Publications Archives

From the Derivatives Practice Group: The CFTC will hold an open meeting on December 18 to discuss two Final Rules: the Final Rule on Real-Time Public Reporting Requirements and Swap Data Recordkeeping and Reporting Requirements, and the Final Rule on Regulations to Address Margin Adequacy and to Account for the Treatment of Separate Accounts by Futures Commission Merchants.

New Developments

CFTC Staff Issues Advisory Regarding Form 304 Submission Format Beginning January 15, 2025. On December 12, the CFTC Division of Market Oversight issued an advisory notifying all merchants and dealers of cotton holding or controlling positions for future delivery in cotton (traders) that beginning next year they must submit the regulatory filing identified as “Form 304” through the CFTC’s online filings portal. The advisory notes that all traders who are subject to CFTC Regulation 17 CFR 19.00(a) beginning January 15, 2025, Form 304 must be submitted through the CFTC’s online filings portal, which has been updated for traders’ use. Form 304 should continue to be submitted via email through January 14, 2025. [NEW]
CFTC to Hold a Commission Open Meeting December 18. On December 11, the CFTC announced the Commission will hold an open meeting Wednesday, December 18 at 9:30 a.m. – 12:00 p.m. (ET) at the CFTC’s Washington, D.C. headquarters. The Commission will consider the following: the Final Rule on Real-Time Public Reporting Requirements and Swap Data Recordkeeping and Reporting Requirements and the Final Rule on Regulations to Address Margin Adequacy and to Account for the Treatment of Separate Accounts by Futures Commission Merchants. [NEW]
CFTC Staff Issues Advisory Related to the Use of Artificial Intelligence by CFTC-Registered Entities and Registrants. On December 5, the CFTC’s Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants issued a staff advisory on the use of artificial intelligence in CFTC-regulated markets by registered entities and registrants. The advisory is intended to remind CFTC-regulated entities of their obligations under the Commodity Exchange Act and the CFTC’s regulations as these entities begin to implement AI. CFTC staff noted that it is closely tracking the development of AI technology and AI’s potential benefits and risks and that it values its ongoing dialogue with CFTC-regulated entities and intends to monitor these entities’ use of AI as part of the agency’s routine oversight activities. According to the CFTC, the advisory is informed, in part, by public comments received in response to the staff’s January 25, 2024 Request for Comment on AI.
CFTC Releases FY 2024 Enforcement Results. On December 4, the CFTC announced record monetary relief of over $17.1 billion for fiscal year 2024. With the resolution of digital asset cases that resulted in the agency’s largest recovery ever, this record amount included $2.6 billion in civil monetary penalties and $14.5 billion in disgorgement and restitution. In FY 2024, the agency brought 58 new actions including, in the CFTC’s words, precedent-setting digital asset commodities cases, its first actions addressing fraud in voluntary carbon credit markets, complex manipulation cases in various markets, and significant compliance cases – including its largest compliance case ever. The CFTC also said that it continued to vigorously litigate pending actions, resulting in significant litigation victories and recoveries.
Commissioner Johnson Announces CFTC Market Risk Advisory Committee Meeting on December 10. On November 26, CFTC Commissioner Kristin N. Johnson, sponsor of the Market Risk Advisory Committee (“MRAC”) announced that the MRAC will hold a public meeting on Tuesday, Dec. 10, from 9:30 a.m. to 12:30 p.m. (EDT) at the CFTC’s Washington, D.C., headquarters. At the meeting, the MRAC will discuss current topics and developments in the areas of central counterparty risk and governance, market structure, climate-related risk, and innovative and emerging technologies affecting the derivatives and related financial markets.

New Developments Outside the U.S.

ESMA Consults on Proposals to Digitalize Sustainability and Financial Disclosures. On December 13, ESMA published a Consultation Paper seeking stakeholders’ views on how the European Single Electronic Format can be applied to sustainability reporting. The proposals also aim to ease the burden associated with financial reporting. Interested stakeholders are invited to submit their feedback by March 31, 2025. [NEW]
ESMA Consults on Open-Ended Loan Originating Alternative Investment Funds. On December 12, ESMA published a consultation paper on draft regulatory technical standards on open-ended loan originating Alternative Investment Funds (“AIFs”) under the revised Alternative Investment Fund Managers Directive (“AIFMD”). AIFMD review has introduced some harmonized rules on loan originating funds. The goal of these rules is to provide a common implementing framework by determining the elements and factors that Alternative Investment Fund Managers need to consider when making the demonstration to their Competent Authorities that the loan originated AIFs they manage can be open-ended. [NEW]
ESMA Consults on Technical Advice on Listing Act Implications. On December 12, ESMA launched a consultation to gather feedback following changes to the Market Abuse Regulation (“MAR”) and Market in Financial Instruments Directive II (“MiFID II”) introduced by the Listing Act. Regarding MAR, ESMA is inviting feedback on: a non-exhaustive list of the protracted process and the relevant moment of disclosure of the relevant inside information (together with some principles to identify the moment of disclosure for protracted not listed processes); a non-exhaustive list of examples where there is a contrast between the inside information to be delayed and the latest public announcement by the issuer; and a methodology and preliminary results for identifying trading venues with a significant cross-border dimension, for the purposes of establishing a Cross Market Order Book Mechanism. Regarding MiFID II, ESMA’s proposals cover: a systematic review of the relevant provisions in Commission Delegated Regulation 2017/565 to ensure that a Multilateral Trading Facility (“MTF”) (or a segment of it) to be registered as small and medium-sized enterprises growth market complies with the relevant requirements in the revised MiFID II; and some conditions to meet the registration requirements for a segment of an MTF, as specified in the revised MiFID II. [NEW]
ESAs Provide Guidelines to Facilitate Consistency in the Regulatory Classification of Crypto-Assets by Industry and Supervisors. On December 10, the European Supervisory Authorities (the “ESAs”) published joint Guidelines intended to facilitate consistency in the regulatory classification of crypto-assets under Markets in Crypto Asset Regulation. The Guidelines include a standardized test to promote a common approach to classification as well as templates market participants should use when communicating to supervisors the regulatory classification of a crypto-asset. [NEW]
IOSCO Publishes Final Report on Regulatory Implications and Good Practices on the Evolution of Market Structures. On November 29, IOSCO published its Final Report on the Evolution in the Operation, Governance, and Business Models of Exchanges. According to IOSCO, the Final Report addresses significant changes in exchange business models and market structures, highlighting the impact of increased competition, technological advancements, and cross-border activity on exchanges. Additionally, it outlines a set of six good practices for regulators to consider in the supervision of exchanges that cover three key areas: (1) Organization of Exchanges and Exchange Groups (2) Supervision of Exchanges and Trading Venues within Exchange Groups and (3) Supervision of Multinational Exchange Groups.
BoE Publishes Report on Its System-Wide Exploratory Scenario Exercise and Stress Test Results for UK CCPs. On November 29, the Bank of England (“BoE”) published a final report on its system-wide exploratory scenario (“SWES”) and the results of its 2024 supervisory stress test of UK central counterparties (“CCPs”). As part of the SWES exercise, 50 participating firms, including banks, insurers, pension schemes, hedge funds, asset managers and CCPs, had to assess how they would be impacted by a hypothetical stress scenario, including severe but plausible shocks to a wide range of market prices and indicators over 10 business days, including moves similar to those seen during the UK gilt market crisis in 2022 and the 2020 dash for cash. BoE noted key observations, including (1) the simulated market shocks generated significant liquidity needs for non-bank financial intermediaries, (2) financial participants’ collective actions amplify the initial shock, (3) the gilt repo market was central in helping to absorb the shock, but its capacity in times of stress remains limited, (4) the exercise confirms the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and (5) there were material differences between firms’ and CCPs’ expectations on projections of initial margin increases, with banks and non-bank financial intermediaries generally overestimating changes in CCP initial margin. The BoE indicated that its supervisory stress test of UK CCPs also confirmed the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and indicated (1) CCPs were found to experience greater mutualized losses in this exercise compared to previous ones, (2) the ability of clients of defaulting members to port positions has a material impact on the credit stress test results and (3) the exercise also considered the cost of liquidating concentrated positions held by defaulters, with results showing that including concentration costs (assuming no porting) can have a material impact on the depletion of resources.
ESMA Announces Further Guidance on Exclusion Criteria for the Selection of Consolidated Tape Providers. On November 25, ESMA clarified details for some of the documents that future applicants will be expected to provide when participating in the selection process for Consolidated Tapes Providers (“CTPs”). During the first stage of the selection procedure, the exclusion criteria will be used to assess if applicants can be invited to submit their applications in the second stage of the procedure. ESMA will require specific documentation from applicants, including a declaration of honor and valid evidence on exclusion criteria. ESMA’s publication includes an indicative overview of the relevant certificates issued in each EU Member State for such evidence.
ESMA Responds to the European Commission Consultation on Non-Bank Financial Intermediation. On November 22, ESMA sent its response to the European Commission consultation on assessing the adequacy of macroprudential policies for Non-Bank Financial Intermediation (“NBFI”). In its response, ESMA makes key proposals in several areas, including liquidity management, money market fund regulation, supervision and data, and coordination between competent authorities.

New Industry-Led Developments

FRTB Implementation Challenges: Capitalization of Funds. On December 13, ISDA published a second whitepaper on the capitalization of equity investment in funds (“EIIFs”) under the Fundamental Review of the Trading Book (“FRTB”) framework. This paper builds upon an earlier ISDA publication in 2022 that highlighted the overly conservative capital requirements and operational complexities resulting from the proposed Basel III framework associated with EIIFs. Since then, several jurisdictions have implemented the FRTB (Canada and Japan), while others have finalized their FRTB rules (the EU and the UK) or are consulting on the final rules (the US). This topic continues to be a globally important issue for the industry, with many unresolved concerns related to the treatment of EIIFs. [NEW]
Joint Associations Send Letter on UK CCP Equivalence and Recognition. On December 12, ISDA and eleven other trade associations representing a broad group of market participants sent a letter to Commissioner Albuquerque requiring that the European Commission extends the equivalence decision for UK Central Counterparties (“CCPs”) in a non-time-limited manner and well in advance of March 31, 2025. The current time-limited equivalence decision is set to expire on June 30, 2025. [NEW]
ISDA Publishes Paper on Compliance Requirements under MIFIR. On December 9, ISDA published a paper that maps out an approach to post-trade transparency under the revised Markets in Financial Instruments Regulation (“MIFIR”) for reporting single-name credit default swaps referenced to global systemically important banks, supporting meaningful transparency and implementation practicability. [NEW]
ISDA Responds to European Commission’s Consultation on Macroprudential Policies for NBFIs. On November 21, ISDA responded to the European Commission’s consultation on assessing the adequacy of macroprudential policies for NFBI. In the response, ISDA covers a range of key topics, including the need to consider the diversity of the NBFI sector, possible solutions to challenges in meeting collateral requirements, the importance of bank intermediation capacity, the need for deep and liquid core funding markets, enhanced data sharing among regulators and the vital role played by non-cleared derivatives markets, especially in times of stress.
ISDA Sends Letter to FASB on Hedge Accounting Improvements. On November 25, ISDA submitted a comment letter to the Financial Accounting Standards Board (“FASB”) in response to its exposure draft (ED) on File Reference No. 2024-ED200, Derivatives and Hedging (Topic 815) – Hedge Accounting Improvements. In the comment letter, ISDA explains it supports the FASB’s proposals in the ED and believes the ED achieves the FASB’s objective of improving the application and relevance of the derivatives and hedging guidance.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus – New York (212.351.3869, [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

Every large corporation risks legal and regulatory scrutiny, and certain individuals within those organizations may also face personal exposure if their organization fails to maintain adequate corporate compliance. These gatekeepers — tasked with protecting their companies’ financial and reputational well-being — should remain alert to their own risk of liability for wrongdoing, failing to prevent it, or missteps taken in response to misconduct.

Discussion topics:

Recent trends and enforcement developments affecting gatekeeper liability
Best practices for in-house gatekeepers
Special topics for gatekeeper consideration

PANELISTS:

David Ware is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher. He is a member of the firm’s Securities Enforcement, Securities Litigation, Accounting Firm Advisory and Defense, and White Collar Defense and Investigations Practice Groups. David’s practice focuses on government investigations and enforcement actions, internal investigations, and litigation in the areas of auditing and accounting, securities fraud, and related aspects of federal regulatory and criminal law. He also counsels clients concerning compliance with SEC and PCAOB rules and standards. David serves as a member of the Auditing Standards Board, which promulgates auditing standards for private companies in the United States. He is admitted to practice in the District of Columbia and Massachusetts, as well as before the U.S. District Court for the District of Columbia and the U.S. Courts of Appeals for the First Circuit and Third Circuit.

Michael Scanlon is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher. He is a member of the firm’s Securities Regulation and Corporate Governance, Securities Enforcement, and Corporate Transactions Practice Groups, and has an extensive practice representing U.S. and foreign public company and audit firm clients on regulatory, corporate governance, and enforcement matters. Michael advises corporate clients on SEC compliance and disclosure issues, the Sarbanes-Oxley Act of 2002, and corporate governance best practices, with a particular focus on financial reporting matters. He frequently represents both accounting firms and public company clients on SEC and PCAOB accounting and auditing matters, including financial statement materiality and restatement issues, internal control issues, auditor independence, and other accounting-related disclosure issues. He also is experienced in conducting internal investigations involving accounting irregularities for management, audit committees, and other Board committees, and represents clients on these matters before the SEC. Michael also represents several public company boards of directors and audit committees, as well as not-for-profit organizations, with respect to corporate governance and other compliance matters. Michael is admitted to practice in the District of Columbia.

Allison Kostecka is of counsel in the Denver office of Gibson, Dunn & Crutcher. She practices in the firm’s Litigation Department, where she focuses on securities litigation, antitrust investigations and litigation, other complex commercial litigation, and data privacy. Allison represents companies in a range of complex, civil litigation matters. She has defended multiple companies in derivative lawsuits and securities class actions before federal and state courts. In addition, Allison has represented clients in a variety of antitrust and consumer protection matters before administrative bodies and federal courts. For over 10 years, she represented a large energy company in multiple federal court actions that exposed a fraudulently obtained, multi-billion dollar judgment against the company. In addition to working on extensive discovery, preliminary injunction actions, and both pre-and post-judgment motions practice related to this transnational matter, Allison was on both the trial and appellate teams for this matter. Allison is registered to practice law in the State of Colorado, as well as in the U.S. Courts of Appeal for the Sixth, Tenth, and Eleventh Circuits and the U.S. District Courts for the District of Colorado and the Northern District of Ohio.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

Shukie Grossman was featured in Lexology Index as a Thought Leader in the USA – Private Funds – Formation [PDF] category. The article was published in December 2024.

This update discusses key trends and insights from our analysis of the cybersecurity disclosures made by 97 S&P 100 companies in their most recent Form 10-K filings in response to Regulation S-K Item 106.

I. Introduction

This alert highlights key trends and insights from our analysis of the cybersecurity disclosures made by 97 S&P 100 companies in their 2024 Form 10-K filings, as required by new Item 106 of Regulation S-K (“Item 106”), as of November 30, 2024.[1]

As discussed in a previous client alert, the Securities and Exchange Commission (“SEC” or “Commission”) adopted on July 26, 2023, a final rule requiring public companies to provide current disclosure of material cybersecurity incidents and annual disclosure regarding cybersecurity risk management, strategy, and governance. Under Item 106, which is required to be addressed in new Item 1C of Form 10-K, public companies must include disclosures in their annual reports regarding their (1) cybersecurity risk management and strategy, including with respect to their processes for identifying, assessing, and managing cybersecurity threats and whether risks from cybersecurity threats have materially affected them, and (2) cybersecurity governance, including with respect to oversight by their boards and management.[2] All public companies were required to comply with these disclosure requirements for the first time beginning with their annual reports on Form 10-K or 20-F for the fiscal year ending on or after December 15, 2023.

II. Executive Overview

While certain disclosure trends have emerged under Item 106, we note that there is significant variation among companies’ cybersecurity disclosures, reflecting the reality that effective cybersecurity programs must be tailored to each company’s specific circumstances, such as its size and complexity of operations, the nature and scope of its activities, industry, regulatory requirements, the sensitivity of data maintained, and risk profile. Companies must strike a careful balance in their disclosures, providing sufficient decision-useful information for investors, while taking care not to reveal sensitive information that could be exploited by threat actors.[3] We expect company disclosures to continue to evolve as their practices change in response to the ever-evolving cybersecurity threat landscape and as common disclosure practices emerge among public companies.

Below is an executive overview of the key disclosure trends we observed (discussed in detail in Section III below):

Materiality. The phrasing used by companies for this disclosure requirement varies widely. Specifically, in response to the requirement to describe whether any risks from cybersecurity threats have materially affected or are reasonably likely to materially affect the company, the largest group of companies (40%) include disclosure in Item 1C largely tracking Item 106(b)(2) language (at times, subject to various qualifiers); 38% vary their disclosure from the Item 106(b)(2) requirement in how they address the forward-looking risks; and 22% of companies do not include disclosure specifically responsive to Item 106(b)(2) directly in Item 1C, although a substantial majority of these companies cross-reference to a discussion in Item 1A “Risk Factors.”
Board Oversight. Most companies delegate specific responsibility for cybersecurity risk oversight to a board committee and describe the process by which such committee is informed about such risks. Ultimately, however, the majority of surveyed companies report that the full board is responsible for enterprise-wide risk oversight, which includes cybersecurity.
Cybersecurity Program. Companies commonly reference their program alignment with one or more external frameworks or standards, with the National Institute of Standards and Technology (NIST) Cybersecurity Framework being cited most often. Companies also frequently discuss specific administrative and technical components of their cybersecurity programs, as well as their high-level approach to responding to cybersecurity incidents.
Assessors, Consultants, Auditors or Other Third Parties. As required by Item 106(b)(1)(ii), nearly all companies discuss retention of assessors, consultants, auditors or other third parties, as part of their processes for oversight, identification, and management of material risks from cybersecurity threats.
Risks Associated with Third-Party Service Providers and Vendors. In line with the requirements of Item 106(b)(1)(iii), all companies outline processes for overseeing risks associated with third-party service providers and vendors.
Drafting Considerations.
- Most companies organize their disclosure into two sections, generally tracking the organization of Item 106, with one section dedicated to cybersecurity risk management and strategy and another section focused on cybersecurity governance. Companies typically include disclosures responsive to the requirement to address material impacts of cybersecurity risks, threats, and incidents in the section on risk management and strategy.
- The average length of disclosure among surveyed companies is 980 words, with the shortest disclosure at 368 words and the longest disclosure at 2,023 words. The average disclosure runs about a page and a half.

While comment letters have not been issued in response to Item 106 disclosure in annual reports on Form 10-K filed by the S&P 100 companies we surveyed, as of November 30, 2024, five comment letters from the Staff had been issued to other companies regarding their Item 106 disclosures. For details, see Section VI below.

III. Key Disclosure Trends

For comparison purposes, we have grouped the discussion below into three categories: (1) cybersecurity risk management and strategy; (2) cybersecurity governance; and (3) disclosures in response to the requirement to address material cybersecurity risks, threats, and incidents.

a. Cybersecurity Risk Management and Strategy

Item 106(b)(1) calls for a description of a company’s “processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats in sufficient detail for a reasonable investor to understand those processes.” In response to this overarching disclosure requirement, some of the most commonly addressed topics are as follows:

Cybersecurity Frameworks or Standards. Though not specifically required by Item 106, a majority of surveyed companies (60%) reference one or more external frameworks or standards that inform, to varying degrees, their cybersecurity program management processes and practices. The NIST Cybersecurity Framework is referenced most often, with 51 companies making mention of it. Other frameworks or standards cited by surveyed companies include those set by the International Organization for Standardization (ISO) (including, for example, ISO 27001 and 27002), SOC 1 and 2, and the Payment Card Industry Data Security Standard (PCI DSS). Notably, companies use varied terminology when discussing specified frameworks or standards. For example, when citing NIST, companies explain that their cybersecurity program or risk management approach “leveraged,” was “informed by,” “aligns with,” or was “based on” the framework.[4]
Description of Cybersecurity Program Elements. Nearly all surveyed companies discuss specific components of the company’s cybersecurity program, which most prominently include references to identity and access management, logging and monitoring, penetration testing and vulnerability scanning, governance, risk assessment and threat intelligence, employee awareness and training, and security monitoring. Companies also widely note where employees are provided with cybersecurity training (84%), with 27 of those companies disclosing that they provide this training on at least an annual basis.
Incident Response Preparedness. The substantial majority of companies note the implementation of an incident response plan or procedures (87%), and nearly all companies (96%) describe the use of audits, drills, and/or tabletop exercises to test incident preparedness and the company’s incident response processes.

In addition to the general requirement quoted above, Item 106(b)(1) includes a non-exclusive list of disclosure items, which most surveyed companies specifically address in their Item 1C disclosures as follows:

Whether and how any such processes have been integrated into the company’s overall risk management system or processes. In response to this disclosure item, a substantial majority of surveyed companies (90%) disclose that the oversight of cybersecurity risk has been integrated into the company’s overall risk management system or processes.

Whether the registrant engages assessors, consultants, auditors or other third parties in connection with any such processes. Nearly all companies (98%) generally disclose the engagement of assessors, consultants, auditors or other third parties in the management of cybersecurity risks. Most companies do not specifically name the third parties they engage.
Whether the registrant has processes to oversee and identify material risks from cybersecurity threats associated with its use of any third-party service provider. In line with Item 106’s requirements, all companies generally discuss third-party risk management practices, including outlining processes for identifying and managing material cyber risks associated with third-party service providers. Ninety percent report evaluating, monitoring or conducting due diligence on a vendor’s cybersecurity practices, and 42% report requiring vendors to adhere to certain cybersecurity management processes. These third-party risk management processes can range from conducting due diligence of the third party’s information security environments, or reviewing their incident response capabilities, to monitoring their regulatory compliance to assess the company’s own risk of exposure.

b. Cybersecurity Governance

Item 106(c)(1) requires that companies describe the role of the board in the oversight of cybersecurity risks, including the role of board committees or subcommittees, and Item 106(c)(2)(i) requires that companies describe the management’s role in assessing and managing their material risks from cybersecurity threats, including addressing which management positions or committees are responsible for assessing and managing such risks. In response to these disclosure requirements, some of the most commonly addressed topics are as follows:

The Role of the Board and Committees of the Board in Cybersecurity Governance. As part of the discussion of cybersecurity governance, a majority of surveyed companies (68%) report that the board is responsible for enterprise-wide risk oversight, which includes cybersecurity. However, a majority of companies (66%) also disclose that a committee or subcommittee of the board has been delegated responsibility for primary oversight of cybersecurity risks, with a minority of companies (28%) reporting that the board and a designated committee share the primary oversight of cybersecurity risks, and a handful of companies (6%) reporting that the full board retains primary oversight of cybersecurity risks. Of the companies that delegate primary oversight of cybersecurity risks to a committee or subcommittee, or for which the board and a designated committee or subcommittee share oversight, companies most often disclose that the audit committee (78%) has this responsibility, followed by a risk committee (19%) (for companies that have a risk committee).
The Role of Management in Cybersecurity Governance. In responding to this disclosure item, nearly all companies (99%) list one or more management positions responsible for addressing and managing cybersecurity risks, with a significant minority of companies (43%) reporting that a management committee is also responsible for managing such risks. Of the companies that identify a management position responsible for assessing and managing material cybersecurity risks, 61% identify one officer who fulfils this role and 39% identify more than one officer responsible for fulfilling this role. The substantial majority of companies (78%) identify a Chief Information Security Officer (CISO) among the management positions responsible for assessing and managing cybersecurity risks, while a minority of companies identify other positions, such as a Chief Information Officer (CIO) (14%), Chief Technology Officer (CTO) (4%), or another officer, such as a Chief Security Officer, Head of Technology, Chief Information and Digital Officer, and/or Chief Cybersecurity Officer.

Item 106(c)(2)(i) also requires a description of the relevant expertise of management in “such detail as necessary to fully describe the nature of the expertise.” In response, a substantial majority of companies (88%) disclose the experience and/or qualifications of the individual(s) responsible for assessing and managing cybersecurity risk. While companies vary widely with respect to the level of specificity they provide in describing relevant experience or qualifications of those in management, surveyed companies generally provide examples of an individual’s:

Roles and Positions Prior to Joining the Company. Practice on this point varies widely, ranging from the inclusion of a general note stating that the individual has held various cybersecurity-related roles, to identifying the specific title held by such individual in the past roles, to noting the technical and industry-specific experience gained or skills employed in prior positions.
Years of Relevant Work Experience. Where surveyed companies disclose this point, the years of experience range from 15 years to more than 30 years of relevant work experience.
Education and Certifications. While less common than the other two categories mentioned above, some companies include reference to an individual’s educational background or certifications (e.g., where the individual received certification as an information systems security professional (CISSP)).

Item 106(c)(2)(ii) requires that companies address how management is informed of and monitors the “prevention, detection, mitigation, and remediation of cybersecurity incidents.” In response to this disclosure item, companies generally disclose that management is informed of cybersecurity risks and incidents through internal reporting channels, such as receiving reports from the company’s cybersecurity professionals.

Item 106(c)(2)(iii) requires that companies discuss the process by which management reports cybersecurity risks to its board. In response to this disclosure item, all companies disclose that the board or responsible committee receives reports from management, with a substantial majority of these companies (82%) disclosing that the board or responsible committee receives reports on a regular basis.[5] A majority of the surveyed companies (61%) also report a process for escalating certain cybersecurity incidents, risks or threats to the board or responsible committee.

c. Material Cybersecurity Risks, Threats & Incidents

Item 106(b)(2) requires that companies “[d]escribe whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the registrant, including its business strategy, results of operations, or financial condition and if so, how.” While disclosure on this point varied greatly, we observed the following trends among surveyed companies in response to this disclosure item:

Some Companies Did Not Affirmatively Address Item 106(b)(2) in Item 1C. Twenty-two percent of surveyed companies do not appear to have included disclosure responsive to Item 106(b)(2) in Item 1C.[6] Of these companies, 90% provide a cross-reference to a discussion in Item 1A “Risk Factors.”[7]
Most Disclosures Track the Language of Item 106(b)(2). Forty percent of surveyed companies largely track the language of the disclosure item with respect to both the backward-looking aspect (“have materially affected”) and the forward-looking aspect (“are reasonably likely to materially affect”) of the rule by responding in the negative, concluding that they did not identify any risks from cybersecurity threats that have materially affected or are reasonably likely to materially affect the company, including its business strategy, result of operations or financial condition. However, the precise formulation varied from company to company.[8] Of these companies:
- 54% include a knowledge qualifier making clear that they are “not aware” or “do not believe” that such risks have materially affected or are reasonably likely to materially affect the company;
- 67% make clear that they are speaking as of the end of the fiscal year covered by the Form 10-K or as of the date of the Form 10-K;
- in addition to tracking the rule, 44% include a disclaimer noting that there is no “guarantee” or “assurance” (or something similar) that cyber-related risks may not be material in the future;
- 26% limit required disclosure to threats identified during the last year or last three fiscal years; and
- one company limited the future horizon to “over the long term.”
Many Companies Vary Disclosure on Forward-Looking Impacts, or Address It Vaguely or Not At All. Thirty-eight percent of surveyed companies address the backwards-looking aspect of the rule by largely tracking the rule on that point. For the forward-looking aspect of the rule, some of them: (i) simply do not address it at all or make vague references to potential future impacts (35%); (ii) include a disclaimer noting that there is no “guarantee” or “assurance” (or something similar) that cyber-related risks may not be material in the future (51%); or (iii) make explicit what is an inherent assumption in the disclosure requirement, such as by stating that risks from cybersecurity threats, “if realized,” are reasonably likely to materially affect business strategy, results of operations, or financial condition (16%). One company includes both a “no guarantee” disclaimer and “if realized” language (3%). In addition, among these 38% of the surveyed companies:
- 16% include a knowledge qualifier making clear that they are “not aware” or “do not believe” that such risks have materially affected the company;
- 41% make clear that they are speaking as of the end of the fiscal year covered by the Form 10-K or as of the date of the Form 10-K; and
- 27% limit required disclosure to threats identified during the last year, last three fiscal years or “recent years.”

IV. ISS Governance QualityScore[9]

While it is not possible to say definitively, it is possible that some of the reporting trends observed among the surveyed companies may be attributable to the questions included by Institutional Shareholder Services (“ISS”) in its Governance QualityScore (“QualityScore”) relating to information security since they are not otherwise directly responsive to Item 106 requirements. For example:

possibly in response to ISS Question 409, which evaluates disclosure regarding whether the company has information security risk insurance, a minority of surveyed companies (26%) disclose maintaining some level of cybersecurity insurance;
possibly in response to ISS Question 405, which assesses disclosure as to how many directors have information security skills, a minority of companies (14%) report having directors with information security experience, despite the fact that the proposed requirement to disclose this information was not included in the final cybersecurity rule;[10] and
possibly in response to ISS Question 407, which assesses whether a company experienced an information security breach in the last three years, 3% of companies frame their statements about material effects from cybersecurity threats or incident using this specific time period.

V. Drafting Considerations

The majority of surveyed companies (66%) divide their disclosure into two sections tracking the organization of Item 106, with one section dedicated to cybersecurity risk management and strategy and another section focused on cybersecurity governance. Of those companies, 33% include subsections within one or both of those two main sections, 23% of surveyed companies use no headings at all, and 11% of surveyed companies use headings that differ from the structure of Item 106 (either by including more than the two primary sections set forth in the rule or by including distinct headings altogether).

The average length of disclosure among surveyed companies is 980 words, with the shortest disclosure at 368 words and the longest disclosure at 2,023 words. The average disclosure runs about a page and a half.

VI. Comment Letters

As of November 30, 2024, there have been five comment letters from the Staff regarding disclosure under Item 1C. While these comment letters have not been issued in response to disclosure in annual reports on Form 10-K filed by the S&P 100 companies we surveyed, we are including a discussion of them here for completeness, as they are instructive as to what the Staff was focused on when reviewing the first set of Item 106 disclosures. To summarize:

Two of these comment letters simply requested that companies refile their annual reports on Form 10-K to include an omitted Item 1C.[11] In both instances, the companies filed an amendment on Form 10-K/A, adding the requested disclosure.[12]
One comment letter requested that a company amend future filings to clarify inconsistent statements about its engagement of third parties in connection with its processes for identifying, assessing and managing material risks from cybersecurity threats.[13] The company responded by clarifying the nature of its engagement of third parties in identifying and managing cybersecurity risks, and also confirmed that it would clarify this point to avoid any inconsistency or ambiguity in future filings.[14]
In three comment letters, the Staff touched upon the following requirements of Item 106, requesting expanded disclosure in future filings:
- Item 106(b)(1) (Processes for Assessing, Identifying, and Managing Material Risk from Cybersecurity Threats). The Staff requested that a company expand its disclosure to describe the areas of responsibility of its executive management team and board of directors, along with their respective processes in response to this disclosure item.[15] The company responded by confirming it would include the requested detail in future filings.[16]
- Item 106(b)(1)(i) (Integration of Cybersecurity Risk Processes into Overall Risk Management). In one comment letter, the Staff requested that a company revise future filings to disclose how processes for “assessing, identifying, and managing” material cybersecurity threats have been integrated into its overall risk management system or processes in response to this disclosure item.[17] The company responded by emphasizing that these processes are “well integrated” into its overall risk management system, noting relevant disclosure included in its current filing, and agreeing to provide more detail in future filings in response to this disclosure item.[18]
- Item 106(c)(2)(i) (Identification of Management Committees or Positions Responsible for Assessing and Managing Material Risks from Cybersecurity Threats). Two of the comment letters noted above also included comments related to the discussion of management’s responsibility over cybersecurity risks. The first comment letter requested the company identify which management positions or teams are responsible for assessing and managing material risks from cybersecurity threats in future filings.[19] The second such letter requested a discussion of the relevant expertise of the company’s senior leadership responsible for managing the company’s cybersecurity risk and the “design and implementation of policies, processes and procedures to identify and mitigate this risk.”[20] In each case, the company responded by confirming it would include the requested detail in future filings.[21]

While the impact of the November 2024 election on future leadership of the SEC is uncertain, as are their strategic and enforcement priorities, we expect SEC scrutiny over cybersecurity incident disclosures to continue as companies adjust their disclosure practices to the new requirements.

VII. XBRL Requirements

As a reminder for the upcoming Form 10-K season, all Item 106 disclosures must be tagged in Inline XBRL (block text tagging for narrative disclosures and detail tagging for quantitative amounts) beginning one year after the initial compliance date of December 15, 2023, which, for most companies, means starting with their Form 10-K or Form 20-F filed in 2025.

Companies must use the “Cybersecurity Disclosure (CYD)” taxonomy tags within iXBRL to tag these disclosures.[22] We note that significant judgment will be required to apply these tags. Not only will companies be required to determine the provision of Item 106 to which each part of the narrative disclosure is responsive, but companies will need to determine which flags to mark as “true” or “false.” Importantly, there is a flag for “Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]” and, it is our understanding that to properly apply the flag, each company must select “true” or “false.” Companies that have addressed Item 106(b)(2) by including slightly vague or ambiguous disclosure in Item 1C or by cross-referencing their risk factors will need to carefully consider how they will handle these new tagging requirements.

[1] This alert memo highlights certain disclosure trends based on our review of the 97 surveyed companies. (As of November 30, 2024, three S&P 100 companies had not yet filed annual reports on Form 10-K for fiscal years ending on or after December 15, 2023.) Where appropriate, we have grouped together similar responses to disclosure items to enable a comparison among the companies’ disclosures. For example, where a company provided time qualifiers such as “in the last year,” “in 2023,” or “during the last fiscal year,” we have considered these to be similar data points in our survey of company disclosures. Percentages may not add up to 100% due to rounding.

[2] Foreign private issuers are required to make similar annual disclosures pursuant to Item 16K of Form 20-F.

[3] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023) (“Adopting Release”) at 60-63.

[4] Companies are wise to be cautious when describing their adherence to cybersecurity frameworks and standards, as underscored by the SEC’s recent enforcement action against SolarWinds Corporation where the SEC charged the company with making a materially misleading statement when it claimed “SolarWinds follows the NIST Cybersecurity Framework” despite internal assessments showing that most NIST controls were not met. See SEC v. SolarWinds Corp., 1:23-CV-09518 (S.D.N.Y. July 18, 2024), at 11-14.

[5] In counting the companies who disclose where management reports to the board or responsible committee on a regular basis, we have included companies that state that they do this “regularly” (e.g., regularly, “at each regularly scheduled meeting,” etc.), as well as companies who refer to a specific time period (e.g., annually, quarterly, semi-annually, mid-year, etc.). This does not include where companies use language such as “periodically,” “as appropriate,” “as necessary,” or “as needed.”

[6] Our review of company cybersecurity disclosure was limited to the language included in Item 1C. We have not reviewed other sections of Forms 10-K filed by surveyed companies to determine whether they contain disclosure that can be deemed responsive to Item 106(b)(2).

[7] We have not reviewed the cross-referenced risk factor, or the risk factors section more generally, to determine whether they contain disclosure that can be deemed responsive to Item 106(b)(2).

[8] The language surveyed companies use to disclose how they have been impacted by cybersecurity risks, threat, or incidents is imprecise. For example, some companies specifically discuss the effect of cybersecurity incidents, while others fully track the language of the rule and discuss “risks from cybersecurity threats”.

[9] On October 28, 2024, ISS announced an update to its ISS QualityScore product to include 12 new factors. Among these are the following Audit and Risk Oversight factors related to cybersecurity risk management:

Question 460. Does the company disclose the role of the management in overseeing information security risks?
Question 461. Does the company disclose the role of the board in overseeing information security risks?
Question 462. Does the company have a third-party information security risk management program?
Question 463. Does the company leverage a third-party assessment of information security risks?
Question 464. What is the Data Protection Officer reporting line?

These factors generally align with the disclosure requirements under the rule, and based on our survey results, companies are already addressing Questions 460-463 while preparing their Item 106 disclosures.

[10] Adopting Release, supra note 3, at 81-85.

[11] See SEC Comment Letter to Quarta-Rad, Inc. dated August 1, 2024; SEC Comment Letter to Scientific Industries, Inc. dated June 14, 2024.

[12] See Response Letter from Quarta-Rad, Inc. to the SEC dated August 15, 2024; Response Letter from Scientific Industries, Inc. to the SEC dated July 17, 2024.

[13] See SEC Comment Letter to Wilhelmina International, Inc. dated August 21, 2024 (“SEC Letter to Wilhelmina International”).

[14] See Response Letter from Wilhelmina International, Inc. to the SEC dated September 3, 2024 (“Wilhelmina International Response Letter”).

[15] See SEC Comment Letter to TNF Pharmaceuticals, Inc. dated September 23, 2024 (“SEC Letter to TNF Pharmaceuticals”). In its comment letter, the Staff noted that the responsive disclosure needed to be in sufficient detail for a reasonable investor to understand.

[16] See Response Letter from TNF Pharmaceuticals, Inc. to the SEC dated September 30, 2024 (“TNF Pharmaceuticals Response Letter”).

[17] See SEC Comment Letter to Blackbaud, Inc. dated August 23, 2024.

[18] See Response Letter from Blackbaud, Inc. to the SEC dated September 3, 2024.

[19] SEC Letter to TNF Pharmaceuticals, supra note 15.

[20] SEC Letter to Wilhelmina International, supra note 13.

[21] Wilhelmina International Response Letter, supra note 14; TNF Pharmaceuticals Response Letter, supra note 16.

[22] See the Cybersecurity Disclosure Taxonomy Guide (September 16, 2024), available at https://www.sec.gov/data-research/standard-taxonomies/operating-companies.

The following Gibson Dunn lawyers assisted in preparing this update: Thomas Kim, Julia Lapitskaya, Michael Titera, Stephenie Gosnell Handler, Alexandria Johnson, Isaac Maycock, and Kayla Jahangiri.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation & Corporate Governance or Privacy, Cybersecurity & Data Innovation practice groups, the authors, or any of the following practice leaders and members:

Securities Regulation & Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Michael Scanlon – Washington, D.C.(+1 202.887.3668, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])

Privacy, Cybersecurity & Data Innovation:
Ahmed Baladi – Co-Chair, Paris (+33 1 56 43 13 00, [email protected])
S. Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, [email protected])
Joel Harrison – Co-Chair, London (+44 20 7071 4289, [email protected])
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, [email protected])
Rosemarie T. Ring – Co-Chair, San Francisco (+1 415.393.8247, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Sophie C. Rohnke – Dallas (+1 214.698.3344, [email protected])

Latin America is one of the most important regions for the U.S. and other companies conducting business abroad. Not only is it geographically proximate to the U.S., but the region’s economic promise is substantial. Indeed, the World Bank estimates that, region-wide, the middle class has grown by 50% during the last decade. Some markets, including Mexico and Colombia, have made particularly noteworthy strides in boosting the ranks of their middle classes. Yet, despite its economic promise, conducting business in Latin America continues to be challenging. One key challenge has been corruption, which The Economist recently described as “surging across Latin America,” due in part to “political blowback from a period of intense anti-corruption campaigns[.]” Several governments in the region have collapsed in recent years due to corruption scandals, and in various countries, widely heralded anti-corruption reforms have not yielded the expected results.

This webcast surveys anti-corruption enforcement and developments in the region, including overviews of:

Recent U.S. Foreign Corrupt Practices Act (“FCPA”) enforcement actions involving the region;
Recent, locally led anti-corruption enforcement actions;
Noteworthy legislative and judicial developments; and
Potential mitigation strategies for businesses operating in the region.

PANELISTS:

Michael M. Farhang is a former federal prosecutor and a partner in the Los Angeles office of Gibson, Dunn & Crutcher. He is a member of the firm’s White Collar Defense and Investigations and Securities Litigation Practice Groups. Michael is an experienced litigator and trial attorney who has earned recoveries totaling nearly $70 million for private equity and corporate clients pursuing fraud, contract, and M&A-related claims. In the white collar area, Michael regularly represents corporate and individual clients and has specific subspecialties in Foreign Corrupt Practices Act (FCPA) and Anti-Money Laundering (AML) matters and Latin American corporate investigations. Michael has conducted investigations and compliance work relating to FCPA, AML, and OFAC issues in ten countries and regularly leads investigations for clients conducted in Spanish. Michael is a member of the California Bar and is admitted to practice in the Central District of California and the Ninth Circuit.

Patrick Stokes is a litigation partner in Gibson, Dunn & Crutcher’s Washington, D.C. office. He is the co-chair of the Anti-Corruption and FCPA Practice Group and a member of the firm’s White Collar Defense and Investigations, National Security, Securities Enforcement, Trials, and Litigation Practice Groups. Prior to joining Gibson Dunn, Patrick headed the FCPA Unit of the U.S. Department of Justice, where he managed the FCPA enforcement program and all criminal FCPA matters throughout the United States. Patrick also served as the DOJ’s principal representative at the OECD Working Group on Bribery, working with law enforcement and policymakers from 41 signatory countries on anti-corruption enforcement policy issues. He is a member of the Maryland State Bar and the District of Columbia Bar.

Pedro G. Soto is of counsel in the Washington, D.C. office of Gibson, Dunn & Crutcher. He is a member of the White Collar Defense and Investigations group, and his practice focuses primarily on anti-corruption and fraud matters. He has more than 13 years of experience representing corporations and individuals under investigation by government authorities. He has also conducted compliance due diligence for over 100 transactions around the world. Pedro has particularly deep experience in Latin America, where he has worked on matters in more than 15 different countries. He also represents foreign governments and private claimants in significant litigation and arbitration matters.

A native Spanish speaker, Pedro has extensive experience in Latin America. He has worked on matters involving Argentina, Bolivia, Chile, Colombia, Costa Rica, the Dominican Republic, Ecuador, El Salvador, Guatemala, Mexico, Panama, Paraguay, Peru, Puerto Rico, Uruguay, and Venezuela. Pedro also has experience in matters throughout Asia, Europe, and the Middle East. Pedro is admitted to the District of Columbia Bar.

MCLE CREDIT INFORMATION:

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

Join us for a 45-minute briefing covering several M&A practice topics. The program is part of a series of quarterly webcasts designed to provide quick insights into emerging issues and practical advice on how to manage common M&A problems. Steve Glover, a partner in the firm’s Global M&A Practice Group, acts as moderator.

Topics discussed:

Update on developments in the law governing earn-outs
Review of the new HSR rules
Briefing on the proposed new rules governing outbound investments
Recent case law addressing fraud liability in M&A transactions

PANELISTS:

Branden C. Berns is a partner in the San Francisco office of Gibson, Dunn & Crutcher, where he practices in the firm’s Corporate Transactions Practice Group, focusing on representing leading life sciences companies and investors. Mr. Berns advises clients in connection with a variety of financing transactions, including initial public offerings, secondary equity offerings and venture and growth equity financings, as well as complex corporate transactions, including mergers and acquisitions, asset sales, spin-offs, joint ventures, PIPEs and leveraged buyouts. Mr. Berns regularly serves as principal outside counsel for numerous publicly-traded companies and advises management and boards of directors on corporate law matters, SEC reporting and corporate governance.

Andrew Cline is Counsel in Gibson, Dunn & Crutcher’s Washington, D.C. office. He currently practices in the firm’s Antitrust Practice Group.

Michelle Weinbaum is of counsel in the Washington, D.C. office of Gibson, Dunn & Crutcher LLP where she is a member of the firm’s National Security and International Trade practices. Michelle advises clients on cross-border transactions and national security compliance matters including reviews before the Committee on Foreign Investment in the United States (CFIUS), the Defense Counterintelligence and Security Agency (DCSA), and Team Telecom, as well as export controls (ITAR/EAR), sanctions, foreign direct investment, and government contracts matters.

Michael M. Farhang is a former federal prosecutor and a partner in the Los Angeles office of Gibson, Dunn & Crutcher. He is a member of the firm’s White Collar Defense and Investigations and Securities Litigation Practice Groups. Michael is an experienced litigator and trial attorney who has earned recoveries totaling nearly $70 million for private equity and corporate clients pursuing fraud, contract, and M&A-related claims. He specializes in private M&A litigation matters, including rep and warranty, earnout, and working capital disputes, as well as the defense of companies, directors, and executives in DOJ and SEC investigations and in shareholder class actions, derivative suits and other commercial litigation. Michael has tried more than 25 cases in government and private practice.

Ryan Foley is Of Counsel in the Washington, D.C. office of Gibson, Dunn & Crutcher and a member of the firm’s Antitrust and Competition Practice Group. Ryan counsels clients on all aspects of antitrust law, with a focus on complex transactions. He has extensive experience representing clients in all phases of merger review before the U.S. Department of Justice Antitrust Division, Federal Trade Commission, and other competition authorities globally. He has expertise across a broad range of industries, including pharmaceuticals, technology, media, consumer products, and energy.

Stephen I. Glover is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher who has served as Co-Chair of the firm’s Global Mergers and Acquisitions Practice. Mr. Glover has an extensive practice representing public and private companies in complex mergers and acquisitions, joint ventures, equity and debt offerings and corporate governance matters. His clients include large public corporations, emerging growth companies and middle market companies in a wide range of industries. He also advises private equity firms, individual investors and others.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of .50 credit hour, of which .50 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of .75 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

This update details the key changes to the ECT in the modernised text and considers what the next chapter of the ECT might look like—including for ECT arbitration.

After 15 rounds of negotiations, on 3 December 2024, the Energy Charter Conference officially approved the “modernised” version of the Energy Charter Treaty (ECT), marking the end of a multi-year reform process.[1] The modernised ECT is considered to be a “greener” treaty than the original text, expanding protections to technologies likely to play a significant role in the energy transition and explicitly affirming the right of Contracting States to regulate—including in the energy transition, climate change mitigation and adaptation contexts. In the modernised ECT, Contracting States also reaffirm their commitments under the United Nations Framework Convention on Climate Change (UNFCCC) and the Paris Agreement 2015.

The achievement of modernisation is, however, set against the backdrop of a spate of Contracting Party withdrawals from the ECT in recent years—including by European Union (EU) Member States, as well as the EU and Euratom. The UK has also recently notified its withdrawal.

This update (i) sets out a brief background to the ECT as well as recent developments, (ii) details the key changes to the ECT in the modernised text, and (iii) considers what the future of the ECT might hold.

Background And Recent Developments

The ECT, established in the early 1990s, provides a multilateral framework for energy cooperation. The ECT contains certain protections for investments made by investors of one Contracting Party in another Contracting Party and includes recourse to international arbitration where a Contracting Party acts in breach of its investment protection obligations.

Since November 2017, the ECT Contracting States have been engaged in discussions to “modernise” the ECT text, including by further aligning it to the climate change goals in the 2015 Paris Agreement. An agreement in principle was reached in June 2022,[2] which largely reflected proposed changes put forward by the EU to align the ECT with its European Green Deal policy agenda and the Paris Agreement commitments.[3]

However, the vote on the amendments—initially scheduled for November 2022—was delayed by the EU and its Member States, which disagreed as to whether to proceed with the modernisation process or withdraw from the ECT entirely. The deadlock was broken when, earlier this year, the European Commission urged EU Member States not to block ECT reform,[4] which was then voted on by the EU Council on 30 May 2024.[5]

As noted above, there have been a spate of withdrawals from EU Member States in recent years. Italy was the first to submit a notification of withdrawal on 31 December 2014 (effective 1 January 2016)—a decision which followed several arbitrations pursued against it relating to changes to renewable energy regulations. Other EU Member States then followed suit—Denmark, France, Germany, Ireland, Luxembourg, the Netherlands, Poland, Portugal, Slovenia and Spain—have each since notified the Energy Charter Secretariat of their withdrawal.

The EU and Euratom formally exited the ECT in June 2024, citing its non-compatibility with the EU’s climate goals under the European Green Deal and the Paris Agreement.[6] The UK deposited its withdrawal notification in February 2024 noting, “the failure of [modernisation] efforts to align it with net zero”.[7]

What Are The Main Changes In The Modernised ECT?

The principal amendments in the modernised ECT are set out in the “Amendments to the Energy Charter Treaty” document and the “Modifications and Changes to Annexes to the Energy Charter Treaty” document, both of the 3 December 2024.[8] Below are our key takeaways of the modernised text:

Scope Of Protection

Extends the definition of “Economic Activity in the Energy Sector”—which is included in the definition of a protected “investment” under the ECT—to cover the capture, utilisation and storage of carbon dioxide (CCUS) in order to decarbonise energy systems.
Provides an updated list of the “Energy Materials and Products” (referenced in the definition of “Economic Activity in the Energy Sector”), which excludes products such as oils and other similar products, and fuel woods—but includes certain types of hydrogen and synthetic fuels. [9]
For investments made before 3 September 2025, the EU and its Member States (which are Contracting Parties), phase out investment protection of fossil fuel investments over time, but in any event by 31 December 2040 at the latest.[10]

Investor Protection

Modifies the definition of “fair and equitable treatment”—the provision most commonly relied on in investor-State arbitration cases pursued under the ECT—into a list format “to increase legal certainty”.
Introduces a new standalone State “right to regulate” provision “to reaffirm” this right “in the interest of legitimate public policy objectives” such as protection of the environment, including climate change mitigation and adaptation, protection of public health, safety or public morals.
Consistent with that theme, includes a definition of “indirect expropriation” with a list of factors to be considered. The ECT now provides that unless there are “rare circumstances”, non-discriminatory measures that are adopted to protect legitimate policy objectives—including climate change mitigation and adaptation—will not constitute indirect expropriation.
Introduces a sustainable development provision in which Contracting Parties reaffirm their respective rights and obligations under multilateral environmental and labour agreements, such as the UNFCCC, the Paris Agreement and fundamental ILO conventions. In this provision, Contracting Parties agree that they “shall encourage” investors to adopt and implement voluntarily guidelines such as the UN Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises.
There is also a separate provision (“Climate Change and Clean Energy Transition”) in which the Contracting Parties reaffirm their commitments to “effectively implement” commitments and obligations under the UNFCCC and the Paris Agreement, as well as promote and facilitate trade and investment of relevance for climate change mitigation and adaptation—including, inter alia, “by removing obstacles to trade and investment concerning low carbon energy technologies and services such as renewable energy production capacity, and by adopting policy frameworks conducive to this objective”.

Dispute Resolution

Provides that the UNCITRAL Rules on Transparency in Treaty-based Investor-State Arbitration of 2014 will apply to arbitral proceedings in disputes between Investors and Contracting States.
Establishes mechanisms for the dismissal of “frivolous” claims; clarifying the limits for valuation of damages suffered by an investor and introducing a costs-follow-the-event presumption.
Introduces a requirement for disputing parties to disclose third party funding.
Introduces a provision stating that the investor-state arbitration provision in Article 26 does not apply in intra-EU disputes. This follows legal debate that has been ongoing since the judgments of the Court of Justice of the European Union in Achmea in 2018 and Komstroy in 2021.[11] The 26 EU Member States signed an “ECT Inter Se declaration”[12] and initialled an inter se agreement on 25 June 2024, “regarding the non-applicability of ECT arbitration provisions intra-EU” “giving effect to the Komstroy judgment”.[13]

When Will The Modernised Text Apply?

The amendments to the ECT will apply on a provisional basis from 3 September 2025.[14] However, a Contracting Party may choose to opt out of such provisional application by serving a declaration to this effect before 3 March 2025.

The amendments to the ECT enter into force on the ninetieth day after at least three-fourths of the Contracting States have deposited instruments of ratification, acceptance or approval to the ECT Depositary.[15] The amendments enter into force between the Contracting States that have ratified, accepted or approved them.[16]

The Start Of A New Chapter?

There has been much discussion over recent years about the potential demise of the ECT, with the spate of withdrawals from EU Member States (as well as the EU and Euratom).

At the same time, with the modernised text there may be renewed support behind the treaty. Whilst many EU Member States have exited, some have chosen not to unilaterally withdraw (such as Greece and Sweden), and the European Commission has signalled previously that it may grant special authorisations for EU Member States to become parties to the modernised ECT.[17]

In any event, under the sunset provision of the ECT, despite a withdrawal, Contracting States remain bound by their obligations under the treaty for a further 20 years following such withdrawal. Although EU Member States have reached agreement to disapply the sunset provision within the intra-EU context so that protections cannot be invoked by EU investors against EU Member States, there exists on-going political discussion as to whether inter se disapplication of the sunset provision should be extended outside of that context. Indeed, the EU Council has called on the EU to work with third States (such as the UK, with has notified the Energy Secretariat of its withdrawal) to disapply the sunset clause.[18] It remains to be seen how this will play out—and how a future ECT tribunal would interpret the validity and effect of such an agreement to terminate the sunset provision as a matter of public international law.

There also remain many other non-EU Member State Contracting Parties to the ECT (including Azerbaijan, Japan, Kazakhstan, Türkiye and Ukraine). Investors of these Contracting Parties may want to continue to rely on the ECT’s investment protections when investing in the energy sector of other Contracting States that are party to the ECT. Investors may also consider structuring or restructuring their corporate operations accordingly.

The treaty remains relevant in other contexts beyond investor-State arbitration too, with a recent State-to-State dispute on-going between Azerbaijan and Armenia relating to an alleged breach by Armenia of Azerbaijan’s sovereign rights over its energy resources under Article 27 as a notable example.

Conclusion

The approval of the modernised text concludes a multi-year reform process, one which has generated considerable public attention. No doubt there will be further discussion as to whether this is now a treaty that strikes the right balance between protecting energy investments, energy security and the green transition. Further, legal debate will likely remain for some time (including before ECT tribunals) with respect to the proposed disapplication of the 20-year sunset provision. With non-EU Contracting Parties still party to the ECT too, it is clear that we have not yet seen the end of ECT arbitration.

If you would like to discuss the above further with Gibson Dunn lawyers, please do not hesitate to reach out to the following members of our team.

[1] Press Release, The Energy Charter Conference Adopts Decisions on the Modernisation of the Energy Charter Treaty, 3 December 2024, here.

[2] See Decision of the Energy Charter Conference, Public Communication explaining the main changes contained in the agreement in principle, 24 June 2022, here.

[3] See European Commission, Agreement in principle reached on Modernised Energy Charter Treaty, 24 June 2022, here.

[4] See Proposal for a COUNCIL DECISION on the position to be taken on behalf of the European Union in the Energy Charter Conference, 1 March 2024, https://data.consilium.europa.eu/doc/document/ST-7234-2024-INIT/en/pdf.

[5] See Press release, Energy Charter Treaty: Council gives final green light to EU’s withdrawal, 30 May 2024, https://www.consilium.europa.eu/en/press/press-releases/2024/05/30/energy-charter-treaty-council-gives-final-green-light-to-eu-s-withdrawal/.

[6] See Press Release, Energy Charter Treaty: EU notifies its withdrawal, 27 June 2024, https://www.consilium.europa.eu/en/press/press-releases/2024/06/27/energy-charter-treaty-eu-notifies-its-withdrawal/.

[7] Press release, UK Departs Energy Charter Treaty, 22 February 2024, https://www.gov.uk/government/news/uk-departs-energy-charter-treaty.

[8] See Decision of the Energy Charter Conference, 3 December 2024, here, and Decision of the Energy Charter Conference, Modifications and Changes to Annexes to the Energy Charter Treaty, 3 December 2024, here.

[9] See Decision of the Energy Charter Conference, Modifications and Changes to Annexes to the Energy Charter Treaty, here. (“Modifications and Changes to Annexes”). Note that for investments made on or after 3 September 2025, the EU and its Member States (which are Contracting Parties) have agreed—for hydrogen—that only low carbon and renewable hydrogen will be captured within the definition of “Economic Activity in the Energy Sector”, and only low carbon synthetic fuels. For the UK, it is low carbon hydrogen which meets its “Low Carbon Hydrogen Standard”.

[10] Modifications and Changes to Annexes, Section C(1), cross-referring to Annex EM I 27.01 to 27.15.

[11] See Gibson Dunn Client Alert, Intra-EU Arbitration Under the ECT Is Incompatible with EU Law According to the CJEU in Republic of Moldova v Komstroy, 7 September 2021, https://www.gibsondunn.com/intra-eu-arbitration-under-the-ect-is-incompatible-with-eu-law-according-to-the-cjeu-in-republic-of-moldova-v-komstroy/.

[12] Declaration on the Legal Consequences of the Judgment of the Court of Justice in Komstroy and Common Understanding on the Non-Applicability of Article 26 of the Energy Charter Treaty as a Basis for Intra-EU Arbitration Proceedings, June 26, 2024, https://energy.ec.europa.eu/publications/declaration-legal-consequences-judgment-court-justice-komstroy-and-common-understanding-non_en.

[13] Press release, Energy Charter Treaty: Member States sign declaration and initial Inter Se agreement clarifying non-applicability of ECT arbitration provisions intra-EU, 26 June 2024, https://diplomatie.belgium.be/en/news/energy-charter-treaty-member-states-sign-declaration-and-initial-inter-se-agreement-clarifying-non-applicability-ect-arbitration-provisions-intra-eu.

[14] This also includes the modifications in Section C of Annex NI and the changes and modifications to other Annexes.

[15] As do the modifications in Section C of Annex NI and the changes and modifications to other Annexes. The modifications in Sections A and B of Annex NI enter into force on 3 September 2025.

[16] See Press release, Energy Charter Treaty: Council gives final green light to EU’s withdrawal, 30 May 2024, https://www.consilium.europa.eu/en/press/press-releases/2024/05/30/energy-charter-treaty-council-gives-final-green-light-to-eu-s-withdrawal/.

[17] Non-paper from the European Commission Next steps as regards the EU, Euratom and Member States’ membership in the Energy Charter Treaty, https://www.euractiv.com/wp-content/uploads/sites/2/2023/02/Non-paper_ECT_nextsteps.pdf.

[18] Declaration on the Legal Consequences of the Judgment of the Court Of Justice In Komstroy and Common Understanding on the Non-Applicability of Article 26 of the Energy Charter Treaty as a Basis For Intra-Eu Arbitration Proceedings, here.

The following Gibson Dunn lawyers prepared this update: Penny Madden, Charline Yim, Ceyda Knoebel, and Stephanie Collins.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s International Arbitration practice group, or the following authors:

Penny Madden KC – London (+44 20 7071 4226, [email protected])
Charline Yim – New York (+1 212.351.2316, [email protected])
Ceyda Knoebel – London (+44 20 7071 4243, [email protected])
Stephanie Collins – London (+44 20 7071 4216, [email protected])

On December 12, 2024, the IRS and Treasury are expected to publish final regulations in the Federal Register on the investment tax credit under section 48 of the Internal Revenue Code of 1986, as amended.

On December 12, 2024, the IRS and Treasury are expected to publish final regulations (the “Final Regulations”) in the Federal Register on the investment tax credit under section 48 (the “ITC”).[1] Please see the unpublished version of the Final Regulations here. The Final Regulations generally adopt the proposed regulations (the “Proposed Regulations”) published in November 2023 (see our earlier alert regarding the Proposed Regulations available here), but include certain modifications and clarifications.[2]

Requirements for Energy Property

Units of Energy Property

The Proposed Regulations made owning a “unit of energy property” a prerequisite to claiming the ITC.[3] The Final Regulations retain this requirement and also generally retain the definition of a “unit of energy property” as all functionally independent components of energy property that are operated together and can operate apart from other energy properties. The Final Regulations, however, include some useful adjustments, such as clarifying that the “unit of energy property” for solar property is all the solar panels connected to a common inverter.[4] The preamble to the Final Regulations clarifies that a large, ground-mounted solar energy facility may comprise one or more “units of energy property.”[5]

Retrofitted Property

Despite significant criticism by commentators, the Final Regulations adopt the rule in the Proposed Regulations providing that modifications or improvements to existing energy property are not eligible for the ITC unless the “80/20 rule” is satisfied.[6] Importantly, the 80/20 rule applies separately to each “unit of energy property.”

Fractional Interest / Multiple Owners Rule

The Proposed Regulations introduced a new rule providing that a taxpayer must own at least a fractional interest in an entire “unit of energy property” to claim the ITC in respect of any component of that energy property.

Although the IRS and Treasury received many comments criticizing the fractional interest rules in the Proposed Regulations, the Final Regulations retain those rules, with revisions to an example to make clear that a taxpayer that owns components sufficient to comprise “a unit of energy property” may claim the ITC even if another taxpayer owns certain other components of that energy property.[7]

Certain Software

The preamble to the Final Regulations explains that certain software “that optimizes and automates” section 48(a)(3) energy property may be ITC-eligible under the “integral part” eligibility framework of the Final Regulations.

Categories of Energy Property

Energy Storage Technology. The Final Regulations modify the definitions for some of the ITC-eligible energy storage technologies:

Hydrogen storage technology. In response to numerous comments, the IRS and Treasury dropped the requirement of the Proposed Regulations that would have limited ITC-eligible hydrogen storage technology to technology that stores hydrogen for the production of energy.[8] The preamble to the Final Regulations, however, states that equipment used to store hydrogen carriers (including ammonia and methanol) is not ITC-eligible.[9]
“Second life” batteries. The preamble to the Final Regulations makes clear that “second life” battery components are not considered new components for purposes of applying the 80/20 rule.[10]

Qualified Biogas Property. The IRS and Treasury received numerous comments regarding the definition of qualified biogas property. In response, the Final Regulations modify certain aspects of the definition, including by expressly providing that gas upgrading equipment and anaerobic digesters constitute qualified biogas property.

In addition, the Final Regulations confirm that integral parts of qualified biogas property include waste feedstock collection systems, landfill gas collection systems, and mixing and pumping equipment.[11] Moreover, under the Final Regulations, methane content is measured when the biogas exits the qualified biogas property, whereas under the Proposed Regulations methane content would have been measured at an earlier point in the production process (i.e., when the gas exited the biogas production system).[12] The Final Regulations implemented this change with respect to the measurement point of methane in response to comments on the Proposed Regulations. The preamble to the Final Regulations indicates that this change places the measurement point after the gas has passed through the cleaning and conditioning and/or gas upgrading equipment and that, as a result of this change, this measurement point is more consistent with the “sale or productive use” requirement applicable to qualified biogas property under the Code.[13] The Final Regulations also permit limited flaring of gas as long as the primary purpose of the qualified biogas property is the sale or productive use of biogas and all flaring complies with relevant Federal, State, regional, Tribal, and local laws and regulations.[14]

“Energy Project” for PWA, Domestic Content, and Energy Community Rules

As background (and refresh), under the Code, bonus ITC amounts are available for projects that satisfy “domestic content” and/or “energy community” requirements (see our prior alerts on “domestic content” here and here and our prior alert on “energy community” requirements here).

To be eligible for the full base ITC and full bonus credit amounts under the Code, taxpayers must satisfy the prevailing wage and apprenticeship requirements (“PWA Requirements”) (see our prior alerts here and here). Satisfaction of the PWA Requirements and qualification for the “domestic content” and “energy community” bonus credit amounts is tested, per the Code, at the level of an “energy project.”

The Final Regulations maintain the bright-line rule approach of the Proposed Regulations for purposes of determining whether multiple “energy properties” constitute a single “energy project” for these purposes, with certain modifications.

The Proposed Regulations would have required that, in addition to the multiple energy properties being owned by a taxpayer (including certain related parties), at least two of seven enumerated factors must be present. The Final Regulations raised the threshold to require the presence of at least four of those factors,[15] with the result that fewer energy properties will be aggregated into a single “energy project” for purposes of the PWA requirements, the “domestic content” requirements, and the “energy community” requirements.

The Final Regulations also liberalized the time for determining whether multiple energy properties satisfy the relevant criteria. Specifically, under the Final Regulations, the taxpayer may choose to make the determination at any time during construction of the multiple energy properties or during the taxable year in which the final energy property comprising the energy project is placed in service.[16]

Commentary

The bright-line nature of the single “energy project” rules will continue to provide helpful certainty.
The increase in the number of single project factors that must be satisfied (from two to four), along with the added flexibility in the timing of the single project determination, will help reduce the risk that multiple energy properties might inadvertently be grouped as a single project (e.g., because they were built pursuant to the same construction contract or financed pursuant to the same financing agreement).
The new rule making certain software ITC-eligible is welcome, although the reason given for declining to extend the rule to PTC projects that elect the ITC (i.e., that those projects are subject to a “tangible property” requirement) is confusing and may suggest that the same software will not be eligible under the section 48E technology-neutral investment tax credit (discussed in our previous alert available here).

[1] Unless indicated otherwise, all “section” references are references to the Internal Revenue Code of 1986, as amended (the “Code”), and all “Treas. Reg. §” are to the Treasury regulations promulgated under the Code, each as in effect as of the date of this alert.

[2] The IRS and Treasury issued corrections to the Proposed Regulations on January 12, 2024, which are available here, and on February 22, 2024, which are available here.

[3] Because the ITC-eligibility of an “integral part” or qualified interconnection property is dependent on a taxpayer also owning energy property (that independently qualifies for the ITC and that operates in connection with that integral part or qualified interconnection property), a taxpayer that only owns, and incurred costs with respect to, an integral part or qualified interconnection property (and not energy property that operates in connection with that integral part or qualified interconnection property and that separately qualifies for the ITC) is not entitled to claim any ITC in respect of that integral part or that qualified interconnection property.

[4] Treas. Reg. § 1.48-9(f)(5)(i).

[5] The Final Regulations make clear that power conditioning and transfer equipment are not part of the “unit of energy property,” but that they are ITC-eligible as integral parts.

[6] Treas. Reg. §§ 1.48-14(a)(2) and 1.48-14(a)(3)(iii). Under the “80/20 rule,” property generally may be treated as originally placed in service even if it contains some items of used property, but only if the fair market value of the used property is not more than 20 percent of the total value of the relevant property. Because of this low thresholder for used property, a taxpayer generally needs to undertake substantial retrofitting of energy property to meet this rule.

[7] Treas. Reg. § 1.48-14(e)(4)(ii).

[8] T.D. 10015 (2024), Preamble. The Final Regulations also clarify that hydrogen liquefaction equipment and gathering and distribution lines within a hydrogen energy storage property are property that is integral part of hydrogen energy storage property.

[9] T.D. 10015 (2024), Preamble. The preamble to the Final Regulations also references a comment requesting that the Final Regulations confirm equipment used to process hydrogen into ammonia, methanol, and other carriers is hydrogen energy storage property, but neither the preamble nor the Final Regulations directly respond to the comment.

[10] T.D. 10015 (2024), Preamble.

[11] Treas. Reg. § 1.48-9(e)(11)(i).

[12] Compare Treas. Reg. § 1.48-9(e)(11)(ii) with Proposed Treas. Reg. § 1.48-9(e)(11)(ii).

[13] Section 48(c)(7)(A)(ii).

[14] Treas. Reg. § 1.48-9(e)(11)(iii).

[15] Compare Treas. Reg. § 1.48-13(d)(1) with Proposed Treas. Reg. § 1.48-13(d)(1).

[16] Treas. Reg. § 1.48-13(d)(2). The Preamble states that multiple energy properties comprising a single project do not need to be the same type of energy property. For example, an energy storage property and a generation property may be treated as a single energy project.

The following Gibson Dunn lawyers prepared this update: Michael Cannon, Matt Donnelly, Josiah Bethards, Emily Leduc Gagné*, Kamia Williams*, and Jason Zhang*.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Tax, Cleantech, or Power and Renewables practice groups, or the following authors:

Tax:
Michael Q. Cannon – Dallas (+1 214.698.3232, [email protected])
Matt Donnelly – Washington, D.C. (+1 202.887.3567, [email protected])
Josiah Bethards – Dallas (+1 214.698.3354, [email protected])

Cleantech:
John T. Gaffney – New York (+1 212.351.2626, [email protected])
Daniel S. Alterbaum – New York (+1 212.351.4084, [email protected])
Adam Whitehouse – Houston (+1 346.718.6696, [email protected])

Energy, Regulation and Litigation:
William R. Hollaway – Washington, D.C. (+1 202.955.8592, [email protected])
Tory Lauterbach – Washington, D.C. (+1 202.955.8519, [email protected])

Power and Renewables:
Peter J. Hanlon – New York (+1 212.351.2425, [email protected])
Nicholas H. Politan, Jr. – New York (+1 212.351.2616, [email protected])

*Emily Leduc Gagné, an associate in New York, is admitted to practice in Canada. Kamia Williams and Jason Zhang, associates in Los Angeles and New York respectively, are not yet admitted to practice.

The Economic Crime and Corporate Transparency Act, enacted in December 2023, introduced some of the most significant changes to UK criminal and corporate law for a generation.

As well as significantly lowering the bar for UK authorities to bring prosecutions against international companies for economic crimes, and introducing a new corporate offence of ‘failing to prevent fraud’, the legislation introduced steps to ensure the integrity of information held on the register at Companies House. It also significantly expanded UK law enforcement’s ability to seize and sell crypto assets.

This session covers the headline changes around economic crime but also the areas which have gathered less attention and explains how those rule changes can impact national and international companies.

PANELISTS:

Allan Neil is an English qualified partner in the dispute resolution group of Gibson Dunn’s London office. His recent work involves large-scale multi-jurisdictional disputes and investigations (both regulatory and internal investigations) in the financial institutions sector. His work covers investment banking, asset management and compliance matters. Allan is recognised by The Legal 500 UK 2024 for Commercial Litigation and Regulatory investigations and corporate crime (advice to corporates), and has been awarded the Client Choice Award 2015 in recognition of his excellence in client service in the area of UK Litigation. He is also recognised in the 2016 Legal Week Rising Stars in Litigation list, which profiles the up-and-coming litigation stars at UK top 50 and top international firms in London. He is admitted to the Bar of England & Wales.

John Chesley is a litigation partner in Gibson Dunn’s Washington, D.C. Office. He focuses his practice on white collar criminal enforcement and government-related litigation. He represents corporations, board committees, and executives in internal investigations and before government agencies in matters involving the Foreign Corrupt Practices Act, procurement fraud, environmental crimes, securities violations, sanctions enforcement, antitrust violations, and whistleblower claims. He also has significant trial experience before federal and state courts and administrative tribunals nationwide, with a particular focus on government contract disputes. John is a member of the bars of the State of Maryland and the District of Columbia and has held a Secret security clearance.

Christopher Loudon is a Scottish qualified of counsel in Gibson Dunn’s London office, and practises in the firm’s Dispute Resolution Group. He has broad-based commercial litigation and dispute resolution experience, with a particular focus on the financial services sector.

Since joining Gibson Dunn, Christopher has worked on disputes before the English, French, Swiss, German, Dutch, Italian, US, BVI and Cayman courts, and in particular on a large number of cases in Luxembourg, including commercial, administrative and criminal matters. He also has considerable fraud investigation experience, both in private practice and while seconded to the in-house Legal function at UBS in London. Christopher is admitted to the Bar of Scotland.

Marija Bračković is an associate in Gibson Dunn’s London office, where she is a member of the firm’s Litigation, White Collar Defense and Investigations, Fintech and Digital Assets and Privacy, Cybersecurity and Data Innovation Practice Groups. Marija has substantial experience in both domestic and international dispute resolution, including litigation and investigations, and regulatory compliance and counselling across sectors, with a focus on fintech and emerging digital regulations. Her practice has an emphasis on high-profile and politically sensitive matters, such as cases relating to bribery, money laundering and allegations of cross-border and international crimes. Marija regularly advises on complex regulatory and compliance issues, including the scope and implementation of the emerging digital regulatory regime across the UK and EU, including the Digital Services Act, Online Safety Act and EU AI Act. She is admitted to the Bar of England & Wales.

Amy Cooke is an English qualified barrister and associate in Gibson Dunn’s London office, where she practices in the firm’s Dispute Resolution Group and specializes in white collar investigations. Her recent work includes large-scale multi-jurisdictional disputes and investigations in the financial services sector. Prior to joining Gibson Dunn, Amy was a lawyer at the Serious Fraud Office where she gained extensive experience of complex fraud and bribery investigations and prosecutions involving both corporate entities and high net worth individuals. She also dealt with a number of confiscation and restraint matters. Amy also has a wide range of advocacy experience from her time at the independent bar, during which she handled a variety of criminal and civil cases. Amy is admitted to the Bar of England & Wales.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.5 credit hour, of which 1.5 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.5 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

On December 6, 2024, Judge Richard Bennett of the U.S. District Court for the District of Maryland issued a decision following a bench trial in Students for Fair Admissions v. U.S. Naval Academy, No. 1:23-cv-02699 (D. Md. 2023). Students for Fair Admissions (“SFFA”) filed suit against the Naval Academy on October 5, 2023, claiming that the Academy’s consideration of race in its admissions process violates equal protection guarantees. After a year of discovery, the dispute proceeded to a nine-day trial in September 2024, during which SFFA argued that the Academy’s consideration of race in its admissions process violated the Constitution because it was not narrowly tailored to achieve a compelling government interest. The Academy countered that its consideration of race is necessary to achieve a diverse officer corps, which furthers a compelling government interest in national security.

In a 175-page decision issued on Friday, Judge Bennett found that the Academy’s admissions process withstands the strict scrutiny mandated by Students for Fair Admissions v. President & Fellows of Harvard College, 600 U.S. 181 (2023) (“Harvard”), and entered judgment in favor of the Academy.[1]

The court concluded that the Academy “established a compelling national security interest in a diverse officer corps.”[2] Specifically, the court agreed with the Academy that its race-conscious admissions policies “serve a compelling interest in national security by improving the Navy and Marine Corps’ unit cohesion and lethality, recruitment and retention, and domestic and international legitimacy.”[3] Recognizing long-standing precedent of judicial deference to congressional choice and to the Executive’s decisions relating to the military, the court deferred to the Academy’s “military judgments of a compelling national security interest.”[4]

Judge Bennett determined that the Academy’s admissions program is narrowly tailored to meet the compelling national security interest. The court held that the Academy had “proved measurable increases in the racial diversity of the Navy and Marine officer corps over the last twenty years,” and that the “numbers prove that the Naval Academy’s consideration of race in admissions has furthered the Government’s national security interests in a diverse Navy and Marine corps.”[5]

The court also held that, consistent with the Supreme Court’s decisions in both Harvard and Grutter v. Bollinger, 539 U.S. 306, 334 (2003), the Academy evaluates candidates using a “holistic approach,” and “does not employ quotas, admit candidates based solely on their race or ethnicity, or place minority candidates on separate admissions tracks.”[6] When race is considered, “it is one of many nondeterminative factors the Naval Academy evaluates.”[7] Similarly, the court determined that the Academy does not use race as a negative or stereotype, in part because Naval Academy admissions are not “zero sum” like civilian college admissions, but rather are “much more complex” and “subject to several statutory restraints” such that “each candidate’s admission to the Naval Academy is inherently intertwined with others’.”[8]

In Harvard, the Supreme Court noted that Harvard’s race-based admissions process lacked a logical end point, which is a requirement imposed by Grutter for race-conscious admissions practices at civilian universities. Here, the court noted that “[i]n its national security jurisprudence, the Supreme Court has suggested that measures restricting constitutional rights or utilizing racial classifications must be temporary, but it has stopped short of requiring an identified ‘logical end point’ for such measures.”[9] As such, Judge Bennett held that the Academy was not required to identify a specific end point to its use of race in its admissions process, and that the Academy had demonstrated that its race-conscious admissions process was properly time-bound because it had shown that “race-conscious admissions will terminate when the incoming classes of midshipmen enable [the Academy] to develop a Navy and Marine officer corps that better represents racial and ethnic diversity among enlisted servicemembers and the American population.”[10]

Finally, the court held that the Academy had shown that the use of race is necessary to achieve the compelling national security interests because the decrease in Black and Hispanic candidates absent race-conscious admissions would have resulted in a more than 50% decrease in the number of Black officers and a 17% decrease in the number of Hispanic officers entering the officer corps via the Naval Academy in 2023.[11] Further, the court determined that the Academy had properly considered race-neutral alternatives (including giving additional points and consideration to candidates with adversity or hardship experiences, disadvantaged socioeconomic backgrounds, and first-generation college status, among others), but that these alternatives did not further the Academy’s compelling national security interest “about as well” as race-conscious admissions policies.[12]

Holding that the Academy’s admissions program withstands the strict scrutiny mandated by Harvard, the court entered judgment in favor of the Academy. In a statement issued following the decision, Edward Blum, the leader of SFFA, said that the “organization is disappointed by the Court’s opinion. But just as we did in our successful lawsuits against Harvard and the University of North Carolina, SFFA will appeal this to the appellate court. If we are unsuccessful there, then we will appeal to the U.S. Supreme Court.” SFFA has already filed a notice of appeal to the Fourth Circuit Court of Appeals.

SFFA filed a similar suit against the U.S. Military Academy at West Point in September 2023. Students for Fair Admissions v. U.S. Military Academy at West Point, No. 7:23-cv-08262 (S.D.N.Y. 2023). After the court denied SFFA’s request for a preliminary injunction, SFFA filed an interlocutory appeal to the Second Circuit, and also sought an injunction pending appeal from the U.S. Supreme Court. The Supreme Court refused to consider the application, and the parties stipulated to withdraw the appeal in the Second Circuit. SFFA filed an amended complaint in the district court, and the parties are engaged in discovery.

_________________

[1] Findings of Fact and Conclusions of Law, Students for Fair Admissions v. U.S. Naval Academy, No. 1:23-cv-02699 (D. Md. Dec. 6, 2024) at 175.

[2] Id. at 133.

[3] Id.

[4] Id.

[5] Id. at 151-52.

[6] Id. at 156.

[7] Id. at 158.

[8] Id. at 160-61.

[9] Id. at 165.

[10] Id. at 166.

[11] Id. at 168-69.

[12] Id. at 171-72.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Blaine Evanson, Molly Senger, Zakiyyah Salim-Williams, Matt Gregory, Zoë Klein, Cate McCaffrey, Jenna Voronov, Emma Eisendrath, Felicia Reyes, Allonna Nordhavn, Janice Jiang, Laura Wang, Maya Jeyendran, Kristen Durkan, Ashley Wilson, Lauren Meyer, Kameron Mitchell, Chelsea Clayton, Albert Le, Emma Wexler, Heather Skrabak, and Godard Solomon.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, [email protected])

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, [email protected])

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, [email protected])

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, [email protected])

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, [email protected])

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, [email protected])

This webinar discusses recent developments in two key national security topics. We focus on the Department of Justice’s increased enforcement of the Foreign Agents Registration Act (FARA) and the more muscular approach the Committee on Foreign Investment in the United States (CFIUS) recently has taken.

The FARA discussion covers:

The Department of Justice’s increased use of FARA as an enforcement tool
The current status and implications of Attorney General vs. Wynn (D.C. Cir. 2024)
Recent FARA prosecutions, such as the indictment of former N.Y. state official Linda Sun
Recent congressional legislative proposals to amend FARA
The outlook for potential state-level FARA regimes

The CFIUS and Outbound Investment discussion addresses:

Enforcement trends for CFIUS filings and mitigation monitoring and compliance
The evolution of CFIUS’s use of civil monetary penalties and recent examples
CFIUS’s expanded authority to use subpoena power in reviews
CFIUS’s evolving approach to identifying and reviewing non-notified transactions
The contours of the new Outbound Investment Security Program
What financial investors and strategic companies are doing now to prepare for compliance with outbound investment restrictions

PANELISTS:

David P. Burns is a litigation partner in Gibson Dunn’s Washington, D.C., office where he is the co-chair of the firm’s National Security Practice Group, and a member of the White Collar and Investigations and Crisis Management practice groups. His practice focuses on white-collar criminal defense, internal investigations, national security, and regulatory enforcement matters.

Prior to re-joining the firm, David served in senior positions in both the Criminal Division and National Security Division of the U.S. Department of Justice. Most recently, he served as Acting Assistant Attorney General of the Criminal Division, where he led more than 600 federal prosecutors who conducted investigations and prosecutions involving securities fraud, health care fraud, Foreign Corrupt Practices Act violations, public corruption, cybercrime, intellectual property theft, money laundering, Bank Secrecy Act violations, child exploitation, international narcotics trafficking, human rights violations, organized and transnational crime, gang violence, and other crimes, as well as matters involving international affairs and sensitive law enforcement techniques. Prior to joining the Criminal Division, David served as the Principal Deputy Assistant Attorney General of the National Security Division from September 2018 to December 2020. In that role, he supervised the Division’s investigations and prosecutions, including counterterrorism, counterintelligence, economic espionage, cyber hacking, FARA, disclosure of classified information, and sanctions and export controls matters. David is admitted to practice in the District of Columbia.

Stephenie Gosnell Handler is a partner in Gibson Dunn’s Washington, D.C. office, where she is a member of the International Trade and Privacy, Cybersecurity, and Data Innovation practices. She advises clients on complex legal, regulatory, and compliance issues relating to international trade, cybersecurity, and technology matters. Stephenie’s legal advice is deeply informed by her operational cybersecurity and in-house legal experience at McKinsey & Company, and also by her active duty service in the U.S. Marine Corps.

Stephenie returned to Gibson Dunn after serving as Director of Cybersecurity Strategy and Digital Acceleration at McKinsey & Company. In this role, she led development of the firm’s cybersecurity strategy and advised senior leadership on public policy and geopolitical trends relating to cybersecurity, technology, and data. Stephenie frequently advised at the intersection of cybersecurity, technology, and data and export control and sanctions requirements. Previously, Stephenie was a senior associate at a leading international law firm, where she focused her practice on international trade matters including CFIUS, export controls, and sanctions, and cybersecurity matters across the cybersecurity risk management and incident lifecycle, including assessments, incident response preparedness, incident response, regulatory compliance, transactional due diligence, and regulatory enforcement actions. She is admitted to practice in the District of Columbia and the States of Maine and New York.

Amanda H. Neely is of counsel in Gibson Dunn’s Washington, D.C. office, and is a member of the Public Policy, Congressional Investigations, White Collar, and National Security practice groups. Amanda has extensive experience working on Capitol Hill. She leverages that expertise to advise clients regarding their interactions with Congress and the executive branch.

Over the course of ten years, Amanda held several senior staff positions in Congress. She served as Director of Governmental Affairs for the Senate Homeland Security and Governmental Affairs and General Counsel to Senator Rob Portman. Under Senator Portman’s chairmanship, she also served as Deputy Chief Counsel for the Permanent Subcommittee on Investigations. In those roles, she managed Senator Portman’s regulatory reform agenda and led oversight of federal government agencies and investigations into private entities. She previously served in several other Capitol Hill offices including as Oversight Counsel for the House of Representatives Committee on Ways and Means. Amanda also has participated in a variety of litigation matters before state and federal trial and appellate courts, including several class action defense and False Claims Act cases. She is admitted to practice law in the District of Columbia and before the United States Courts of Appeals for the District of Columbia Circuit.

Michelle Weinbaum is of counsel in Gibson Dunn’s Washington, D.C. office, where she is a member of the firm’s National Security and International Trade practices.

Michelle advises clients on cross-border transactions and national security compliance matters including reviews before the Committee on Foreign Investment in the United States (CFIUS), the Defense Counterintelligence and Security Agency (DCSA), and Team Telecom, as well as export controls (ITAR/EAR), sanctions, foreign direct investment, and government contracts matters. In addition to leading national security reviews of hundreds of transactions, she has significant experience negotiating complex national security agreements with CFIUS and DCSA (including Proxy Board arrangements, Special Security Agreements, Security Control Agreements, and specialized board resolutions). Previously, Michelle was a partner in the international trade group at a global law firm where she focused her practice on CFIUS, DCSA and international trade matters. She is admitted to practice in the District of Columbia and in New York.

MCLE CREDIT INFORMATION:

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour in the General Category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

On December 5, 2024, the Department of Justice filed a notice of appeal of a recent court ruling that preliminarily enjoined enforcement of the Corporate Transparency Act (CTA) on constitutional grounds. The U.S. Financial Crimes Enforcement Network (FinCEN) also posted a statement to its website regarding the court’s ruling and the appeal.

This update briefly describes the appeal, the FinCEN statement, and what they mean for CTA compliance moving forward. FinCEN’s statement notes the appeal, confirms that FinCEN will comply with the court’s ruling (meaning that companies are not subject to liability for failing to file beneficial ownership information (BOI) reports while the ruling is in effect), and states that companies can continue to submit BOI reports voluntarily.[1]

The CTA, enacted in 2021, requires corporations, limited liability companies, and certain other entities created (or, as to non-U.S. entities, registered to do business) in any U.S. state or tribal jurisdiction to file a BOI report with FinCEN identifying, among other information, the natural persons who are beneficial owners of the entity.[2] A regulation, the Reporting Rule, helps implement the CTA by specifying compliance deadlines—including a January 1, 2025 deadline for companies created or registered to do business in the United States before January 1, 2024—and detailing what information must be reported to FinCEN.[3]

The December 3, 2024 Ruling

On December 3, 2024, in ruling on a lawsuit challenging the constitutionality of the CTA and Reporting Rule on various grounds, Judge Amos L. Mazzant of the U.S. District Court for the Eastern District of Texas granted plaintiffs’ motion for a preliminary injunction.[4] Unlike another court that had held the CTA unconstitutional,[5] Judge Mazzant preliminarily enjoined enforcement of the CTA and Reporting Rule nationwide.[6] Moreover, the court invoked its power under the Administrative Procedure Act’s stay provision, 5 U.S.C. § 705, to “postpone the effective date of” the Reporting Rule.[7]

Government’s Response

On December 5, the Department of Justice, on behalf of the Department of the Treasury, filed a notice of appeal from the court’s opinion and order to the U.S. Court of Appeals for the Fifth Circuit.[8]

FinCEN also posted a statement to its website.[9] In sum, FinCEN noted that, because of the court’s order, “reporting companies are not currently required to file their beneficial ownership information with FinCEN and will not be subject to liability if they fail to do so while the preliminary injunction remains in effect. Nevertheless, reporting companies may continue to voluntarily submit beneficial ownership information reports.” FinCEN also noted the appeal filed by the Department of Justice.

What the Appeal and Statement Mean for Entities Subject to the CTA

As we previously described,[10] given the possibility of either the Fifth Circuit or the Supreme Court staying the district court’s order pending appeal, reporting entities’ legal obligations are subject to change on short notice. If either the Fifth Circuit or Supreme Court stay the district court’s order pending appeal, the Reporting Rule will become enforceable again, though FinCEN may adjust the rule’s deadlines depending on how long the district court’s order remains in effect. It also remains to be seen whether the incoming administration will continue to defend the constitutionality of the CTA or not, although, as a general rule, the Department of Justice typically defends the constitutionality of federal statutes regardless of administration.

Entities that believe they may be subject to the Reporting Rule should closely monitor this matter, and consult with their CTA advisors as necessary, to understand when, if at all, they need to comply with the Reporting Rule’s requirements and to allow for sufficient lead time to prepare BOI reports in advance of any filing deadline that may be re-established (with or without adjustment) in the future.

[1] A prior alert by Gibson Dunn explaining the court’s ruling is available at https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwide/.

[2] See William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, Div. F., § 6403 (adding 31 U.S.C. § 5336). Prior alerts by Gibson Dunn explaining the Corporate Transparency Act are available at: https://www.gibsondunn.com/top-12-developments-in-anti-money-laundering-enforcement-in-2023; https://www.gibsondunn.com/the-impact-of-fincens-beneficial-ownership-regulation-on-investment-funds; https://www.gibsondunn.com/the-corporate-transparency-act-reminders-and-key-updates-including-fincen-october-3-faqs.

[3] 31 C.F.R. § 1010.380.

[4] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[5] Nat’l Small Business United v. Yellen, 721 F. Supp. 3d 1260 (N.D. Ala. 2024); see https://www.gibsondunn.com/corporate-transparency-act-declared-unconstitutional-what-it-means-for-you.

[6] Id. at 77.

[7] Id. at 78.

[8] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkts. 32, 34.

[9] https://fincen.gov/boi.

[10] Supra https://www.gibsondunn.com/corporate-transparency-act-enforcement-preliminarily-enjoined-nationwide/.

The following Gibson Dunn lawyers assisted in preparing this update: Kevin Bettsteller, Stephanie Brooker, Matt Gregory, Justin Newman, Dave Ware, Sam Raymond, Chris Jones, and Connor Mui.

Gibson Dunn has deep experience with issues relating to the Bank Secrecy Act, the Corporate Transparency Act, other AML and sanctions laws and regulations, and challenges to Congressional statutes and administrative regulations.

For assistance navigating white collar or regulatory enforcement issues, please contact the authors, the Gibson Dunn lawyer with whom you usually work, or any leader or member of the firm’s Anti-Money Laundering, Administrative Law & Regulatory, Investment Funds, Real Estate, or White Collar Defense & Investigations practice groups.

Please also feel free to contact any of the following practice group leaders and members and key CTA contacts:

Anti-Money Laundering:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
M. Kendall Day – Washington, D.C. (+1 202.955.8220, [email protected])
David Ware – Washington, D.C. (+1 202-887-3652, [email protected])
Ella Capone – Washington, D.C. (+1 202.887.3511, [email protected])
Sam Raymond – New York (+1 212.351.2499, [email protected])
Chris Jones – Los Angeles (+1 213.229.7786, [email protected])

Administrative Law and Regulatory:
Stuart F. Delery – Washington, D.C. (+1 202.955.8515, [email protected])
Eugene Scalia – Washington, D.C. (+1 202.955.8673, [email protected])
Helgi C. Walker – Washington, D.C. (+1 202.887.3599, [email protected])
Matt Gregory – Washington, D.C. (+1 202.887.3635, [email protected])

Investment Funds:
Kevin Bettsteller – Los Angeles (+1 310.552.8566, [email protected])
Shannon Errico – New York (+1 212.351.2448, [email protected])
Greg Merz – Washington, D.C. (+1 202.887.3637, [email protected])

Real Estate:
Eric M. Feuerstein – New York (+1 212.351.2323, [email protected])
Jesse Sharf – Los Angeles (+1 310.552.8512, [email protected])
Lesley V. Davis – Orange County (+1 949.451.3848, [email protected])
Anna Korbakis – Orange County (+1 949.451.3808, [email protected])

White Collar Defense and Investigations:
Stephanie Brooker – Washington, D.C. (+1 202.887.3502, [email protected])
Winston Y. Chan – San Francisco (+1 415.393.8362, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
F. Joseph Warin – Washington, D.C. (+1 202.887.3609, [email protected])

From the Derivatives Practice Group: The CFTC released fiscal year 2024 enforcement results this week, touting record monetary relief of over $17.1 billion.

New Developments

CFTC Staff Issues Advisory Related to the Use of Artificial Intelligence by CFTC-Registered Entities and Registrants. On December 5, the CFTC’s Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants issued a staff advisory on the use of artificial intelligence in CFTC-regulated markets by registered entities and registrants. The advisory is intended to remind CFTC-regulated entities of their obligations under the Commodity Exchange Act and the CFTC’s regulations as these entities begin to implement AI. CFTC staff noted that it is closely tracking the development of AI technology and AI’s potential benefits and risks and that it values its ongoing dialogue with CFTC-regulated entities and intends to monitor these entities’ use of AI as part of the agency’s routine oversight activities. According to the CFTC, the advisory is informed, in part, by public comments received in response to the staff’s January 25, 2024 Request for Comment on AI. [NEW]
CFTC Releases FY 2024 Enforcement Results. On December 4, the CFTC announced record monetary relief of over $17.1 billion for fiscal year 2024. With the resolution of digital asset cases that resulted in the agency’s largest recovery ever, this record amount included $2.6 billion in civil monetary penalties and $14.5 billion in disgorgement and restitution. In FY 2024, the agency brought 58 new actions including, in the CFTC’s words, precedent-setting digital asset commodities cases, its first actions addressing fraud in voluntary carbon credit markets, complex manipulation cases in various markets, and significant compliance cases – including its largest compliance case ever. The CFTC also said that it continued to vigorously litigate pending actions, resulting in significant litigation victories and recoveries. [NEW]
Commissioner Johnson Announces CFTC Market Risk Advisory Committee Meeting on December 10. On November 26, CFTC Commissioner Kristin N. Johnson, sponsor of the Market Risk Advisory Committee (“MRAC”) announced that the MRAC will hold a public meeting on Tuesday, Dec. 10, from 9:30 a.m. to 12:30 p.m. (EDT) at the CFTC’s Washington, D.C., headquarters. At the meeting, the MRAC will discuss current topics and developments in the areas of central counterparty risk and governance, market structure, climate-related risk, and innovative and emerging technologies affecting the derivatives and related financial markets. [NEW]
SEC Chair Gensler to Depart Agency on January 20. On November 21, the Securities and Exchange Commission (the “SEC”) announced that its 33rd Chair, Gary Gensler, will step down from the Commission effective at 12:00 pm on January 20, 2025.
CFTC’s Global Markets Advisory Committee Advances Recommendation on Tokenized Non-Cash Collateral. On November 21, the CFTC’s Global Markets Advisory Committee (the “GMAC”), sponsored by Commissioner Caroline D. Pham, advanced a recommendation to expand the use of non-cash collateral through the use of distributed ledger technology. The GMAC’s Digital Asset Markets Subcommittee also presented on the progress of its Utility Tokens workstream. The recommendation by the GMAC’s Digital Asset Markets Subcommittee was approved without objection, marking the 14th GMAC recommendation advanced to the CFTC in the last 12 months, the most of any advisory committee ever in the same timeframe. The CFTC said that the recommendation provides a legal and regulatory framework for how market participants can apply their existing policies, procedures, practices, and processes to support use of DLT for non-cash collateral in a manner consistent with margin requirements.

New Developments Outside the U.S.

IOSCO Publishes Final Report on Regulatory Implications and Good Practices on the Evolution of Market Structures. On November 29, IOSCO published its Final Report on the Evolution in the Operation, Governance, and Business Models of Exchanges. According to IOSCO, the Final Report addresses significant changes in exchange business models and market structures, highlighting the impact of increased competition, technological advancements, and cross-border activity on exchanges. Additionally, it outlines a set of six good practices for regulators to consider in the supervision of exchanges that cover three key areas: (1) Organization of Exchanges and Exchange Groups (2) Supervision of Exchanges and Trading Venues within Exchange Groups and (3) Supervision of Multinational Exchange Groups. [NEW]
BoE Publishes Report on Its System-Wide Exploratory Scenario Exercise and Stress Test Results for UK CCPs. On November 29, the Bank of England (“BoE”) published a final report on its system-wide exploratory scenario (“SWES”) and the results of its 2024 supervisory stress test of UK central counterparties (“CCPs”). As part of the SWES exercise, 50 participating firms, including banks, insurers, pension schemes, hedge funds, asset managers and CCPs, had to assess how they would be impacted by a hypothetical stress scenario, including severe but plausible shocks to a wide range of market prices and indicators over 10 business days, including moves similar to those seen during the UK gilt market crisis in 2022 and the 2020 dash for cash. BoE noted key observations, including (1) the simulated market shocks generated significant liquidity needs for non-bank financial intermediaries, (2) financial participants’ collective actions amplify the initial shock, (3) the gilt repo market was central in helping to absorb the shock, but its capacity in times of stress remains limited, (4) the exercise confirms the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and (5) there were material differences between firms’ and CCPs’ expectations on projections of initial margin increases, with banks and non-bank financial intermediaries generally overestimating changes in CCP initial margin. The BoE indicated that its supervisory stress test of UK CCPs also confirmed the resilience of UK CCPs to a stress scenario similar to the worst ever historical stress and indicated (1) CCPs were found to experience greater mutualized losses in this exercise compared to previous ones, (2) the ability of clients of defaulting members to port positions has a material impact on the credit stress test results and (3) the exercise also considered the cost of liquidating concentrated positions held by defaulters, with results showing that including concentration costs (assuming no porting) can have a material impact on the depletion of resources. [NEW]
IOSCO Publishes Report on Principles for Regulation of Commodity Derivatives. On November 25, IOSCO published Targeted Implementation Review on Principles for the Regulation and Supervision of Commodity Derivatives Markets. According to IOSCO, the report was initiated in response to heightened volatility in commodity markets to assess the implementation of principles 9 (OTC transparency), 12 (authority to obtain information), 14 (large positions), 15 (intervention powers in the market) and 16 (unexpected disruptions in the market). In the report, IOSCO recommends that its members should promote international consistency and cooperation in regulating commodity derivatives markets, ensure that exchanges and regulators can access and consolidate data in relation to large positions from on-exchange and OTC trades. They should also balance risk management and price discovery when applying market control measures and improve communication between authorities in times of crises, the report recommends. [NEW]
ESMA Announces Further Guidance on Exclusion Criteria for the Selection of Consolidated Tape Providers. On November 25, ESMA clarified details for some of the documents that future applicants will be expected to provide when participating in the selection process for Consolidated Tapes Providers (“CTPs”). During the first stage of the selection procedure, the exclusion criteria will be used to assess if applicants can be invited to submit their applications in the second stage of the procedure. ESMA will require specific documentation from applicants, including a declaration of honor and valid evidence on exclusion criteria. ESMA’s publication includes an indicative overview of the relevant certificates issued in each EU Member State for such evidence. [NEW]
ESMA Responds to the European Commission Consultation on Non-Bank Financial Intermediation. On November 22, ESMA sent its response to the European Commission consultation on assessing the adequacy of macroprudential policies for Non-Bank Financial Intermediation (“NBFI”). In its response, ESMA makes key proposals in several areas, including liquidity management, money market fund regulation, supervision and data, and coordination between competent authorities. [NEW]
IOSCO Publishes Consultation Report on Pre-Hedging. On November 21, IOSCO published a Consultation Report inviting feedback on its recommendations relating to pre-hedging practices. The Consultation Report offers a definition of pre-hedging and proposes a set of recommendations intended to guide regulators in determining acceptable pre-hedging practices and managing the associated conduct risks effectively.
The ESAs Publish Joint Guidelines on the System for the Exchange of Information Relevant to Fit and Proper Assessments. On November 20, the European Supervisory Authorities (the “ESAs”) announced the development of an ESAs F&P Information System with the purpose of enhancing information exchange between supervisory authorities within the European Union (“EU”) and across different parts of the financial sector. The Joint Guidelines aim to clarify its use and how data can be exchanged. The Joint Guidelines are intended to ensure consistent and effective supervisory practices within the European System of Financial Supervision (“ESFS”) and facilitate information exchange between supervisors. They apply to competent authorities within the ESFS and focus on two main areas: use of the F&P Information System and information exchange and cooperation between the competent authorities when conducting fitness and propriety assessments.
Active Account Requirement – ESMA is Seeking First Input Under EMIR 3. On November 20, the European Securities and Markets Authority (“ESMA”) published a Consultation Paper on the conditions of the Active Account Requirement (“AAR”) following the review of the European Market Infrastructure Regulation (“EMIR 3”). The amending Regulation introduces a new requirement for EU counterparties active in certain derivatives to hold an operational and representative active account at a CCP authorized to offer services and activities in the EU. ESMA is seeking stakeholder input on several key aspects of the AAR, including: the three operational conditions to ensure that the clearing account is effectively active and functional, including stress-testing; the representativeness obligation for the most active counterparties; and reporting requirements to assess their compliance with the AAR. ESMA indicated that it will consider the feedback received to this consultation by January 27, 2025 and aims to submit the final draft regulatory technical standards to the European Commission within six months following the entry into force of EMIR 3. ESMA will organize a public hearing on January 20, 2025.
ESMA Proposes to Move to T+1 by October 2027. On November 18, ESMA published its Final Report on the assessment of shortening the settlement cycle in the EU. The report highlights that increased efficiency and resilience of post-trade processes that should be prompted by a move to T+1 would facilitate achieving the objective of further promoting settlement efficiency in the EU, contributing to market integration and to the Savings and Investment Union objectives. ESMA recommended that the migration to T+1 occurs simultaneously across all relevant instruments and that it is achieved in Q4 2027. Specifically, ESMA recommended October 11, 2027 as the optimal date for the transition and suggested following a coordinated approach with other jurisdictions in Europe.

New Industry-Led Developments

ISDA Response to European Commission’s Consultation on Macroprudential Policies for NBFIs. On November 21, ISDA responded to the European Commission’s consultation on assessing the adequacy of macroprudential policies for NFBI. In the response, ISDA covers a range of key topics, including the need to consider the diversity of the NBFI sector, possible solutions to challenges in meeting collateral requirements, the importance of bank intermediation capacity, the need for deep and liquid core funding markets, enhanced data sharing among regulators and the vital role played by non-cleared derivatives markets, especially in times of stress. [NEW]
ISDA Letter to FASB on Hedge Accounting Improvements. On November 25, ISDA submitted a comment letter to the Financial Accounting Standards Board (“FASB”) in response to its exposure draft (ED) on File Reference No. 2024-ED200, Derivatives and Hedging (Topic 815) – Hedge Accounting Improvements. In the comment letter, ISDA explains it supports the FASB’s proposals in the ED and believes the ED achieves the FASB’s objective of improving the application and relevance of the derivatives and hedging guidance. [NEW]

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])

Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])

Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])

Darius Mehraban, New York (212.351.2428, [email protected])

Jason J. Cabral, New York (212.351.6267, [email protected])

Adam Lapidus – New York (212.351.3869, [email protected] )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])

William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )

David P. Burns, Washington, D.C. (202.887.3786, [email protected])

Marc Aaron Takagaki , New York (212.351.4028, [email protected] )

Hayden K. McGovern, Dallas (214.698.3142, [email protected])

Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])

This update addresses some of the most common questions clients have about DOGE and discusses how DOGE might be structured, its proposed objectives and legal barriers to achieving those objectives, and its potential authorities and mechanisms for action.

President-elect Trump has tasked an entity he has dubbed the Department of Government Efficiency (DOGE) with making good on his campaign promises of cutting government spending and reducing regulatory burdens. How DOGE, led by Elon Musk and Vivek Ramaswamy, will accomplish these mandates has raised many questions for our clients. DOGE’s structure, composition, authorities, sources of funding, objectives, and internal processes remain unknown, as does how DOGE’s agenda will affect clients who must comply with potentially changing regulations. This Alert addresses some of the most common questions clients have about DOGE, including how DOGE might be structured, its proposed objectives and legal obstacles to achieving those objectives, and its potential authorities and mechanisms for action.

I. What is DOGE?

As of now, DOGE’s structure remains unclear. President-elect Trump has stated that DOGE will operate “outside the government.”[1] Based on its proposed function and precedent, it most likely will be a federal advisory committee (FAC) subject to the requirements of the Federal Advisory Committee Act (FACA). President Reagan’s Private Sector Survey on Cost Control (known as the Grace Commission) and President Obama’s National Commission on Fiscal Responsibility and Reform (known as the Simpson-Bowles Commission) are DOGE’s nearest analogues, and both operated as FACs. It is possible, however, that DOGE also may try to operate as an independent, non-governmental organization. DOGE’s status will determine the restrictions and requirements that will apply to it and its members.

A. What is a Federal Advisory Committee?

If DOGE is a FAC, it will be subject to the various recordkeeping, disclosure, and conflicts requirements of FACA. The statute provides a formal process for establishing, operating, overseeing, and terminating bodies that advise the president or an executive branch agency. Under the statute, a FAC is any “committee, board, commission, council, conference, panel, task force, or other similar group” that (1) includes at least one non-governmental member; (2) is “established or utilized to obtain advice or recommendations for the President or one or more agencies or officers of the Federal Government”; and (3) “established or utilized by the President; or . . . established or utilized by one or more agencies.”[2]

Whether DOGE is classified as a FAC will depend on its structure and operations. The president or an agency typically will establish FACs by an order that describes the function of the FAC, its composition, and its administration.[3] Even if a president or agency does not declare an entity to be a FAC, however, courts can rule that an entity is a FAC if it performs the functions of a FAC and enjoin its activities unless and until it complies with FACA.[4]

To courts, an “important factor” will be whether DOGE has “an organized structure, a fixed membership, and a specific purpose.”[5] Additionally, to the extent DOGE “render[s] advice as a group, and not as a collection of individuals,” courts may be more inclined to classify DOGE as a FAC.[6]

Even if DOGE were otherwise a FAC, the Trump administration or DOGE itself may conclude, as some scholars have, that FACA is unconstitutional in whole or in part because the president has “inherent power to seek the views of outside advisers” under the Vesting and Recommendation Clauses of the Constitution.[7] Then-Deputy Attorney General Antonin Scalia supported a version of this argument in 1974,[8] but courts have generally avoided addressing the argument to date.[9] Whether a court would agree with that position is unclear.

B. What would be the implications if DOGE is a FAC?

If DOGE is classified as a FAC, it presumably will have to comply with FACA’s transparency and conflict of interest requirements. FACA requires presidential advisory committees (i.e., FACs that advise presidents) to file a charter outlining the committee’s objectives and duties with the General Services Administrator, open most committee meetings to the public, and make their records available under the Freedom of Information Act.[10] Additionally, any directive establishing a FAC must include “appropriate provisions” to ensure the FAC’s advice “will not be inappropriately influenced by the appointing authority or by any special interest.”[11] Thus far, no definitive authority exists regarding what FAC procedures comply with FACA’s inappropriate influence requirement. Further, the viewpoints of FAC members must be “fairly balanced.”[12]

i. How could FACA requirements be enforced?

Although some courts have held that FACA does not create a cause of action, plaintiffs may be able to challenge DOGE’s compliance with FACA and related laws in at least three other ways.[13] First, at least one court has assumed that FACs are subject to the Mandamus Act.[14] The Mandamus Act creates subject-matter jurisdiction over any action to “compel an officer or employee of the United States or any agency thereof to perform a duty owed to the plaintiff.”[15] Second, although some courts have held that FACs are not agencies that can be sued under the Administrative Procedure Act (APA), they have allowed suits against the convening agency for a FAC’s failure to comply with FACA.[16] Third, some courts have allowed suits to proceed directly against FACs under the Freedom of Information Act.[17]

ii. What authorities would DOGE have if it is a FAC?

As the term implies, federal advisory committees are meant to provide advice to the president and federal agencies. In FACA’s findings, Congress specifically stated that the “function of advisory committees should be advisory only, and all matters under their consideration should be determined, in accordance with law, by the official, agency, or officer involved.”[18] That said, the statute also provides that “advisory committees shall be utilized solely for advisory functions” “[u]nless otherwise specifically provided by statute or Presidential directive.[19]

Thus, if DOGE is a FAC, we anticipate that it will advise the president and agencies, and it is possible that Trump will try to authorize DOGE to carry out some of its recommendations—although we have seen no precedent for this, and Trump would have to overcome several legal obstacles to do so. For example, statutes often provide that only agency heads can modify regulations,[20] and any exercise of “significant authority” could raise constitutional questions about whether Musk and Ramaswamy are invalidly appointed officers of the United States.[21] Beyond legal challenges, having private persons implement controversial recommendations likely would create much public controversy. The Reagan administration considered empowering a successor to the Grace Commission with the authority to implement its recommendations but, based on a memorandum drafted by then-Associate Counsel to the President John Roberts, declined to do so amidst concerns that it would create public uproar and “serious conflict of interest problems” in having corporate executives implement recommendations with regard to agencies that regulated their businesses.[22]

Accordingly, it appears likely that DOGE will make recommendations and advise Trump, agency leaders, and agency staff on how to implement its recommendations.

iii. What would be the implications for DOGE’s members if it is a FAC?

Musk, Ramaswamy, and other DOGE personnel may be subject to disclosure and conflict-of-interest rules if DOGE is a FAC. Private sector individuals participate on FACs in one of two capacities: either as a special government employee (SGE) or a representative member.[23] SGEs are typically (but not always) paid and exercise their own, independent judgment on behalf of the government. Representative members generally are not paid and represent the perspective of an identifiable outside organization or industry—they are expected to offer a biased view.[24] In this case, although Musk and Ramaswamy are not taking pay,[25] they are being presented as leaders of DOGE and offering their independent judgment about the functioning of the entire government, making them appear to be closer to SGEs than representative members of a FAC. Some media sources have reported that Musk will be a special government employee, but there has not yet been a public announcement.[26]

If DOGE members serve as SGEs, they would have to file financial disclosures and would be subject to federal employee criminal conflict of interest rules if they use their “public office for their own private gain.”[27] They would not be permitted to serve for longer than “one hundred and thirty days during any period of three hundred and sixty-five consecutive days.”[28] Of note, they would be barred from participating “personally and substantially in an official capacity” in any matter in which they have a financial interest if the matter “will have a direct and predictable effect on that interest.”[29] Such interests can include matters relevant to their companies as well as companies in which they own stock. That said, the official responsible for appointing the DOGE members (likely Trump) can waive the federal employee conflict-of-interest laws if he “certifies in writing that the need for the individual’s services outweighs the potential for a conflict of interest created by the financial interest involved.”[30]

The Federal Acquisition Regulation also imposes organizational conflict-of-interest restrictions on SGEs. Contracting officers are not permitted to knowingly award contracts to SGEs or their companies if the contract arises directly out of the individual’s activity as an SGE, their activity puts them in a position to influence the award of the contract, or the contracting officer determines that another conflict exists.[31] The agency head may authorize an exception “only if there is a most compelling reason to do so, such as when the Government’s needs cannot reasonably be otherwise met.”[32] Competitors also may try to challenge the award of contracts based on perceived organizational conflicts of interest. Musk’s companies Tesla and SpaceX, along with several companies of other individuals reported to be associated with DOGE, are government contractors that could be affected by their executives’ DOGE service.

iv. How could DOGE be funded if it is a FAC?

If DOGE is classified as a FAC, it may be funded either by public or private sources. The General Services Administration provides public funds for FACs. Based on the precedent of President Reagan’s Grace Commission, which received its funding from a private foundation established to support it, DOGE could also receive funding from private entities.[33]

C. What would be the implications if DOGE operates as an independent or informal non-governmental organization or think tank?

DOGE also could operate as a think tank or nonprofit that has a bully pulpit and the president’s ear. As noted above, DOGE could attempt to avoid being classified as a FAC by taking on an informal structure and rendering advice as individuals rather than as a group. If DOGE successfully avoids being classified as a FAC and instead operates as an independent, non-governmental organization, it will not be subject to FACA’s disclosure, transparency, or conflict-of-interest requirements or to FOIA. Musk has asserted that DOGE will pursue “maximum transparency” and that “[a]ll actions of [DOGE] will be posted online,”[34] but avoiding FACA’s requirements would give DOGE and its members materially more flexibility on matters of transparency and conflicts of interests.

As an NGO, DOGE would have no legal authority to implement its recommendations, but could still publish reports and advise President Trump directly. To the extent that DOGE’s activity constituted lobbying, it would have to file disclosures under the Lobbying Disclosure Act, and it would be subject to additional lobbying limits if it is a tax-exempt entity.[35] Although communications made in the course of participating in a FAC are excluded from the definition of a “lobbying contact,” there is no equivalent across-the-board exception for NGO activities.[36]

II. How will DOGE be staffed?

In addition to Musk and Ramaswamy, Trump has announced that William McGinley—who was Trump’s White House Cabinet secretary in his first administration and initially had been Trump’s designee for White House Counsel in the second administration—will be “Counsel to the Department of Government Efficiency.”[37] In November, DOGE called for staff applications via a post on X, stating “we need super high-IQ small-government revolutionaries willing to work 80+ hours per week on unglamorous cost-cutting. If that’s you, DM this account with your CV. Elon & Vivek will review the top 1% of applicants.”[38] It appears that applying via direct message is the only public process for interested applicants to submit their resumes to DOGE.[39]

In addition to staff, a number of corporate executives are reported to be advising DOGE. Those executives include: Bill Ackman (founder and CEO, Pershing Square Capital Management), Marc Andreesen (co-founder, Andreesen Horowitz), Steve Davis (President, Boring Company), Antonio Gracias (founder and CEO, Valor Equity Partners), Travis Kalanick (former Uber CEO; current CEO, City Storage Systems), Sriram Krishnan (General partner, Andreesen Horowitz), Joe Lonsdale (co-founder, Palantir), and David Sacks (general partner, Craft Ventures).[40]

III. What are DOGE’s goals and likely targets?

DOGE’s overarching goals are to reduce the deficit, reduce the federal workforce, and curtail the administrative state. DOGE has identified a number of specific objectives, many of which are subject to a variety of legal and political challenges.

A. Significantly reduce the deficit.

Musk and Ramaswamy have announced DOGE’s intent to dramatically reduce federal spending and related waste, fraud, and abuse.[41] Musk has suggested a target of $2 trillion in cuts;[42] via X, DOGE has announced a goal of balancing the budget.[43]

i. What spending will DOGE target?

Musk, Ramaswamy, and the DOGE X account have identified a number of targets for spending reductions. These include several specific appropriations or federal grants that they consider to be wasteful, such as appropriations for NGOs, DEI training programs, PBS, NPR, $300 million in funding to Planned Parenthood and related organizations, and $1.5 billion in grants to international organizations.[44] Musk told lawmakers he supports “get[ting] rid of all [tax] credits” for electric vehicles—which he said “will only help Tesla,”[45]—and has previously advocated removing subsidies from all industries.[46] Ramaswamy has also asserted that DOGE will closely review CHIPS Act contracts, especially those the Biden administration accelerated ahead of the transition.[47] The DOGE X account has also identified Pentagon spending as a potential area for reduction, although President Trump has said he would not cut defense spending.[48]

More generally, Musk and Ramaswamy have suggested that Trump may decline to spend appropriations for which Congress’s authorizations have expired. The Congressional Budget Office has identified $516 billion in appropriations for 2024 associated with 491 expired authorizations of appropriations across a range of agencies, including a number of appropriations administered by the Department of Veterans Affairs, State Department, Department of Education, National Institutes of Health, Federal Aviation Administration, NASA, and more.[49] Note that Congress can appropriate funds without authorization or pursuant to an expired authorization; these appropriations carry their own authorizations and are available to agencies for “obligation and expenditure.”[50] Withholding such funds likely would be subject to legal challenge. It likely also would be politically unpopular to cut a number of these programs, such as veterans’ healthcare benefits and Pell Grants.

Other sources of potential cuts or reforms could be the Government Accountability Office High Risk List, which identifies programs particularly subject to waste, fraud, and abuse,[51] and a 2,000-page list of proposed cuts Senator Rand Paul (R-KY) has reportedly sent to Musk and Ramaswamy.[52]

Finally, DOGE will be open to suggestions from the public. Ramaswamy has announced that “DOGE will soon begin crowdsourcing examples of government waste, fraud, … and abuse.”[53] In addition, some Republican fundraising emails have announced that DOGE will be crowdsourcing its agenda with which government programs to cut and have included short surveys regarding the cuts.[54]

ii. Government contractors under the microscope.

Musk and Ramaswamy have also indicated a desire to scrutinize federal contracts that they state have “gone unexamined for years,” and have alluded to conducting “[l]arge-scale audits . . . during a temporary suspension of payments.”[55] Ramaswamy has said to expect “massive cuts among federal contractors . . . who are overbilling the government.”[56] It is not clear how DOGE will decide which contracts to scrutinize, how it will go about reviewing those contracts, or how it will determine whether to recommend any for termination or modification. It is also not clear whether DOGE will recommend that agencies attempt to modify or terminate existing contracts still in effect, or if it will focus more on making changes when contracts are up for renewal. Nor is it clear how DOGE or the federal government would institute a “temporary suspension of payments,” including whether it would attempt to require contractors’ continued performance under those contracts during any such suspension. It is possible that DOGE will try to pressure contractors to agree to changes to the terms of contracts it deems wasteful.

iii. What challenges will DOGE face?

DOGE will face at least three obstacles in meeting its goal to significantly reduce the deficit.

First, during the campaign, Trump asserted he will not cut defense, Social Security, or Medicare,[57] but those and interest payments on the national debt constitute over 60 percent of federal spending. All discretionary non-defense spending is less than $1 trillion, but the 2024 deficit is $1.8 trillion.[58] While Musk and Ramaswamy have generally steered away from discussing entitlement reform, they have suggested that at least some defense cuts could be on the table, including changes to the defense procurement process and eliminating waste generally, as well as, particularly from Musk, even the future of manned fighter jets like the F-35.[59]

Second, federal spending is authorized and appropriated by Congress, not the president (or his advisors). Congress may not be willing to authorize such drastic cuts to federal spending, especially if such cuts touch Social Security, Medicaid, and other programs that would be politically unpopular to curtail.

Third, statutes restrict the president’s power not to spend money that has been appropriated. The Supreme Court overturned President Nixon’s impoundments of congressionally-appropriated funds on the basis that, at least where the appropriations provide that “[s]ums authorized . . . shall be allotted,” the appropriation itself does not implicitly provide the president discretion not to spend the full amount of those funds.[60] Congress then went further and passed the Impoundment Control Act which requires the president to propose rescissions to Congress if the president does not wish to spend appropriated funds. If Congress does not pass a rescission bill within 45 days, the funds must be made available for obligation.[61]

Precedent from the previous Trump administration may shed light on the challenges the new Trump administration may face under the Impoundment Control Act. In January 2020, the Government Accountability Office concluded that the Office of Management and Budget (OMB) violated the Impoundment Control Act when it withheld obligated funds for Ukraine security assistance.[62] OMB asserted the withholding was part of a “programmatic delay” pending policy developments and so did not require notice to Congress.[63] Similar disputes may arise if the second Trump administration attempts impoundment or similar withholdings without congressional approval. Notably, Trump has repeatedly asserted the ICA is unconstitutional and that the president is empowered to impound funds that have been appropriated by Congress. As part of his campaign, the Trump suggested that he would challenge the constitutionality of the ICA and simultaneously work with Congress to overturn the law.[64]

B. Streamline the federal workforce.

Musk and Ramaswamy have said they plan to eliminate a significant amount of the federal workforce and prescribe new rules for the civil service.[65] Musk and Ramaswamy seek to elicit voluntary resignations by ending remote work for federal government employees, relocating agencies out of D.C., providing early retirement incentives, and offering severance packages.[66] They also may seek to institute large-scale layoffs.[67] Federal civil service protections could impede some strategies to streamline the federal workforce, but those protections generally do not apply to large-scale mass layoffs.[68] Musk and Ramaswamy have also suggested that the president may modify civil service rules by executive order.[69]

Separately, Trump may be aiming to convert many civil service positions into political appointments, which would then give political leaders more control over appointment and retention decisions. Trump has announced that he intends to nominate Russell Vought to head OMB. Late in Trump’s first term, Vought designed a “Schedule F” classification to facilitate the conversion of civil service positions to political positions,[70] but President Biden cancelled that plan,[71] and the Office of Personnel Management promulgated formal rules through notice-and-comment rulemaking restricting such conversions of civil service positions into political positions.[72] Vought’s nomination suggests the second Trump administration may attempt to resurrect Schedule F.

C. Curtail the administrative state.

Musk and Ramaswamy have said they plan to eliminate approximately 75 percent of federal agencies, in part by consolidating duplicative and miscellaneous agencies into larger agencies.[73] Musk and Ramaswamy also seek to halt enforcement of and eventually repeal regulations based on the logic of the Supreme Court opinions of West Virginia v. EPA,[74]—which approved the major questions doctrine that Congress does not implicitly authorize agencies to decide questions of vast economic and political significance—and Loper Bright Enterprises v. Raimondo[75]—which overturned Chevron deference to agency interpretations of ambiguous statutes. Musk and Ramaswamy interpret these cases to suggest that “a plethora of current federal regulations exceed the authority Congress has granted under the law.”[76]

To achieve these goals, DOGE may have to overcome a number of legal obstacles. For example, agencies generally must go through notice-and-comment rulemaking to amend or revoke rules.[77] Musk and Ramaswamy have suggested that Trump may be able to revoke some rules unilaterally through executive order,[78] but it remains to be seen whether an agency acting on such orders would be acting arbitrarily and capriciously or otherwise in violation of the APA. More information regarding how Trump can pause agency rules that have not yet been finalized can be found in this Gibson Dunn Client Alert.

In addition, Musk and Ramaswamy also have suggested that Trump could direct agencies not to enforce regulations that the administration disfavors or believes are unlawful in light of recent Supreme Court precedent.[79]

i. Potential DOGE targets.

Musk and Ramaswamy have singled out many agencies as targets for consolidation and/or elimination. The Consumer Financial Protection Bureau (CFPB) is one such target: on November 27, 2024, Musk posted on X, “Delete CFPB. There are too many duplicative regulatory agencies.”[80] The Department of Education is another target: in response to a question regarding the Department of Education, Ramaswamy stated that he expects “certain agencies to be deleted outright.”[81] Musk is also expected to target agencies like the Federal Trade Commission, Securities and Exchange Commission, and Department of Justice for reductions.[82]

Additionally, agencies that appear on the GAO’s High Risk List, which identifies agencies and programs that have significant potential for waste, fraud, or abuse, may be targets for consolidation or elimination.[83] The president’s authority to delegate and reorganize such agencies and programs, however, is constrained by statute.[84] Accordingly, significant agency reorganizations likely will require legislative action.[85]

D. Other objectives.

Lastly, DOGE plans to increase the use of AI and software within government more broadly and to reform the tax payment process by developing a free tax filing app.[86]

IV. Who in Congress intends to work with DOGE?

DOGE will have to partner with Congress and federal agencies to effect many of its plans, although Trump likely will be able to implement some of its recommendations via executive action. Even without direct implementation authority, however, DOGE’s recommendations are likely to get sympathetic hearings from Trump’s political appointees in the agencies.

Numerous Republican members of Congress, and some Democratic members, have expressed enthusiasm for some or all of DOGE’s objectives and are forming entities within both the House and the Senate to partner with DOGE. The House Committee on Oversight and Reform has announced that it is forming a Delivering on Government Efficiency (“DOGE”) subcommittee, chaired by Rep. Marjorie Taylor Greene (R-GA).[87] This subcommittee will, among other things, examine the “salaries and status of members of the federal civil service and intergovernmental personnel.”[88]

Rep. Aaron Bean (R-FL) has launched a new congressional caucus aimed at working with DOGE, which he will co-chair with Rep. Pete Sessions (R-FL).[89] Democratic Congressman Rep. Jared Moskowitz (D-FL) has joined the caucus and it is reported other Democrats also may join.[90]

The Senate DOGE caucus is led by Senator Joni Ernst (R-IA.), and it will lead the Senate’s partnership with DOGE.[91] Other caucus members include Senators John Cornyn (R-TX), Ted Budd (R-NC), Mike Lee (R-UT), Rick Scott (R-FL), Roger Marshall (R-KS), and James Lankford (R-OK). Sen. Ernst has already met with Ramaswamy to share suggestions for spending cuts, including consolidating government office space and reducing payments to the United Nations,[92] as well as reducing government telework.[93] Senator Bernie Sanders (I-VT) has said he will not join the caucus but that he intends to work with DOGE to go after waste specifically within the Department of Defense.[94]

V. How will DOGE engage with the public?

DOGE currently is engaging with the public via posts on its X account and posts on Elon Musk’s X account. Musk has also suggested that DOGE will be open to suggestions and feedback, saying that “[a]nytime the public thinks we are cutting something important or not cutting something wasteful, just let us know!”[95] The House DOGE caucus has launched a tipline to receive public input, but it is unclear whether and how that will be communicated to DOGE itself.[96] Additionally, Ramaswamy has announced that he and Musk will host a podcast (“DOGEcast”) that will provide the public with updates on DOGE.[97]

VI. How can businesses prepare for DOGE?

DOGE promises to be disruptive, but businesses can prepare to make the most of the situation by gathering information, advocating for their interests, and—if necessary—by being prepared to litigate. Specifically, businesses should consider whether and how best to:

Identify regulations, programs, and contracts that (a) affect its business or its competitors and (b) may be targets for DOGE. This can include monitoring Musk, Ramaswamy, and DOGE’s public statements and, if necessary, making FOIA requests.
Advocate for their interests directly to DOGE. For example, consider proactive engagement on a particular contract that appears to be a focus of DOGE. In addition to more traditional forms of advocacy, it appears that DOGE may be unusually open to online and public advocacy.
Develop relationships with members of Congress and administration officials who work with and can influence DOGE. DOGE is likely to work closely with allies on the Hill and in executive branch agencies and it could be prudent to communicate with those allies in addition to DOGE.
Consider leveraging DOGE’s work by challenging burdensome regulations in court, especially where the major questions doctrine or Loper Bright could apply. In light of recent Supreme Court decisions, even longstanding regulations might be susceptible to such a challenge.[98] In addition to potentially winning vacatur of the regulation, litigation might have the added benefit of bringing strong arguments against the regulation to DOGE’s and the agency’s attention.

VII. Conclusion.

The coming days will yield some answers to the questions posed here about DOGE. Gibson Dunn will be monitoring those developments closely, and our attorneys are available to assist clients as they navigate these challenges and opportunities that DOGE’s recommendations may present.

[1] Donald Trump (@realDonald Trump), Truth Social (Nov. 12, 2024, 7:46 PM), https://truthsocial.com/@realDonaldTrump/posts/113472884874740859.

[2] 5 U.S.C. § 1008(b).

[3] See, e.g., Exec. Order 13538, Establishing the President’s Management Advisory Board, 75 Fed. Reg. 20895 (Apr. 19, 2010), available at https://obamawhitehouse.archives.gov/the-press-office/executive-order-establishing-presidents-management-advisory-board.

[4] E.g., NAACP Leg. Defense & Educ. Find, Inc. v. Barr, 496 F. Supp. 3d 116, 145 (D.D.C. 2020).

[5] E.g., Ass’n of Am. Physicians & Surgeons, Inc. v. Clinton, 997 F.2d 898, 914 (D.C. Cir. 1993).

[6] Id. at 913 (emphasis in original); see also Public Emps. for Env’t Responsibility v. Nat’l Park Serv., 605 F.Supp.3d 28, 52-53 (D.C. Cir. 2022) (citing Ass’n of Am. Physicians and Surgeons, Inc.).

[7] See Jay S. Bybee, Advising the President: Separation of Powers and the Federal Advisory Committee Act, 104 Yale L.J. 51, 128 (1994).

[8] Antonin Scalia, Constitutionality of the Federal Advisory Committee Act, OLC Opinion (Dec. 1, 1974).

[9] See, e.g., Freedom Watch, Inc. v. Obama, 807 F.Supp.2d 28, 36 (D.C. Cir. 2011) (declining to address argument that applying FACA to task force set up by president to solicit advice raised separation of powers concerns by applying constitutional avoidance canon).

[10] 5 U.S.C. §§ 1008(c), 1009(a), (b).

[11] 5 U.S.C. § 1005(b)(3).

[12] 51 C.F.R. § 102-3.60(b)(3).

[13] See, e.g., Am. First Leg. Foundation v. Cardona, 630 F. Supp. 3d 170, 177 (D.D.C. 2022); Ctr. For Biol. Diversity v. Tidwell, 239 F. Supp. 3d 213, 221 (D.D.C. 2017).

[14] See, e.g., NAACP Leg. Defense & Educ. Find, Inc. v. Barr, 496 F. Supp. 3d 116, 145 (D.D.C. 2020) (entering writ of mandamus compelling chairs of a FAC to file a charter and provide timely notice of meetings as required by FACA).

[15] 28 U.S.C. § 1361.

[16] See Barr, 496 F. Supp. 3d at 145; Freedom Watch, Inc. v. Obama, 807 F. Supp. 2d 28, 33 (D.D.C. 2011); Ctr. For Biol. Diversity v. Tidwell, 239 F. Supp. 3d 213, 221–22 (D.D.C. 2017). (“Plaintiff challenges the actions of those agencies in failing to comply with FACA in relation to an alleged advisory committee convened by the Forest Service”); Jud. Watch, Inc. v. U.S. Dep’t of Com., 736 F. Supp. 2d 24, 30–31 (D.D.C. 2010) (suit against Cabinet agency and Cabinet secretary that convened the FAC).

[17] Compare Heartwood, Inc. v. U.S. Forest Serv., 431 F. Supp. 2d 28, 36 (D.D.C. 2006) (a FAC is not an “agency” under FOIA), with Elec. Privacy Info. Ctr. v. Nat’l Sec. Comm’n on Artificial Intelligence, 466 F. Supp. 3d 100, 119 (D.D.C. 2020) (a FAC can be considered an “agency” under FOIA).

[18] 5 U.S.C. § 1002(b).

[19] 5 U.S.C. § 1008(b).

[20] E.g., 42 U.S.C. § 7411 (providing EPA administrator authority to set emissions standards for stationary sources); 12 U.S.C. § 5512 (providing CFPB director exclusive rulemaking authority regarding compliance with federal consumer financial law).

[21] See Buckley v. Valeo, 424 U.S. 1, 126 (1976) (“We think [the] fair import [of the Appointments Clause] is that any appointee exercising significant authority pursuant to the laws of the United States is an ‘Officer of the United States,’ and must, therefore, be appointed” as the Constitution requires).

[22] See Memorandum from John G. Roberts to Fred F. Fielding (May 29, 1985) https://www.reaganlibrary.gov/public/digitallibrary/smof/counsel/roberts/box-065/40_485_6909456_065_017_2017.pdf (hereinafter “Grace Commission Memo”). Then-Associate Counsel to the President John G. Roberts discussed in the memorandum whether a successor commission to the Grace Commission should have the authority to implement the recommendations of the original Grace Commission. Roberts concluded that endowing the successor commission with the authority to implement the original commission’s recommendations would be a “disaster” and that doing so would create an “uproar.”

[23] See Memorandum From Marilyn Glynn, General Counsel, to Designated Agency Ethics Officials, Office of Government Ethics, 05 x 4 (Aug. 18, 2005), https://www.oge.gov/web/oge.nsf/News+Releases/E3B0076C971CEDE6852585BA005BED23/$FILE/05x4_.pdf.

[24] See Memorandum From Stephen D. Potts, Director, Off. Of Gov’t Ethics, to Designated Agency Officials et al., Off. Gov’t Ethics 00 x 1 ,(Feb. 15, 2000), https://www.oge.gov/Web/oge.nsf/Legal%20Docs/445ECB1FB63809DA852585BA005BED9E/$FILE/00×1.pdf?open.

[25] Elon Musk (@ElonMusk), X (Nov. 14, 2024 12:03 AM), https://x.com/elonmusk/status/1856925863725412706.

[26] Stephanie Lai et al., Trump Names David Sacks As White House AI And Crypto Czar, Bloomberg (Dec. 6, 2024), https://www.bloomberg.com/news/articles/2024-12-06/trump-names-david-sacks-as-white-house-ai-and-crypto-czar.

[27] 5 C.F.R. § 2635.702; 18 U.S.C. § 203(a). Representative members of FACs are not subject to federal employee conflict of interest laws.

[28] 18 U.S.C. § 202(a).

[29] 5 C.F.R. § 2640.103(a).

[30] 18 U.S.C. § 208(b)(1), (3).

[31] 48 C.F.R. § 3.601(a)–(b); see also id. § 3.602.

[32] 48 C.F.R. § 3.602.

[33] Reagan Library Topic Guide – President’s Private Sector Survey on Cost Control

(Grace Comm’n), Reagan Library, https://www.reaganlibrary.gov/public/archives/textual/topics/ppsscc.pdf (last visited Dec. 4, 2024) (“The Foundation for the President’s Private Sector Cost Control Survey, a separate organization led by Mr. Grace, raised private donations to fund the PPSSCC.”).

[34] Elon Musk (@elonmusk), X (Nov. 12, 2024 9:13 PM), https://x.com/elonmusk/status/1856520760656797801?lang=en.

[35] See 2 U.S.C. § 1601 et seq; see also Measuring Lobbying: Substantial Part Test, IRS, https://www.irs.gov/charities-non-profits/measuring-lobbying-substantial-part-test (guidelines about when an charitable organization’s lobbying activities may undermine its tax-exempt status); Measuring Lobbying Activity: Expenditure Test, IRS, https://www.irs.gov/charities-non-profits/measuring-lobbying-activity-expenditure-test (same).

[36] 2 U.S.C. § 1602(8)(B)(vi).

[37] Donald Trump (@realDonaldTrump), Truth Social (Dec. 4, 2024, 12:50 PM), https://truthsocial.com/@realDonaldTrump/posts/113595819146944245.

[38] Department of Government Efficiency (@DOGE), X (Nov. 14, 2024, 10:03 AM), https://x.com/DOGE/status/1857076831104434289.

[39] Id.

[40] Elizabeth Dwoskin, Jeff Stein, Jacob Bogage & Faiz Siddiqui, Musk and Ramaswamy race to build a ‘DOGE‘ team for war with Washington, Washington Post (Nov. 24, 2024), https://www.washingtonpost.com/business/2024/11/24/musk-ramaswamy-doge-trump/; Ananya Gairola, Elon Musk’s DOGE Dream Team: From Marc Andreessen To Uber’s Travis Kalanick, Silicon Valley Titans Reportedly Join Forces To Overhaul Federal Spending, Benzinga (Nov. 30, 2024),

https://www.benzinga.com/24/11/42253427/elon-musks-doge-dream-team-from-marc-andreessen-to-ubers-travis-kalanick-silicon-valley-titans-join-forces-to-overhaul-federal-spending; Brian Schwartz, Dana Mattioli, Rebecca Ballhaus & Emily Glazer, Musk-a-Lago: Inside Elon Musk’s Role on Trump’s Transition Team, Wall Street Journal (Nov. 13, 2024), https://www.wsj.com/politics/policy/musk-a-lago-inside-elon-musks-role-on-trumps-transition-team-55235859 (hereinafter “Musk-a-Lago”). David Sacks has been announced as the White House AI and Crypto Czar. See Stephanie Lai et al., Trump Names David Sacks As White House AI And Crypto Czar, Bloomberg (Dec. 6, 2024), https://www.bloomberg.com/news/articles/2024-12-06/trump-names-david-sacks-as-white-house-ai-and-crypto-czar.

[41] See Elon Musk & Vivek Ramaswamy, The DOGE Plan to Reform Government, Wall Street Journal (Nov. 20, 2024), https://www.wsj.com/opinion/musk-and-ramaswamy-the-doge-plan-to-reform-government-supreme-court-guidance-end-executive-power-grab-fa51c020 (hereinafter “Musk and Ramaswamy Op-Ed”).

[42] Aris Folley, Musk Draws Skepticism With Call For $2 Trillion in Spending Cuts, The Hill (Nov. 3, 2024), https://thehill.com/business/4966789-elon-musk-skepticism-2-trillion-spending-cuts/.

[43] Department of Government Efficiency (@DOGE), X (Nov. 23, 2024, 1:40 AM), https://x.com/DOGE/status/1860211822722449910.

[44] Lindsey Choo, Elon Musk’s DOGE May Cut These Federal Agencies—As CFPB Becomes Latest Target, Forbes (Nov. 27, 2024), https://www.forbes.com/sites/lindseychoo/2024/11/27/elon-musk-doge-takes-aim-federal-agencies-where-cuts-can-be-made/.

[45] Andres Picon, Musk, On Capitol Hill, Says ‘Get Rid Of All Credits,” Politico (Dec. 5, 2024), https://subscriber.politicopro.com/article/2024/12/musk-on-capitol-hill-says-get-rid-of-all-credits-00192786.

[46] Elon Musk (@elonmusk), X (July 16, 2024 3:26 AM), https://x.com/elonmusk/status/1813112958157005259.

[47] Christine Mui, Ramaswamy Threatens DOGE Review Of Biden’s Microchip Funding Spree, Politico (Nov. 26, 2024), https://www.politico.com/live-updates/2024/11/26/congress/ramaswamy-aims-doge-at-microchips-funding-00191693.

[48] Department of Government Efficiency (@DOGE), X (Nov. 19, 2024, 2:36 PM), https://x.com/DOGE/status/1858957615889543628; Agenda47: Using Impoundment to Cut Waste, Stop Inflation, and Crush the Deep State (June 20, 2023),

https://www.donaldjtrump.com/agenda47/agenda47-using-impoundment-to-cut-waste-stop-inflation-and-crush-the-deep-state (hereinafter “Agenda47 Plan”).

[49] Cong. Budget Off., Expired and Expiring Authorizations of Appropriations for Fiscal Year 2024 (July 2024), https://www.cbo.gov/publication/60580.

[50] Principles of Federal Appropriations Law at 2-80, Gov’t Accountability Office (4th ed. 2016), https://www.gao.gov/assets/2019-11/675709.pdf.

[51] Gov’t Accountability Off., High Risk List, https://www.gao.gov/high-risk-list (last visited Dec. 2, 2024).

[52] Chris Megerian, Elon Musk’s Budget Crusade Could Cause A Constitutional Clash In Trump’s Second Term, Associated Press (Nov. 21, 2024), https://apnews.com/article/musk-ramaswamy-trump-budget-cuts-doge-impoundment-8e2fffc27df6acc1b275b1614e66fd01.

[53] Vivek Ramaswamy (@VivekGRamaswamy), X (Nov. 12, 2024 10:25 P.M.), https://x.com/VivekGRamaswamy/status/1856538974384255206.

[54] Logan, Doge Alerts, Trump’s Avengers, Daily GOP News (Nov. 17, 2024).

[55] Musk and Ramaswamy Op-Ed, supra note 41.

[56] Muyao Shen and Bloomberg, Ramaswamy sees ‘massive cuts’ for contractors in efficiency push, Fortune (Nov. 17, 2024), https://fortune.com/2024/11/17/doge-vivek-ramaswamy-elon-musk-massive-cuts-government-contractors-efficiency/.

[57] Agenda47 Plan, supra note 48.

[58] Cong. Budget Off., Monthly Budget Review: Summary for Fiscal Year 2024 (Nov. 8, 2024), https://www.cbo.gov/publication/60843#:~:text=In%20fiscal%20year%202024%2C%20which,recorded%20in%20the%20previous%20year.&text=See%20more%20editions%20of%20CBO%27s%20Monthly%20Budget%20Review; see also Justin Lahart & Rosie Ettenheim, Musk Wants $2 Trillion of Spending Cuts. Here’s Why That’s Hard., Wall Street Journal (Nov. 26, 2024), https://www.wsj.com/politics/policy/government-spending-doge-elon-musk-trump-administration-60477bc5.

[59] See Musk and Ramaswamy Op-Ed, supra note 41; Jesus Mesa, Why F-35 Fighter Jets Are ”Obsolete”, According to Elon Musk, Newsweek (Nov. 25, 2024), https://www.newsweek.com/f-35-obsolete-elon-musk-1991486.

[60] Train v. City of New York, 420 U.S. 35, 39 (1975) (emphasis added).

[61] 2 U.S.C. § 683.

[62] Matter of: Off. of Mgmt. & Budget-Withholding of Ukraine Sec. Assistance, B-331564 (Jan. 16, 2020), https://www.gao.gov/assets/b-331564.pdf.

[63] Letter from General Counsel, OMB, to General Counsel, GAO (Dec. 11, 2019), https://context-cdn.washingtonpost.com/notes/prod/default/documents/5dbd9f69-2537-4272-bd5d-60c94d3843b6/note/112b1caa-763c-4c4c-a5bb-0a04f7962d2c.pdf.

[64] See Agenda47 Plan, supra note 48; Molly Redden, How Trump Plans to Seize the Power of the Purse From Congress, ProPublica (Nov. 26, 2024), https://www.propublica.org/article/trump-impoundment-appropriations-congress-budget?utm_source=sailthru&utm_medium=email&utm_campaign=majorinvestigations&utm_content=toc; Jeff Stein, Elizabeth Dwoskin, Cat Zakrzewski & Jacob Bogage, Trump aides explore plans to boost Musk effort by wresting control from Congress, Washington Post (Nov. 13, 2024 ), https://www.washingtonpost.com/business/2024/11/13/elon-musk-government-efficiency-congress-budget-law/.

[65] See Musk and Ramaswamy Op-Ed, supra note 41.

[66] Id.

[67] Aimee Picchi, Musk and Ramaswamy say DOGE will target $500 billion in spending. Here’s where they say they’ll cut., CBS News (Nov. 26, 2024), https://www.cbsnews.com/news/musk-ramaswamy-doge-500-billion-spending-where-they-will-cut/.

[68] See 5 U.S.C. § 3502 (providing that employees may be released pursuant to a reduction in force subject to order-of-retention rules and a 60-day notice requirement); see also 5 C.F.R. part 351 (OPM‘s current rules governing reductions in force); Vivek Ramaswamy (@VivekGRamaswamy), X (Sep. 13, 2023, 2:47 P.M.), https://x.com/VivekGRamaswamy/status/1702031198543921370 (asserting that ”’reductions in force‘ are not covered by for-cause requirements”).

[69] Allan Smith & Peter Nicholas, Will Elon Musk and Vivek Ramaswamy’s new ’department’ actually be able to do anything?, NBC News (Nov. 15, 2024), https://www.nbcnews.com/politics/donald-trump/elon-musk-vivek-ramaswamys-new-department-government-efficiency-rcna179906.

[70] Exec. Order No. 13957, Creating Schedule F in the Excepted Service, 85 Fed. Reg. 207 (Oct. 26, 2020), available at https://www.govinfo.gov/content/pkg/FR-2020-10-26/pdf/2020-23780.pdf.

[71] Exec. Order No. 14003, Protecting the Federal Workforce, 86 Fed. Reg. 7231 (Jan. 27, 2021)

[72] E.g., Upholding Civil Service Protections and Merit Systems Principles, 89 Fed. Reg. 24,982 (Apr. 9, 2024).

[73] Derek Saul, What We Know About Elon Musk’s ‘Department Of Government Efficiency’—As Marjorie Taylor Greene Enters Fold, Forbes (Nov. 21, 2024), https://www.forbes.com/sites/dereksaul/2024/11/21/what-we-know-about-elon-musks-department-of-government-efficiency-as-marjorie-taylor-greene-enters-fold/.

[74] 597 U.S. 697 (2022).

[75] 603 U.S. ___ (2024).

[76] Musk and Ramaswamy Op-Ed, supra note 41.

[77] See, e.g., Perez v. Mortg. Bankers Ass’n, 575 U.S. 92, 101 (2015) (the Administrative Procedure Act (“APA”) “mandate[s] that agencies use the same procedures when they amend or repeal a rule as they used to issue the rule in the first instance”); Humane Society v. Dep’t of Agriculture, 41 F.4th 564 (D.C. Cir. 2022) (holding that once a rule was “made available for public inspection” through the Federal Register, it “prescribe[d] law with legal consequences,” and the “APA require[d] the agency to undertake notice-and-comment before repealing it”).

[78] Musk and Ramaswamy Op-Ed, supra note 41.

[79] See id.

[80] Elon Musk (@ElonMusk), X (Nov. 27, 2024 12:35 AM), https://x.com/elonmusk/status/1861644897490751865.

[81] Rachel Scully, Ramaswamy: ‘We Expect Certain Agencies To Be Deleted Outright,’ The Hill (Nov. 18, 2024), https://thehill.com/blogs/blog-briefing-room/4995638-vivek-ramaswamy-donald-trump-doge/.

[82] See Musk-a-Lago, supra note 40.

[83] Gov’t Accountability Off., High Risk List, https://www.gao.gov/high-risk-list (last visited Dec. 2, 2024).

[84] See 3 U.S.C. § 301 (authorizing the president to delegate to any senate-confirmed official any function vested in the president by law); 31 U.S.C. § 1341 (prohibiting expenditures or incurring obligations except where authorized by law).

[85] Past executive branch reorganizations have occurred pursuant to statutes, but the most recent reorganization authority expired in 1984. See 5 U.S.C. §§ 901–12 (providing president authority to reorganize the executive branch); id. at § 905(b) (sunsetting the authority in 1984); see also Jared P. Cole, Organizing Executive Branch Agencies: Who Makes The Call, CRS LSB10158, (June 27, 2018) https://crsreports.congress.gov/product/pdf/LSB/LSB10158; Henry Hogue, Executive Branch Reorganization, CRS, R44909 (Aug. 3, 2017), https://crsreports.congress.gov/product/pdf/R/R44909.

[86] Jeff Stein, Musk’s ‘DOGE’ commission eyes new app for Americans to file taxes, Washington Post (Nov. 19, 2024), https://www.washingtonpost.com/business/2024/11/19/taxes-irs-musk-ramaswamy/.

[87] Annie Grayer and Haley Talbot, Greene To Chair New DOGE Subcommittee on Oversight Next Congress, CNN (Nov. 21, 2024), https://www.cnn.com/2024/11/21/politics/marjorie-taylor-greene-doge-oversight/index.html.

[88] Id.

[89] ‘DOGE’ Meets Congress: GOP Lawmaker Launches Caucus To Help Must Take On ‘Crazytown,’ Fox News (Nov. 19, 2024) https://www.foxnews.com/politics/doge-meets-congress-gop-lawmaker-launches-caucus-help-musk-take-crazytown.

[90] Annie Grayer, Trump’s DOGE Push Finds Support From Some Democrats On Capitol Hill, CNN (Dec. 4, 2024), https://www.cnn.com/2024/12/04/politics/trump-doge-democrats-capitol-hill/index.html.

[91] Marissa Payne, Joni Ernst Will Lead Senate Partnership on Trump’s New “DOGE” Initiative To Cut Spending, Des Moines Register (Nov. 23, 2024) https://www.desmoinesregister.com/story/news/politics/2024/11/23/iowa-us-senator-joni-ernst-will-lead-senate-partnership-on-trump-doge-initiative-to-cut-spending/76508767007/.

[92] Jordain Carney, Ernst Pitches DOGE On Spending Cuts And Savings, Politico (Nov. 25, 2024), https://www.politico.com/live-updates/2024/11/25/congress/ernst-pitches-doge-on-cuts-and-savings-00191487.

[93] Brooke Singman, Senate DOGE leader Ernst to take on government telework abuse at first meeting with Musk, Ramaswamy, Fox News (Dec. 5, 2024), https://www.foxnews.com/politics/senate-doge-caucus-take-government-telework-abuse-first-meeting-musk-ramaswamy.

[94] Grayer, supra note 90.

[95] Elon Musk (@elonmusk), X (Nov. .12, 2024, 9:13 PM), https://x.com/elonmusk/status/1856520760656797801?lang=en.

[96] Jake Sherman et al., Will Congress Surrender To The DOGE?, Punchbowl News (Dec. 5, 2024), https://punchbowl.news/article/washington/musk-ramaswamy-to-visit-capitol-hill-talk-doge/ (reporting the House Doge caucus tipline is “[email protected]”).

[97] Vivek Ramaswamy, A New Chapter In The Fight To Restore Self-Governance, YouTube (Nov. 20, 2024) https://www.youtube.com/watch?v=XAjGFreVeLw; Casey Weldon, The Scoop: Musk, Ramaswamy Bypass Media With DOGE Podcast, PR Daily (Nov. 22, 2024) https://www.prdaily.com/the-scoop-musk-ramaswamy-bypass-media-with-doge-podcast/.

[98] See Corner Post, Inc. v. Bd. of Governors of Fed. Rsrv. Sys., 144 S. Ct. 2440, 2447 (2024) (holding that the default statute of limitations for APA claims is six years running from the date the plaintiff is injured by final agency action).

The following Gibson Dunn lawyers prepared this update: Michael Bopp, Stuart Delery, Tory Lauterbach, Amanda Neely, Aaron Gyde, Maya Jeyendran*, and Christian Dibblee.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Public Policy, Administrative Law & Regulatory, Energy Regulation & Litigation, or Government Contracts practice groups, or the following in the firm’s Washington, D.C. office:

Michael D. Bopp – Co-Chair, Public Policy Practice Group,
(+1 202.955.8256, [email protected])

Stuart F. Delery – Co-Chair, Administrative Law & Regulatory Practice Group,
(+1 202.955.8515, [email protected])

Lindsay M. Paulin – Co-Chair, Government Contracts Practice Group,
Washington, D.C. (+1 202.887.3701, [email protected])

Joseph D. West – Partner, Government Contracts Practice Group,
Washington, D.C. (+1 202.955.8658, [email protected])

Tory Lauterbach – Partner, Energy Regulation & Litigation Practice Group,
(+1 202.955.8519, [email protected])

Amanda H. Neely – Of Counsel, Public Policy Practice Group,
(+1 202.777.9566, [email protected])

*Maya Jeyendran, an associate in the firm’s Washington, D.C. office, is not yet admitted to practice law.

Gibson Dunn’s Workplace DEI Task Force aims to help our clients develop creative, practical, and lawful approaches to accomplish their DEI objectives following the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center. Should you have questions about developments in this space or about your own DEI programs, please do not hesitate to reach out to any member of our DEI Task Force or the authors of this Update (listed below).

Key Developments:

On November 25, Walmart confirmed to the Associate Press plans to rework its DEI policies in response to a threatened boycott campaign by Robby Starbuck, an anti-DEI activist. Walmart confirmed that it would remove the term “DEI” from internal communications and replace it with “belonging.” The retailer also confirmed that it will discontinue DEI training offered by the Racial Equity Institute; will not consider race and gender when choosing suppliers; and will put guardrails on which community events, such as drag shows and Pride events, it supports through grants. Walmart will also end its participation in the Human Rights Campaign’s Corporate Equality Index, which surveys corporate practices related to the LGBTQ+ community. While Starbuck claimed credit for these policy changes, a company spokesperson said that the changes have been in progress for a while. Addressing these changes, the company said in a statement, “We’ve been on a journey and know we aren’t perfect, but every decision comes from a place of wanting to foster a sense of belonging, to open doors to opportunities for all our associates, customers and suppliers and to be a Walmart for everyone.”

On November 20, a shareholder brought a derivative action against athletic apparel brand Lululemon in the U.S. District Court for the Southern District of New York, claiming that the company’s leadership concealed inventory allocation problems and made false statements about the company’s new “Inclusion, Diversity, Equity, and Action” (IDEA) program that artificially inflated the stock price. Shane Kanaly v. Calvin McDonald et al., No. 1:24-cv-08839 (S.D.N.Y 2024). Lululemon announced the IDEA program in October 2020, saying the company would aim to reflect “the diversity of the communities the company serves and operates in around the world by 2025.” The complaint alleges that, in reality, the IDEA program was not structured to combat discrimination within Lululemon in any meaningful way, with employees of color continuing to experience harmful bias at work. The complaint refers to a November 2023 news article containing interviews with more than a dozen former Lululemon employees who said the company’s corporate culture is hostile to Black employees. The complaint also alleges that the company’s eleven-person board never had more than two racially diverse members during the relevant period and that the company’s financial statements were silent on racial diversity goals.

On November 18, a former employee of the Federal Reserve Board sued the Chair of the Federal Reserve, the Chief Operating Officer, and four Federal Reserve supervision officials, alleging he faced discrimination on the basis of his religion, race, gender, and sexual orientation in violation of his rights under Title VII of the Civil Rights Act and under the Age Discrimination in Employment Act. Bobowicz v. Powell et al., No. 5:24-cv-00246 (W.D.N.C. 2024). The plaintiff claims he was discriminated against due to his religious beliefs, which precluded him from receiving the COVID-19 vaccination. He further alleges he became “a target for termination” because he was “a heterosexual, white, male who was the oldest employee in both his local and national [teams].” In addition to damages, reinstatement, and front and back pay, the plaintiff seeks a declaration that the Federal Reserve’s diversity initiatives violate the Fourteenth Amendment’s equal protection clause.

On November 13, an Austin-based aerospace staffing agency sued Texas Governor Greg Abbott and Texas Comptroller Glenn Hegar in the U.S. District Court for the Western District of Texas, alleging that the state’s Historically Underutilized Business (HUB) Program violates the Equal Protection Clause of the Fourteenth Amendment and Section 1981. Aerospace Solutions LLC v. Abbott et al., No. 1:24-cv-01383 (W.D. Tex. 2024). The HUB Program designates that a percentage of the state’s contract budget will be awarded to minority-owned businesses, which are defined as companies that are at least 51% owned by individuals from certain designated minority groups. The staffing agency alleges that this unconstitutionally prevents non-minority businesses from submitting competitive bids for certain contracts. The staffing agency is seeking a declaration that the HUB Program is unconstitutional and an injunction preventing its operation, along with attorneys’ fees and costs.

On October 1, the advisory firm Teneo released a report on the evolution of corporate DEI disclosures, based on a review of DEI-related disclosures in 250 sustainability reports published by S&P 500 companies between January and June of 2024. Teneo found that 43% of companies included quantitative DEI goals in their sustainability reports. These quantitative goals included representation goals (present in 33% of company disclosures) and supplier diversity goals (present in 14% of company disclosures). Twenty-three percent of reports also include other DEI goals such as goals for hiring from Historically Black Colleges and Universities and for investing in underrepresented communities.

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

Associated Press, “Walmart’s DEI rollback signals a profound shift in the wake of Trump’s election victory” (November 26): Alexandra Olson and Cathy Bussewitz write that Walmart has announced changes to some of its DEI initiatives following scrutiny by anti-DEI activist Robby Starbuck, whose public criticisms of corporate diversity initiatives have garnered increasing media attention in recent months. Olson and Bussewitz report that on Monday, Starbuck posted on X (formerly Twitter), claiming that he told Walmart executives last week that he was “doing a story on wokeness there” and that the company agreed to several changes to its programming to avoid the ensuing public scrutiny. In a statement, Walmart confirmed the changes to its programming but said these changes were underway before discussions with Starbuck occurred. Jason Schwartz, co-chair of Gibson Dunn’s Labor & Employment practice group, says the upcoming change in administration will likely cause more companies to revisit their DEI initiatives. “The impact of the election on DEI policies is huge. It can’t be overstated,” said Schwartz. “Companies are trying to strike the right balance to make clear they’ve got an inclusive workplace where everyone is welcome, and they want to get the best talent, while at the same time trying not to alienate various parts of their employees and customer base who might feel one way or the other. It’s a virtually impossible dilemma.”
USA Today, “RIP DEI? The war on ‘woke’ America has a new commander-in-chief” (November 22): USA Today’s Jessica Guynn reports that the Trump administration and Republican majorities will put DEI programs “on the chopping block.” Guynn describes the recent election as a “DEI referendum,” as corporate diversity efforts face increasing scrutiny from right-wing entities. Guynn says that conservative think tanks—including the Heritage Foundation in its Project 2025 roadmap—have recommended a host of anti-DEI measures, from removing DEI terms from federal legislation, rules, contracts, and grants, to directing the Justice Department to investigate diversity programs. According to Guynn, public sentiment has also shifted. A November 2024 Pew Research Center survey shows a decline in support for DEI among workers: 52% of those surveyed view DEI positively, down from 56% last year, while those viewing it negatively rose from 16% to 21%. Joelle Emerson, CEO of diversity strategy and consulting firm Paradigm, believes the impact of the election and a second Trump presidency remains to be seen. Emerson noted that while corporations may publicly distance themselves from the DEI debate, most continue to pursue diversity-based efforts, including expanding candidate pools and developing mentorship and coaching programs accessible to all.
Wall Street Journal, “Christopher Rufo Has Trump’s Ear and Wants to End DEI for Good” (November 25): The Wall Street Journal’s Douglas Belkin profiles Christopher Rufo, a documentary filmmaker and writer who opposes DEI efforts in schools, businesses, and government. Belkin says that President-elect Trump has invited Rufo to Mar-a-Lago to present a plan to “geld American universities” into dropping DEI programs. “It’s time to really put the hammer to these institutions and to start withdrawing potentially billions of dollars in funding until they follow the law,” Rufo told Belkin, concluding that organizations “can prioritize excellence or diversity, but not both simultaneously.” According to Belkin, this is not the first time Donald Trump has called on Rufo for guidance: in 2020, Rufo advised Trump on an executive order banning race or sex stereotyping in the federal government.
Law360, “Cruz Calls Digital Equity Program Rules ‘Unlawful’” (November 25): Law360’s Christopher Cole reports that Senator Ted Cruz (R-Texas) sent two letters to Alan Davidson, chief of the National Telecommunications and Information Administration (NTIA), a branch of the Commerce Department responsible for pass-through internet access grants to the states. Cruz, incoming chair of the Senate Commerce Committee, criticized NTIA’s administration of two grant programs—both created under the bipartisan Infrastructure Investment and Jobs Act—that aim to increase access to broadband service to underserved areas. Cole says that Cruz is challenging the grant programs as unlawfully discriminatory because they require funds be used to serve members of “covered populations,” a term defined to include racial and ethnic minorities. A spokesperson for the Affordable Broadband Campaign says Cruz has “ignored” that the grant programs also cover veterans, aging and disabled individuals, and people in rural areas, and that Texas will soon receive $55 million in funding for its own digital equity program.
Harvard Business Review, “What Trump’s Second Term Could Mean for DEI” (November 14): New York University’s Kenji Yoshino, David Glasgow, and Christina Joseph discuss the anticipated effect of the upcoming Trump Administration on DEI initiatives. According to the authors, the incoming administration is expected to employ various strategies to dismantle DEI initiatives, including issuing executive orders to eliminate programs that promote DEI. Project 2025’s anti-DEI agenda includes abolishing DEI offices within the federal government and amending anti-discrimination laws to remove “disparate impact” liability. The authors suggest that companies seeking to continue advancing LGBTQ+ diversity and inclusion “in this daunting environment” can adopt one of three approaches depending on their risk tolerance: (a) adhering their policies to local norms and laws, even if that causes them to somewhat dilute their DEI efforts, (b) adopting pro-LGBTQ+ policies internally to create a “safe haven” in the workplace, but without pushing for wider change in society, or (c) using their influence to shift norms and laws in their community in a pro-LGBTQ+ direction.

Case Updates:

Below is a list of updates in new and pending cases:

1. Contracting claims under Section 1981, the U.S. Constitution, and other statutes:

Strickland et al. v. United States Department of Agriculture et al., 2:24-cv-00060-Z (N.D. Tx 2024): On March 3, 2024, plaintiff farm owners sued the USDA over the administration of relief programs that allegedly allocated funds based on race or sex. The plaintiffs alleged that only a limited class of socially disadvantaged farmers, including certain races and women, qualify for funds under these programs. On June 7, 2024, the court granted in part the plaintiff’s motion for a preliminary injunction. The court enjoined the defendants from making relief payments based directly on race or sex. However, the court allowed defendants to continue to apply their method of appropriating money, if done without regard to the race or sex of the relief recipient.
- Latest update: On November 14, 2024, the USDA filed a motion for summary judgment. The USDA made two primary arguments: 1) its method of appropriating money is race and sex neutral; and 2) where it has directly taken into account race or sex, it has permissibly done so in order to remedy the lingering effects of historical discrimination, which would satisfy strict scrutiny.

2. Employment discrimination and related claims:

Missouri v. Int’l Bus. Machs. Corp., No. 24SL-CC02837 (Cir. Ct. of St. Louis Cty. 2024): On June 20, 2024, the State of Missouri filed a complaint against IBM in state court, alleging that the company violates the Missouri Human Rights Act by using race and gender quotas in its hiring and by basing employee compensation on participation in allegedly discriminatory DEI practices. The complaint cites a leaked video in which IBM’s Chief Executive Officer and Board Chairman, Arvind Krishna, allegedly stated that all executives must increase representation of ethnic minorities in their teams by 1% each year to receive a “plus” on their bonus. The complaint also alleges that employees at IBM have been fired or otherwise suffered adverse employment actions because they failed to meet or exceed these targets. The Missouri Attorney General seeks to permanently enjoin IBM and its officers from utilizing quotas in hiring and compensation decisions. On September 13, 2024, IBM moved to dismiss the suit, arguing that the “plus” bonus is not a “rigid racial quota,” but a lawful means of encouraging “permissible diversity goals.” IBM also argued that Missouri failed to assert sufficient facts to show that the “plus” bonus influenced any employment decisions in the state.
- Latest update: On November 8, 2024, the State of Missouri filed a “Suggestions in Opposition” to IBM’s motion to dismiss. Missouri first argued that IBM’s arguments are merits questions that cannot yet be addressed at the motion to dismiss stage. Missouri then argued that if the court considers the merits questions, it should hold that IBM’s racial quotas are unlawful in light of the Missouri Human Rights Act and the Supreme Court decision in Students for Fair Admissions.
Haltigan v. Drake, No. 5:23-cv-02437-EJD (N.D. Cal. 2023): A white male psychologist sued the University of California Santa Cruz, arguing that the school imposed a “loyalty oath” on prospective faculty candidates in violation of the First Amendment by requiring them to submit statements explaining their views on DEI. The plaintiff claimed that because he is “committed to colorblindness and viewpoint diversity”––which he alleged contradicts the University’s position on DEI––the University would compel him to alter his political views in order to obtain a faculty position. The plaintiff sought a declaration that the University’s DEI statement requirement violates the First Amendment and a permanent injunction against the enforcement of the requirement. On January 12, 2024, the district court granted UC Santa Cruz’s motion to dismiss with leave to amend. On March 1, 2024, the defendant moved to dismiss the plaintiff’s second amended complaint, arguing that the plaintiff lacks standing and failed to state claims of either First Amendment viewpoint discrimination or compelled speech.
- Latest update: On November 15, 2024, the district court granted UC Santa Cruz’s motion to dismiss the second amended complaint with leave to amend, finding that the plaintiff failed to cure the deficiencies identified in the court’s previous order. First, the court rejected the plaintiff’s claim that he had “competitor standing” because he failed to allege that he undertook any preparations specifically in anticipation of applying for the position or any other employment at UC Santa Cruz. Second, the court reaffirmed its initial finding that the plaintiff had not sufficiently alleged that it would be futile to apply without a DEI statement because the plaintiff’s own allegations demonstrated that the University could have advanced plaintiff’s application based on his academic and research accomplishments. Finally, the court found that the plaintiff’s argument that the University will inevitably post another opening that plaintiff is qualified for was speculative and insufficient to show an imminent injury.
Langan v. Starbucks Corporation, No. 3:23-cv-05056 (D.N.J. 2023): On August 18, 2023, a white, female former store manager sued Starbucks, claiming she was wrongfully accused of racism and terminated after she rejected Starbucks’ attempt to deliver “Black Lives Matter” T-shirts to her store. The plaintiff alleged that she was discriminated and retaliated against based on her race and disability as part of a company policy of favoritism toward non-white employees. On July 30, 2024, the district court granted Starbucks’ motion to dismiss, agreeing that the plaintiff’s claims under the New Jersey Law Against Discrimination were untimely and that she failed to sufficiently plead her tort or Section 1981 claims. The court found that she failed to allege that her termination was based on anything other than her “egregious” discriminatory comments and her violation of the company’s anti-harassment policy. On August 11, 2024, the plaintiff filed an amended complaint. On November 8, 2024, the defendant moved to dismiss the amended complaint, arguing that the additional facts alleged to explain plaintiff’s untimeliness—specifically, her difficulty obtaining a right to sue letter—were insufficient to state a claim.
- Latest update: The plaintiff filed her opposition to the motion to dismiss on November 25, 2024, arguing that her claims are timely under the doctrine of equitable tolling. Plaintiff also argued that she sufficiently alleged facts to support her claims of intentional infliction of emotional distress, racial discrimination, retaliation, and negligent retention, supervision, and hiring.
Dill v. International Business Machines, Corp., No. 1:24-cv-00852 (W.D. Mich. 2024): On August 20, 2024, America First Legal filed a reverse discrimination suit against IBM on behalf of a former IBM employee, alleging violations of Title VII and Section 1981. The plaintiff claims that IBM placed him on a performance improvement plan as a “pretext to force him out of [IBM] due to [its] stated quotas related to sex and race.” The plaintiff seeks back pay, damages for emotional distress, and a declaratory judgment that IBM’s policies violate Title VII and Section 1981. The complaint cites to a leaked video in which IBM’s Chief Executive Officer and Board Chairman, Arvind Krishna, allegedly states that all executives must increase representation of underrepresented minorities on their teams by 1% each year to receive a “plus” on their bonuses.
- Latest update: On November 20, 2024, Dill responded to IBM’s motion to dismiss, arguing that he sufficiently pled both direct and circumstantial evidence of improper termination and discrimination. Dill further argued that IBM relied on an unnecessarily burdensome pleading standard in their motion to dismiss.
Detillion v. Ohio Dep’t of Rehab. & Corr., No. 24-3347 (6th Cir. 2024): In July 2022, Lynn Detillion, a white woman, sued her union, the Ohio Civil Service Employees Association, and former employer, the Ohio Department of Rehabilitation and Correction, for violations of Title VII and Ohio discrimination law. Detillion alleged that the union discriminated against her based on her race and sex by declining to advocate on her behalf while advocating for a Black male union member and, similarly, that the department discriminated against her by reinstating the Black male guard, but not her. The district court granted summary judgment against her on all claims. She appealed.
- Latest update: On November 21, 2024, the Sixth Circuit upheld the district court’s finding that Detillion’s claims lacked merit.
EEOC v. Battleground Restaurants, No. 1:24-cv-00792 (M.D.N.C. 2024): On September 25, 2024, the U.S. Equal Employment Opportunity Commission (EEOC) filed a lawsuit against a sports bar chain, Battleground Restaurants, in federal district court in North Carolina. The lawsuit alleges that the chain refused to hire men for its front-of-house positions, such as server or bartender jobs, in violation of Title VII. This is one of over 50 lawsuits the EEOC filed in the last week of September, prior to the end of its fiscal year on September 30, 2024.
- Latest update: On November 25, 2024, Battleground Restaurants moved to dismiss or strike an improperly named defendant. Battleground Restaurants argued that the EEOC’s pattern or practice claims are “insufficiently pled, conclusory, and not plausible on their face,” and that the EEOC failed to conduct a “reasonable investigation” or give “adequate notice” to Battleground Restaurants.
Spitalnick v. King & Spalding, LLP, No. 24-cv-01367-JKB (D. Md. 2024): On May 9, 2024, Sarah Spitalnick, a white, heterosexual female, sued King & Spalding, alleging that the firm violated Title VII and Section 1981 by deterring her from applying to its Leadership Counsel Legal Diversity internship program. Spitalnick alleged that she believed she could not apply after seeing an advertisement that stated that candidates “must have an ethnically or culturally diverse background or be a member of the LGBT community.” On September 19, 2024, King & Spalding moved to dismiss, arguing that Spitalnick failed to state a claim, her claims were time-barred, and she lacked standing because she never applied to the program.
- Latest update: On November 8, 2024, Spitalnick responded to the firm’s motion to dismiss, arguing that her claim was not time-barred and that being deterred from applying was sufficient to confer standing.
Paul Fowler v. Emory University, No. 1:24-cv-05353 (N.D. Ga. 2024): On November 21, 2024, a former Emory University employee sued the university alleging that the Vice Provost for Career and Professional Development discriminated against white employees in investigations, discipline, hiring, and promotions. The plaintiff asserts employment discrimination claims arising from “unlawful race, gender, and age discrimination and retaliation” in violation of Title VII, the Age Discrimination in Employment Act, and Section 1981.
- Latest update: The docket does not yet reflect that the defendant has been served.

3. Challenges to agency rules, laws and regulatory decisions

Nat’l Ctr for Pub. Policy Research, et al. v. SEC, No. 23-60230 (5th Cir. 2023): The petitioners, Kroger shareholders, previously sought to require that Kroger Company include in its proxy materials a proposal requiring Kroger to issue a report detailing risks associated with omitting “viewpoint” and “ideology” from the list of protected characteristics in its equal opportunity policy. The SEC concluded that Kroger could exclude the proposal from its proxy materials. In April 2023, the petitioners sought judicial review of the SEC’s decision in the Fifth Circuit.
- Latest update: On November 14, 2024, the Fifth Circuit denied the petitioner’s motion for stay pending appeal and granted the SEC’s motion to dismiss for lack of jurisdiction and mootness. The court found that Kroger chose to include the challenged measure in its proxy materials, which extinguished any live controversy on appeal. The court also held that it lacked authority to resolve the dispute because the SEC failed to issue an order concerning this matter, final or otherwise.

4. Actions against educational institutions:

Chu, et al. v. Rosa, No. 1:24-cv-75 (N.D.N.Y. 2024): On January 17, 2024, plaintiffs—a minor child represented by her mother, and three non-profit organizations—sued the commissioner of the New York State Education Department, which administers the STEP program. The STEP program is designed to “assist eligible students in acquiring the skills, attitudes and abilities necessary to pursue professional study in post-secondary degree programs in scientific, technical and health-related fields.” The plaintiffs alleged that the STEP program is unconstitutional because it subjects Asian American students to different eligibility requirements than applicants of other races; specifically, Asian American applicants must show that they are economically disadvantaged to apply.
- Latest update: On November 22, 2024, the court denied the defendant’s motion to dismiss for lack of subject matter jurisdiction. The court held that the plaintiffs plausibly alleged an injury in fact under the “government erected barrier theory.” Under this theory, a plaintiff demonstrates an injury in fact if: 1) there exists a reasonable likelihood that the plaintiff is in a disadvantaged group, 2) there exists a government-erected barrier, and 3) the barrier causes members of that group to be treated differently from members of another group. Here, the court held that the plaintiffs were Asian Americans purportedly disadvantaged by the STEP program’s unique eligibility requirements for Asian Americans.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, [email protected])

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, [email protected])

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, [email protected])

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, [email protected])

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, [email protected])

Blaine H. Evanson – Partner, Appellate & Constitutional Law Group
Orange County (+1 949-451-3805, [email protected])

Michael Diamant and Melissa Farrar are the authors of “FCPA liability: when ‘Red Flags’ become ‘Knowledge’ of FCPA violations” published by Global Legal Insights on December 5, 2024.

This article was first published in Global Legal Insights – Bribery and Corruption 2025.

F. Joseph Warin, Winston Chan, Chris Jones, Christina Krokee, Samantha Hay and Yana Nebuchina are the authors of “Self-Reporting to the Authorities and Other Disclosure Obligations: the U.S. Perspective” [PDF] published by the Global Investigations Review on November 17, 2024.

This article was first published on Global Investigations Review in November 2024; for further in-depth analysis, please visit GIR “The Practitioner’s Guide to Global Investigations – Edition 9.”

On December 3, 2024, a federal district court in Texas ruled that the Corporate Transparency Act (CTA) is likely unconstitutional and preliminarily enjoined its enforcement nationwide. Accordingly, the rule’s requirements cannot currently be enforced against entities that would otherwise be subject to the rule. Thus, as it currently stands, reporting companies that were required to make a CTA filing by the end of the year are not required to do so, although that posture could change very quickly depending on the government’s next steps. This update briefly describes the ruling and what it means for CTA compliance moving forward.[1]

The Corporate Transparency Act, enacted in 2021, requires all corporations, limited liability companies, and certain other entities created (or, as to non-U.S. entities, registered to do business) in any U.S. state or tribal jurisdiction to file a beneficial ownership interest (BOI) report with the U.S. Financial Crimes Enforcement Network (FinCEN) identifying, among other information, the natural persons who are beneficial owners of the entity.[2] A regulation, the Reporting Rule, helps implement the CTA by specifying compliance deadlines—including a January 1, 2025 deadline for companies created or registered to do business in the United States before January 1, 2024—and detailing what information must be reported to FinCEN.[3]

On March 1, 2024, the U.S. District Court for the Northern District of Alabama ruled that the CTA is unconstitutional.[4] The court permanently enjoined the government from enforcing the CTA, but only as to the plaintiffs in that case.[5] The government appealed, and the Eleventh Circuit heard oral argument on September 27. The Eleventh Circuit’s decision in that case remains pending.

The December 3, 2024 Ruling

Six plaintiffs, among which include a small business named Texas Top Cop Shop, Inc. and the National Federation of Independent Business (NFIB), brought a lawsuit challenging the constitutionality of the CTA and the Reporting Rule on various grounds. On December 3, 2024, Judge Amos L. Mazzant of the U.S. District Court for the Eastern District of Texas granted the plaintiffs’ motion for a preliminary injunction.[6] Like the Northern District of Alabama, the court held that the CTA exceeds Congress’s enumerated powers. Specifically, in a 79-page opinion, Judge Mazzant ruled that it was likely that the plaintiffs would be able to prove that:

The CTA is not a proper exercise of Commerce Clause power because it does not regulate a channel or instrumentality of interstate commerce or any activity that substantially affects commerce[7]; and
The CTA cannot be justified under the Necessary and Proper Clause because, contrary to the government’s assertions, it is not rationally related to any enumerated power to regulate commerce, conduct foreign affairs, or collect taxes.[8]

The court’s reasoning about the scope of the Commerce Clause, Necessary and Proper Clause, foreign affairs power, and taxing power echoed that of the Northern District of Alabama. While the Northern District of Alabama enjoined enforcement of the CTA against only the plaintiffs in that case, the Eastern District of Texas went further. Observing that an injunction pertaining to plaintiff NFIB’s approximately 300,000 members would be tantamount to a nationwide injunction, the court concluded that it was appropriate to preliminarily enjoin enforcement of the CTA and the Reporting Rule nationwide.[9] Moreover, the court invoked its power under the Administrative Procedure Act’s stay provision, 5 U.S.C. § 705, to “postpone the effective date of” the Reporting Rule.[10]

Potential U.S. Government Response

The government has 60 days to appeal the district court’s preliminary injunction to the U.S. Court of Appeals for the Fifth Circuit, though it may do so earlier.[11] The government may also ask the district court or the Fifth Circuit for an emergency stay of the district court’s preliminary injunction in full or in part during the pendency of any appeal. Any such emergency application would be considered by the Fifth Circuit on an expedited basis. If the Fifth Circuit leaves the district court’s order in place, the government could then seek emergency relief in the Supreme Court, which could also stay the injunction pending appeal.

In the meantime, FinCEN will likely issue a notice clarifying its position on the impact of the district court’s order, including potentially extending the January 1, 2025 filing deadline.

Ultimately, the validity of the CTA is unlikely to be resolved nationwide without Supreme Court review or unanimous decisions from the federal courts of appeals who consider the question. Notably, district courts in Michigan,[12] Oregon,[13] and Virginia[14] have denied similar requests for preliminary injunctions against enforcement of the CTA. The Eastern District of Virginia, for example, concluded that the CTA is an exercise of Congress’s Commerce Clause power because it regulates an activity—operating a corporate entity as a going concern—that in the aggregate substantially affects interstate commerce.[15]

What the Ruling Means for Entities Subject to the CTA

Given the district court’s nationwide preliminary injunction and stay of the Reporting Rule’s effective date, the rule’s requirements cannot currently be enforced against entities that would otherwise be subject to the rule. Thus, as it currently stands, reporting companies that were required to make a CTA filing are not required to do so.

Given the possibility of either the Fifth Circuit or the Supreme Court staying the district court’s order pending appeal, however, reporting entities’ legal obligations are subject to change on short notice, and as a general matter companies should not assume that the January 1, 2025 deadline will ultimately be extended without further guidance from FinCEN. If either the Fifth Circuit or Supreme Court stay the district court’s order pending appeal, the Reporting Rule will become enforceable again, and the rule’s deadlines will become effective as to all entities that are not parties to the litigation in the Northern District of Alabama—though FinCEN may adjust those deadlines depending on how long the district court’s order remains in effect. It also remains to be seen whether the incoming administration will continue to defend the constitutionality of the CTA or not, although as a general rule the Department of Justice typically defends the constitutionality of federal statutes regardless of administration.[16]

Entities that believe they may be subject to the Reporting Rule should closely monitor this matter, and consult with their CTA advisors as necessary, to understand whether and when they need to comply with the Reporting Rule’s requirements and to allow for sufficient lead time in advance of any filing deadline.

We note that this ruling deals only with the federal CTA passed by Congress, not similar legislation passed by states such as New York, which have enacted similar requirements.[17] Gibson Dunn will continue to monitor CTA developments closely.

[1] Prior alerts by Gibson Dunn explaining the Corporate Transparency Act are available at: https://www.gibsondunn.com/top-12-developments-in-anti-money-laundering-enforcement-in-2023; https://www.gibsondunn.com/the-impact-of-fincens-beneficial-ownership-regulation-on-investment-funds; https://www.gibsondunn.com/the-corporate-transparency-act-reminders-and-key-updates-including-fincen-october-3-faqs.

[2] See William M. (Mac) Thornberry National Defense Authorization Act for Fiscal Year 2021, Pub. L. 116-283, Div. F., § 6403 (adding 31 U.S.C. § 5336).

[3] 31 C.F.R. § 1010.380.

[4] Nat’l Small Business United v. Yellen, 721 F. Supp. 3d 1260 (N.D. Ala. 2024); see https://www.gibsondunn.com/corporate-transparency-act-declared-unconstitutional-what-it-means-for-you.

[5] Nat’l Small Business Union et al. v. Yellen et al., No. 5:22-cv-01448, Dkt. 52 (N.D. Ala. 2024).

[6] Texas Top Cop Shop, Inc. et al. v. Garland et al., No. 4:24-CV-478, Dkt. 30 (E.D. Tex. Dec. 3, 2024).

[7] Id. at 35–53.

[8] Id. at 53–73.

[9] Id. at 74–75, 77.

[10] Id. at 78.

[11] Fed. R. App. P. 4(a)(1)(B).

[12] Small Business Ass’n of Mich. et al. v. Yellen et al., No. 1:24-cv-00314-RJJ-SJB, Dkt. 24 (W.D. Mich. Apr. 26, 2024).

[13] Firestone et al. v. Yellen et al., No. 3:24-cv-1034-SI, Dkt. 18 (D. Ore. Sept. 20, 2024).

[14] Cmty. Ass’ns Inst. et al. v. Yellen et al., No. 1:24-cv-1597 (MSN/LRV), Dkt. 40 (E.D. Va. Oct. 24, 2024).

[15] Id. at 14; see also Firestone, supra note 13, at 12–14.

[16] See https://www.gibsondunn.com/tools-of-transition-procedural-devices-could-help-president-elect-implement-agenda.

[17] See S.995-B/A.3484-A

The following Gibson Dunn lawyers assisted in preparing this update: Kevin Bettsteller, Stephanie Brooker, Matt Gregory, Justin Newman, Dave Ware, Sam Raymond, Chris Jones, and Connor Mui.

Please also feel free to contact any of the following practice group leaders and members and key CTA contacts:

This update provides a high-level summary of the Amendments and the implementation timeline and explains steps to take now to prepare for the transition to EDGAR Next.

On September 27, 2024, the U.S. Securities and Exchange Commission (the SEC) adopted amendments[1] (the Amendments) to Rules 10 and 11 of Regulation S-T and Form ID to make technical changes to the Electronic Data Gathering, Analysis, and Retrieval System (EDGAR) filer access and account management processes (referred to by the SEC as EDGAR Next). While there will be a steep learning curve associated with these significant procedural changes to EDGAR, they are expected to ultimately result in a filing system that is easier for filers and the individuals acting on their behalf to manage. As discussed in more detail in the section entitled “When Do the Changes Take Effect?” below, EDGAR Next is in a beta testing period now and will go live on March 24, 2025, though legacy EDGAR can still be used to make filings through September 12, 2025.

The Amendments, which received support from all five SEC Commissioners, are intended to enhance the security of EDGAR, improve the ability of filers to securely manage and maintain access to their EDGAR accounts, facilitate the responsible management of filer credentials, and simplify the procedures for accessing EDGAR. Chair Gary Gensler called the Amendments “an important next step for EDGAR account access protocols” and noted that they will benefit the Commission, filers, and investors alike.[2]

The adoption of EDGAR Next will, among other things, require filers to designate individuals to manage the filers’ EDGAR accounts and file on their behalf. To access EDGAR and make filings, these designated individuals will be required to have their own individual account credentials and complete multifactor authentication.

How Does EDGAR Next Work?

Individual Account Credentials Will Replace Filer Password, PMAC, and Passphrase

Currently, each filer, regardless of whether they are a company or an individual, is identified with a central index key (CIK) and has only one set of login credentials, consisting of a password, passphrase, CIK confirmation code (CCC), and password modification authorization code (PMAC). Using a filer’s password and CCC, any individual could access the filer’s EDGAR account and make filings.

EDGAR Next will continue to use the CIK and CCC but will retire the EDGAR password, PMAC, and passphrase (though existing filers’ passphrases will be needed to initially enroll in EDGAR Next, as described in the section entitled “How Does a Filer Enroll in EDGAR Next?” below). Under EDGAR Next, only authorized individuals, such as account administrators and authorized users, may access a filer’s EDGAR account and make filings on their behalf. To access a filer’s account, authorized individuals will need to log in to EDGAR with their own individual account credentials (obtained through Login.gov, a sign-in service of the U.S. government), complete multifactor authentication, and enter the relevant filer’s CIK and CCC. By limiting access to a filer’s account to only those individuals directly authorized by the filer and requiring such individuals to have their own personal EDGAR accounts, EDGAR Next’s updated access protocols provide additional security and traceability as compared to legacy EDGAR.[3]

Filers Will Be Required to Identify Individuals Authorized to Manage the Account

Under EDGAR Next, filers will be required to designate individuals to serve in the following roles, with each role having different responsibilities and privileges related to the filer’s EDGAR account: account administrator, user, technical administrator, and delegated entity. The Adopting Release provides the following chart depicting the key functions of each role:

Role	Submit filings, view CCC	Generate/ change CCC	Manage account administrators, users, technical administrators, and delegated entities	Delegate to another filer	Manage delegated users	Manage filer API token[4]	Manage user API token
Account Administrator	X	X	X	X			X
User	X						X
Technical Administrator						X
Delegated Administrator	X				X		X
Delegated User	X						X

Each role serves the following purposes:

Account administrators will manage the filer’s EDGAR account and serve as the points of contact for questions from the SEC staff regarding the filer’s account.[5] All entity filers are required to maintain at least two account administrators, and all individual filers (including single-member companies) are required to have one account administrator. Up to 20 account administrators may be assigned for each filer.[6] Account administrators are also responsible for managing the filer’s dashboard; adding and removing other account administrators, technical administrators, and users; creating and editing groups of users; and delegating filing authority to a delegated entity (such as a filing agent). Additionally, account administrators are responsible for performing an annual confirmation, which involves confirming the accuracy of the filer’s account information.[7]
- Entity Filers. An account administrator for a filer that is an entity could be an employee of the filer or the filer’s affiliate or an individual holding a notarized power of attorney authorizing them to serve as account administrator.[8]
- Individual Filers. Individual filers, such as Section 16 filers, may authorize relevant individuals at their filing agents, related issuers, or other representative entities to act as their account administrator. If an individual filer chooses not to make such an authorization, the individual will be responsible for managing his or her own account and filings.
Users are individuals authorized by a filer’s account administrator to make EDGAR submissions on the filer’s behalf.

Technical administrators are responsible for managing the technical aspects of a filer’s connection to EDGAR’s APIs (as discussed in more detail below).

Delegated entities are entities that another filer authorizes to make filings on its behalf. Since delegated entities must have their own EDGAR accounts, they must comply with the same requirements applicable to all filers, maintaining their own accounts with their own account administrators, users, and technical administrators. A delegated entity can be any EDGAR account, including but not limited to filing agents,[9] issuers making submissions on behalf of Section 16 filers, and parent companies of large groups of related filers. Delegated entities may receive delegated authority to file for an unlimited number of filers. In response to comments from filing agents, the dashboard will be enhanced to enable prospective delegated entities to send delegation requests to filers. Once a delegated entity has accepted a delegation, all the delegated entity’s account administrators will automatically become delegated administrators for the filer. These delegated administrators will then be able to authorize delegated users.

How Does a Filer Enroll in EDGAR Next?

Existing EDGAR Filers: Must Enroll by December 19, 2025 to Avoid the Need to Submit an Amended Form ID

Access to the EDGAR Next dashboard will be available starting March 24, 2025. Existing EDGAR filers who enroll in EDGAR Next by December 19, 2025 will generally not be required to submit a new Form ID. However, if an existing filer fails to enroll by December 19, 2025, the filer will be required to submit an amended Form ID to apply for EDGAR Next access.

To enroll, a person authorized by the filer will log in to the EDGAR Next dashboard using his or her individual account credentials and will verify their authorization by entering the filer’s CIK, CCC, and passphrase.[10] (This will be the last time the filer’s passphrase is needed.) Once verified, the individual will provide information on the individuals that will serve as the filer’s account administrators. If the above information is accurate and entered correctly, enrollment could be effective the same day that it is submitted.[11]

For individual filers, such as Section 16 filers, the same process applies. However, to alleviate the burden of enrollment and account management on individual and single-member company filers, EDGAR Next will allow these filers to, initially, authorize an individual at their filing agent or other third party to enroll them in EDGAR Next and, subsequently, authorize one or more individuals at these entities to act as their account administrators. A power of attorney is not required to permit an individual to enroll on the filer’s behalf. Instead, entering the filer’s CIK, CCC, and passphrase will act as validation of the filer’s intent.[12] This ability to delegate the enrollment and management of a filer’s account will be particularly helpful to Section 16 and Form 144 filers, reducing the burden of compliance with EDGAR Next. The practical effect of this is that, during the enrollment period, Section 16 and Form 144 filers can be enrolled in EDGAR Next by individuals working at the companies with which they are associated so long as those individuals have been authorized by the individual filer and have access to the individual filers’ legacy EDGAR access codes. Individual filers will need to authorize individuals to act on their behalf but will not be required to create their own credentials or have any direct involvement with EDGAR. If a filer does not act by December 19, 2025 and as a result is required to apply for access on amended Form ID, the filer must provide a signed and notarized power of attorney to permit a third party to enroll the filer on their behalf.

A person responsible for enrolling multiple filers in EDGAR Next (e.g., someone responsible for a company and its subsidiaries and/or all of a company’s Section 16 filers) will have the option of using bulk enrollment, a process by which multiple accounts can be enrolled by completing and uploading a spreadsheet template with the required information for each account.

New EDGAR Applicants: Form ID Will Be Amended to Require Certain Additional Information from EDGAR Applicants

Form ID is an online form used to apply for EDGAR access. Currently, to complete the Form ID, an applicant must provide the following: information about the applicant and filer, relevant contact information, and the signature of an authorized individual (such as the CEO or secretary of the company for an entity filer).

Beginning on March 24, 2025, the amended Form ID will become effective and will require applicants, among other things and in addition to previous requirements, to do the following:

Designate account administrators and provide a power of attorney for each designated account administrator that is not the applicant (for an individual applicant) or an employee of the applicant or the applicant’s affiliate (for an entity applicant). As mentioned above, account administrators must have individual account credentials, at least two must be assigned per filer (or one in the case of individual or single member company filers), and up to 20 can be assigned.
Provide its Legal Entity Identifier (LEI), if any. (The LEI is a global alphanumeric identifier used to uniquely and unambiguously identify a legal entity, which can be obtained through any Global Legal Entity Identifier Foundation (GLEIF) accredited organization.) Applicants that have not yet obtained an LEI will not be required to do so to submit Form ID.
Provide more specific contact information about the filer, its account administrators, the individual authorized to sign Form ID on the filer’s behalf, and the billing contact responsible for filing fees.
Provide a history of past securities law violations, specifically whether the applicant, its account administrator, the individual authorized to sign Form ID on the filer’s behalf, the billing contact, or the person signing a power of attorney has been criminally convicted or enjoined, barred, suspended, or banned in any capacity as a result of a securities law violation.
Indicate whether the applicant is in good standing with its state or country of incorporation.[13]

The person submitting a Form ID on a prospective filer’s behalf need not be one of the applicant’s prospective account administrators. Once the Form ID application is granted, account administrators will be able to log in to EDGAR with their individual credentials obtained through Login.gov to access the filer’s dashboard and generate a CCC. Once the account administrators have access to the filer’s dashboard, they can add additional account administrators without the need to provide additional powers of attorney for each new non-employee administrator.

How Can a Filer Minimize Their Manual Interaction with EDGAR?

While the Amendments aim to make EDGAR Next user-friendly, they also provide a way for filers to limit their need to interact with the system altogether. EDGAR Next will include optional Application Program Interfaces (APIs), which allow machine-to-machine authentication—a process commonly used by filing agents—as an alternative to making filings through the EDGAR website. EDGAR Next will include a total of 15 optional APIs.[14] Among other things, these APIs will allow filing applications (such as those created and operated by DFIN, Workiva, Toppan Merrill, and other filing agents) to replicate much of the dashboard account management functionality, allowing filers to manage their EDGAR accounts with minimal manual interaction with EDGAR. For example, APIs will allow filers to make live and test submissions on EDGAR, check the status of an EDGAR submission, and check EDGAR operational status. According to SEC Chair Gary Gensler, these APIs “will help enhance how filers, including registrants and their agents, can access EDGAR, retrieve information, and submit bulk filings” and will “promote efficiency for filers and the Commission alike.” To use and manage these APIs, filers will be required to designate two individuals as technical administrators.[15]

When Do the Changes Take Effect?

September 30, 2024: Beta testing opened on September 30, 2024, and will continue until at least December 19, 2025. During this period, filers are able to test the EDGAR Next changes in the “Adopting Beta” environment, a testing environment that is separate from the live EDGAR system.[16] This period can also be used to prepare for the implementation of EDGAR Next. For example, among other things, filers can determine their account administrators, encourage the relevant individuals to obtain their individual account credentials through Login.gov, and gather information needed to enroll prior to EDGAR Next’s launch on March 24, 2025.

March 24, 2025: The new EDGAR Next dashboard will go live on March 24, 2025, and existing filers (or individuals authorized to act on their behalf) will obtain access by enrolling on the dashboard using the filers’ legacy EDGAR access codes. New filers (and existing filers unable to enroll) must complete the newly amended Form ID, the application for access to EDGAR Next. Once live, the dashboard will be available during EDGAR operating hours, 6 a.m. to 10 p.m. Eastern Time each day except Saturdays, Sundays, and Federal holidays. To access the EDGAR Next dashboard, individuals will be required to log in with the individual account credentials obtained through Login.gov.

September 15, 2025: Compliance with EDGAR Next will be required in order to file beginning September 15, 2025. Filers may continue to enroll (but not file) using legacy EDGAR access codes until December 19, 2025. However, we recommend enrolling well in advance of any anticipated filings in order to avoid last-minute issues. Beginning December 22, 2025, as discussed above, existing filers who have not enrolled or been granted access on the amended Form ID will be required to submit the amended Form ID to access their EDGAR account.

What Should I Be Doing Now?

While EDGAR Next is intended to make managing an EDGAR account easier, the transition to EDGAR Next will involve certain administrative burdens for filers and individuals acting on their behalf. To be ready for the transition, we recommend the following:

Collect legacy EDGAR access codes. Existing filers or individuals authorized to act on their behalf will need to use the filers’ legacy EDGAR access codes (specifically their CIK, CCC, and passphrase) to enroll in EDGAR Next once it goes live. Check to make sure you have the codes of any entities or individual filers for which you are responsible and confirm that the codes work and have not expired. If any of your EDGAR access codes have been lost, you may reset them here.[17]
Identify individuals who will serve in various roles. Decide now who will serve as account administrators, users, and technical administrators for the EDGAR accounts of any entities or individual filers for which you are responsible. You can also decide which individuals will handle enrollment for the filers. It is common for multiple companies to handle EDGAR submissions for Section 16 filers who are directors or more than 10% holders, so those companies and the Section 16 filer will need to coordinate to determine who is going to enroll the filer in EDGAR Next once it goes live and who will serve as account administrator(s) for the Section 16 filer. If an individual filer authorizes multiple account administrators, the individual filer should consider which of the account administrators will perform the annual confirmation on the filer’s behalf and communicate that to the various account administrators.
Determine how filers will authorize individuals to enroll them in EDGAR Next and serve as account administrators. As noted above, during the enrollment period, presentation of a power of attorney for the person performing enrollment or being authorized as an account administrator will not be necessary (entering the CIK, CCC, and passphrase will serve as validation of the filer’s intent); however, the Adopting Release urges all filers to carefully coordinate regarding the person they will authorize to enroll them. For any filers for which you are responsible, decide in advance the process whereby entities and individual filers will authorize an individual at their filing agent or other third party to enroll them in EDGAR and designate individual account administrator(s) (e.g., power of attorney, email, some other form of writing).
Encourage individuals to obtain Login.gov credentials. All individuals who make submissions on behalf of a company or its Section 16 filers, or who manage the EDGAR access codes of those filers (likely members of the legal and financial reporting teams), should obtain Login.gov account credentials well before March 24, 2025. This will allow them to test the Adopting Beta and also hit the ground running when EDGAR Next goes live.
Take Advantage of the Adopting Beta. If you expect to be tasked with managing a filer’s EDGAR account, consider familiarizing yourself with EDGAR Next via the Adopting Beta environment. Everything you need to access the Adopting Beta can be found at this website. A few things to note:
- The Adopting Beta is separate from the live EDGAR system—anything in Adopting Beta is fictional and won’t carry over.
- Users should use an email they intend to use for EDGAR Next when creating Login.gov credentials for the Adopting Beta. These credentials can be reused for EDGAR Next once it goes live.
- To test in the Adopting Beta, users submit a Form ID to get a fictitious CIK and “account admin” role, which is only for the Adopting Beta.
- Only enter fictional info in the Adopting Beta, except for real names/emails for Login.gov.

While users of the Adopting Beta are encouraged to report technical bugs to the SEC, the utility of the Adopting Beta is much broader than this, and we think it is worth taking advantage of the opportunity to try out EDGAR Next before it goes live.

Update onboarding process to account for amended Form ID. After March 24, 2025, any new Section 16 filers will need to designate account administrators and provide certain other information (e.g., information regarding history of past securities law violations and good standing) in connection with the amended Form ID. To prepare for this, onboarding processes can be adjusted now to request this information.
Coordinate with filing agents. You should coordinate with any filing agents you currently use to ensure that the filing agent is implementing appropriate processes to prepare for a smooth transition. The filing agents should be able to explain how they expect to manage your EDGAR account through the various APIs available and what they will need you to do to authorize them to act on your behalf.

What Other Resources are Available?

Instructional Videos. Videos introducing EDGAR Next topics and providing step-by-step instructions are available on the SEC’s YouTube channel:

Obtaining individual account credentials (explains how to use Login.gov to obtain individual account credentials to access EDGAR Next)
Overview of EDGAR Filer Management dashboard (explains how to navigate the EDGAR Next user interfaces for individual accounts and for filers)
Overview of account administrator role (explains what the account administrators authorized by filers will do in EDGAR Next)
Enrolling in EDGAR Next (Note: not yet uploaded as of the time of publication)
Applying for EDGAR access (explains how to use EDGAR Next to submit a Form ID for a new filer (or an existing filer in certain circumstances))

Other Online Resources. The SEC’s dedicated EDGAR Next website includes detailed discussions regarding the transition to EDGAR Next and the Adopting Beta, among other topics. The EDGAR Business Office has also published this guide intended to help with enrolling individual filers (e.g., Section 16 filers) in EDGAR Next.

Contact Info. Finally, filers may email [email protected] or call Filer Support at (202) 551-8900 Option #2 for additional assistance.

What’s Next?

We will be monitoring further developments as the SEC transitions to and implements EDGAR Next. Commissioner Mark T. Uyeda noted that “[o]ver the next 15 months, the [SEC] staff will need to work with filers, filing agents, and the rest of the filing community to carry out—and implement changes from—additional beta testing of EDGAR Next functionalities.”[18] Commissioner Uyeda’s statement suggests that the SEC staff will be taking feedback from filers during the beta testing period and implementing further changes.

Our Securities Regulation and Corporate Governance attorneys are available to assist with any questions on relating to the transition to EDGAR Next.

[1] See SEC Release No. 33-11313, EDGAR Filer Access and Account Management (the Adopting Release), available here.

[2] See Chair Gary Gensler “Statement on EDGAR” available here.

[3] The EDGAR Filer Manual is being amended to clarify that individual account credentials may not be shared with other individuals as these credentials are intended to identify the individual taking action on EDGAR. See Adopting Release at Section II.B.

[4] APIs, or Application Program Interfaces, are discussed below.

[5] EDGAR Next will offer an option to allow account administrators to designate one account administrator as the filer’s primary EDGAR point of contact. The first account administrator listed on Form ID or an existing filer’s enrollment will by default be designated as the primary point of contact. See Adopting Release at Section II.B.1.

[6] The Adopting Release encourages filers to authorize more than the minimum number of account administrators, if possible, because if all account administrators for a filer cease to be available to manage the filer’s account, the filer will be required to submit a new Form ID to authorize new account administrators. See Adopting Release at Section II.B.1.b.

[7] EDGAR will allow account administrators to select one of four quarterly dates as the filer’s ongoing confirmation deadline: March 31, June 30, September 30, and December 31 (or the next business day if the date falls upon a weekend or holiday when EDGAR is not operating); however, an account administrator may choose to perform confirmation at an earlier date within the quarter when confirmation is due. See Adopting Release at Section II.B.1.d.

[8] Filers are required to provide a notarized power of attorney for account administrators only when the account administrators are included on Form ID. There is no such requirement for account administrators added through the filer’s dashboard. See Adopting Release at Section II.B.1.a.

[9] The Amendments define “filing agent” to include law firms, financial services companies, broker dealers when making submissions on behalf of individuals filing pursuant to Section 16 of the Exchange Act, and other entities engaged in the business of submitting EDGAR filings on behalf of their clients. See Adopting Release at Section II.C.3. and fn. 129.

[10] Filers that have lost or forgotten their CCC will be able to reset it by providing their CIK and passphrase and using the “Generate New EDGAR Access Codes” option in the EDGAR Filer Management website until March 21, 2025. Filers that have lost or forgotten their passphrase may automatically reset their passphrase by requesting a security token be sent to their point of contact email address on record in EDGAR, consistent with current practice. See Adopting Release at Section II.H.1.b. and fn. 208.

[11] As a security measure, following a filer’s enrollment in EDGAR Next, the filer’s CCC will be automatically reset. The new CCC will appear on the dashboard for all individuals with the ability to make submissions on the filer’s behalf, so it will not need to be separately communicated.

[12] See Adopting Release text accompanying and following fn. 39.

[13] The Adopting Release notes that “[a]lthough the lack of good standing will not prevent a company from obtaining EDGAR access, this information could be relevant in determining whether it may be appropriate for the staff to review additional documentation as part of its assessment of the application.” Adopting Release at Section II.F.3.

[14] Information regarding the 15 APIs is available here.

[15] The SEC has clarified that “the role of technical administrator could be filled by someone with a primarily administrative background” and that software or other technology expertise is not required. See Adopting Release at Section II.B.3.

[16] More information regarding beta testing can be found in the SEC’s EDGAR Next Filer Testing Guidance, available here.

[17] To generate new a PMAC, password, or CCC, you will need access to your CIK and passphrase. To reset your passphrase, you will need access to your CIK.

[18] See Commissioner Mark T. Uyeda’s “Statement on EDGAR Next” available here.

The following Gibson Dunn lawyers assisted in preparing this update: Mike Titera, Ron Mueller, Tom Kim, Aaron Briggs, Elizabeth Ising, David Korvin, Rob Kelley, Antony Nguyen, and Caroline Bakewell.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation and Corporate Governance practice group, the authors, or any of the following practice leaders and members:

Securities Regulation and Corporate Governance:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202.955.8287, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949.451.4343, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212.351.2309, [email protected])
Brian J. Lane – Washington, D.C. (+1 202.887.3646, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, [email protected])
Michael A. Titera – Orange County (+1 949.451.4365, [email protected])
Aaron Briggs – San Francisco (+1 415.393.8297, [email protected])
Julia Lapitskaya – New York (+1 212.351.2354, [email protected])

This alert discusses regulations under section 752 regarding the allocation of partnership recourse liabilities.[1] The regulations were proposed more than a decade ago.[2]

Earlier today, December 2, 2024, the IRS and Treasury published in the Federal Register final regulations (the “Final Regulations”) regarding the allocation of partnership recourse liabilities.[3] The Final Regulations resolve some uncertainties and ambiguities surrounding the determination of which partner has “economic risk of loss” or “EROL” with respect to a liability by adding ordering and tie-breaking rules and expanding, ever so slightly, on the meaning of the term “economic risk of loss.” The more significant changes are listed below, and a more detailed discussion of the Final Regulations follows.

Overlapping economic risk of loss. The Final Regulations adopt an explicit proportionality rule to address situations in which the partners, in aggregate, otherwise would have more EROL with respect to a partnership liability allocated to them than the total amount of the liability.

Direct economic risk of loss. The Final Regulations introduce the concept of “direct” EROL, which arises by reason of the actions or status of a person (as opposed to EROL that arises by reason of the actions or status of a related person, which the Final Regulations implicitly define as “indirect”).

Tiered partnerships. The Final Regulations modify an existing tiered partnership rule to resolve a long-standing conflict between the general rule regarding the allocation of recourse liabilities and a special tiered partnership rule. Specifically, the Final Regulations allocate to an upper-tier partnership (“UTP”) the portion of a liability of a lower-tier partnership (“LTP”) with respect to which UTP and a UTP partner have direct EROL, unless that UTP partner is also a partner in LTP. If the UTP partner is also a partner in LTP, LTP allocates to that LTP partner the portion of the LTP liability with respect to which that partner has EROL.

Related-partner exception. The Final Regulations clarify the scope of the related-partner exception, which was litigated in IPO II v. Commissioner.[4] Under the exception, if a person that holds a partnership interest (directly or indirectly through another partnership) has direct EROL for a partnership liability, that person is treated as unrelated to all other direct and indirect partners of that partnership for purposes of allocating that liability.

Person related to more than one partner. If an unrelated third party has direct EROL for a partnership liability and is related to two or more partners, those partners share that liability in accordance with their interests in partnership profits.

The Final Regulations generally are applicable for partnership liabilities incurred on or after December 2, 2024, although a partnership generally may elect to apply the Final Regulations to all (but not some) of its previously incurred or assumed liabilities.

Background

The Final Regulations finalize regulations that were proposed in 2013.[5] The IRS and Treasury (somewhat wryly) note in the preamble that the government is “mindful” of that length of time.[6]

Section 752 and the regulations interpreting it (the “section 752 regulations”) generally require a partnership to allocate its liabilities among its partners. Fundamental to the operation of the section 752 regulations is their initial division of liabilities into “recourse” and “nonrecourse” liabilities. Under what is often referred to as the “atom bomb” test, a liability is recourse for this purpose to the extent that a partner (or someone related to a partner) would be obligated to make a payment to the creditor if all of the partnership’s assets, including cash, became worthless and the liability became due. To the extent that all or part of a liability is not recourse to a partner (or someone related to a partner), the liability is nonrecourse. Recourse and nonrecourse liabilities are allocated under two distinct sets of rules. Very generally, recourse liabilities are allocated to the partner who has the payment obligation (or, in the parlance of the section 752 regulations, bears the “economic risk of loss” with respect to the liability). Nonrecourse liabilities are allocated in accordance with a somewhat more complex (and flexible) regulatory framework that is beyond the scope of this alert.[7]

The Final Regulations deal only with a handful of specific but important rules (generally in the nature of “tie breaker” rules) regarding recourse liabilities, making changes to Treas. Reg. §§ 1.752-2 and 1.752-4. These changes are discussed below.

Treas. Reg. § 1.752-2

Treas. Reg. § 1.752-2 contains the core rules relating to recourse liabilities. The Final Regulations modify those rules in a handful of ways.

1. Overlapping economic risk of loss

The section 752 regulations have long provided that the amount of partnership liabilities is taken into account only once.[8] Before the Final Regulations, however, it was unclear how to address a situation in which more than one partner bears EROL for the same liability. Consider the following example:

Example 1. A and B are 70:30 partners, respectively, in partnership AB, which has borrowed $100 from a bank. Each of A and B has guaranteed repayment of the entire amount of the loan.[9]

To avoid double counting EROL in this circumstance, under final Treas. Reg. § 1.752-2(a)(2), the amount of EROL each partner is treated as bearing is determined by multiplying the amount of the liability by a fraction, the numerator of which is the EROL the partner bears, and the denominator of which is the total EROL of all partners.

In Example 1, the amount of the liability is $100, and the fraction for each of A and B is $100/$200. Each partner has $100 EROL because each has guaranteed repayment of the liability; aggregate EROL is $200 because there are two partners, each of whom has $100 of EROL.

2. Direct economic risk of loss

For decades, the section 752 regulations have included only the concept of EROL. EROL can arise in various ways, including by the actions or status of the partner or someone related to a partner. For example, under the section 752 regulations, a partner may have EROL for a partnership liability because the partner (or the partner’s child or other related person) guaranteed repayment of the liability.

The Final Regulations introduce the concept of “direct” EROL, which arises when a person itself takes action, such as guaranteeing repayment of a partnership liability, lending money to a partnership, or pledging property as collateral in respect of a partnership liability, that gives rise to EROL.[10] By implication, all other EROL is indirect. Although this is not a substantive change, it clarifies and simplifies portions of the section 752 regulations, making them easier to understand.

3. Tiered partnerships

The section 752 regulations have long provided that a UTP bears EROL for a liability of an LTP to the extent UTP or a partner in UTP has EROL for that liability. The section 752 regulations did not, however, explain how to allocate a liability of an LTP if a partner in UTP is also a partner in LTP and that partner bears EROL for a liability of LTP. That is, it was unclear whether LTP was required to allocate all or a portion of the liability directly to that partner under the general rule of Treas. Reg. § 1.752-2(a) or, instead, to UTP under the tiered partnership rule of Treas. Reg. § 1.752-2(i) (or, perhaps, to both combining the two rules).

Example 2. A is a partner in UTP. A and UTP are the only partners in LTP, which has borrowed $100 from a bank. A has guaranteed repayment of the liability.

Under the section 752 regulations in effect before the Final Regulations, the answer was unclear. The Final Regulations address this relatively common situation by modifying the tiered partnership rule such that LTP allocates LTP liabilities to UTP to the extent UTP has direct EROL, as well as LTP liabilities for which a UTP partner bears EROL, but only if that partner is not also a partner in LTP.[11] Thus, in Example 2, LTP would allocate the $100 liability directly to A.

The tiered partnership rule applies before the overlapping EROL rule described above.[12]

Treas. Reg. § 1.752-4

Treas. Reg. § 1.752-4 contains a series of special rules—essentially rules that do not quite fit elsewhere in the section 752 regulations. The Final Regulations modify Treas. Reg. § 1.752-4 in three significant ways, each of which is described below.

1. Disregarding constructive ownership rules applicable to partnership subsidiaries

Since the Treas. Reg. § 1.752-4 regulations were first promulgated, they have provided that, for purposes of determining the extent to which a partner has EROL for a liability, the constructive ownership rules of sections 267 and 707 apply with certain modifications. Even as modified, however, the constructive ownership rules could inappropriately create the technical existence of EROL in situations in which none properly existed. The Final Regulations correct this shortcoming.

Example 3. A and B are 80:20 partners in AB partnership, which owns all of the stock of Corporation. Corporation lends $100 to AB.

Under the section 752 regulations in effect before the Final Regulations, A was treated as owning 80 percent of the stock of Corporation, making Corporation a “related person” with respect to A. This caused A to be treated as bearing EROL with respect to AB’s liability. The Final Regulations appropriately disregard those constructive ownership rules, with the result being that the liability is nonrecourse and generally allocated 80 percent to A and 20 percent to B.

Specifically, the Final Regulations modify the constructive ownership rules by (very generally) disregarding the application of sections 267(c)(1) and 1563(e)(2) in determining whether a subsidiary (whether a partnership or a corporation) of a partnership is treated as owned by its partner if the subsidiary bears direct EROL for a partnership liability.[13] In those situations, the constructive ownership rules will not cause that liability to be treated as recourse.

2. The related-partner exception

The “related-partner exception” was intended to ensure that if a direct or indirect partner bore direct EROL, persons related to that partner would not be treated as bearing EROL by reason of the applicable constructive ownership rules. The text of the section 752 regulations in effect before the Final Regulations was not particularly clear, leading to litigation and considerable uncertainty.[14]

The Final Regulations provide that if a person owns an interest in a partnership (either directly or through another partnership) and that person has direct EROL for a partnership liability, then that person is treated as unrelated to all other persons who own interests in that partnership (either directly or through another partnership).[15] This exception is best understood through two examples.

Example 4. A owns all of the stock of corporations X and Y. A and Y own all of partnership AY, which has borrowed $100 from a bank. Each of A and X has guaranteed repayment of the $100.

Under the related-partner exception, A and Y are not treated as related because A is a person who owns an interest in AY (directly or indirectly through another partnership) and has direct EROL for the liability by reason of the guarantee. Because A and Y are not treated as related, X and Y are also not treated as related. As a result, none of A’s EROL and none of X’s EROL is attributed to Y. This causes A to be the only AY partner with EROL for the $100 liability (requiring that AY allocate the entire liability to A).

Example 5. A owns all of the stock of corporations X and Y. X and Y are equal partners in partnership XY. Also, X owns 79 percent, and Y owns 21 percent, of the stock of corporation Z. XY has borrowed $100 from a bank, and X and Z have each guaranteed repayment of the borrowing.

Because X is a partner in XY and bears direct EROL (by reason of the guarantee), X is not treated as related to Y. Three conclusions follow from this. First, none of X’s EROL is shared with Y. Second, because X and Y are not treated as related to each other and neither X nor Y owns 80 percent of Z, Z is treated as unrelated to both X and Y, with the result that its guarantee has no effect on the allocation of the liability. Finally, and as a result, the entire liability is allocated to X.

3. Person related to more than one partner

What happens if a person who has direct EROL for a partnership liability is related to two or more partners, such that total EROL exceeds the amount of the partnership’s liability? Although the overlapping EROL rule could apply in such a situation, the Final Regulations make the overlapping EROL rule inapplicable and instead apply a special rule.[16]

Example 6. A owns all of the stock of corporation X, which owns all of the stock of corporation Y. A owns 40 percent, and X owns 60 percent, of partnership AX, which has borrowed $100 from a bank. Y has guaranteed repayment of the borrowing.

Under the constructive ownership rules, Y is related to both A and X. The overlapping EROL rule, discussed above, would allocate the liability equally to A and X. As explained in the preamble to the Final Regulations, however, the IRS and Treasury were not satisfied with this result and instead crafted a special rule to address this situation. Under that special rule, A and X will share the liability in proportion to their interests in the profits of partnership AX, which likely is consistent with the manner in which taxpayers would have expected the liability to be allocated.

Importantly, this approach differs from both the approach to the allocation of recourse liabilities (i.e., in accordance with loss exposure) and the manner in which nonrecourse liabilities are allocated (i.e., in accordance with the more complex rules of Treas. Reg. § 1.752-3(a), which includes a three “tier” approach). It is unclear whether the term “profits” in the Final Regulations should be interpreted so as to allow taxpayers to use some or all of the allocation methods described in Treas. Reg. § 1.752-3(a)(3).

The related-partner exception applies before the “person related to more than one partner” rule, which, in turn, applies before the overlapping EROL rule.[17]

Applicability dates

The Final Regulations apply to any liability incurred or assumed by a partnership on or after December 2, 2024, subject to three exceptions.[18]

Written binding contract exception. A liability incurred or assumed by a partnership pursuant to a written binding contract in effect before December 2, 2024 generally is not subject to the Final Regulations.

Refinancing exception. To the extent that the proceeds of a partnership liability (the “refinancing liability”) are allocable under the rules of Temp. Treas. Reg. § 1.163-8T to payments discharging all or part of any other liability (the “old liability”) of that partnership, the refinancing liability will be treated as though it had been incurred or assumed by the partnership before December 2, 2024, but only to the extent of the amount and duration of the old liability.

Election to apply the Final Regulations to all partnership liabilities. A partnership may apply the Final Regulations to all of its liabilities, including liabilities incurred or assumed before December 2, 2024, for any tax return filed on or after December 2, 2024, provided the partnership consistently applies all of the rules in the Final Regulations to its liabilities.

[1] Unless indicated otherwise, all “section” references are to the Internal Revenue Code of 1986, as amended (the “Code”), and all “Treas. Reg. §” are to the Treasury regulations promulgated under the Code, in each case as in effect as of the date of this alert.

[2] A discussion of the proposed regulations can be found in New York State Bar Association Tax Section Report No. 1307, The Proposed Regulations on the Allocation of Partnership Liabilities and Disguised Sales (May 30, 2014). For a detailed discussion of the regulations governing the allocation of partnership recourse liabilities, including the more significant issues addressed by the regulations discussed in this alert, see Eric Sloan and Jennifer Alexander, Economic Risk of Loss: The Devil We Think We Know, 84 Taxes 239 (Mar. 1, 2006).

[3] T.D. 10014, 89 Fed. Register 231 (Dec. 2, 2024). The Final Regulations were released to the public on November 29, 2024.

[4] 122 T.C. 295 (2004).

[5] 78 Fed. Register 76092 (Dec. 16, 2013).

[6] The preamble also states that “[t]he regulations are issued under the express delegation of authority under section 7805(a) of the Code.” Explicit references to section 7805(a) started to appear in Notices of Proposed Rulemaking published by the IRS and Treasury beginning in September 2024. Without an express grant of regulatory authority for the Final Regulations, it is unclear whether, or to what extent, the Final Regulations would receive more than Skidmore deference on judicial review. Skidmore v. Swift & Co., 323 U.S. 134 (1944). For a more detailed discussion of the deference issue, see our alert discussing the Supreme Court’s recent decision in Loper Bright Enterprises v. Raimondo, 144 S. Ct. 2244 (2024).

[7] See Treas. Reg. § 1.752-3.

[8] Treas. Reg. § 1.752-4(c).

[9] The examples in this alert are drawn from or inspired by examples in the Final Regulations. In the examples in this alert, each partnership is a limited liability company, each member of each limited liability company is referred to as a partner, and there is no credit support arrangement with respect to any liability except as noted.

[10] Treas. Reg. § 1.752-2(a)(3).

[11] Treas. Reg. § 1.752-2(i)(1).

[12] Treas. Reg. § 1.752-2(i)(2).

[13] Treas. Reg. § 1.752-4(b)(iv).

[14] IPO II, supra note 4.

[15] Treas. Reg. § 1.752-4(b)(2). The related-partner exception does not apply when determining a partner’s interest under the de minimis rules in Treas. Reg. §§ 1.752-2(d) and (e).

[16] Treas. Reg. § 1.752-4(b)(3).

[17] Treas. Reg. § 1.752-4(e).

[18] Treas. Reg. §§ 1.752-2(l)(4) and -5(a).

The following Gibson Dunn lawyers prepared this update: Eric B. Sloan, Michael J. Desmond, Matt Donnelly, James Jennings, Kate Long, Galya Savir, and Jason Zhang*.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Tax and Tax Controversy and Litigation practice groups:

Tax:
Dora Arash – Los Angeles (+1 213.229.7134, [email protected])
Sandy Bhogal – Co-Chair, London (+44 20 7071 4266, [email protected])
Michael Q. Cannon – Dallas (+1 214.698.3232, [email protected])
Jérôme Delaurière – Paris (+33 (0) 1 56 43 13 00, [email protected])
Michael J. Desmond – Los Angeles/Washington, D.C. (+1 213.229.7531, [email protected])
Anne Devereaux* – Los Angeles (+1 213.229.7616, [email protected])
Matt Donnelly – Washington, D.C. (+1 202.887.3567, [email protected])
Pamela Lawrence Endreny – New York (+1 212.351.2474, [email protected])
Benjamin Fryer – London (+44 20 7071 4232, [email protected])
Evan M. Gusler – New York (+1 212.351.2445, [email protected])
Kathryn A. Kelly – New York (+1 212.351.3876, [email protected])
Brian W. Kniesly – New York (+1 212.351.2379, [email protected])
Loren Lembo – New York (+1 212.351.3986, [email protected])
Gregory V. Nelson – Houston (+1 346.718.6750, [email protected])
Benjamin Rapp – Munich/Frankfurt (+49 89 189 33-290, [email protected])
Jennifer Sabin – New York (+1 212.351.5208, [email protected])
Eric B. Sloan – Co-Chair, New York/Washington, D.C. (+1 212.351.2340, [email protected])
Edward S. Wei – New York (+1 212.351.3925, [email protected])
Lorna Wilson – Los Angeles (+1 213.229.7547, [email protected])
Daniel A. Zygielbaum – Washington, D.C. (+1 202.887.3768, [email protected])

Tax Controversy and Litigation:
Michael J. Desmond – Co-Chair, Los Angeles/Washington, D.C. (+1 213.229.7531, [email protected])
Saul Mezei – Washington, D.C. (+1 202.955.8693, [email protected])
Sanford W. Stark – Co-Chair, Washington, D.C. (+1 202.887.3650, [email protected])
C. Terrell Ussing – Washington, D.C. (+1 202.887.3612, [email protected])

*Anne Devereaux, of counsel in the firm’s Los Angeles office, is admitted to practice in Washington, D.C. Jason Zhang, an associate in New York, is not yet admitted to practice.