justice-department-immigration-005783.

[78] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[79] Removal of Regulations Relating to Special Registration for Certain Nonimmigrants, 81 Fed. Reg. 94231 (Dec. 23, 2016), available at https://www.federalregister.gov/documents/2016/12/23/2016-30885/removal-of-regulations-relating-to-special-registration-process-for-certain-nonimmigrants.

[80] Id.; see also Christ Rickerd, Homeland Security Suspends Ineffective, Discriminatory Immigration Program, ACLU (May 6, 2011), available at https://www.aclu.org/news/immigrants-rights/homeland-security-suspends-ineffective-discriminatory-immigration-program.

[81] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/; see also 8 U.S.C. § 1225(b)(1)(A).

[82] Designating Aliens for Expedited Removal, 90 Fed. Reg. 8139 (Jan. 24, 2025), available at https://www.federalregister.gov/documents/2025/01/24/2025-01720/designating-aliens-for-expedited-removal#:~:text=SUMMARY%3A,fullest%20extent%20authorized%20by%20Congress.

[83] Make the Road New York v. Huffman et al., D.D.C. No. 1:25-cv-00190 (Jan. 22, 2025).

[84] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[85] Id.

[86] The 287(g) Program: An Overview, American Immigration Council (Jan. 20, 2025), available at https://www.americanimmigrationcouncil.org/research/287g-program-immigration.

[87] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[88] Id.

[89] Id.

[90] Implementation of Executive Order 13768, “Enhancing Public Safety in the Interior of the United States,” Office of the Attorney General (May 22, 2017), available at https://www.justice.gov/opa/press-release/file/968146/dl?inline=.

[91] Protecting the American People Against Invasion, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[92] Id.

[93] Designating Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/designating-cartels-and-other-organizations-as-foreign-terrorist-organizations-and-specially-designated-global-terrorists/.

[94] Id.

[95] See, e.g., Robbie Gamer & Jack Detsch, So You Want to Sanction a Terrorist Group, Foreign Policy: Situation Report (Jan. 18, 2024).

[96] See 8 U.S.C. Section 1182(a)(3)(B).

[97] Restoring the Death Penalty and Protecting Public Safety, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/restoring-the-death-penalty-and-protecting-public-safety/.

[98] Id.

[99] Refugee Admissions, U.S. Department of State 2021-2025 Archived Content (last accessed Jan. 22, 2025), available at https://2021-2025.state.gov/refugee-admissions/.

[100] Id.

[101] Realigning the United States Refugee Admissions Program, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/realigning-the-united-states-refugee-admissions-program/.

[102] Id.

[103] Id.

[104] Id.

[105] Id.

[106] Section 2 of the order reads: “It is the policy of the United States to ensure that public safety and national security are paramount considerations in the administration of the USRAP, and to admit only those refugees who can fully and appropriately assimilate into the United States and to ensure that the United States preserves taxpayer resources for its citizens. It is also the policy of the United States that, to the extent permitted by law and as practicable, State and local jurisdictions be granted a role in the process of determining the placement or settlement in their jurisdictions of aliens eligible to be admitted to the United States as refugees.”

[107] Id.

[108] Statement from a DHS Spokesperson on Directives Expanding Law Enforcement and Ending the Abuse of Humanitarian Parole, U.S. Dep’t of Homeland Sec. (Jan. 21, 2025), available at https://www.dhs.gov/news/2025/01/21/statement-dhs-spokesperson-directives-expanding-law-enforcement-and-ending-abuse.

[109] John Morton, Enforcement Actions at or Focused on Sensitive Locations, U.S. Dep’t of Homeland Sec. (Oct. 24, 2011), available at https://www.ice.gov/doclib/ero-outreach/pdf/10029.2-policy.pdf; Alejandro N. Mayorkas, Guidelines for Enforcement Actions in or Near Protected Areas, U.S. Dep’t of Homeland Sec. (Oct. 27, 2021), available at https://www.dhs.gov/sites/default/files/publications/21_1027_opa_guidelines-enforcement-actions-in-near-protected-areas.pdf.

[110] Securing Our Borders, White House (Jan. 20, 2025), available at https://www.whitehouse.gov/presidential-actions/2025/01/securing-our-borders/.

[111] Id.

[112] Caleb Vitello, Interim Guidance: Civil Immigration Enforcement Actions in or near Courthouses, U.S. Immigr. & Customs Enf’t (Jan. 21, 2025), accessible at https://www.ice.gov/doclib/foia/policy/11072.3_CivilImmEnfActionsCourthouses_01.21.2025.pdf)

[113] DHS Announces New Guidance to Limit ICE and CBP Civil Enforcement Actions in or Near Courthouse, Dep’t of Homeland Sec. (Apr. 27, 2021), accessible at https://www.dhs.gov/archive/news/2021/04/27/dhs-announces-new-guidance-limit-ice-and-cbp-civil-enforcement-actions-or-near)

[114] Caleb Vitello, Interim Guidance: Civil Immigration Enforcement Actions in or near Courthouses, U.S. Immigr. & Customs Enf’t (Jan. 21, 2025), accessible at https://www.ice.gov/doclib/foia/policy/11072.3_CivilImmEnfActionsCourthouses_01.21.2025.pdf)

[115] Id.

[116] Emil Bove, Interim Policy Changes Regarding Charging, Sentencing, and Immigration Enforcement, U.S. Dep’t of Just. (Jan. 21, 2025), available at https://www.documentcloud.org/documents/25501154-doj-all-staff-memo-jan-21/.

[117] Id.

[118] Id.

[119] Justice Department Sends Letters to 29 Jurisdictions Regarding Their Compliance with 8 U.S.C. 1373, U.S. Dep’t of Just. (Nov. 15, 2017), available at https://www.justice.gov/opa/pr/justice-department-sends-letters-29-jurisdictions-regarding-their-compliance-8-usc-1373.

[120] See, e.g., Printz v. United States, 521 U.S. 898 (1997) (federal government could not require states to implement/operationalize federal background check requirement for handgun purchases); New York v. United States, 505 U.S. 144 (1992) (federal government could not require states to either take control of radioactive waste or enact legislation to deal with it).

[121] Compare City of Chicago v. Barr, 961 F.3d 882 (7th Cir. 2020) (striking down such conditions) with State v. Dep’t of Just., 951 F.3d 84 (2d Cir. 2020) (upholding them).

[122] Detention Management, U.S. Immigr. & Customs Enf’t, available at https://www.ice.gov/detain/detention-management.

[123] Laken Riley Act, S. 5, 119th Cong. (2025).

[124] S. Amdt. 8 to Laken Riley Act, S. 5, 119th Cong. (2025).

[125] Laken Riley Act, S. 5, 119th Cong. (as passed by Senate January 21, 2025).

[126] Erin Doherty, House passes Laken Riley Act, sending bill to Trump’s desk, Axios (Jan. 22, 2025), available at https://www.axios.com/2025/01/22/house-laken-riley-act-congress-trump.

[127] Ximena Bustillo, ICE estimates it would need $26.9 billion to enforce GOP deportation bill, NPR (Jan. 16, 2025), available at https://www.npr.org/2025/01/16/nx-s1-5262921/laken-riley-act-deportation-ice.

[128] Stephen Neukam & Stef W. Kight, ICE Warns Laken Riley Act could force it to release detained migrants, Axios (Jan. 12, 2025), available at https://www.axios.com/2025/01/10/laken-riley-act-ice-detentions-beds.

[129] See Vote NO on S. 5, the Lake Riley Act, ACLU (Jan. 9, 2025), available at https://www.aclu.org/documents/aclu-letter-to-senators-urging-no-vote-on-s-5-the-laken-riley-act; Patrick Gaspard, The Senate Must Fix the Laken Riley Act Before Voting on It, Ctr. Am. Progress (Jan. 15, 2025), available at https://www.americanprogress.org/article/the-senate-must-fix-the-laken-riley-act-before-voting-on-it/.

[130] Texas v. United States, 2025 WL 227244, at *15 (5th Cir. Jan. 17, 2025).

[131] Memorandum from Janet Napolitano, Sec’y, DHS, to David Aguilar, Acting Comm’r, U.S. Customs and Border Prot., et al. (June 15, 2012), https://www.dhs.gov/xlibrary/assets/s1-exercising-prosecutorial-discretion-individuals-who-came-to-us-as-children.pdf.

[132] Id.

[133] DHS v. Regents of the Univ. of Cal., 591 U.S. 1, 35-36 (2020).

[134] Texas v. United States, 549 F. Supp. 3d 572, 624 (S.D. Tex. 2021)

[135] Deferred Action for Childhood Arrivals, 87 Fed. Reg. 53,152 (Aug. 30, 2022) (to be codified at 8 C.F.R. pts 106, 236, and 274a).

[136] Texas v. United States, 50 F.4th 498, 508 (5th Cir. 2022).

[137] Texas v. United States, 691 F. Supp 3d 763, 796 (S.D. Tex. 2023).

[138] Texas v. United States, 2025 WL 227244, at *15 (5th Cir. Jan. 17, 2025).

[139] Id. at *19.

[140] Clarifying the Eligibility of Deferred Action for Childhood Arrivals and Certain Other Noncitizens for a Qualified Health Program through an Exchange, Advance Payments of the Premium Tax Credit, Cost-Sharing Reductions, and a Basic Health Program, 89 Fed. Reg. 39392, 39395 (May 8, 2024).

[141] See id. at 39394.

[142] Motion to Intervene, Kansas v. United States, No. 24-150 (D.N.D. Sept. 20, 2024), ECF No. 49.

[143] See Kansas v. United States, 2024 WL 5220178, at *10 (D.N.D. Dec. 9, 2024).

The following Gibson Dunn lawyers prepared this update: Stuart Delery, Matt Rozen, Ariana Sañudo, Laura Raposo, Patty Herold, Carolyn Ye, Arthur Halliday, Zach Goldstein, Kayla Jahangiri, Heather Skrabak, Cydney Swain, Matt Weiner, and George Khoury.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, any leader or member of the firm’s Pro Bono, Public Policy, Administrative Law & Regulatory, Appellate & Constitutional Law, or Labor & Employment practice groups, or the following:

Stuart F. Delery – Co-Chair, Administrative Law & Regulatory Practice Group,
Washington, D.C. (+1 202.955.8515, sdelery@gibsondunn.com)

Naima L. Farrell – Partner, Labor & Employment Practice Group,
Washington, D.C. (+1 202.887.3559, nfarrell@gibsondunn.com)

Nancy Hart – Partner, Litigation Practice Group,
New York (+1 212.351.3897, nhart@gibsondunn.com)

Katie Marquart – Partner & Chair, Pro Bono Practice Group,
Los Angeles (+1 213.229.7475, kmarquart@gibsondunn.com)

Laura Raposo – Associate General Counsel, Gibson Dunn,
New York (+1 212.351.5341, lraposo@gibsondunn.com)

Matthew S. Rozen – Partner, Appellate & Constitutional Law Practice Group,
Washington, D.C. (+1 202.887.3596, mrozen@gibsondunn.com)

Ariana Sañudo – Associate, Pro Bono Practice Group,
Los Angeles (+1 213.229.7137, asanudo@gibsondunn.com)

Betty X. Yang – Partner & Co-Chair, Trials Practice Group,
Dallas (+1 214.698.3226, byang@gibsondunn.com)

After months of speculation regarding the possible contours of the United States’ international trade policies under a second Trump administration, the President’s unprecedented flurry of initial executive actions was light on actual, immediate changes to U.S. trade policy.

As detailed below, with few exceptions, the actions have essentially set the stage for (and in some cases set up the legal structure for) future moves without yet implementing policy changes.

Five Key Themes

Despite the absence of formal policy changes, taken as a whole, the executive actions (which include policy memoranda, scores of legally binding executive orders (E.O.s), as well as press and formal statements) set out some broad themes that will likely guide President Trump and his administration as he pursues his trade agenda. While many of these themes were present in his first term (and others echo former presidents, including the early twentieth century’s William McKinley), the actions taken so far indicate that his second term team is more sophisticated, knowledgeable of the federal bureaucracy, and capable of acting on these themes quickly and sustainably than was the team in place during the previous Trump administration.

First, as he indicated during the campaign, President Trump continues to see trade as a “zero sum game,” turning away from decades of broad bipartisan recognition of the benefits to the United States of free trade governed by U.S legislation and trade agreements intended to protect U.S. interests from unfair trade practices. By focusing on the trade deficit as an irrefutable indication of American weakness (and foreign powers’ strength) and making broad statements to business elite that if they do not develop manufacturing in the United States they will face tariffs and other consequences, the Trump team has indicated little desire to find a middle ground on trade issues. President Trump’s broader distrust of the multilateral trading system suggests the United States’ block against the World Trade Organization’s Appellate Body – which has been in place since Trump’s first term and has left the WTO essentially rudderless – is unlikely to be resolved in the near future. Indeed, the President has asked for a review of all existing U.S. trade agreements, including the World Trade Organization Agreement on Government Procurement.

Second, the President will leverage trade for other policy goals far removed from trade. While U.S. legislation has always made this the case with sanctions and export controls (which have clear national security goals often unrelated to trade), the Trump team has indicated a willingness to threaten countries with trade-related consequences if they do not invest in border security (Canada), increase defense spending (NATO states), comply with his immigration policies (Mexico and Colombia), and to potentially extract other geopolitical concessions (such as those involving Denmark/Greenland and Panama). While this novel use of trade measures was apparent in his first term, President Trump now seems set to move even more forcefully and broadly in this regard during his second administration.

Third, the President appears to be gearing up for aggressive trade enforcement to make up for what he deems insufficient trade enforcement by the Biden administration. His use of the pejorative description of “loopholes“ in describing current export controls provisions and his direction to his Executive branch to address such shortcomings indicates a potentially uniquely muscular approach that his trade-related senior staff – including Trade and Manufacturing Senior Counselor Peter Navarro, Commerce Secretary-nominee Howard Ludnick, Treasury Secretary-nominee Scott Bessent, and U.S. Trade Representative-nominee Jamieson Greer – have supported in their public statements and testimony. The President has also indicated that his administration will pursue very aggressive efforts in applying the antidumping and countervailing duty statutes, the most broadly applied U.S. “unfair trade” provisions.

Fourth, and related to aggressive enforcement, in many trade-related statements, the administration has spoken of a goal of expanding how the United States should “encourage” third country compliance with U.S. trade controls (such as export controls and sanctions). This suggests a return to a key feature of President Trump’s first term – the use of unilateral trade measures directed against allies and competitors alike – and an imminent expansion of the United States’ extraterritorial trade enforcement. Extraterritorial trade measures have always been both a critical force multiplier in furthering U.S. policy (such as secondary sanctions) while simultaneously being a source of increasing friction between the United States and other countries. Unlike in the President’s first term, potential target countries have been preparing – in some cases for more than a year – to respond to these efforts and potentially institute retaliatory measures. However, as in his first term, President Trump appears as yet unconcerned about any reprisals.

Fifth, President Trump appears set on using essentially unchecked executive authorities to pursue most of his trade agenda rather than rely on or wait for legislation. In his first term President Trump primarily relied on a mix of existing statutory authorities that allowed limited congressional oversight (such as using legislation undergirding U.S. sanctions to quickly impose tariffs) alongside more traditional tools (such as the longstanding Section 301 and 232 trade statutes which require often lengthy investigations prior to the imposition of tariffs). In this second Trump administration, however, it appears that the administration will rely more heavily on executive tools. Given the Republican control of Congress, President Trump may not receive significant initial congressional pushback regarding any concerns that he may be overstepping his authority. However, this approach is highly likely to result in immediate litigation that could result in judicially imposed limitations on these authorities (as aggrieved parties seek redress in the courts) and may well prompt congressional efforts to amend these authorities if the Republicans lose one or both houses of Congress in the 2026 midterm elections.

Top Takeaways from the “Week One” Executive Trade Actions

Please refer to Gibson Dunn’s “Executive Order Tracker” for a complete and current listing of all the E.O.s issued by the Trump White House in the initial days of his second term, as well as Gibson Dunn’s Regulatory Outlook for International Trade Following the 2024 Election which details the firm’s broader post-election assessment of where Trump trade policy might be headed.

The list below contains a short description and categorization of executive trade actions as well as links to more in-depth analyses Gibson Dunn has undertaken on several individual executive actions.

I. Tariffs (and More): Not Yet Announced, But Major Changes Are Likely Given the Broad Trade Review Ordered

Possible U.S. tariffs have been a core issue as a second Trump Presidency loomed. Despite candidate Trump’s indications that tariffs would be a “day one” event, as of the publication date of this alert there has been no change to U.S. tariffs. However, we note that this situation could change at any time, and President Trump has continued to threaten potential tariffs against China, the EU, Canada, Mexico, Colombia and others, indicating he may seek to impose (or at least announce) some tariffs as early as February 1, 2025.

Through week one, however, Trump’s main tariff-related measures were contained in his “America First Trade Policy” memorandum issued on January 20, 2025, in which he directed parts of the Executive branch, including the Departments of State, Treasury, Commerce and Defense, the U.S. Trade Representative, and various other offices and agencies, to review numerous aspects of the U.S. trade landscape for economic, national security and others risks, and by April 1, 2025, to report back with any findings and recommendations for remedial action. The Policy notes that such proposals could include tariffs but also a host of other possible approaches. Importantly this memorandum contains no legally binding changes to trade policy.

The memorandum is very broad, but key sections of the memorandum require investigations of many trade-related issues, including the following:

The “causes of our country’s large United States annual trade deficit,” and (ominously) a recommendation of “appropriate measures, such as a global supplemental tariff”;
Foreign unfair trade practices and currency manipulation;
All existing U.S. trade agreements (including the United States-Mexico-Canada Agreement (USMCA)), as well as views on opportunities for new bilateral trade agreements;
A deep dive on various aspects of the economic and trade relationship with China;
Unlawful migration and fentanyl flows from Canada, Mexico, and the PRC;
A “full economic and security review of the United States’ industrial and manufacturing base”;
The U.S. import treatment of steel and aluminum;
The feasibility of and recommendations for implementing an “External Revenue Service (ERS) to collect tariffs, duties, and other foreign trade-related revenues”; and
The policies and regulations concerning the application of antidumping and countervailing duty (AD/CVD) laws.

In addition, the memorandum also calls for a wholesale reassessment of other major trade regulatory programs such as U.S. export controls, the rules covering U.S. outbound investment into China, and the recently announced rules regarding imports of “connected vehicles.”

II. Rescissions and Rule Moratorium

President Trump rescinded more than 70 E.O.s issued by previous administrations – including some that had been in place for decades. He also declared a moratorium, pending further review by his appointees, on the issuance, proposal, or publication of any new regulatory rules. Finally, he directed agencies to consider postponing for 60 days the effective date for any rules that have been published in the Federal Register or otherwise issued which have not taken effect.

While the freezing of such rules is not unusual for a new administration, the breadth of President Trump’s order (and our assessment that, due to vast policy differences between President Biden and President Trump, many such rules could in fact be radically altered) makes this an impactful (even if on its face technical) legally binding order. As noted below, several of the rescission orders and rule moratoria have significant trade implications.

III. Broad Review Ordered, but Near-Term Uncertainty in Applicability of Certain U.S. Export Controls

President Trump’s America First Trade Policy memorandum describes trade policy as “a critical component to national security” that will be used to enhance the “industrial and technological advantages” of the United States, defend the United States’s “economic and national security,” and benefit “American workers, manufacturers, farmers, ranchers, entrepreneurs, and businesses.” As part of this effort, the U.S. Secretaries of State and Commerce, in conjunction with other agency heads, are directed to “review the United States export control system and advise on modifications in light of developments involving strategic adversaries or geopolitical rivals as well as all other relevant national security and global considerations.”

What the Trump administration’s effort will ultimately entail is uncertain. As a core question, it is unclear whether President Trump will continue the prior administration’s aggressive use of export controls to limit the abilities of geopolitical rivals to obtain access to and develop their own ability to manufacture technologies that are core to different emerging technologies such as the training of AI frontier models and quantum computing.

The memorandum specifically requires recommendations to “maintain, obtain, and enhance” the United States’ “technological edge” and to “identify and eliminate loopholes in existing export controls.” These efforts are likely to focus on emerging technologies that pose a threat to national security, such as advanced semiconductors, quantum computing, connected devices, and other next generation technologies already under review by the Emerging Technology Division of the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) and partner agencies.

In its final weeks in office, the Biden administration issued a significant number of export controls-focused regulations imposing wide-ranging restrictions on advanced chips, connected vehicles, artificial intelligence (AI) diffusion, and related emerging technologies. Though many of these regulations were accompanied by delayed compliance dates, the extensive obligations they impose – including worldwide, quota-metered, licensing requirements on the export of computing power and on the frontier AI models that are trained using this computing power – raised concerns across various industries and prompted questions concerning implementation.

Questions remain as to whether these individual regulations will be amended, repealed, or postponed considering Trump’s rescission of various Biden E.O.s and the issuance of the rule moratorium.

Significantly, despite President Trump’s recission of President Biden’s E.O. 14110 on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” and call for review of any actions thereunder, the Biden team’s Framework for Artificial Intelligence Diffusion regulations draw upon multiple additional authorities, including the Export Control Reform Act of 2018. Consequently, the mere recission of E.O. 14110 is unlikely to singlehandedly spell the end of the proposed AI diffusion controls.

Moreover, the express policy drivers for the AI Diffusion Rule appear aligned with President Trump’s mandate to eliminate his perceived “loopholes” in U.S. export controls that may have enabled geopolitical rivals of the United States to obtain access to the computing power required to train AI models and his mandate to ensure that the United States maintains the technological edge in frontier AI model training. Indeed, although Trump rescinded E.O. 14110, he also issued his own E.O. calling for several agencies to develop within 180 days a plan to “sustain and enhance America’s global AI dominance.”

What is even less clear, especially given President Trump’s willingness (and perhaps preference) to act unilaterally, is whether the Trump Administration will take steps to maintain the bespoke coalition of countries (core among them the Netherlands, Japan, and South Korea) that the Biden Administration created and which has been used to develop uniform controls on technologies that are foundational to the next generation of developments in frontier AI model training, quantum computing, and synthetic biology.

As the confirmation of President Trump’s political appointees progresses, we will gain a clearer picture of what the administration will prioritize in terms of export controls and related national security risks. We assess that a focus on addressing emerging technologies that pose national security risks will likely be a throughline from the previous administration. While President Trump will impose his own stamp on new and pending regulations, many of the geopolitical risks that shaped U.S. national security and technology policy during Trump’s first administration and Biden’s remain the same.

IV. Temporary Reprieve for TikTok

Reversing his hardline stance toward the popular social media company during his first term, President Trump directed the Attorney General not to take any action for 75 days to enforce the Protecting Americans from Foreign Adversary Controlled Applications Act (Pub. L. 118-50, div. H) which effectively banned the app in the United States on January 19, 2025, in order for his administration to confer with relevant stakeholders. The first Trump administration E.O. banning TikTok was being challenged in U.S. courts at the time it was rescinded by the Biden administration in 2021.

Even so, and indicative of the uncertainty with which some in the business community have greeted some of the president’s pronouncements, despite the reprieve, as of the date of the memorandum, the availability of the TikTok app remains limited.

V. Economic Sanctions

Even as President Trump has stated his desire to use sanctions sparingly (and in one of his initial actions he even cancelled a sanctions program related to the West Bank), some of his initial actions and statements – including his Treasury nominee’s speaking of expanding sanctions on Russia during his confirmation hearings and President Trump’s threatening additional sanctions on Russian president Putin if he did not agree to negotiate an end to his war on Ukraine – suggest a likely continuation of his record-setting use of sanctions during his first term.

a. Potential (Re-)authorization of Sanctions Targeting the International Criminal Court

President Trump rescinded E.O. 14022, which had previously terminated E.O. 13928’s national emergency with respect to the International Criminal Court (ICC) and corresponding authorization of sanctions targeting the ICC’s personnel or persons determined to have provided material support to certain of its operations. Importantly, no new sanctions were announced.

While it is unclear whether the rescission of E.O. 14022 equates to the reinstatement of E.O. 13928 – given the likely legal necessity that President Trump would have to redeclare the “national emergency” with respect to the Court, which is a prerequisite for such sanctions – additional action is likely necessary to reinstitute such sanctions. While the absence of a newly promulgated emergency may be the basis for litigation if sanctions were to emerge now, not only could President Trump reissue an emergency with the stroke of a pen, but also the direction of travel against the ICC is clear. This direction is supported by a Congress that has its own ICC sanctions bill that has passed the House and is awaiting Senate action – and which threatens the use of the very aggressive George W. Bush-era anti-ICC law, “Hague Invasion Act.” The Trump administration is clearly no friend of the ICC and in the absence of any alteration in the Court’s policies and actions, we fully expect sanctions measures to be imposed against the Court and/or its various components, offices, and personnel.

b. Reinstatement of Cuba’s Designation as a State Sponsor of Terrorism

On January 20, President Trump reinstated Cuba’s designation as a State Sponsor of Terrorism (SST). The Biden administration had rescinded Cuba’s designation as an SST less than a week earlier, pursuant to a Vatican-brokered agreement with the Cuban government. Given the first Trump administration’s hawkish economic policy with respect to Cuba (the United States designated Cuba as an SST in the final days of the first Trump administration, on January 12, 2021), the reinstating of Cuba’s SST designation was broadly anticipated.

This action, coupled with the appointment of Senator Marco Rubio as Secretary of State, also presages further restrictive measures targeting Cuba. As of this writing, the Treasury Department, Office of Foreign Assets Control’s (OFAC’s) May 2024 amendments to the Cuban Assets Control Regulations remain in effect (as do many aspects of President Obama’s broader easing of Cuba-related sanctions from his second term). The new Trump administration may seek to roll back these and other accommodations toward Cuba. This includes President Biden’s suspension of Title III of the Helms-Burton Act, which provides for private rights of action against parties deemed to be trafficking in formerly-U.S.- person owned property in Cuba that was nationalized under Castro. During his first term, President Trump had revoked the suspension of that title, which had been in place under every administration since the act was passed in 1996 and led to a spate of lawsuits. President Biden’s suspension meant that no new cases could be filed under Title III. This is likely to change under the new administration.

Additionally, the Cuba Restricted List, initially implemented during the first Trump administration through National Security Presidential Memorandum 5 and later revoked by President Biden shortly before leaving office, may soon be reinstated.

c. Call for Addition of Drug Cartels to Terrorism Sanctions Lists

On January 20, President Trump signed an Executive Order paving the way for the designation of certain international cartels as Foreign Terrorist Organizations (FTO) and Specially Designated Global Terrorists (SDGT). The order does not create any new blocked persons. Rather, it directs the Secretary of State to “take all appropriate action” to identify cartels and other organizations described in the order within 14 days. The order further directs the Attorney General and Secretary of Homeland Security to make “operational preparations” to implement any related invocations of the Alien Enemies Act, which is a controversial wartime power of the president to restrain and remove nonnaturalized persons within the United States who are “natives, citizens, denizens, or subjects of” a hostile nation. Whether a president could use such powers during peacetime is virtually certain to raise judicial challenge.

The United States currently maintains the Counter Narcotics Trafficking Sanctions Program and regularly designates cartels, their members, and affiliates under various related authorities. Indeed, all the largest cartels thought most likely to be the focus of this order are already sanctioned under these (and/or other) sanctions authorities maintained by OFAC. Designating cartels and their affiliates as SDGTs would not alter their sanctioned status.

Adding the FTO designation would impose certain additional risks. Specifically, designation as an FTO (1) renders representatives and members of the FTO, if they are not a U.S. citizen or U.S. national, inadmissible to the United States; (2) exposes persons subject to U.S. jurisdiction to criminal liability for knowingly providing “material support or resources” to the FTO; and (3) provides for certain private rights of action. This E.O., therefore, is indicative of the President’s desire to use sanctions as a tool in furtherance of his immigration policy and in support of his border-related national emergency. Some have already indicated that an FTO designation could implicate U.S. business interests in Mexico due to how integrated some of the cartels are into that country’s formal economy.

d. Potential Redesignation of Ansarallah as an FTO

On January 22, President Trump also issued an Executive Order that will put in motion the process to re-designate Ansarallah (also known as the Houthis) as an FTO by March 8, 2025. Under the order, an FTO designation would take place at any point within a 15-day period (February 22 to March 8) that is set to follow a 30-day information-gathering period (January 23 to February 21). Following Ansarallah’s designation as an FTO, the order further directs the Secretary of State and the Administrator of USAID to terminate any projects, grants, or contracts they identify as having involved entities that either made payments to Ansarallah and its affiliates or that “criticized international efforts to counter Ansar Allah while failing to document Ansar Allah’s abuses sufficiently.”

As noted in Gibson Dunn’s 2023 Year-End Sanctions and Export Controls Update, the Biden administration had previously designated Ansarallah as an SDGT—and de-listed the group as an FTO – principally due to concerns about the impact of the designation on humanitarian projects in Yemen. Like the potential upcoming FTO designation, Ansarallah’s designation as an SDGT came with a 30-day delay. However, unlike in the case of Ansarallah’s SDGT designation, OFAC has not yet issued general licenses or guidance that might provide NGOs comfort to continue providing lawful humanitarian assistance to the Yemeni people that may involve Ansarallah. Given that an FTO designation carries more onerous restrictions than the SDGT designation, including possible criminal liability for parties that provide “material support” to such a group, there is a substantial risk that designating the Houthis as an FTO may once again deter humanitarian organizations from providing critical aid to the country.

VI. Pause of Foreign Aid

President Trump issued an Executive Order establishing a 90-day pause in U.S. foreign assistance pending “assessment of programmatic efficiencies and consistency with United State foreign policy.” The policy applies to new obligations and disbursements of development assistance funds to foreign countries and implementing NGOs, international organizations, and contractors. While it includes important carve outs for emergency food provisioning, the E.O. authorizes the Department of State, in consultation with the Office of Management and Budget (OMB), to issue guidelines for department and agency heads to review their respective foreign aid programs.

Practically, the pause is designed principally to review existing foreign aid programs (which does not necessarily imply their elimination and/or wind-down). Still, the purpose of the policy freeze outlined in section 1 of the E.O. strongly suggests a shift toward a reconsidering of, and potentially an elimination or limiting of, certain foreign aid programs. The U.S. government currently maintains foreign aid programs related to over 200 countries, valued in total at USD $68 billion, a substantial part of which is allocated to Ukraine.

VII. Possible Expansion of Outbound Investment Regime

The America First Trade Policy memorandum also calls for a review of the recently implemented program regulating outbound U.S. investments involving Chinese persons operating in certain high-tech sectors and activities effective as of January 2, 2025. Specifically, the memorandum calls for a review of E.O. 14105, which provided the basis for the program as well as the final implementing rule. Our previous client alert provided a detailed overview of this new regulatory regime.

Likely responding to congressional interest in legislation expanding the types of industries subject to the program’s control (and in line with the President’s clear preference to take control of the policy narrative by undertaking executive actions rather than being subjected to congressional mandates), the America First Trade Policy memorandum mandates the Department of the Treasury to assess whether the current controls in the outbound investment regulations are sufficient to address national security interests, and to make recommendations for any further modification by April 1, 2025.

The new outbound investment regime has already created significant compliance challenges as companies and financial institutions grapple with ways to implement and adjust policies, procedures, and corporate agreements to comply with the new rules and account for shifting legal and commercial risk profiles and appetites. It is likely these compliance concerns will multiply post-April 2025.

The Gibson Dunn team is closely following these developments and will be publishing more analysis as the situation develops. In the meantime, Gibson Dunn lawyers stand ready to answer any questions as companies and organizations navigate the new policy environment.

The following Gibson Dunn lawyers prepared this update: Adam M. Smith, Ronald Kirk, Donald Harrison, David Wolber, Christopher T. Timura, Stephenie Gosnell Handler, Samantha Sewall, Audi Syarief, Chris Mullen, Lindsay Wardlaw, Mason Gauch, Zach Kosbie, Karsten Ball, Hui Fang, and Soo-Min Chae.

United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, rkirk@gibsondunn.com)
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, asmith@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Donald Harrison – Washington, D.C. (+1 202.955.8560, dharrison@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, ctimura@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202.887.3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, cmbrown@gibsondunn.com)
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, aneely@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202.887.3509, ssewall@gibsondunn.com)
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, mweinbaum@gibsondunn.com)
Karsten Ball – Washington, D.C. (+1 202.777.9341, kball@gibsondunn.com)
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, hdanilack@gibsondunn.com)
Mason Gauch – Houston (+1 346.718.6723, mgauch@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, cmullen@gibsondunn.com)
Sarah L. Pongrace – New York (+1 212.351.3972, spongrace@gibsondunn.com)
Anna Searcey – Washington, D.C. (+1 202.887.3655, asearcey@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, stoussaint@gibsondunn.com)
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, lwardlaw@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, szhang@gibsondunn.com)