Partners from Gibson Dunn’s antitrust and corporate practice groups discuss proposed changes and additions to the Hart-Scott-Rodino Premerger notification form, including a review of key changes, their potential impact on HSR filing preparation and transaction timelines, as well as preliminary thoughts on new best practices to address these developments.
PANELISTS:
Christopher M. Wilson is a partner in the Washington, D.C. office of Gibson Dunn & Crutcher. He is a member of the firm’s Antitrust and Competition Practice Group. Mr. Wilson assists clients in navigating DOJ, FTC, and international competition authority investigations as well as private party litigation involving complex antitrust and consumer protection issues, including matters implicating the Sherman Act, the Clayton Act, the FTC Act, the Hart-Scott-Rodino (HSR) merger review process, as well as international and state competition statutes. His experience crosses multiple industries, including health insurance, transportation, telecommunications, technology, energy, agriculture, and biotechnology, and his particular areas of focus include merger enforcement, interlocking directorates, joint ventures, compliance programs, and employee “no-poach” agreements. He is also well-versed in cross-border investigations involving the European Union, the United Kingdom, Canada, Brazil, Japan, Korea, and Saudi Arabia, among other jurisdictions.
Sophia (Vandergrift) Hansell is a partner in the Washington, D.C. office of Gibson, Dunn and Crutcher. She is a member of the Antitrust and Competition Practice Group. Before joining the firm, Ms. Hansell served as an attorney in the Mergers IV Division of the Federal Trade Commission’s Bureau of Competition, where she focused on merger review and enforcement litigation. At the FTC, Ms. Hansell was a core member of trial teams that blocked proposed mergers for Sysco and US Foods, Advocate Health Care and NorthShore University HealthSystem, and Wilhelmsen and Drew Marine. Previously, Ms. Hansell served in the United States Attorney’s Office for the District of Columbia as a Special Assistant United States Attorney in the General Crimes Division. Leveraging her experience in government enforcement, Ms. Hansell’s practice focuses on complex antitrust litigation and investigations before the Department of Justice, Federal Trade Commission, and state attorneys general. She also has experience counseling companies on a broad range of competition issues relating to M&A transactions, including pre-deal risk assessments, transaction negotiations, and gun jumping issues. Ms. Hansell also develops and executes strategies to secure merger clearance with U.S. and foreign competition authorities.
Jamie France is of counsel in the Washington, D.C. office of Gibson, Dunn & Crutcher. She is a member of the firm’s Antitrust and Competition Practice Group. Jamie represents clients in merger and non-merger investigations before the Federal Trade Commission and the U.S. Department of Justice as well as in complex private and government antitrust litigation. She also counsels clients on antitrust merger and conduct matters and has been involved in representing targets of antitrust-related grand jury investigations by the DOJ. Her experience encompasses a broad range of industries, including healthcare, consumer goods, retail, gaming, pharmaceuticals, wood products, and chemicals. She joined the firm after six years as an attorney in the Mergers IV Division of the Federal Trade Commission’s Bureau of Competition, where she served in lead roles on high-profile merger investigations and enforcement actions. Jamie has significant experience litigating merger challenges and was an integral member of the FTC’s trial teams on FTC v. Thomas Jefferson University, FTC v. Hackensack Meridian Health, FTC v. Sanford Health, FTC v. Advocate Health Care Network, and FTC v. Benco Dental Supply. She was twice honored with the FTC’s Janet D. Steiger Award for her contributions to the Sanford and Advocate litigations. Before joining the FTC, Jamie was an associate in Gibson Dunn’s Washington, D.C. office.
Sarah Graham is a partner in the Los Angeles office of Gibson, Dunn & Crutcher, where she is a member of the Firm’s Mergers & Acquisitions Practice Group. She regularly represents private equity funds, strategic and financial investors, media and entertainment companies, technology companies, gaming companies, and other clients in various types of business transactions, including mergers and acquisitions, joint ventures, investments and restructurings. Ms. Graham is also a member of the following Gibson Dunn practice groups: Private Equity, Media, Entertainment and Technology, Betting and Gaming, and Sports Law.
MCLE CREDIT INFORMATION:
This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.
Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact [email protected] to request the MCLE form.
Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.
California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.
On July 31, 2023, the Committee on Foreign Investment in the United States (“CFIUS” or the “Committee”) released its annual report covering calendar year 2022 (the “Annual Report”). Our top takeaways from the Annual Report are set forth below.
- 2022 Numbers Set Another Record, or Did They?
As we discussed in our client alert last year, 2021 saw a significant increase in CFIUS filings from prior years (436 total filings in 2021, compared to 313 the year prior). With a slight uptick in 2022, the total number of filings before the Committee largely stayed on pace with 2021, with the Committee reviewing a total of 440 filings, consisting of 286 notices (65 percent) and 154 declarations (35 percent).
Year-Over-Year Comparison of CFIUS Filings
|
|
2020 |
2021 |
2022 (∆ from 2021) |
|
Declarations |
126 |
164 |
154 (↓6%) |
|
Notices |
187 |
272 |
286 (↑5%) |
|
Total Filings |
313 |
436 |
440 (↑0.9%) |
However, the total number of notices filed with the Committee includes those transactions that were subject to more than one notice (e.g., where the original notice was withdrawn and refiled). It also includes 50 declarations that resulted in a request from the Committee to file a full written notice.
Therefore, looking more closely at the numbers, after accounting for duplicate declaration filings and withdrawn and refiled notices, the Committee would have reviewed approximately 337 distinct transactions, a slight decrease from the 354 distinct transactions reviewed by the Committee in 2021.
Yet, placed in the broader context of a slower M&A market in 2022 and decreasing foreign direct investment year over year, the Annual Report data may suggest a significant proportional increase in CFIUS filings. By all accounts, the M&A market hit its peak in 2021. S&P Global reported that global deal volumes in 2022 were down 37 percent from a record-setting 2021.[1] Likewise, expenditures by foreign direct investors to acquire, establish, or expand U.S. businesses totaled $362.6 billion in 2021.[2] 2022, by contrast, saw just $177.5 billion in foreign direct investment.[3]
In other words, while the numbers themselves indicate a slight drop of distinct transaction reviews from 2021 to 2022, in the context of broader economic trendlines, the 2022 data indicates a substantial increase in the number of CFIUS filings relative to M&A activity and foreign direct investment in the U.S.
- After a Busy Year for Declarations in 2021, a Decline in 2022
Fewer parties opted to take the short-form declaration route in 2022. While declaration filings jumped up 30 percent from 2020 to 2021, they decreased by approximately 6 percent in 2022. The numbers may reflect a growing hesitation in the market to use the short form filing process, except in transactions presenting minimal national security risk or where CFIUS may already be somewhat familiar with the transaction details (e.g., through past filings), due to risks of increasing the overall CFIUS review period. This appears to be particularly true regarding transactions that require mandatory declarations to the Committee, where the national security risks are generally higher, and where the parties are increasingly eschewing the declaration option and heading straight into voluntary notices. Of the 154 declarations filed in 2022, only 44 (or 28 percent) were subject to mandatory filing requirements. That is approximately the same ratio as 2021 (47 of 164).
From a regulatory standpoint, declarations offer the parties a potentially shorter review timeline of 30 days, as opposed to the 45-day initial review period plus another possible 45-day investigation period in the voluntary notice process. However, in practice, if CFIUS decides during the 30-day review period in a declaration process that the transaction warrants a closer look, or if the Committee cannot complete review to its satisfaction within the 30 days, the Committee may either request the parties file a voluntary notice, or notify the parties that the Committee is unable to conclude action, known colloquially as the “shrug,” the latter of which results in the parties not obtaining the CFIUS safe harbor. In either event, the parties then find themselves in the position, for all intents and purposes, of having to file a voluntary notice, which restarts the 45-day review plus 45-day investigation clock (potentially after further delay while acquiring the additional information required in a full filing as opposed to the short-form declaration).
The Committee cleared less than 60 percent of declarations in 2022, a sharp decrease from the 73 percent clearance rate in 2021, and below the Committee’s 64 percent rate of clearance in 2020. The cases in which the Committee was unable to conclude action during the 30-day assessment period increased from 7 percent in 2021 to 9 percent in 2022. And the number of instances the Committee requested the parties to a declaration file a full written notice increased significantly from 30 (18 percent) to 50 (32.5 percent).
Committee Disposition of Declarations
|
Committee Action |
Number of Declarations (154 total) |
|
Request Parties File a Written Notice |
50 (32.5%) |
|
Unable to Conclude Action |
14 (9%) |
|
Clearance |
90 (58.5%) |
|
Rejected |
0 (0%) |
- Filings by Business Sector and Origin Reflect Committee’s Continued Focus on Protecting U.S. Persons’ Sensitive Data and Critical Technology
With the Committee’s continued focus on protecting U.S. persons’ sensitive data in foreign acquisitions, and consistent with previous years, the Finance, Information, and Services (“FIS”) sector accounted for 52 percent or 149 of the 285 non-real estate notices reviewed by the Committee in 2022. The FIS sector includes several notable subsectors wherein sensitive personal data is very likely to be at issue, such as data processing, hosting and related services, telecommunications, professional, scientific, and technical services, and hospitals and other healthcare services. We expect filings in the FIS sector to continue to account for a large portion of the Committee’s caseload going forward.
The Committee also reviewed 181 covered transactions involving acquisitions of U.S. critical technology companies in 2022, on par with the numbers in 2021. As we discussed last year, the 2021 decline in declarations by Chinese acquirers may have indicated that Chinese investors were increasingly shying away from the more sensitive technology transactions amid rising U.S.-China geopolitical tensions and increasing scrutiny by the Committee of such investments. The 2022 numbers continue to support this possibility. Compared to 2021, when Chinese acquirers accounted for 10 critical technology filings (which are mandatory), only 8 critical technology filings in 2022 involved Chinese acquirers. Overall, while China still accounted for the most covered notices of any country, 2022 saw a decline in total notices filed by Chinese investors, from 44 notices in 2021 to 36 notices in 2022.
- A Significant Increase in Mitigation Measures and Conditions
2022 saw a dramatic 67 percent increase in instances where the Committee adopted mitigation measures and conditions to mitigate the national security risks associated with a transaction—from 31 instances in 2021 to 52 instances in 2022.
Of the 52 instances in 2022, CFIUS concluded action after adopting mitigation agreements with respect to 41 notices, approximately 14.3 percent of the total number of notices, or 22.4 percent of all distinct transaction notices in 2022. This represents a 58 percent increase from 2021 during which the Committee concluded action after adopting mitigation agreements with respect to 26 notices (approximately 10 percent of the total number of notices, or 13.7 percent of all distinct transaction notices in 2021.) Further, in 2022, CFIUS adopted mitigation agreements to address residual national security concerns with respect to three notices that were voluntarily withdrawn and abandoned. It also imposed conditions without mitigation agreements on five withdrawn and abandoned notices, as well as measures to mitigate interim risk with respect to three notices filed in 2021. As reflected in the chart below, these numbers are higher across the board when compared to the 2021 data.
As discussed in takeaway #1, the total number of notice filings in 2022 increased by only 5 percent, and the number of distinct notice filings in 2022 actually decreased. Thus, the data shows that the Committee imposed mitigation measures and conditions on notices with significantly higher frequency than last year.
|
|
2021 |
2022 |
|
Concluded Action After Adopting Mitigation Measures |
26 |
41 (↑58%) |
|
Adopted Mitigation Measures for Withdrawn and Abandoned Notices |
2 |
3 |
|
Conditions Imposed on Withdrawn Notices Without Mitigation Agreements |
2 |
5 |
|
Measures Imposed on Notices from Prior Years |
1 |
3 |
|
Total |
31 |
52 (↑67%) |
The increase in withdrawn notices from 2021 to 2022 may also be reflective of a more aggressive Committee on mitigation. In 2021, 27 percent of notices were withdrawn (74 notices). By contrast, in 2022, nearly 31 percent of all notices were withdrawn (88 notices). Only one of these notices was withdrawn during the initial review phrase, with the remaining 87 notices being withdrawn after the Committee’s commencement of an investigation. According to the Annual Report, the majority of notices were withdrawn after the Committee informed the parties that the transaction posed a national security risk. In 12 instances following withdrawal, the parties abandoned the transaction either because CFIUS was unable to identify mitigation measures that would resolve the national security risk posed by the transaction, or the parties did not accept the mitigation measures proposed by the Committee. In 2021, parties abandoned the transaction for the same reasons in nine instances. These withdrawal numbers, in conjunction with the large uptick in mitigation numbers, suggest that the Committee is taking a more aggressive stance on imposing conditions on its approvals.
- The Number of Non-Notified Transactions Identified Decreased Substantially, While the Number of Requests for a Filing Increased
In addition to reviewing proactive filings, the Committee may also identify and initiate unilateral review of a transaction and may request the parties to submit a filing. In 2021, the Committee identified 135 non-notified transactions, with eight transactions resulting in a request for filing. In 2022, the Committee identified substantially fewer non-notified transactions—84 transactions—with 11 transactions resulting in a request for filing. Thus, while the overall percentage of identified transactions resulting in a requested filing more than doubled year over year (from 6 percent in 2021 to 13 percent in 2022), there is a noticeable decrease in the number of non-notified transactions identified by the Committee. While this is also potentially connected to the overall decrease in deal volume, given there is no statute of limitations on non-notified reviews, this does not seem to be the full picture.
In the Annual Report, the Committee explains that the “volume of overall non-notified transactions that were put forward to the Committee for consideration may continue to decrease” because “CFIUS is now primarily focused on monitoring more recent foreign investments for potential non-notified and non-declared transactions” as opposed to pre-FIRRMA transactions. Thus, the higher number of non-notified transactions in prior years may be a consequence of the Committee’s expanded jurisdiction under the Foreign Investment Review Risk Modernization Act of 2018 (FIRRMA). Said another way, the broader scope of transactions falling within the Committee’s jurisdiction post-FIRRMA may have resulted in additional non-notified transactions identified that occurred pre-FIRRMA. Given recent increases in CFIUS monitoring and enforcement staff and the Committee’s stated focus on non-notified transaction reviews, it is unlikely that this declined rate of non-notified reviews will hold for calendar year 2023.
- The Committee Shortened Its Response Times to Respond to Draft Notices and Accept Formal Notices, but Continues to Largely Take Advantage of the Full Time Periods to Complete its Actual Reviews
Parties submitting draft notices to the Committee in 2022 received comments back from CFIUS within an average of approximately seven business days. This represents a slight increase from the 2021 average of roughly six days, but it remains well within the 10-day deadline. The Committee averaged four-and-a-half business days to accept a formal written notice after submission, which is an improvement from the average of six business days reported 2021.
The Committee continues to utilize the full review period available to evaluate both declarations and notices. For declarations, the Committee took action, on average, at the conclusion of the entire 30-day period. For notices, the Committee completed review during the initial review stage, on average, within 46 calendar days. For notices that proceeded to the subsequent investigation phase, it took on average 80.5 calendar days for CFIUS to complete its investigations; the median value however was slightly longer, at 91 days. While the median data is consistent with 2021 data, the average value reflects a significant jump from 65 days in 2021—indicating that fewer and fewer notices are cleared in advance of the available 90-day review period.
* * * *
On the whole, the 2022 data evinces an increasingly vigilant Committee. Overall, the Committee reviewed slightly fewer distinct transactions, yet 2022 saw a significant increase in mitigation measures and conditions imposed. Thus, the data reflects an increasingly vigorous Committee when it comes to mitigating perceived national security risks. In light of this, the number of non-notified transactions resulting in a request for a filing is an area that parties should continue to watch, as the numbers reflect an increasingly efficient process for identifying more recent non-notified transactions for review.
__________________________
[1] S&P Global, Global M&A by the Numbers: 2022 in Review, available at
https://www.spglobal.com/marketintelligence/en/news-insights/blog/global-ma-by-the-numbers-2022-in-review.
[2] U.S. Bureau of Economic Analysis, New Foreign Direct Investment in the United States, available here.
[3] Id.
The following Gibson Dunn attorneys assisted in preparing this client update: Stephenie Gosnell Handler, David Wolber, Annie Motto, Felicia Chen, and Hayley Lawrence.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors or any leader or member of the firm’s International Trade practice group:
International Trade Group:
United States
Judith Alison Lee – Co-Chair, Washington, D.C. (+1 202-887-3591, [email protected])
Ronald Kirk – Co-Chair, Dallas (+1 214-698-3295, [email protected])
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202-887-3547, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202-955-8510, [email protected])
David P. Burns – Washington, D.C. (+1 202-887-3786, [email protected])
Nicola T. Hanna – Los Angeles (+1 213-229-7269, [email protected])
Marcellus A. McRae – Los Angeles (+1 213-229-7675, [email protected])
Courtney M. Brown – Washington, D.C. (+1 202-955-8685, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, [email protected])
Hayley Lawrence – Washington, D.C. (+1 202-777-9523, [email protected])
Annie Motto – New York (+1 212-351-3803, [email protected])
Chris R. Mullen – Washington, D.C. (+1 202-955-8250, [email protected])
Sarah L. Pongrace – New York (+1 212-351-3972, [email protected])
Anna Searcey – Washington, D.C. (+1 202-887-3655, [email protected])
Samantha Sewall – Washington, D.C. (+1 202-887-3509, [email protected])
Audi K. Syarief – Washington, D.C. (+1 202-955-8266, [email protected])
Scott R. Toussaint – Washington, D.C. (+1 202-887-3588, [email protected])
Claire Yi – New York (+1 212-351-2603, [email protected])
Shuo (Josh) Zhang – Washington, D.C. (+1 202-955-8270, [email protected])
Asia
Kelly Austin – Hong Kong/Denver (+1 303-298-5980, [email protected])
David A. Wolber – Hong Kong (+852 2214 3764, [email protected])
Fang Xue – Beijing (+86 10 6502 8687, [email protected])
Qi Yue – Hong Kong (+852 2214 3731, [email protected])
Felicia Chen – Hong Kong (+852 2214 3728, [email protected])
Europe
Attila Borsos – Brussels (+32 2 554 72 10, [email protected])
Susy Bullock – London (+44 (0) 20 7071 4283, [email protected])
Patrick Doris – London (+44 (0) 207 071 4276, [email protected])
Sacha Harber-Kelly – London (+44 (0) 20 7071 4205, [email protected])
Michelle M. Kirschner – London (+44 (0) 20 7071 4212, [email protected])
Penny Madden KC – London (+44 (0) 20 7071 4226, [email protected])
Irene Polieri – London (+44 (0) 20 7071 4199, [email protected])
Benno Schwarz – Munich (+49 89 189 33 110, [email protected])
Nikita Malevanny – Munich (+49 89 189 33 160, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
Los Angeles partner Eric Vandevelde is the co-author of “Mitigating AI Cybersecurity Risks From The Top Down” [PDF] published by Law360 on August 4, 2023.
This edition of Gibson Dunn’s Federal Circuit Update summarizes the current status of several petitions pending before the Supreme Court, the report and recommendation from the ongoing investigation by the Judicial Council of the Federal Circuit, and recent Federal Circuit decisions concerning claim preclusion, obviousness, the “original patent” rule under 35 U.S.C. § 251, patent-eligibility under 35 U.S.C. § 101, the AIA’s first-to-file system, and enablement/written description.
Federal Circuit News
Noteworthy Petitions for a Writ of Certiorari:
There were no new potentially impactful petitions, where the petitioner was represented by counsel, filed before the Supreme Court in July 2023. As we summarized in our June 2023 update, there are a few other petitions pending before the Supreme Court. We provide an update below:
- The Court will consider Killian v. Vidal (US No. 22-1220) and Ingenio, Inc. v. Click-to-Call Technologies, LP (US No. 22-873) during its September 26, 2023 conference.
- In CareDx Inc. v. Natera, Inc. (US No. 22-1066), after the respondents waived their right to file a response, retired Federal Circuit Judge Paul R. Michel and Professor John F. Duffy filed an amici curiae brief in support of Petitioners. The Court thereafter requested a response, which is now due on August 9, 2023.
Other Federal Circuit News:
Report and Recommendation in Judicial Investigation. As we summarized in our June 2023 update, there is an ongoing proceeding by the Judicial Council of the Federal Circuit under the Judicial Conduct and Disability Act and the implementing Rules involving Judge Pauline Newman. On July 31, 2023, the Special Committee issued its report and recommendation, which was unanimously adopted by the Committee, finding that Judge Newman’s “continued non-cooperation justifies suspending case assignments for the fixed period of one year or at least until she ceases her misconduct and cooperates such that the Committee can complete its investigation, whichever comes sooner.” The report and recommendation, along with other prior orders and letter responses, may be accessed here.
Upcoming Oral Argument Calendar
The list of upcoming arguments at the Federal Circuit is available on the court’s website.
Key Case Summaries (July 2023)
Inguran, LLC v. ABS Global, Inc., No. 22-1385 (Fed. Cir. July 5, 2023): Inguran, doing business as STGenetics (“ST”), brought claims for patent infringement against ABS related to bovine sperm straws used for artificial insemination (“ABS I”), and ABS stipulated that its system directly infringed. In a second infringement suit (“ABS II”), ST learned that ABS had begun selling and licensing its system to third parties. ST then filed a third suit (“ABS III”), arguing that ABS is liable for inducing infringement by licensing its technology to third parties who were then making the straws. ABS moved to dismiss on the ground that ST’s claim was precluded by the judgment in ABS I, arguing that ST already had the opportunity to prove ABS’s infringement. The district court granted the motion.
The Federal Circuit (Reyna, J., joined by Lourie and Bryson, JJ.) reversed. On appeal, ST and ABS disputed only the second element of the three required elements for claim preclusion (res judicata): whether ABS I and ABS III involved “the same cause of action.” ST’s position was that ABS I focused on direct infringement and ABS III focused on induced infringement and were therefore not the same causes of action. The Court thus addressed whether ST could have brought the induced infringement action in ABS I, i.e., whether an induced infringement claim could have been raised out of the same transactional facts that existed in ABS I, and determined that it could not. The Court explained that ST needed additional facts to allege an induced infringement claim—facts that largely came to light during discovery in ABS II.
Axonics, Inc. v. Medtronic, Inc., Nos. 22-1451, 22-1452 (Fed. Cir. July 10, 2023): Axonics filed an inter partes review (“IPR”) petition concerning Medtronic’s patents, which describe a neurostimulation lead and method for implanting and anchoring that lead, arguing that certain claims would have been obvious over two prior art references, Young and Gerber. In particular, Axonics argued the Young reference expressly states that it could be improved to provide multiple stimulation sites, and that Gerber teaches multiple stimulation sites. The Patent Trial and Appeal Board (“Board”) rejected Axonics’s proposed combination, finding that there would have been no motivation to combine Young and Gerber because the relevant field of Medtronic’s patents was limited to implantable leads for sacral-nerve stimulation, whereas Young describes a lead for trigeminal nerve stimulation.
The Federal Circuit (Taranto, J., joined by Lourie and Dyk, JJ.) vacated and remanded. The Court held that even if the Medtronic patent claims were limited to the sacral nerve context, the Board erred by framing the obviousness inquiry as whether a relevant artisan would have been motivated to combine Young and Gerber for use in the trigeminal nerve context (taught by Young), rather than to arrive at the claimed invention.
In re Float’n’Grill LLC, Nos. 22-1438 (Fed. Cir. July 12, 2023): Float’N’Grill filed a reissue application for its patent on a float designed to support a grill top in water. The specification and claims of the original patent describe a single embodiment of a float with supports having a plurality of magnets for securing the grill to the float. Float’N’Grill sought reissue claims that eliminated the plurality of magnets limitations, and the Board rejected those claims as not complying with the “original patent” requirements of 35 U.S.C. § 251, which requires that the reissue claims be directed to the “same invention” as the original patent.
The Federal Circuit (Linn, J., joined by Prost and Cunningham, JJ.) affirmed. Because the “plurality of magnets” requirement in Float’N’Grill’s original patent was an essential part of the invention and not optional or “representative of removable fasteners generally,” Float’N’Grill could not obtain reissue claims without the “plurality of magnets” limitation.
SNIPR Technologies Ltd. v. Rockefeller University, No. 22-1260 (Fed. Cir. June 14, 2023): SNIPR is the owner of five patents that claim priority to May 3, 2016, and thus, the patents are subject to the Leahy-Smith America Invents Act (AIA). The AIA changed how priority is determined from a first-to-invent system to a first-to-file system. Rockefeller sought an interference, arguing that SNIPR’s patents were unpatentable because one of Rockefeller’s patent applications showed that Rockefeller was the first to invent the subject matter of SNIPR’s patents. The Board declared an interference, concluded that Rockefeller was the senior party with the earlier priority date, and cancelled all the claims of SNIPR’s patents.
The Federal Circuit (Chen, J., joined by Wallach and Hughes, JJ.) reversed. The Court held that the AIA eliminated interferences in switching to a first-to-file system, meaning that the Board erred by subjecting the SNIPR patents to an interference.
Trinity Info Media, LLC v. Covalent, Inc., No. 22-1308 (Fed. Cir. July 14, 2023): Trinity sued Covalent for allegedly infringing patented methods and systems for connecting users based on their answers to polling questions. The district court dismissed the complaint, concluding that the asserted patent claims were ineligible under 35 U.S.C. § 101.
The Federal Circuit (Cunningham, J., joined by Stoll and Bryson, JJ) affirmed. At step one of the Alice inquiry, the Court agreed that the claims were directed to “the abstract idea of matching based on questioning,” a mental process that “can be performed in the human mind.” At step two of the Alice inquiry, the Court held, just as claims are not patent eligible when merely applying an abstract idea “on a computer,” a claim is not rendered patent eligible merely because the abstract idea is applied “on a handheld device or using a mobile application.” Nor can inventiveness be based on “the improved speed inherent with applying the abstract idea using a computer.”
United Therapeutics Corp. v. Liquidia Technologies, Inc.., Nos, 22-2217, 23-1021 (Fed. Cir. July 24, 2023): United Therapeutics sued Liquidia for infringing two of its patents directed to methods of treating pulmonary hypertension (“PH”) and pharmaceutical compositions comprising treprostinil, the drug approved for the treatment of PH. Experts consider there to be five subgroups of PH. Group 2 PH has a differing etiology than the other four groups, and as a result, treprostinil provides no benefit to Group 2 PH patients. Liquidia argued that certain of the asserted claims were therefore invalid as lacking adequate enablement and written description because the specification fails to describe how to treat Group 2 PH patients with treprostinil, but the district court disagreed.
The Federal Circuit (Lourie, J., joined by Dyk and Stoll, JJ.) affirmed. Liquidia first argued that “treating pulmonary hypertension” requires a showing of safety and efficacy, and both parties’ experts had agreed that the claimed treatment would not benefit Group 2 PH patients. The Court rejected this argument explaining that where the claims do not incorporate safety and efficacy requirements, “questions of safety and efficacy in patent law” are matters for the FDA. Liquidia next argued that because the specification provided no guidance or examples of treating Group 2 PH patients, a skilled artisan would have to engage in undue experimentation to practice the full scope of the claims. The Court determined that it need not address this argument because, again, safety and efficacy requirements were not in the claims. However, the Court observed that even if “a subset of patients . . . would not benefit from or should not take the claimed treatment,” that “does not mean that such claims are not sufficiently enabled or supported by written description.”
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Federal Circuit. Please contact the Gibson Dunn lawyer with whom you usually work or the authors of this update:
Blaine H. Evanson – Orange County (+1 949-451-3805, [email protected])
Audrey Yang – Dallas (+1 214-698-3215, [email protected])
Please also feel free to contact any of the following practice group co-chairs or any member of the firm’s Appellate and Constitutional Law or Intellectual Property practice groups:
Appellate and Constitutional Law Group:
Thomas H. Dupree Jr. – Washington, D.C. (+1 202-955-8547, [email protected])
Allyson N. Ho – Dallas (+1 214-698-3233, [email protected])
Julian W. Poon – Los Angeles (+ 213-229-7758, jpoon@gibsondunn.com)
Intellectual Property Group:
Kate Dominguez – New York (+1 212-351-2338, [email protected])
Y. Ernest Hsin – San Francisco (+1 415-393-8224, [email protected])
Josh Krevitt – New York (+1 212-351-4000, [email protected])
Jane M. Love, Ph.D. – New York (+1 212-351-3922, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
On July 28, 2023, the Securities and Futures Commission (“SFC”) and the Hong Kong Monetary Authority issued a joint circular that sets out their expectations regarding allowing a proportionate and risk-based streamlined approach (the “Streamlined Approach”) for complying with the suitability obligations when dealing with sophisticated professional investors (“SPIs”) (the “Joint Circular”).[1] The Joint Circular included two Annexes, an explanatory document outlining the Streamlined Approach and an FAQ to facilitate intermediaries’ application of the Streamlined Approach.
As explained below, the Streamlined Approach, when applicable, simplifies the point-of-sale procedures in eligible investment transactions executed by SPIs who exhibit a higher level of sophistication and loss absorption ability. The Streamlined Approach should be beneficial for intermediaries accustomed to dealing with clients who are likely to qualify as SPIs, such as private banks and multi-family offices.
I. Who qualifies as a Sophisticated Professional Investor (SPI)?
An SPI is an individual professional investor[2] who satisfies all of the following requirements:
- Financial situation: the SPI has (i) a portfolio of at least HK$40 million (or its foreign currency equivalent), or (ii) net assets, excluding primary residence, of at least HK$80 million (or its foreign currency equivalent);[3]
- Knowledge or experience: the investor is sufficiently sophisticated such that he/she understands the risks of being treated as an SPI and the application of the Streamlined Approach. The requisite level of sophistication should be ascertained based on the client’s academic[4] or professional qualifications,[5] or work experience,[6] or accumulated trading experience in the relevant categories of investment products (by having executed at least five transactions within the past three years in the same category of investment products based on their terms, features, characteristics, nature, and risks).[7]
- Investment objectives: the client is not a conservative client, i.e. the client’s investment objective is not capital preservation and/or seeking regular income.[8]
A corporation can also qualify as an SPI if its principal business is the holding of investments and it is wholly owned by one or more SPIs. This will be relevant to wholly owned investment holding company that are often set up by very high net worth investors.
Intermediaries can rely on information obtained during the onboarding or know-you-client reviews to determine whether an investor qualifies as an SPI.
II. What are Eligible Investment Transactions?
The Streamlined Approach allows for a simplified point-of-sales procedure only when executing investment transactions for an SPI within the Product Category and Streamlining Threshold specified by the SPI (the “Eligible Investment Transactions”):
- Project Category: intermediaries are required to devise product categories to categorise investment products based on their terms and features, characteristics, nature, and risks (each a “Product Category”). The SPI specifies the Product Categories within which investment transactions can be executed under the Streamlined Approach. Intermediaries are required to document the SPI’s choices and provide the SPI with a Product Category Information Statement which explains the terms, features, characteristics, nature and risks of investment products within the Product Category. Intermediaries must ensure that an SPI possesses the requisite knowledge or experience criteria (please refer to Section I above) before applying the Streamlined Approach to investment transactions within a Product Category for the SPI.[9]
- Streamlining Threshold: the SPI should specify a maximum threshold of investment, either being (i) an absolute amount, or (ii) a percentage of the SPI’s assets under management (“AUM”) with the intermediary, that can be executed under the Streamlined Approach (the “Streamlining Threshold”). The SPI should specify a Streamlining Threshold appropriate to his/her circumstances, and intermediaries are required to maintain records of the setting of such thresholds, including the SPI’s rationale for supporting the threshold set. For example, a higher amount may still be suitable if the AUM maintained with the intermediary represents an insignificant portion of the SPI’s portfolio and/or net assets. Intermediaries are required to establish and maintain effective systems and controls to ensure continuous compliance with the Streamlining Threshold (please refer to Section VI below).[10]
III. What steps need to be completed before applying the Streamlined Approach?
Before an intermediary applies the Streamlined Approach, it must have completed all of the following procedures:
- The intermediary has assessed that the SPI satisfies all of the qualifying criteria with respect to its financial situation, knowledge or experience, and investment objectives (please refer to Section I above). This assessment must be in writing, and records of the assessment and all relevant information and documents obtained for the assessment must be kept by the intermediary.[11]
- The SPI has specified the Product Categories and the Streamlining Threshold, and the intermediary has maintained records to support the choices made by the SPI.[12]
- The intermediary is required to enter into a written agreement with the SPI, for the SPI to acknowledge and give consent to being treated as an SPI.[13] The intermediary is also required to (i) specify in writing the assessment criteria under which the client qualified as an SPI, and (ii) the Product Categories and the Streamlining Threshold under which Eligible Investment Transactions can be executed under the Streamlined Approach.[14]
- The intermediary is required to fully explain to the SPI the consequences of being treated as an SPI, and the SPI’s right to withdraw from being treated as an SPI at any time. When explaining the consequences of being treated as an SPI, the intermediary shall at a minimum cover the points set out in paragraph 13.2 of Annex 1 of the Joint Circular.[15]
IV. How does the Streamlined Approach simplify the regulatory obligations when dealing with SPIs in Eligible Investment Transactions?
After an intermediary has completed the procedures referred to in Section III above, the intermediary can then apply the Streamlined Approach when dealing with the SPI in Eligible Investment Transactions. Under the Streamlined Approach, an SPI sets aside an amount (i.e. the Streamlining Threshold) to invest in a portfolio of investment products within the specified Product Categories. For these Eligible Investment Transactions, the intermediary is no longer required to match the SPI’s risk tolerance level, investment objectives and investment horizon, or to assess the SPI’s knowledge, experience and concentration risk. The explanation of product characteristics, nature and extent of risks can also be provided to the SPI upfront.
Therefore, when applicable, the Streamlined Approach simplifies the point-of-sale processes that are normally required when dealing with retail clients or individual professional investor clients.
The table below summarises the key differences between the normal, non-streamlined approach, and the Streamlined Approach when dealing with an SPI in Eligible Investment Transactions. Please be aware that the table below is not a summary of all the regulatory obligations applicable to intermediaries when executing transactions with clients, it is only intended to highlight the key differences under the Streamlined Approach.
Note that there are some differences in the application of the Streamlined Approach: (a) when executing transactions in an investment product with a recommendation or solicitation, and (b) when executing transactions in a complex product[16] without recommendation or solicitation. These differences are also shown in the table below.
|
Regulatory requirement |
Normal approach |
Streamlined Approach |
|
Applicable to transactions both (a) in an investment product with a recommendation or solicitation, and (b) in a complex product without recommendation or solicitation |
||
|
Suitability assessment |
Intermediaries are required to assess that each recommended investment product is suitable for, and in the best interests of, the client, taking into account the client’s investment objectives, investment horizon, investment knowledge and experience, risk tolerance, and financial situation, etc. Intermediaries are also required to assess concentration risk when assessing the suitability of a recommended investment product for the client, taking into account the risk profile and nature of a product, the client’s risk tolerance level and financial situation, etc.[17] |
Intermediaries are not required to match an SPI’s risk tolerance level, investment objectives and investment horizon with Eligible Investment Transactions.[18] Intermediaries are not required to assess an SPI’s knowledge and experience, and concentration risk in Eligible Investment Transactions.[19] |
|
Product disclosure and product explanation |
Intermediaries are required to provide each client with up-to-date prospectuses or offering circulars of the recommended investment products, and other up-to-date documents relevant to the investments. Intermediaries are also required to help each client make informed decisions by giving the client proper explanations of why recommended investment products are suitable for the client and the nature and extent of risks the investment products bear.[20] |
Intermediaries are required to provide an SPI with up-to-date product offering documents for Eligible Investment Transactions, which could be done by sending a hyperlink to the offering documents or as attachments via electronic means (e.g., email). Intermediaries are not required to provide product explanation for Eligible Investment Transactions, except upon request and/or any material queries being raised by an SPI.[21] |
|
Applicable to transactions in an investment product with a recommendation or solicitation |
||
|
Record keeping |
Intermediaries are required to maintain records documenting the rationale underlying investment recommendations made to the client and provide a copy of the rationale for the recommendations to the client upon his/her request.[22] |
Intermediaries are not required to maintain records documenting the rationale underlying investment recommendations made to an SPI in Eligible Investment Transactions.[23] |
|
Applicable to transactions in a complex product without recommendation or solicitation |
||
|
Product due diligence on complex products[24] |
Intermediaries are required to perform product due diligence on a complex product even where the sale of the complex product was without solicitation or recommendation (i.e. on an unsolicited basis).[25] |
Subject to the provision of offering documents to the SPI, intermediaries are not required to perform product due diligence for investment products (that are complex products) which fall within the Product Categories specified by the SPI. For bonds (that are complex products), where offering documents are not provided to the SPI, intermediaries should prepare and provide their own summaries of the key terms and features of the investment product; or provide to the SPI sufficient information on the key terms and features of the investment product based on information available from reliable public domain or data providers.[26] |
|
Warning statements for complex products |
Intermediaries are required to provide the complex products warning statements on a transaction-by-transaction basis prior to and reasonably proximate to the point of sale.[27] |
Intermediaries can provide warning statements in relation to the distribution of a complex product on an annual basis instead of a transaction-by-transaction basis.[28] |
V. Is there an annual review requirement?
Intermediaries are required to carry out annual reviews to ensure that each SPI continues to satisfy the requirements to qualify as an SPI, and continues to agree for the intermediary to deal with the SPI in Eligible Investment Transactions under a Streamlined Approach. As part of the annual review, intermediaries are required to remind the client in writing of the following:
- the consequences of being treated as an SPI;[29]
- the Product Categories specified by the SPI, including information on the Product Categories as per the Product Category Information Statement;
- the Streamlining Threshold specified by the SPI and an alert to the SPI where there was any incidents of breach; and
- the client’s right to withdraw from being treated as an SPI, right to add or remove a Product Category, and/or right to revise the Streamlining Threshold at any time.[30]
VI. How to prepare for the implementation of the Streamlined Approach?
For intermediaries interested in applying the Streamlined Approach, they should consider taking the following steps:
|
Devise product categories |
Intermediaries will need to devise Product Categories (see Section II above) to categorise their offered investment products based on their terms and features, characteristics, nature and risks. As a non-exhaustive example, the SFC notes that the following types of products should fall into separate Product Categories in order to differentiate them from other products with different characteristics, nature, risks and/or product-specific regulatory requirements:[31]
|
|
Prepare the Product Category Information Statements |
Intermediaries will need to prepare the Product Category Information Statements to provide to SPIs to explain the terms and features, characteristics, nature, and risks of investment products within each Product Category that the SPI may choose from (see Section II above). The Product Category Information Statements can be distributed in the form of an information booklet or hyperlinks.[33] Where the Product Category concerns complex products, intermediaries should also include the required warning statements for complex products in the Product Category Information Statement.[34] |
|
Update existing client agreements and acknowledgments |
Intermediaries will need to update its written agreements and client documents to specify the following:
|
|
Update internal policies and controls |
Intermediaries are responsible for ensuring the proper application of the Streamlined Approach, including ensuring compliance with the regulatory requirements described above. In this regard, one of the requirements that intermediaries must comply with is to establish and maintain effective systems and controls to ensure continuous compliance with the Streamlining Threshold for each SPI. To achieve this, intermediaries can either:
Intermediaries are also required to implement measures to detect outsize or material transactions and issue warning statements to SPIs for these transactions. Intermediaries will need to review compliance with the Streamlining Threshold at least annually. If the gross exposure in the designated account exceeds the Streamlining Threshold, intermediaries are not expected to reduce/unwind the gross exposure to comply with the Streamlining Threshold. Rather, intermediaries may continue to operate and execute transactions in such designated account while restricting any top-up or deposit, or alternatively, intermediaries can execute investment transactions without applying the Streamlined Approach (e.g., outside of the designated account).[37] Intermediaries should update its internal policies, and systems and controls, to ensure ongoing compliance with the regulatory requirements when applying the Streamlined Approach, including keeping necessary records of all relevant information and documents from the application of the Streamlined Approach. |
_________________________
[1] “Joint circular to intermediaries – Streamlined approach for compliance with suitability obligations when dealing with sophisticated professional investors” (July 28, 2023), published by the SFC, available at https://apps.sfc.hk/edistributionWeb/gateway/EN/circular/suitability/doc?refNo=23EC35
[2] An “individual professional investor” is an individual having a portfolio of not less than HK$8 million as ascertained according to the Securities and Futures (Professional Investor) Rules (Cap. 571D).
[3] Paragraph 3.1, Annex 1 of the Joint Circular
[4] By holding a degree or post-graduate diploma in accounting, economics or finance, or a related discipline.
[5] By having attained a professional qualification in finance (such as Chartered Financial Analyst (CFA), Certified International Investment Analyst (CIIA), Certified Private Wealth Professional (CPWP), Chartered Financial Planner (CFP) or other comparable qualifications).
[6] By having at least one-year relevant work experience in a professional position in the financial sector in Hong Kong or elsewhere (e.g., licensed for conducting relevant regulated activities).
[7] Paragraph 4.1, Annex 1 of the Joint Circular.
[8] Paragraph 5.1, Annex 1 of the Joint Circular.
[9] Paragraphs 7.1 to 7.3, Annex 1 of the Joint Circular.
[10] Paragraphs 8.1 and 8.2, Annex 1 of the Joint Circular.
[11] Paragraphs 12.1 and 12.2, Annex 1 of the Joint Circular.
[12] Paragraph 12.3, Annex 1 of the Joint Circular.
[13] Paragraph 13.1(a), Annex 1 of the Joint Circular.
[14] Paragraph 13.1(b) and (c), Annex 1 of the Joint Circular.
[15] See paragraphs 13.1(d) and 13.2, Annex 1 of the Joint Circular.
[16] “Complex product” refers to an investment product whose, terms, features and risks are not reasonably likely to be understood by a retail investor because of its complex structure. See the definition of a “complex product” in the “Code of Conduct for Persons Licensed by or Registered with the Securities and Futures Commission” (the “Code of Conduct”). See also the non-exhaustive list of examples of non-complex and complex products, published by the Securities and Futures Commission, available at https://www.sfc.hk/en/Rules-and-standards/Suitability-requirement/Non-complex-and-complex-products.
[17] Questions 5A and 5B of the “Frequently Asked Questions on Compliance with Suitability Obligations by Licensed or Registered Persons” (the “Suitability FAQ”), last updated by the SFC on December 23, 2020 and available at: https://www.sfc.hk/en/faqs/intermediaries/supervision/Compliance-with-Suitability-Obligations/Compliance-with-Suitability-Obligations#759450F3651D4BBF8AAA2F39C9F2BE88.
[18] Paragraphs 10.1 and 11.2, Annex 1 of the Joint Circular.
[19] Paragraphs 10.2 and 11.3, Annex 1 of the Joint Circular.
[20] Questions 6A and 6B, the Suitability FAQ.
[21] Paragraphs 10.3 and 11.4, Annex 1 of the Joint Circular.
[22] Question 7, the Suitability FAQ.
[23] Paragraph 10.4, Annex 1 of the Joint Circular.
[24] For the avoidance of doubt, product due diligence is required when an intermediary recommends an investment product, irrespective of whether the investment product is a complex product or not, see Question 4, Suitability FAQ. This row in the table concerns transactions in complex products where there is no recommendation or solicitation.
[25] Paragraph 5.5(a) of the Code of Conduct, which provides that the suitability requirements (including product due diligence), applies to the sale of complex products without a solicitation or recommendation.
[26] Paragraph 11.1, Annex 1 of the Joint Circular.
[27] Paragraph 5.5(a)(iii) of the Code of Conduct. See also the “Minimum information to be provided and warning statements” (June 12, 2019), published by the SFC, available at: https://www.sfc.hk/en/Rules-and-standards/Suitability-requirement/Non-complex-and-complex-products/Minimum-information-to-be-provided-and-warning-statements.
[28] Paragraph 11.5, Annex 1 of the Joint Circular.
[29] The consequences of being treated as an SPI are listed under paragraph 13.2, Annex 1 of the Joint Circular.
[30] Paragraph 14, Annex 1 of the Joint Circular.
[31] Question 3, Annex 2 of the Joint Circular.
[32] “virtual asset-related products” are investment products which: (a) have a principal investment objective or strategy to invest in virtual assets; (b) derive their value principally from the value and characteristics of virtual assets; or (c) track or replicate the investment results or returns which closely match or correspond to virtual assets.
[33] Paragraph 7.2, Annex 1 of the Joint Circular.
[34] Question 4, Annex 2 of the Joint Circular.
[35] The consequences of being treated as an SPI are listed under paragraph 13.2, Annex 1 of the Joint Circular.
[36] Paragraph 13.1, Annex 1 of the Joint Circular.
[37] Question 6, Annex 2 of the Joint Circular.
The following Gibson Dunn lawyers prepared this client alert: William Hallatt, Arnold Pun, and Jane Lu.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. If you wish to discuss any of the matters set out above, please contact any member of Gibson Dunn’s Global Financial Regulatory team, including the following members in Hong Kong:
William R. Hallatt – Hong Kong (+852 2214 3836, [email protected])
Emily Rumble – Hong Kong (+852 2214 3839, [email protected])
Arnold Pun – Hong Kong (+852 2214 3838, [email protected])
Becky Chung – Hong Kong (+852 2214 3837, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
I. Introduction
In our prior update, we noted that the Division of Enforcement has maintained its aggressive, heightened enforcement agenda through an escalation of existing remedies, including increased penalties, individual bars and admissions. That trend continued in the first half of 2023.
A. Active Enforcement Continues
The Commission has so far not slowed its enforcement strategy, and is unlikely to do so in the months ahead. In the Consolidated Appropriations Act of 2023, Congress agreed to give the Commission $2.2 billion in funding for the current fiscal year, a $210 million increase over the prior fiscal year.[1] The Commission is planning to use the increased funding to hire 400 more staff members, including 125 new personnel for its Enforcement Division. Of those 125 new hires for the Enforcement Division, 33 will be joining the Crypto Assets and Cyber Unit, a sub-unit of the Commission that has already seen heightened activity this year. With a rapidly expanding workforce, the Commission could end up filing even more enforcement actions this year than the 760 it filed in fiscal year 2022—a 9% increase over the prior year.[2]
With the funding to accomplish its goals, the Enforcement Division is bringing actions across the entire range of its jurisdiction, with special focus on some areas. It is clear, for example, that the SEC will do all it can, short of new rulemaking, to tamp down the development of cryptocurrency markets and investments. The SEC also continues to use broad sweeps involving technical violations against registered entities as a way to send deterrent messages and extract large fines—and then repeat those sweeps on a new round of registrants. In the area of financial reporting and accounting, this Commission has brought a number of technical accounting and disclosure cases against issuers and individuals, and has pushed the boundaries of its own jurisdiction to bring charges relating to harassment and workplace misconduct under the guise of non-disclosure and internal controls failures. As all administrations do, the SEC has maintained a steady diet of insider trading cases, and used some of those cases to send a message tied to its rulemaking. The same is true in the cybersecurity area, where we now have final rules that will no doubt provide additional bases for the SEC to bring new cases. Finally, the SEC recently awarded its largest whistleblower bounty in the history of the program—greater than the entire amount awarded in all of 2022—that evinces a program that has been wildly successful at attracting more and better tips from individuals with first-hand knowledge of potential wrongdoing.
B. Focus on Cryptocurrency
Under Chair Gensler, the SEC has undertaken an aggressive enforcement campaign focused on crypto assets and platforms. The current enforcement posture breaks with past Commission statements and is premised on the recently articulated view that it is “clear” the securities laws already apply to the cryptocurrency industry. Underscoring that viewpoint, Gensler has discussed the importance to the Commission of “rooting out noncompliance [in crypto markets] through investigations and enforcement actions.”[3] Industry participants, members of Congress, and an SEC Commissioner have criticized the SEC’s approach, so it remains to be seen whether the Commission will ultimately prevail in its current enforcement efforts. While Chair Gensler points out that the Commission has “successfully brought or settled more than 100 cases against crypto intermediaries and token issuers,” that success has generally been in the form of settled orders.[4] Litigated matters have sometimes had different outcomes. For instance, in the SEC’s ongoing litigation against Ripple, the District Court for the Southern District of New York ruled that the SEC could not establish as a matter of law that a crypto token was a security in and of itself[5]—a ruling that has widely been considered a “landmark legal victory for the cryptocurrency industry.”[6] Judge Rakoff’s recent decision in SEC v. Terraform Labs agreed with this aspect of the Ripple ruling, although that decision rejected Ripple’s distinction between institutional and secondary-market purchasers in assessing whether a securities offering took place.[7] There is no doubt this area will develop further in the coming months.
C. Rulemaking Barely Slows Down
The last six months have also seen a continuation of this Commission’s rapid pace of rulemaking. Over the past year, the SEC has promulgated new rules at a scale and breadth that is close to last year’s record-breaking pace. The proposed and final rules have significant implications for registrants, issuers and market structure. Each new rule or proposal typically exceeds 200 pages in length. Many are explicit in their goal to increase potential liability and compliance costs. Most remarkable about this rulemaking effort is that it lacks any Congressional imprimatur. Notably, almost every new rule is approved over the dissent of the Republican Commissioners. Even the Public Company Accounting Oversight Board, which is overseen by the SEC, has gotten into the act and recently issued a 140-page proposal that would drastically change current audit approaches and result in a significant expansion of auditor obligations. The SEC’s rulemaking frenzy shows no sign of abating, and from an enforcement standpoint, each new rule is yet more fertile ground for future enforcement action.
D. Is Everyone Overworked?
Putting aside the quantitative metrics of enforcement actions and rulemaking proposals, there are voices among Commission leadership arguing that the agency is trying to do too much—overregulating, over-enforcing, and overworking the staff—without taking the time to be thoughtful about its agenda. For example, two Commissioners recently dissented from a fairly routine decision to file an amicus brief because they and their staff were not given enough time to engage in a “robust deliberative process.” As the dissent put it: “Because the Commission has limited resources, it . . . cannot pursue every item on its wish list all at once, but instead it must prioritize. It is not clear to us that such prioritization is taking place.”[8] The SEC’s frenetic pace increases not just the short-term risk of potential enforcement investigations, but also longer-term expenses and risks as increased regulation raises the burden on legal and compliance infrastructures. More regulation and more enforcement begets higher costs of compliance and greater risks of compliance foot-faults.
E. Challenges to the SEC’s Home Court Advantage
Another issue that could have lasting consequences for the SEC’s agenda: successful challenges to the SEC’s ability to bring enforcement actions in its home court before administrative law judges (“ALJ”). Over the past few years, the agency has seen challenges to its authority—statutorily expanded by Dodd-Frank—to bring any enforcement matter in an administrative proceeding before an ALJ. With the simultaneous expansion of the SEC’s view of existing enforcement tools and the significant increase in new, highly technical rules and regulations, the SEC’s ability to bring all manner of claims before an ALJ ratchets up the risks for registrants, issuers, and individuals. But as things stand right now with challenges to ALJs, the SEC is filing contested matters only in federal district court. So for now, those who are willing to litigate against the SEC will have the right to an Article III judge, a jury, greater access to discovery, and the Federal Rules of Civil Procedure—if they challenge the SEC in court.
II. Commissioner and Senior Staffing Update
As reported in our 2022 Year-End Alert, the Commission was back to its full strength with five commissioners as of July 2022, and that remains unchanged through the first half of 2023. That said, there continued to be significant changes in the senior leadership of the regional offices, as well as several changes at the national level.
- In January, Paul Munter was appointed as the Chief Accountant, a position he has held on an acting basis since January 2021.[9] As Chief Accountant, Munter will continue leading the Office of Chief Accountant, an office he joined back in 2019 as Deputy Chief Accountant.
- Also in January, Silvestre A. Fontes was named Regional Director of the Boston office.[10] Fontes previously served as Assistant Regional Director of the Boston office through 2011, but left the Commission and is now returning to the lead the office. Fontes most recently worked as Chief Compliance Officer of Bracebridge Capital LLC, a Boston-based private fund adviser.
- In April, Deborah J. Jeffrey was appointed Inspector General of the SEC.[11] Jeffrey most recently served as the Inspector General of AmeriCorps, and before that, was the Vice Chair of the District of Columbia’s attorney discipline system.
- Also in April, Eric R. Werner was named Regional Director of the Fort Worth office.[12] Werner served as the Acting Co-Regional Director, and served as the Associate Regional Director of Enforcement in the same office since 2018. Werner has held a variety of positions over his 26-year career at the SEC, including at the SEC’s Home Office, Office of Chief Counsel, and Complex Financial Instruments Unit, among others.
- Finally, in June, it was announced that Michele Layne, Director of the Los Angeles Regional Office, would be leaving the SEC after more than 27 years of service.[13] Cindy Eson and Kate Koladz were named Acting Co-Directors of the office.
III. Aggressive Enforcement
A. “Attention-Grabbing” Sweeps
The Commission has increasingly favored enforcement sweeps over the course of the last few years—i.e., tackling multiple similar enforcement actions at the same time, and not in a piecemeal fashion.[14] In fact, the Commission has carried out at least 65 enforcement actions since 2021 that first arose out of an enforcement sweep, imposing over $1 billion in penalties in the process. Most of the offenses targeted in these sweeps share a few common characteristics: (1) investment advisers or broker-dealers (i.e., the institutional actors that the Commission directly regulates) allegedly committed the targeted offenses; (2) the targeted offenses were all strict liability or simple negligence violations; (3) the alleged facts were all relatively uncomplicated in nature; and (4) the Commission primarily sought “uniform remedies such as censures, cease-and-desist orders, penalties, and undertakings,” and not individualized remedies such as disgorgement.
Gurbir Grewal, the Director of the Commission’s Enforcement Division, has repeatedly emphasized the Commission’s commitment to an enforcement strategy based on conducting enforcement sweeps. Calling the sweeps a “powerful tool,” Grewal has said that the Commission often uses the sweeps because they have “much more of an attention-grabbing deterrent effect than doing these cases serially.”[15] Quickening the pace of investigations through the use of sweeps is, according to Grewal, an important aim of the Commission, and the number of sweeps is therefore likely only to grow in the months and years to come.
B. Sweeps Can be Repeated
As we wrote in our 2022-year end update, the Commission obtained over $1 billion in settlements from fifteen broker-dealers and one affiliated investment advisers last year for not retaining business related communications on personal devices. As foreshadowed, the Enforcement Division’s subsequent sweeps included a focus on investment advisers.
Early this year, the Commission began asking some of the country’s largest investment advisers to undertake a self-review of whether their employees had communicated about firm business using unapproved channels.[16] The category of records that investment advisers are required to maintain is narrower than the broker dealer communications that were the main target of Commission’s first sweep. (Certain records required under the Commodity Exchange Act were also implicated in the 2022 sweeps.) Under Exchange Act Rule 17a-4(b)(4), broker dealers have to retain “all communications . . . relating to [their] business as such” while Investment Advisers Act Rule 204-2(a)(7) generally requires investment advisers to retain only communications recommending investments, recording a receipt or disbursement of funds or securities, or placing orders. It remains to be seen how the Commission intends to apply the record-keeping requirements of the Advisers Act to the subject communications.
Separate from the second sweep targeting investment advisers, in May 2023, the Commission announced twin settlements with two dual registrants (broker dealers and investment advisers) who had self-reported—in response to the Commission’s publicly announced encouragement in December 2021. The firms agreed to pay penalties of $15 million and $7.5 million, respectively—well below the fines in the first sweep, but still well above the fines in prior recordkeeping settlements.[17] More important, the settlements provide no visibility into the benefits the firms received from self-reporting.
In June 2023, the Commission settled with a dual registrant for violation of the recordkeeping regulations when it mistakenly deleted almost 50 million communications that the registrant’s archive vendor said would be maintained. The firm agreed to pay a $4 million fine.[18] According to the Order, the firm self-reported the violation to the Commission in January 2020.
Meanwhile, FINRA fined a registered representative $15,000 and banned her from working with any FINRA member for fifteen months on allegations that she sent client documents by text using a personal device and then made false statements to investigators from her employer and FINRA.[19]
Putting aside the risks of enforcement investigations, registrants should also anticipate questions about electronic recordkeeping and off-channel communications by employees in the context of routine compliance examinations. The Examination Priorities Report for 2023 foretells a concentration this year on registrant compliance and supervisory programs about electronic communications related to firm business.[20]
C. Focus on Cryptocurrency
As previewed above, Chair Gensler has discussed the importance to the Commission of “rooting out noncompliance [in crypto markets] through investigations and enforcement actions.” These actions typically involve alleged failures to register as broker-dealers, exchanges, or transfer agents and as to products with the Commission, and/or for allegedly misleading investors.[21]
Industry participants, members of Congress, and an SEC commissioner have criticized the SEC’s approach. In April, members of the House Financial Services Committee questioned Chair Gensler about the SEC’s impact on the crypto industry. The Committee’s Chairman, Rep. Patrick McHenry (R-NC), noted that Gensler’s “[r]egulation by enforcement is not sufficient nor sustainable.” The problem, according to McHenry, is that Gensler is “punishing digital asset firms for allegedly not adhering to the law when they don’t know it will apply to them.”
Commissioner Hester Peirce has expressed similar sentiments. In her April statement titled “Rendering Innovation Kaput,”[iii] she said: “[a] commission serious about regulating — and not destroying — [the crypto] market would reflect on this near unblemished record of regulatory failure and do something about it.” She added that “the Commission dismisses the possibility of making practical adjustments to our registration framework to help entrepreneurs register, and instead rewards their good faith with an enforcement action.” Among other things, critics of the current enforcement approach question the extent of the Commission’s statutory authority in this area and object to its failure to first adopt rules setting forth clear standards and feasible registration requirements.
It remains to be seen whether the Commission will prevail in its current enforcement efforts. While the Commission has touted its enforcement success—according to Gensler, the Commission has so far “successfully brought or settled more than 100 cases against crypto intermediaries and token issuers”—that success has generally been in the form of settled orders.
During the first half of 2023, the Commission brought cases against two prominent crypto platforms, alleging that they failed to register as securities exchanges and broker-dealers.[22] It also filed complaints against various other crypto exchanges, all for allegedly not registering with the Commission.[23] In addition, the Commission charged a handful of individuals in connection with alleged schemes which raised more than $45 million in sales of unregistered crypto assets.[24] In particular, the Commission alleged the respondents “falsely claimed that investors could generate extravagant returns by investing in a blockchain technology.” The Commission has brought similar charges against high-level former FTX employees,[25] as well as others.[26]
Litigated matters have not always gone the SEC’s way. In June, the SEC filed settled actions against two of the country’s largest crypto platforms in the District of D.C. and the Southern District of New York. On the immediate heels of these actions, though, the District Court for the Southern District of New York in the SEC’s ongoing litigation against Ripple ruled that the SEC could not establish as a matter of law that a crypto token was a security in and of itself—a ruling that has widely been considered a “landmark legal victory for the cryptocurrency industry.”[27] Judge Rakoff’s recent decision in SEC v. Terraform Labs agreed with this aspect of the Ripple ruling, although it rejected Ripple’s distinction between institutional and secondary-market purchasers in assessing whether a securities offering took place.[28]
D. Insider Trading
As in prior administrations, the Commission has maintained steady attention on insider trading, bringing a handful of cases in the first half of 2023. In addition to standard tippee/tipper cases, and in a nod to the continuing work-from-home environment, the SEC announced charges against a registered representative at a New York-based broker-dealer and a compliance officer for an international payment processing company who allegedly obtained material nonpublic information from his girlfriend’s laptop when she was working from home during the COVID-19 pandemic.[29] The girlfriend was an employee of an investment bank. Both the broker and the compliance officer traded on this information and made combined profits of more than $750,000. The broker also recommended the stock to his customers, resulting in profits for customers and commissions for the stockbroker. The SEC and DOJ filed parallel actions in federal courts.
The SEC also brought insider trading claims against a CEO for allegedly trading on the basis of material nonpublic information even though he had traded in accordance with a Rule 10b5-1 plan.[30] Rule 10b5-1 provides an affirmative defense to insider trading where a person demonstrates that, before becoming aware of the MNPI, the person adopted a written plan for trading securities that specified the amount of securities to be traded, the price, and the date on which the sale was to occur.[31] The Rule 10b5-1 plan must be entered into in good faith, and not as part of a plan or scheme to avoid the securities laws. The SEC’s complaint alleges that the CEO was aware of MNPI when entering the plans and adopted the plans as part of a scheme to evade insider trading prohibitions because he knew that the company was likely to lose one of its largest customers at the time he entered the trading plans. This case was filed shortly after the SEC issued final rules governing the use of Rule 10b5-1 plans[32] and may be another instance in which the SEC was sending a message designed to buttress its rulemaking efforts.
IV. Investment Adviser Industry Actions
A. Disclosure Failures
The Commission continues to increase regulation of Investment Advisers, with an increased focus on the private fund market as it grows to a more than $25 trillion industry with tens of thousands of funds in operation.[33] In May, the Commission adopted new amendments to Form PF for hedge fund and private equity advisers.[34]
Private funds have come under intense scrutiny as the Commission pursues ever increasing levels of disclosure from funds in order to more closely regulate the market.
In February, the Commission settled against a large religious organization and its asset management firm for disclosure failures.[35] According to the settled order, in order to obscure the total assets under management, the asset management firm formed separate entities, allocated the religious organization’s assets among the entities and filed individual Forms 13F on behalf of the separate entities, all while maintaining control over all the equity investments. The asset management firm and the religious organization both agreed to pay a $4 million and $1 million penalty respectively for violations of the Exchange Act for misstating information.
The Commission’s asset management docket also included perennial Advisers Act themes, such as inaccurate valuations, erroneous fee calculations, and failure to fully disclose and mitigate conflicts of interest:
In late May, the Commission charged an advisory firm for failure to adopt and implement adequate written policies to value assets in the managed funds.[36] The Commission alleged that the firm’s written policies were not reasonably designed to value client holdings and assess fees leading to incorrect calculations of fees and inaccurate performance reporting. The case was settled without admission or denial of Commission findings with a civil penalty of $275,000 and other sanctions.
In mid-June, the Commission announced and enforcement action against an investment advisory firm for its failure to disclose material information to investors, failure to waive required advisory fees, and inadequate policies to ensure sufficient oversight of fee waivers.[37] The firm agreed to a cease and desist order and a combined $9 million in penalties. (For a previous Gibson Dunn alert offering more detailed analysis on this topic, please click here.)
The Commission also brought an action against a former investment adviser for failure to disclose a conflict of interest arising from his personal relationship with a film distribution company in which the adviser’s fund had invested millions of dollars.[38] In the course of his employment, the company allegedly helped his daughter secure an acting opportunity in a 2018 film production. He consented to entry of the order and payment of a $250,000 penalty.
The Commission instituted a settled action in May against two registered investment advisers for breach of fiduciary duty and compliance failures after they allegedly invested client funds in leveraged exchange traded funds (“ETFs”), despite the unique risks posed by those types of products.[39] According to the settled order, the advisers misunderstood the riskiness of these particular products, and as a result, were unable to evaluate whether investing in them was in their client’s best interests. The advisers settled without admitting or denying the Commission’s findings, and agreed to disgorgement, civil penalties, and other sanctions.
The SEC also instituted a settled action against a New Jersey asset management firm and its founder for alleged improper trading of certain fixed income securities.[40] The order found that the firm’s rebalancing trading in bonds among advisory clients resulted in an increase in the prices of such bonds at a higher rate than other similar securities. Over time, the increase in bond values resulted in higher net asset valuation of portfolios and increased fees to the adviser. The company and founder agreed to pay approximately $19.3 million in combined fees and penalties to settle the matter.
B. New Liquidity Rule
In early May, the Commission instituted its first enforcement action against a mutual fund adviser and certain officers of the adviser and trustees of the mutual fund for violation of the Liquidity Rule.[41] The Liquidity Rule prohibits mutual funds from investing more than 15 percent of net assets in illiquid investments. The Commission alleged, among other things, that the parties ignored restrictions and disregarded advice to decrease the fund’s exposure to illiquid assets. All parties resolved the allegations with the SEC, and paid a range of civil penalties and other sanctions.
V. Retail Wealth Management – Reg BI
The Commission adopted Regulation Best Interest (“Reg BI”) in the first half of 2019.[42] Reg BI sets a standard of conduct for broker-dealers and associated persons when they make recommendations to retail clients. It requires broker-dealers to: act in the best interest of the retail customer at the time the recommendation is made, without placing the financial or other interest of the broker-dealer ahead of the interests of the retail customer, and address broker-dealer conflicts of interest with those clients. Reg BI is understood as being composed of four component obligations: the (1) care obligation; (2) disclosure obligation; (3) conflict of interest obligation; and (4) compliance obligation.[43]
There has been a dearth of Commission enforcement actions relating to Reg BI thus far. By contrast, FINRA has recognized Reg BI as an enforcement priority for 2023. Indeed, FINRA brought its first Reg BI case last September in an action alleging that a registered representative recommended an inappropriate series of transactions to one of his retail customers in order to generate commissions and trading costs.[44]
The trend of FINRA bringing Reg BI cases has continued thus far in 2023. In May, FINRA expelled a New York broker-dealer, and suspended and fined its CEO for Reg BI violations, among other things.[45] FINRA found that the firm made material misrepresentations to customers in connection with the sale of risky pre-IPO securities. In announcing the case, FINRA said “Firms . . . must reasonably surveil for, and respond to, red flags of excessive trading and churning. When firms, particularly those with significant disciplinary histories, commit egregious sales practice and supervisory violations, expulsion from FINRA membership may be warranted.” In the first five months of 2023, FINRA served over 150 breach of Reg BI arbitrations, representing a nearly five-fold increase compared to the same time last year.[46]
The Commission has not brought any high-profile Reg BI cases since the one case it brought last year.[47] However, it is expected that there will be more coming down the pike as the Commission’s Staff has now published multiple Staff Bulletins setting forth the Staff’s opinions on implementation of Reg BI.[48] In many respects, the Bulletins depart, sometimes substantially, from the guidance issued by the Commission in the Adopting Release for Reg BI. This Staff’s deviation from the Adopting Release heightens the ambiguity about the proper scope of a registrant’s compliance and supervisory programs that were designed to be consistent with the guidance in the Adopting Release.
VI. Cybersecurity
Cybersecurity is top-of-mind at the Commission, at least in part due to high-profile data breaches and ransomware attacks that have exposed sensitive consumer information into the hands of bad actors.[49] In February 2022, the Commission proposed new rules for cybersecurity risk management for investment advisers, registered investment companies, and business development companies.[50] The proposals suggest a new cybersecurity risk management regime designed to both prevent attacks in the first instance and respond to them with additional disclosures. In March, the Commission reopened the comment period on the rules and amendments.[51] The Commission has indicated it does not plan to approve the new cyber rules until at least October 2023.[52]
The Commission finalized and adopted a cybersecurity risk governance rule for public companies in late July 2023.[53] The final rule imposes new reporting requirements on companies that suffer material cybersecurity incidents, raises questions concerning the scope of materiality, and requires new Reg S-K disclosures about how companies govern cybersecurity risks. Commissioner Pierce criticized the final rule as being overly broad and reading “like a test run for overly prescriptive, overly costly disclosure rules covering a never-ending list of hot topics.”[54] (For a previous Gibson Dunn alert offering more detailed analysis on this topic, please click here.)
Enforcement actions relating to cybersecurity risk have continued in parallel with and in support of the rulemaking. In March, 2023, the Commission instituted a settled action against a public company that manages donor data for non-profits, for allegedly misleading disclosures with respect to a cyber-attack that occurred in 2020.[55] Shortly after the attack, the company publicly announced that donor bank account information had not been compromised. The Commission alleged that the company’s quarterly statement omitted the full extent of the attack by categorizing it as a mere hypothetical possibility after they were already aware of the full impact. The company agreed to a $3 million civil penalty to settle the charges. The SEC settled this matter before its proposal on cybersecurity disclosure and governance for public companies had been finalized, but the message sent by the settlement was in line with many of the requirements that were proposed and could be seen to buttress those requirements, especially the governance-related aspects.[56] We expect more cybersecurity enforcement, especially now that new rules are in place for public companies.
VII. Financial Reporting and Disclosure
A. Financial Reporting and Accounting Cases Remain Steady
Public company financial reporting and disclosure failure cases, long seen as the bread-and-butter of SEC enforcement, have continued at a similar pace as in previous years. There were several notable cases in the first half of 2023.
1. Fraud and Financial Manipulation
The SEC filed an action against three executives at an Alabama-based shipbuilding company for engaging in a fraudulent revenue recognition scheme by manipulating cost estimates in order to allow its parent company to meet or exceed expectations.[57] The complaint alleged that the executives artificially decreased the cost of specific shipbuilding projects by tens of millions of dollars in order to aid the parent company’s estimates for earnings before interest and tax (“EBIT”). The case remains ongoing.
The SEC filed an action against the founder of a student loan assistance company that was acquired by, and subsequently dissolved by a large financial services firm.[58] The SEC alleged that the founder fraudulently enticed and sold her company after misrepresenting the amount of student data that she had. The founder benefited from the $175 million acquisition, receiving roughly $9.7 million in stock, millions in trusts, and a $20 million retention bonus as a new employee of the financial services firm. In addition to the SEC’s charges, parallel criminal charges were announced and are pending as well.
The SEC filed and settled complaints against a health supplement company’s former executives with charges ranging from improper revenue recognition practices to fraud and improper disclosures.[59] The Commission alleged that the executives inflated their quarterly revenues and gross profits. Several executives settled charges with a range of sanctions and civil penalties, while charges against other executives remain pending.
2. Disclosure Failures
The SEC settled with a leading financial news organization in connection with alleged misleading disclosures related to its subscription service.[60] According to the order, the organization failed to disclose to customers that valuations for certain fixed-income securities could be based on a single data input despite being aware that their customers used it to decide fund asset valuations and could be inappropriately impacted. Without admitting or denying the SEC’s allegations, the organization agreed to pay a $5 million penalty and make improvements to the subscription service.
The SEC settled charges against a transportation company and its former CEO for their failure to disclose perks provided to the former CEO and other executives, as well as compensation the CEO received for using his own private plane for travel by company executives.[61] The company and CEO agreed to pay $1 million and $100,000 in civil penalties, respectively.
B. Increasing Market Focus on Environmental, Social, and Governance (“ESG”) Strategies for Fund Managers and Public Companies
Stakeholders and investors have increasingly incorporated ESG into their investment strategies. Many large investment managers have committed themselves to considering ESG factors in their voting and investment decisions.[62] Public companies have also begun to address ESG at their annual general meetings at record-high rates,[63] such as by hosting “Say on Climate” votes and votes on diversity, equity, and inclusion.[64] Companies have also increased their voluntary reporting on ESG matters. In fact, in 2021, nearly 100% of the S&P and 81% of the Russell 1000 published a sustainability report.[65]
Opposition to ESG has also grown.[66] When a large investment manager announced a position on energy investments in state pension funds, 19 state attorneys general wrote to the CEO in dissent,[67] some states issued rules limiting such investments, and other states refused to even meet with certain investment managers. Other opponents have expressed concerns about so-called greenwashing, whereby companies allegedly overstate ESG-driven benefits in disclosures. In response to this criticism, some investment managers have scaled back their ESG efforts,[68] or at least are scaling back their discussion of ESG, which has led to complaints of “greenhushing”—or saying less about ESG efforts to avoid the ire of those opposing ESG.[69]
C. Commission’s Proposed Rules on ESG Reporting
Despite the pushback, a new wave of government enforcement and regulation is forcing companies and investors to grapple with how to address ESG within legal, risk and compliance regimes. Other government agencies, such as the FTC and some state attorneys general, have begun to bring enforcement actions and lawsuits related to ESG disclosures.[70] The Commission has also been active on this front, introducing four new ESG rules in 2022, and bringing several enforcement actions for insufficient controls:[71]
- The Climate-Related Disclosure Rule Proposal would require companies to disclose climate change-related risks that are “reasonably likely to have a material impact on [their] business, results of operations, or financial condition.”[72] Covered entities would also need to disclose their plans and processes for managing climate-related risks (if applicable). Finally, companies would have to disclose their direct greenhouse gas (“GHG”) emissions, indirect emissions from purchasing electricity and energy, and emissions from “upstream and downstream activities” in their value chain. The Climate-Related Disclosures Rule may be finalized later this year,[73] but is almost certainly going to be challenged in litigation given the enormous costs it is likely to impose on public companies.
- The Cybersecurity Risk Governance Rule requires companies to disclose cybersecurity incidents and policies for managing cybersecurity risks.[74] As discussed above, the rule was recently finalized.
- The Enhanced Disclosures by Certain Investment Advisers and Investment Companies about ESG Investment Practices Rule applies to funds and tailors disclosure requirements to how “central ESG factors are to a fund’s strategy.”[75] Funds that integrate ESG alongside other factors must describe their investment process. Funds that focus more significantly on ESG (Focused Funds) must provide more detailed disclosures, such as a “standardized ESG strategy table overview.” And funds that target a specific ESG goal (Impact Funds) must disclose how they measure progress on their objectives.[76] The rule also requires funds that consider environmental factors to disclose the carbon footprint and “weighted average carbon intensity” of their portfolio. The Enhanced Disclosures Rule is expected to be finalized in 2023.[77]
- The Reporting of Executive Compensation Votes by Institutional Investment Managers Rule was adopted by the Commission in November 2022 and requires mutual funds to provide proxy voting records. Although mutual funds had to report proxy votes prior to the 2022 rule, the new rule also requires reporting of votes in certain categories, such as climate, compensation, and human rights.[78]
Criticism of these proposals has been robust. Companies have expressed concerns about the cost of compliance with the Climate Disclosure Rule and possibly incurring penalties for incorrect disclosures. In addition, investment managers have expressed concerns that the Commission might finalize the fund disclosures rule before the public company disclosure rule. This timing, managers fear, would require funds to disclose their portfolio’s emissions before companies do so, leading to inaccurate reporting.[79] Several members of Congress have also requested information about the Commission’s Climate Disclosure Rule and even introduced legislation to remove Gensler as chair of the Commission.[80]
The Commission is still planning to propose other ESG-related rules targeting diversity and inclusion. For example, the Commission expects to propose a rule requiring companies to disclose information about human capital, such as workforce composition and diversity of board members.[81] The Commission has already approved Nasdaq’s Board Diversity Rule, requiring certain Nasdaq-listed companies to comply with diverse board requirements.[82]
D. Commission Use of Existing Rules for ESG Enforcement Actions
The Commission has decided not to wait to finalize its ESG rules to bring cases against firms that it believes are misstating or omitting material information about its ESG-related activities or failing to maintain adequate disclosure controls and procedures around ESG-related information. In March 2021, the Commission created a Climate and ESG Task Force within its Division of Enforcement,[83] and the task force and broader division have since targeted disclosures under existing Commission rules.
For example, the Commission has penalized financial services firms for improper disclosure of ESG-related information through the provisions of Section 206 of the Advisers Act,[84] which require advisers to adopt provisions reasonably designed to prevent violations of the Act. The Commission has indicated that it will continue such enforcement actions, but the SEC filed no new cases in the first half of 2023.
Although much of the Commission’s early ESG rhetoric focused on energy and climate, the Commission is now directing its attention to social and governance issues too. For example, a recent enforcement action highlighted the Commission’s efforts to enforce disclosure control violations related to the “social” element of ESG.[85] In the case, the SEC alleged that the company was aware of potential weaknesses around its ability to maintain a healthy workplace culture, but “lacked controls and procedures . . . to collect and analyze employee complaints of workplace misconduct,” and consequently “did not assess whether any material issues existed that would have required public disclosure.” Commissioner Peirce dissented from the order, explaining that the company had not violated a securities law and that the matter was better suited for the EEOC.[86]
VIII. Whistleblower Program Generates Record-Breaking Awards
We have cataloged significant Commission Whistleblower awards in our previous alerts for many years. That said, the eye-popping payouts this year make it worthwhile to take stock of the program as a whole. Last year, the Commission received a record-high 12,300 tips of potential corporate misconduct, and of those, it paid out awards in 103 cases, totaling $229 million.[87] In 2023, the SEC awarded $279 million to two anonymous whistleblowers for a single case.[88] Even absent this sizeable award, 2023 appeared off to an impressive start. In January alone, the Commission awarded over $50 million in just three awards.[89] These payouts and the number of whistleblower tips the SEC receives each year suggests the program has been quite a success for the agency.
While the Commission’s decision-making process for awarding payments is somewhat opaque, two key factors appear to drive the Commission’s payment decisions: utility and compliance. Regarding utility, a recent example is instructive. In a case with multiple whistleblowers, one potential whistleblower had his claims denied by the Commission because they “didn’t aid the agency’s enforcement action.” Submitting a tip alone is insufficient—even if the subject of the tip is ultimately sanctioned—since a tip must contain “original information” that points to a violation of securities laws and leads to a successful enforcement action. Moreover, original information must be the product of “independent knowledge or independent analysis,” and “[n]ot already known” to the Commission, among other narrow exceptions.[90] Indeed, the Commission confirmed that the successful whistleblower was successful largely because of their “sustained assistance including multiple interviews and written submissions.”[91] While it is unclear whether the unsuccessful whistleblower’s claims were denied because the information was helpful-but-unoriginal or unhelpful-but-original, either combination is sufficient to bar an award.
Additionally, the information must be compliant with all statutory reporting guidelines. For example, the Third Circuit recently upheld the Commission’s denial of a whistleblower award stemming from a settlement of alleged inaccurate disclosures. The claimant, whose request for an award was denied by the Commission, filed an application claiming to have significantly contributed to the report that ultimately led to the settlement.[92] The Third Circuit rejected that argument, though, because the SEC had received the report from a public website and not from the claimant directly. Indeed, the SEC and the Third Circuit both held that it was undisputed that the claimant failed to follow the prescribed method of submission to qualify for an award, and doing so is a requirement under the whistleblower rules.
The whistleblower program raises a related question on cooperation. In spite of its aggressive enforcement strategy, the Commission has also continued to encourage companies to cooperate with the Commission before and during investigations. Recently, at the Securities Enforcement Forum in May, Director Grewal stressed that enforcement “should not be a game of gotcha” in which the Commission “hold[s] all of [its] cards close to the vest and surprise[s] you at the 11th [sic] hour and hold[s] something for trial.”[93] Instead, it is a “truth-seeking mission” and “should be a collaborative process” between companies and the Commission.
In May, Grewal applauded two firms for their “great cooperation” during the electronic communications investigation and asserted that the Commission rewards people for “self-reporting and cooperating.” Still, despite the firms’ cooperation, the Commission did ultimately insist on hefty fines in each instance, thereby calling into question the purported benefits of deciding to cooperate with the Commission. Navigating the SEC’s opaque cooperation posture is made all the more challenging by the risk of whistleblowers.
IX. Rulemaking Continues in High Gear
Currently, there are 18 rules in the preliminary stages of rulemaking and 37 rules in the final stages of rulemaking.[94] Not since 2011 has the Commission had such a robust agenda—and the Commission did so then only to implement the recently-enacted Dodd-Frank Act of 2010.[95] Measured by page-count of the proposed rules, the SEC issued more pages of proposed rules than during any year going back to 1995 (and probably ever). This year is shaping up to be another outsized year for new proposals, considering that we may see rules on human capital disclosures later this year. (See Figure 1 below.)
Figure 1 – Annual SEC Proposals by Number of Federal Register Pages[96]
In several instances, the proposed rules seem to push the boundaries of the Commission’s congressionally granted authority, leading to significant backlash, especially in light of the accelerated pace of its rulemaking. House Financial Services Committee Chair Patrick McHenry, for example, has expressed concerns that the hasty adoption of rules is “undermining the quality of our securities laws.”[97] Commissioner Hester Peirce has taken a similar stance, saying in May that “it’s difficult to figure out what the effects of all those rule changes will be” and that due to the hurried pace, Commission staff “don’t have the time to necessarily think through everything.”[98] The pace of SEC rulemaking will eventually slow, but the lasting effects of the many new rules being put forward by the SEC will be with us for many years.
Another rulemaking effort that has flown under the radar but is worth noting comes from the Public Company Accounting Oversight Board (“PCAOB”). Its new rule could drastically expand the scope of audits. On June 6, 2023, the PCAOB proposed for public comment a draft auditing standard, A Company’s Noncompliance with Laws and Regulations, PCAOB Release 2023-003, that could significantly expand the scope of audits and potentially alter the relationship between auditors and their SEC-registered clients.[99] In a rare move, two PCAOB Board members—the two accountants on the Board—dissented from the proposal based on a range of concerns, including that it would unduly expand the scope of the public company audit.
The Current AS 2405 mirrors in substantial part Section 10A of the Securities Exchange Act of 1934, which requires the auditor to perform “procedures designed to provide reasonable assurance of detecting illegal acts that would have a direct and material effect on the determination of financial statement amounts.”[100] The Proposed AS 2405 would go further and require the auditor to: (i) identify all laws and regulations “with which noncompliance could reasonably have a material effect on the financial statements,”(ii) incorporate potential noncompliance with those laws and regulations into the auditor’s risk assessment, and (iii) identify whether noncompliance may have occurred through enhanced procedures and testing.[101] As part of these procedures, an auditor would be required, among other things, to obtain an understanding of management’s own processes to identify relevant legal obligations and investigate potential noncompliance.[102]
Upon identifying an instance of potential noncompliance, the auditor must perform procedures to understand the nature of the matter, as well as to evaluate whether in fact noncompliance with a law or regulation has occurred.[103] These procedures go beyond those required by the Current AS 2405 and Section 10A. Importantly, the proposed procedures would appear to require the auditor to undertake significant steps even in cases where it appears unlikely that the identified conduct will have a material effect on the financial statements and even in cases where the noncompliance itself is still in question.
After identifying an instance of potential noncompliance, the auditor would communicate both with management, the audit committee (unless the matter is clearly inconsequential) and, in some cases, the board of directors as a whole.[104] The Proposed AS 2405 contemplates that this communication may occur in two stages, the first after the auditor learns of the matter and the second after the auditor has conducted an evaluation of the matter.
This is a sweeping proposal, spanning more than 140 pages, that could drastically change current audit model and potentially expand the financial statement audit into a compliance audit. The dissenting statements underscore both the significance of this proposal and the range and magnitude of the concerns, for auditors and SEC registrants alike. The procedures in Proposed AS 2405, and other proposed amendments to PCAOB auditing standards, likely would substantially expand the scope of most audits in relation to identifying, assessing, and addressing potential noncompliance with laws and regulations, particularly for audits of complex, global organizations. The auditor’s increased responsibility to identify, evaluate, and report on legal compliance could alter what information the issuer may need to share with the auditor to help ensure that sufficient audit evidence is obtained, as well as the training and quality controls that might be necessary to achieve reasonable assurance that the auditor can evaluate and act on the information received. Notably, too, the increased sharing of information from the audit client to the auditor that is required under the Proposed AS 2405 would present significant increased risk to the audit client’s legal privileges. These are but a few of the significant issues presented by the Proposed AS 2405. Companies and their auditors will want to follow these proposals carefully.
X. Challenges to the Administrative State
The Commission typically has two venue options when it authorizes an enforcement action: file a complaint in federal district court before an Article III judge or institute an administrative proceeding before an administrative law judge (“ALJ”). The SEC’s power to use administrative proceedings and how it operates those proceedings have been the subject of numerous challenges in the past ten years.[105] These challenges have been part of the larger attack on the administrative state that has affected other federal agencies. Because of these challenges, the current SEC Enforcement practice has been to file contested matters in federal district court. Two developments in the past six months further challenge the SEC’s authority to bring enforcement actions before ALJs.
Although for most of the SEC’s existence, only certain types of cases could be brought before an ALJ, over the years and then through the Dodd-Frank Act, the SEC gained the power to bring virtually any enforcement action, including those seeking monetary damages, before an ALJ. This has put litigants charged with SEC violations in the unenviable position of having to defend themselves without the same right to civil discovery or procedure they would have in district court and without the right to trial by jury, but instead before a judge appointed by the SEC, whose chambers are in the same building as the SEC, and with any appeal brought before the Commission that approved the enforcement action in the first place. For obvious reasons, as the SEC’s authority to bring cases before such inhouse tribunals has expanded, resistance has grown to their use.
First, the U.S. Supreme Court held on April 14, 2023 that a respondent in an administrative proceeding may bring a collateral attack on the constitutionality of the proceeding itself in federal district court rather than waiting years for the SEC to finish the administrative process being challenged.[106]
Michelle Cochran, a certified public accountant who was subject to an SEC administrative proceeding, sued the SEC in federal district court while the enforcement action was pending. She argued that the agency’s basic structure and operations were unconstitutional and the pending enforcement action unlawful. The district court dismissed Cochran’s complaint, holding that the specialized judicial-review provisions in the Exchange Act deprived the district court of jurisdiction by funneling review of final agency orders to the federal courts of appeals. The Fifth Circuit reversed. It recognized that structural constitutional challenges to an agency’s administrative proceedings were not the sort of claims Congress meant to funnel to the courts of appeals through the statutory review scheme, and the Supreme Court affirmed. The Court held that federal district courts have jurisdiction to resolve certain challenges to the structure or existence of the SEC and its proceedings, rejecting the government’s argument that litigants can raise such challenges only on review of a final agency action, after many of years litigation, before the court of appeals.
The decision allows people and businesses subjected to SEC (and FTC and potentially other) administrative enforcement actions to promptly raise certain structural challenges in court, without having to first complete long and costly agency proceedings (which often settle before a final order). As the Court recognized, permitting suits to proceed in federal district court allows regulated parties to vindicate the “here-and-now injury” of being subjected to unconstitutional administrative processes. The decision—issued with no dissent—reflects the current Court’s strong interest in reining in excesses of the administrative state by reinforcing constitutional limitations on the structure, composition, and operation of administrative agencies. The decision will almost certainly keep pressure on the SEC to file contested claims in district court, providing regulated entities challenging SEC actions with greater procedural rights and protections than are available in administrative proceedings.
The second major development is the Supreme Court’s decision to hear arguments in SEC v. Jarkesy, a case involving constitutional challenges by an investment adviser charged with fraud in an administrative proceeding.[107] In 2013, the SEC instituted proceedings against George Jarkesy and his advisory firm for alleged mismanagement of a pair of hedge funds with $24 million under management. Jarkesy initially responded by suing the agency, arguing that its structure and enforcement powers violated the Constitution, but the D.C. Circuit said that type of challenge had to wait until a final order had been entered by the Commission and challenged in the Court of Appeals (a decision that was overruled by Cochrane). After nearly a decade of litigation before the ALJ, who ultimately ruled for the SEC, Jarkesy brought his constitutional challenges before the Fifth Circuit.
In May 2022, the Fifth Circuit agreed with Jarkesy. It held that the SEC violated the Constitution by filing an enforcement action seeking monetary penalties for fraud before an ALJ, rather than in federal court before a jury. Specifically, the court held that Jarkesy and the other defendants were deprived of their right to a jury trial; that Congress impermissibly delegated legislative powers by granting the SEC unfettered discretion in choosing whether to bring matters before ALJs; and that restrictions on the removal of SEC ALJs constricted the president’s constitutionally mandated oversight over inferior government officers. On June 30, 2023, the Supreme Court granted the SEC’s petition for a writ of certiorari agreeing to hear the case next term. It is not clear what the Court will hold in the case, but it is yet another challenge to the SEC’s authority to bring cases before ALJs.
___________________________
[1] Jessica Corso, Commission Gets $210M Boost in Spending Bill for Hiring, Offices, Law360 (Dec. 20, 2022), available at https://www.law360.com/articles/1560076/sec-gets-210m-boost-in-spending-bill-for-hiring-offices.
[2] SEC Press Release, SEC Announces Enforcement Results for FY 2022 (Nov. 15, 2022), available at https://www.sec.gov/news/press-release/2022-206.
[3] Gary Gensler, Getting Crypto Firms to Do Their Work Within the Bounds of the Law, The Hill (Mar. 9, 2023), https://thehill.com/opinion/congress-blog/3891970-getting-crypto-firms-to-do-their-work-within-the-bounds-of-the-law. Compare Game Stopped? Who Wins and Loses When Short Sellers, Social Media, and Retail Investors Collide, Part III: Hearing before the H. Comm. on Fin. Servs., 117th Cong. 3 (2021), available at https://bit.ly/3n5vgSH.
[4] Commission Crypto Enforcement Actions on Track to Outpace 2022, PYMNTS (May 5, 2023), https://www.pymnts.com/cryptocurrency/2023/sec-crypto-enforcement-actions-could-outpace-2022 (“The most frequent charges levied by the agency were tied to unregistered securities offerings (73%), alleged fraud (70%) or both (50%), and, not counting this year’s actions, represent $2.61 billion in total settlements and penalties”).
[5] SEC v. Ripple Labs, et al., Case No. 20-cv-10832 (S.D.N.Y.), Dkt. No. 874 (July 13, 2023).
[6] Jody Godoy, Ripple Labs Notches Landmark Win in SEC Case over XRP Cryptocurrency, Reuters (July 13, 2022), https://www.reuters.com/legal/us-judge-says-sec-lawsuit-vs-ripple-labs-can-proceed-trial-some-claims-2023-07-13.
[7] SEC v. Terraform Labs Pte Ltd. et al., Case No. 1:23-cv-01346 (S.D.N.Y.), Dkt. No. 51 (July 31, 2023).
[8] See SEC Statement, Statement Regarding Amicus Brief Filing in Murray v. UBS Securities, LLC, Commissioners Hester M. Peirce and Mark T. Uyeda (Jul. 6, 2023), available at https://www.sec.gov/news/statement/peirce-uyeda-murray-v-ubs-20230706.
[9] SEC Press Release, Paul Munter Named Chief Accountant (Jan. 11, 2023), available at https://www.sec.gov/news/press-release/2023-6.
[10] SEC Press Release, Silvestre Fontes Named Director of Boston Regional Office (Jan. 25, 2023), available at https://www.sec.gov/news/press-release/2023-18.
[11] SEC Press Release, SEC Appoints Deborah J. Jeffrey as Inspector General (Apr. 17, 2023), available at https://www.sec.gov/news/press-release/2023-79.
[12] SEC Press Release, Eric R. Werner Named Director of Fort Worth Regional Office (Apr. 25, 2023), available at https://www.sec.gov/news/press-release/2023-81.
[13] SEC Press Release, Michele Layne, Director of Los Angeles Regional Office, to Leave SEC (June 15, 2023), available at https://www.sec.gov/news/press-release/2023-108.
[14] See SEC Speech, Remarks at Securities Enforcement Forum, Gurbir Grewal, Director, Division of Enforcement (Nov. 15, 2022), available at https://www.sec.gov/news/speech/grewal-speech-securities-enforcement-forum-111522 (“Filing multiple, coordinated actions simultaneously not only demonstrates accountability, but also has a more pronounced deterrent effect than if the Commission filed separate standalone cases at different times.”).
[15] Sam Del Rowe, Commission Enforcer: ‘You Bet’ There Will Be More Sweeps, Financial Adviser IQ (May 18, 2023), https://financialadvisoriq.com/c/4072694/523644/enforcer_there_will_more_sweeps.
[16] Tom Schoenberg at al., SEC WhatsApp Probe Expands to Phones of Hedge Fund Employees, Bloomberg (Feb. 2, 2023), available at https://www.bloomberg.com/news/articles/2023-02-02/whatsapp-probe-hits-big-hedge-funds-as-sec-asks-for-phone-review.
[17] SEC Press Release, SEC Charges HSBC and Scotia Capital with Widespread Recordkeeping Failures (May 11, 2023), available at https://www.sec.gov/news/press-release/2023-91.
[18] SEC Release No. 97787, In re J.P. Morgan Securities LLC (June 22, 2023), available at https://www.sec.gov/litigation/admin/2023/34-97787.pdf.
[19] FINRA Letter of Acceptance, Waiver, and Consent No. 2021072548702 (May 31, 2023), available at https://www.finra.org/sites/default/files/fda_documents/2021072548702%20Delaina%20Kucish%20CRD%204401092%20AWC%20lp.pdf.
[20] SEC Report, 2023 Examination Priorities, Division of Examinations (Feb. 7, 2023), available at https://cointelegraph.com/news/sec-crypto-lawsuit-increased-six-months-following-ftx-binance-coinbase.
[21] See, e.g., SEC Press Release, Commission Charges Crypto Asset Trading Platform Bittrex and Its Former CEO for Operating an Unregistered Exchange, Broker, and Clearing House (Apr. 17, 2023), available at https://www.sec.gov/news/press-release/2023-78; SEC Press Release, Commission Files Emergency Action Against Miami Investment Adviser BKCoin and Principal Kevin Kang for Orchestrating $100 Million Crypto Fraud Scheme, available at (Mar. 6, 2023), https://www.sec.gov/news/press-release/2023-45.
[22] SEC Press Release, Commission Charges Coinbase for Operating as an Unregistered Securities Exchange, Broker, and Clearing Agency, U.S. Sec. & Exch. Comm’n (Jun 6, 2023), available at https://www.sec.gov/news/press-release/2023-102; SEC Press Release, Commission Files 13 Charges Against Binance Entities and Founder Changpeng Zhao, U.S. Sec. & Exch. Comm’n (Jun 5, 2023), available at https://www.sec.gov/news/press-release/2023-101.
[23] See, e.g., SEC Press Release, SEC Charges Crypto Trading Platform Beaxy and its Executives for Operating an Unregistered Exchange, Broker, and Clearing Agency (Mar. 29, 2023), available at https://www.sec.gov/news/press-release/2023-64; SEC Press Release, SEC Charges Crypto Asset Trading Platform Bittrex and its Former CEO for Operating an Unregistered Exchange, Broker, and Clearing Agency (Apr. 17, 2023), available at https://www.sec.gov/news/press-release/2023-78; SEC Press Release, SEC Charges Crypto Entrepreneur Justin Sun and His Companies for Fraud and Other Securities Law Violations (Mar. 22, 2023), available at https://www.sec.gov/news/press-release/2023-59.
[24] SEC Press Release, SEC Charges Creator of CoinDeal Crypto Scheme and Seven Others in Connection with $45 Million Fraud (Jan. 4, 2023), available at https://www.sec.gov/news/press-release/2023-2.
[25] SEC Press Release, SEC Charges Nishad Singh with Defrauding Investors in Crypto Asset Trading Platform FTX (Feb. 28, 2023), available at https://www.sec.gov/news/press-release/2023-40.
[26] SEC Press Release, SEC Charges Terraform and CEO Do Kwon with Defrauding Investors in Crypto Schemes (Feb. 16, 2023), available at https://www.sec.gov/news/press-release/2023-32.
[27] Jody Godoy, Ripple Labs notches landmark win in SEC case over XRP cryptocurrency, Reuters (Jul 13, 2023), https://www.reuters.com/legal/us-judge-says-sec-lawsuit-vs-ripple-labs-can-proceed-trial-some-claims-2023-07-13/.
[28] SEC v. Terraform Labs Pte Ltd. et al., Case No. 1:23-cv-01346 (S.D.N.Y.), Dkt. No. 51 (July 31, 2023).
[29] SEC Press Release, SEC Charges Stockbroker and Friend with Insider Trading (June 29, 2023), available at https://www.sec.gov/news/press-release/2023-124.
[30] SEC Press Release, SEC Charges Ontrak Chairman Terren Peizer With Insider Trading (March 1, 2023), available at https://www.sec.gov/news/press-release/2023-42.
[31] 17 C.F.R. § 240.10b5-1(c)(A)–(B), available at https://www.govinfo.gov/content/pkg/CFR-2013-title17-vol3/pdf/CFR-2013-title17-vol3-sec240-10b5-1.pdf.
[32] SEC Approves New Insider Trading Rules, Gibson Dunn Client Alert (Dec 16, 2022), https://www.gibsondunn.com/sec-approves-new-insider-trading-rules/.
[33] SEC Speech, “The ‘90s: Rom-coms, the Spice Girls, & MFA:” Remarks Before the Managed Funds Association, Chair Gary Gensler (May 2, 2023), available at https://www.sec.gov/news/speech/gensler-remarks-managed-funds-association-050223.
[34] 17 C.F.R. §§ 275, 279, available at https://www.sec.gov/rules/final/2023/ia-6297.pdf.
[35] SEC Press Release, SEC Charges The Church of Jesus Christ of Latter-day Saints and Its Investment Management Company for Disclosure Failures and Misstated Filings (Feb. 21, 2023), available at https://www.sec.gov/news/press-release/2023-35.
[36] SEC Press Release, SEC Charges Investment Adviser for Compliance Failures (May 24, 2023), available at https://www.sec.gov/enforce/ia-6315-s.
[37] SEC Press Release, SEC Charges PIMCO for Disclosure and Policies and Procedures Failures (Jun. 16, 2023), available at https://www.sec.gov/news/press-release/2023-109.
[38] SEC Press Release, Commission Charges Former BlackRock Portfolio Manager with Undisclosed Conflict of Interest (Jan. 5, 2023), available at https://www.sec.gov/news/press-release/2023-3.
[39] SEC Press Release, Commission Charges Advisory Firm and Part-Owner for Breach of Fiduciary Duty in Connection with Use of Leveraged ETFs (May 4, 2023), available at https://www.sec.gov/news/press-release/2023-88.
[40] SEC Press Release, SEC Charges Chatham Asset Management and Founder Anthony Melchiorre for Improper Fixed Income Securities Trading (Apr. 3, 2023), available at https://www.sec.gov/news/press-release/2023-72.
[41] SEC Press Release, Commission Charges Investment Adviser and Fund Trustees with Liquidity Rule Violations (May 5, 2023), available at https://www.sec.gov/news/press-release/2023-90.
[42] 17 C.F.R. 240 available at https://www.federalregister.gov/documents/2018/05/09/2018-08582/regulation-best-interest; see also SEC Website, Regulation Best Interest, Form CRS and Related Interpretations, available at https://www.sec.gov/regulation-best-interest.
[43] FINRA Reg BI and Form CRS Firm Checklist, available at https://www.finra.org/sites/default/files/2019-10/reg-bi-checklist.pdf; see also FINRA Report, 2023 Report on FINRA’s Examination and Risk Monitoring Program, Reg BI and Form CRS (Jan. 10, 2023), available at https://www.finra.org/sites/default/files/2023-01/2023-report-finras-examination-risk-monitoring-program.pdf.
[44] FINRA Letter of Acceptance, Waiver, and Consent from Charles V. Malico (Sept. 28, 2022) available at https://www.finra.org/sites/default/files/fda_documents/2021069405501%20Charles%20V.%20Malico%20CRD%201507282%20AWC%20va.pdf.
[45] FINRA Press Release, FINRA Expels SW Financial, Suspends Owner and CEO (May 12, 2023), available at https://www.finra.org/media-center/newsreleases/2023/finra-expels-sw-financial-suspends-owner-and-ceo.
[46] FINRA Dispute Resolution Statistics, available at https://www.finra.org/arbitration-mediation/dispute-resolution-statistics#top15controversycustomers.
[47] See SEC Press Release, SEC Charges Firm and Five Brokers with Violations of Reg BI (June 16, 2022) available at https://www.sec.gov/news/press-release/2022-110.
[48] SEC Staff Bulletin: Standards of Conduct for Broker-Dealers and Investment Advisers, Care Obligations (Apr. 20, 2023) available at https://www.sec.gov/tm/standards-conduct-broker-dealers-and-investment-advisers; SEC Staff Bulletin, Standards of Conduct for Broker-Dealers and Investment Advisers, Conflicts of Interest (Aug. 3, 2022), available at https://www.sec.gov/tm/iabd-staff-bulletin-conflicts-interest; SEC Staff Bulletin, Standards of Conduct for Broker-Dealers and Investment Advisers, Account Recommendations for Retail Investors (Mar. 30, 2022), available at https://www.sec.gov/tm/iabd-staff-bulletin.
[49] See generally How to Stay on Top of Cybersecurity Disclosures as Commission Ramps Up Enforcement (May 9, 2023), available at https://www.gibsondunn.com/how-to-stay-on-top-of-cybersecurity-disclosures-as-sec-ramps-up-enforcement/.
[50] SEC Press Release, SEC Proposes Cybersecurity Risk Management Rules and Amendments for Registered Investment Advisers and Funds (Feb. 9, 2022), available at https://www.sec.gov/news/press-release/2022-20.
[51] SEC Press Release, SEC Reopens Comment Period for Proposed Cybersecurity Risk Management Rules and Amendments for Registered Investment Advisers and Funds (March 15, 2023), available at https://www.sec.gov/news/press-release/2023-54.
[52] Cybersecurity Risk Governance, SEC Agency Rule List – Spring 2023, RegInfo, available at https://www.reginfo.gov/public/do/eAgendaViewRule?pubId=202304&RIN=3235-AM89.
[53] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023).
[54] SEC Statement, Harming Investors and Helping Hackers: Statement on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Commissioner Hester M. Peirce (July 26, 2023), available at https://www.sec.gov/news/statement/peirce-statement-cybersecurity-072623.
[55] SEC Press Release, SEC Charges Software Company Blackbaud Inc. for Misleading Disclosures About Ransomware Attack That Impacted Charitable Donors, available at https://www.sec.gov/news/press-release/2023-48.
[56] Stephenie Gosnell Handler, David Woodcock & Vivek Mohan, Gibson Dunn, Legaltechnews.com, How to Stay on Top of Cybersecurity Disclosures as SEC Ramps Up Enforcement (May 4, 2023), available at https://www.law.com/legaltechnews/2023/05/04/how-to-stay-on-top-of-cybersecurity-disclosures-as-sec-ramps-up-enforcement/.
[57] SEC Press Release, SEC Charges Three Executives at U.S. Navy Shipbuilder Austal USA with Accounting Fraud (Mar. 31, 2023), available at https://www.sec.gov/news/press-release/2023-69.
[58] SEC Press Release, SEC Charges Founder of Frank with Fraud in Connection with $175 Million Sale of Student Loan Assistance Company (Apr. 4, 2023), available at https://www.sec.gov/news/press-release/2023-74.
[59] SEC Press Release, SEC Charges Former MusclePharm Executives with Accounting and Disclosure Fraud (June 27, 2023), available at https://www.sec.gov/news/press-release/2023-120.
[60] SEC Press Release, Bloomberg to Pay $5 Million for Misleading Disclosures About Its Valuation Methodologies for Fixed Income Securities (Jan. 23, 2023), available at https://www.sec.gov/news/press-release/2023-14.
[61] SEC Press Release, SEC Charges Global Transportation Company Greenbrier and Former CEO for Failing to Disclose Perks and Payments (Mar. 2, 2023), available at https://www.sec.gov/news/press-release/2023-43.
[62] Aaron Briggs et al., The Role of ESG in Capital Markets (May 19, 2022), available at https://www.gibsondunn.com/wp-content/uploads/2022/05/WebcastSlides-The-Role-of-ESG-in-Capital-Markets-19-MAY-2022.pdf.
[63] Jun Frank & Sandra Herrera Lopez, U.S. Shareholder Proposals Jump to a New Record in 2023, ISS Corp. Sols. (May 23, 2023), available at https://www.isscorporatesolutions.com/library/us-shareholder-proposals-jump-to-a-new-record-in-2023/.
[64] Id.; Andrew Ramonas, New Commission Rules to Shed Light on BlackRock, Vanguard ESG Votes, Bloomberg L. (Nov. 10, 2022), available at https://news.bloomberglaw.com/securities-law/new-sec-rules-to-shed-light-on-blackrock-vanguard-esg-votes; John Galloway, Policy Insights: Say on Climate, Harvard L. Sch. F. on Corp. Governance (June 8, 2022), available at https://corpgov.law.harvard.edu/2022/06/08/policy-insights-say-on-climate/; Aya Batrybekova, ISS Corp. Sols., The Rise of Say on Climate Proposals (2022), available at https://www.isscorporatesolutions.com/library/the-rise-of-say-on-climate-proposals.
[65] Governance & Accountability Inst., New G&A Institute Research Shows Sustainability Reporting by Largest U.S. Public Companies Reached All-Time Highs in 2021, Glob. News Wire (Nov. 16, 2022), available at https://www.globenewswire.com/en/news-release/2022/11/16/2557344/0/en/New-G-A-Institute-Research-Shows-Sustainability-Reporting-by-Largest-U-S-Public-Companies-Reached-All-Time-Highs-in-2021.html#:~:text=81%25%20of%20Russell%201000%20companies,substantially%20from%2049%25%20in%202020.
[66] Luis Garcia, ESG Regulatory Divide Poses Challenges for Asset Managers, Wall St. J. (Nov. 28, 2022), available at https://www.wsj.com/amp/articles/esg-regulatory-divide-poses-challenges-for-asset-managers-11669418268.
[67] Press Release, AG Paxton Demands BlackRock Account for its Underperforming, Potentially Illegal ’ESG’ State Pension Fund Investments, Ken Paxton, Att’y General of Tx (Aug. 8, 2022), available at https://www.texasattorneygeneral.gov/news/releases/ag-paxton-demands-blackrock-account-its-underperforming-potentially-illegal-esg-state-pension-fund.
[68] Ross Kerber & Tommy Wilkes, Vanguard’s Climate Group Exit Shows Retail Investors Trail on ESG, Reuters (Jan. 12, 2023), available at https://www.reuters.com/business/sustainable-business/vanguards-climate-group-exit-shows-retail-investors-trail-esg-2023-01-12/.
[69] Maxine Joselow, ‘Greenhushing’: Why Some Companies Quietly Hide Their Climate Pledges, Washington Post, July 13, 2023, available at https://www.washingtonpost.com/climate-environment/2023/07/13/greenhushing-climate-trend-corporations/.
[70] Shelly Hagan, Texas AG Joins GOP Peers Slamming Larry Fink on ESG Policy, Bloomberg (Aug. 8, 2022), available at https://www.bloomberg.com/news/articles/2022-08-08/texas-joins-republican-ags-slamming-larry-fink-on-esg-investment#xj4y7vzkg.
[71] SEC Press Release, SEC Proposes Rules to Enhance and Standardize Climate-Related Disclosures for Investors (Mar. 21, 2022), available at https://www.sec.gov/news/press-release/2022-46. See also 2022 Mid-Year Securities Enforcement Update, Gibson Dunn (Aug. 11, 2022), available at https://www.gibsondunn.com/2022-mid-year-securities-enforcement-update/.
[72] See also Enhancement and Standardization of Climate-Related Disclosures for Investors, 87 Fed. Reg. 21334, 21345 (Apr. 11, 2022) (to be codified at 17 C.F.R. pts. 210, 229, 232, 239, and 249).
[73] SEC Agency Rule List – Spring 2023, RegInfo, available at https://www.reginfo.gov/
public/do/eAgendaMain?operation=OPERATION_GET_AGENCY_RULE_LIST¤tPub=true&agencyCode&showStage=active&agencyCd=3235.
[74] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, 87 Fed. Reg. 16590, 16595 (Mar. 23, 2022) (to be codified at 17 CFR pts. 229, 232, 239, 240, 249).
[75] SEC Fact Sheet, ESG Disclosures for Investment Advisers and Investment Companies, 2 (2022), available at https://www.sec.gov/files/ia-6034-fact-sheet.pdf.
[76] Enhanced Disclosures by Certain Investment Advisers and Investment Companies About Environmental, Social, and Governance Investment Practices, 87 Fed. Reg. 36654, 36661 (June 17, 2022) (to be codified at 17 C.F.R. pts. 200, 230, 232, 239, 249, 274, 279).
[77] SEC Agency Rule List – Spring 2023, supra n. 73.
[78] Ramonas, supra, n. 64.
[79] See, e.g., Letter from Eric J. Pan et al., Inv. Co. Inst., to Vanessa A. Countryman, Sec’y, Commission (May 15, 2023), https://www.sec.gov/comments/s7-17-22/s71722-190239-374582.pdf. Managers noted that a similar fund rule was adopted in Europe before a company disclosure rule, and fund managers had to “resort to relying on data primarily from third-party data providers” to comply with the rule, potentially introducing inaccuracies in their reports. See id.
[80] Press Release, Patrick McHenry, Chairman, H. Fin. Servs. Comm., McHenry, Scott, Huizenga Demand Information from Gensler on the Disastrous Climate Disclosure Proposal (Feb. 22, 2023), available at https://financialservices.house.gov/news/documentsingle.aspx?DocumentID=408573; Jessica Nix, Republicans Don’t Really Think They Can Fire Gensler, But They Can Make His Life Difficult, Forbes (Jun. 22, 2023), available at https://www.forbes.com/sites/jessicanix/2023/06/22/republicans-dont-really-think-they-can-fire-gensler-but-they-can-make-his-life-difficult/?sh=e1b2ae36d76e.
[81] Abigail Gampher & Dori Goldstein, A New Commission Human Capital Rule is Coming—So Is Pushback, Bloomberg Law (Nov. 13, 2022), https://news.bloomberglaw.com/bloomberg-law-analysis/analysis-a-new-sec-human-capital-rule-is-coming-so-is-pushback; SEC Agency Rule List – Spring 2023, supra. n. 73.
[82] SEC Approves New Nasdaq Board Diversity Rules, Gibson Dunn (Aug. 12, 2021), available at https://www.gibsondunn.com/sec-approves-new-nasdaq-board-diversity-rules/.
[83] Brad A. Molotsky, The Commission and Its Continued Focus and Enforcement of “Greenwashing” by Alek Smolij, Lexology (Apr. 17, 2023), available at https://www.lexology.com/library/detail.aspx?g=48394234-c001-467c-81a7-ef88481e3c32; SEC Press Release, Commission Announces Enforcement Task Force Focused on Climate and ESG Issues (Mar. 4, 2021), available at https://www.sec.gov/news/press-release/2021-42.
[84] See, e.g., SEC Press Release, Commission Charges Robo-Adviser with Misleading Clients (Feb. 10, 2022), available at https://www.sec.gov/news/press-release/2022-24; SEC Press Release, Commission Charges BNY Mellon Investment Adviser for Misstatements and Omissions Concerning ESG Considerations (May 23, 2022), available at https://www.sec.gov/news/press-release/2022-86 (charging BNY Mellon for falsely implying that its investments had gone all through ESG quality review); SEC Press Release, Commission Charges Goldman Sachs Asset Management for Failing to Follow its Policies and Procedures Involving ESG Investments (Nov. 22, 2022), available at https://www.sec.gov/news/press-release/2022-209 (charging Goldman Sachs for failing to have written procedures for researching ESG and for failing to abide by such procedures).
[85] SEC Press Release, Activision Blizzard to Pay $35 Million for Failing to Maintain Disclosure Controls Related to Complaints of Workplace Misconduct and Violating Whistleblower Protection Rule (Feb. 3, 2023), available at https://www.sec.gov/news/press-release/2023-22. See also the SEC Release No. 96796, In re Activision Blizzard (Feb. 3, 2023), available at https://www.sec.gov/litigation/admin/2023/34-96796.pdf.
[86] SEC Statement, The Commission Levels Up: Statement on In re Activision Blizzard, Commissioner Hester M. Peirce (Feb. 3, 2023), https://www.sec.gov/news/statement/peirce-statement-activision-blizzard-020323.
[87] Mengqi Sun, Commission Had a Record Year for Enforcement Actions, Wall Street Journal (Nov. 15, 2022), available at https://www.wsj.com/articles/sec-had-a-record-year-for-enforcement-actions-11668553421?mod=article_inline.
[88] SEC Press Release, Commission Issues Largest-Ever Whistleblower Award (May 5, 2023), available at https://www.sec.gov/news/press-release/2023-89.
[89] SEC Press Release, SEC Awards More Than $5 Million to Whistleblower (Jan 13, 2023), available at https://www.sec.gov/news/press-release/2023-8; SEC Press Release, SEC Awards Approximately $18 Million to Three Whistleblowers (Jan 19, 2023), available at https://www.sec.gov/news/press-release/2023-10; SEC Press Release, SEC Issues $28 Million Award to Joint Whistleblowers (Jan 24, 2023), available at https://www.sec.gov/news/press-release/2023-16.
[90] The Securities Exchange Act of 1934 § 240.21F-4(3)(b)(i–iv).
[91] SEC Press Release, Commission Issues Largest-Ever Whistleblower Award (May 5, 2023), available at https://www.sec.gov/news/press-release/2023-89.
[92] Doe (Claimant #2) v. Sec. & Exch. Comm’n, No. 22-1652, 2023 WL 3562977 at *2 (3d Cir. Mar. 23, 2023), available at http://www2.ca3.uscourts.gov/opinarch/221652np.pdf.
[93] Jim Tyson, Commission Enforcement Not ‘A Game of Gotcha,’ Grewal Says, CFO Dive (May 23, 2023), https://www.cfodive.com/news/sec-enforcement-not-game-of-gotcha-grewal-says/651086.
[94] Agency Rule List – Spring 2023, supra n. 73.
[95] David Woodcock, Timothy Zimmerman, and Eitan Arom, How to Keep Up with the Commission’s Breakneck Rulemaking Pace, Law360 (Mar. 7, 2023), available at https://www.law360.com/articles/1583004/how-to-keep-up-with-the-sec-s-breakneck-rulemaking-pace.
[96] Federal Register, FR API Documentation, https://www.federalregister.gov/developers/documentation/api/v1#/Federal%20Register%20Documents/get_documents__format_ (last visited Jul. 21, 2023).
[97] John McCrank & Chris Prentice, US Republican Lawmakers Slam Commission Chair on ‘Rushed’ Rulemaking, Reuters (Apr. 18, 2023), available at https://www.reuters.com/world/us/us-republican-lawmakers-slam-sec-chair-rushed-rulemaking-2023-04-18.
[98] Courtney Degen, Commissioner Peirce Calls Out Commission Rule-Making Pace, Crypto Approach, Pensions & Investments (May 2, 2023), available at https://www.pionline.com/regulation/commissioner-peirce-calls-out-sec-rule-making-pace-crypto-approach.
[99] Another Step in Seeking to Broaden the Scope of Public Company Audits: The PCAOB Proposes an Expansive Non-Compliance Standard, Gibson Dunn (Jun. 12, 2023), https://www.gibsondunn.com/another-step-in-seeking-to-broaden-the-scope-of-public-company-audits-the-pcaob-proposes-an-expansive-non-compliance-standard/.
[100] 15 U.S.C. § 78j-1(a)(1).
[101] Proposed Standard ¶¶ 4-5.
[102] ¶ 6(a)(2).
[103] ¶¶ 7-11.
[104] ¶¶ 12-15.
[105] Lucia v. SEC, 138 S. Ct. 2044 (2018) (holding that the Commission’s ALJs had not been appointed in accordance with the Appointments Clause, and that litigants whose cases had been heard by improperly appointed ALJs were entitled to new hearings before different, properly appointed ALJs); Jarkesy v. SEC, 34 F.4th 446 (5th Cir. 2022), cert. granted, No. 22-859, 2023 WL 4278448 (U.S. June 30, 2023).
[106] Supreme Court Holds That Federal District Courts Have Jurisdiction to Hear Structural Challenges To FTC And SEC, Gibson Dunn (April 14, 2023), https://www.gibsondunn.com/supreme-court-holds-that-federal-district-courts-have-jurisdiction-to-hear-structural-challenges-to-ftc-and-sec/; see Axon Enterprise, Inc. v. Federal Trade Commission, Securities and Exchange Commission v. Cochran, Nos. 21-86 and 21-1239, 598 U.S. ____, slip op. (2023) (hereinafter “Cochran”).
[107] Reed Brodsky and Michael L. Nadler, Jarkesy Wins Relief From ALJ Control After Years of Fighting for His Right to a Jury Trial, The National Law Journal (May 25, 2022).
The following Gibson Dunn lawyers assisted in the preparation of this client update: Mark Schonfeld, David Woodcock, Richard Grime, Tina Samanta, Lauren Jackson, Timothy Zimmerman, Brian Richman, Eitan Arom, Monica Woolley, Sean Brennan, and Wynne Leahy.
Gibson Dunn is one of the nation’s leading law firms in representing companies and individuals who face enforcement investigations by the Securities and Exchange Commission, the Department of Justice, the Commodities Futures Trading Commission, the New York and other state attorneys general and regulators, the Public Company Accounting Oversight Board (PCAOB), the Financial Industry Regulatory Authority (FINRA), the New York Stock Exchange, and federal and state banking regulators.
Our Securities Enforcement Group offers broad and deep experience. Our partners include the former Director of the SEC’s New York Regional Office, the former head of FINRA’s Department of Enforcement, the former United States Attorneys for the Central and Eastern Districts of California and the District of Maryland, and former Assistant United States Attorneys from federal prosecutors’ offices in New York, Los Angeles, San Francisco and Washington, D.C., including the Securities and Commodities Fraud Task Force.
Securities enforcement investigations are often one aspect of a problem facing our clients. Our securities enforcement lawyers work closely with lawyers from our Securities Regulation and Corporate Governance Group to provide expertise regarding parallel corporate governance, securities regulation, and securities trading issues, our Securities Litigation Group, and our White Collar Defense Group.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work or any of the following:
Securities Enforcement Practice Group Leaders:
Richard W. Grime – Washington, D.C. (+1 202-955-8219, [email protected])
Mark K. Schonfeld – New York (+1 212-351-2433, [email protected])
David Woodcock – Dallas (+1 214-698-3211, [email protected])
Please also feel free to contact any of the following practice group members:
New York
Zainab N. Ahmad (+1 212-351-2609, [email protected])
Reed Brodsky (+1 212-351-5334, [email protected])
James J. Farrell (+1 212-351-5326, [email protected])
Barry R. Goldsmith (+1 212-351-2440, [email protected])
Mary Beth Maloney (+1 212-351-2315, [email protected])
Alexander H. Southwell (+1 212-351-3981, [email protected])
Tina Samanta (+1 212-351-2469, [email protected])
Washington, D.C.
Stephanie L. Brooker (+1 202-887-3502, [email protected])
Daniel P. Chung (+1 202-887-3729, [email protected])
M. Kendall Day (+1 202-955-8220, [email protected])
Jeffrey L. Steiner (+1 202-887-3632, [email protected])
Patrick F. Stokes (+1 202-955-8504, [email protected])
David C. Ware (+1 202-887-3652, [email protected])
F. Joseph Warin (+1 202-887-3609, [email protected])
Lauren Cook Jackson (+1 202-955-8293, [email protected])
San Francisco
Winston Y. Chan (+1 415-393-8362, [email protected])
Thad A. Davis (+1 415-393-8251, [email protected])
Charles J. Stevens (+1 415-393-8391, [email protected])
Michael Li-Ming Wong (+1 415-393-8234, [email protected])
Palo Alto
Michael D. Celio (+1 650-849-5326, [email protected])
Paul J. Collins (+1 650-849-5309, [email protected])
Benjamin B. Wagner (+1 650-849-5395, [email protected])
Denver
Robert C. Blume (+1 303-298-5758, [email protected])
Monica K. Loseman (+1 303-298-5784, [email protected])
Timothy M. Zimmerman (+1 303-298-5721, [email protected])
Los Angeles
Michael M. Farhang (+1 213-229-7005, [email protected])
Douglas M. Fuchs (+1 213-229-7605, [email protected])
Nicola T. Hanna (+1 213-229-7269, [email protected])
Debra Wong Yang (+1 213-229-7472, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
On July 27, 2023, the federal banking agencies (the Board of Governors of the Federal Reserve System (“Federal Reserve” or “Federal Reserve Board”), the Federal Deposit Insurance Corporation (“FDIC”) and the Office of the Comptroller of the Currency (“OCC”)) jointly issued the long-expected notice of proposed rulemaking that would replace the federal banking agencies’ risk-based capital framework for large banking organizations with a new framework—commonly referred to as the Basel III endgame reforms—that would implement international capital standards issued by the Basel Committee on Banking Supervision.[1] In parallel, the Federal Reserve Board issued a notice of proposed rulemaking that would revise the surcharge calculation applicable to U.S. global systemically important banks (“GSIBs”).[2]
The Proposed Rule would materially increase capital requirements applicable to banking organizations with total assets of $100 billion or more and would align the regulatory capital calculation (the numerator of regulatory capital ratios) and the calculation of risk-weighted assets (the denominator of regulatory capital ratios) across large banking organizations subject to the Proposed Rule. Although the Proposed Rule would apply directly to large banking organizations, it would have far broader indirect impacts on bank counterparties and customers and the broader financial markets.
Section 165 of the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Dodd-Frank Act”), as amended by the 2018 Economic Growth, Regulatory Relief, and Consumer Protection Act (“EGRRCPA”),[3] requires the application of enhanced prudential standards[4] to bank holding companies and foreign banking organizations with $250 billion or more in total consolidated assets. Section 165 authorizes the Federal Reserve to apply enhanced prudential standards to banking organizations with assets between $100 billion and $250 billion, taking into consideration their capital structure, riskiness, complexity, financial activities (including those of their subsidiaries), size, and any other risk-related factors the Federal Reserve deems appropriate. In 2019, the federal banking agencies issued final rules establishing four categories for determining the applicability and stringency of prudential standards:[5]
|
Category I |
Category II |
Category III |
Category IV |
|
U.S. GSIBs (and their depository institution subsidiaries) |
Banking organizations with ≥ $700 billion in total assets or ≥ $75 billion in cross-jurisdictional activity (and their depository institution subsidiaries) |
Banking organizations with ≥ $250 billion in total assets or ≥ $75 billion in weighted short-term wholesale funding, nonbank assets, or off-balance sheet exposure (and their depository institution subsidiaries) |
Banking organizations with ≥ $100 billion to $250 billion in total assets (and their depository institution subsidiaries) |
The Proposed Rule would significantly reduce the differences that apply across the four categories established by the federal banking agencies in 2019 for determining the applicability and stringency of regulatory capital requirements for large banking organizations. In that connection, consistent with statements made by Federal Reserve Vice Chair for Supervision Barr during the spring turmoil promoting the application of standardized enhanced capital and liquidity requirements to a broader set of firms (see our prior Client Alert), large banking organizations should reasonably expect the federal banking agencies will issue additional proposals that would align standardized liquidity requirements applicable to banking organizations with total assets of $100 billion or more in a similar manner.
The Proposed Rule was not adopted unanimously. Members of both the Federal Reserve Board and the FDIC Board of Directors—including those who voted in favor of the Proposed Rule, like Federal Reserve Chair Powell and Governor Jefferson—raised concerns with specific aspects of the Proposed Rule as well as potentially significant unintended consequences to the financial system and broader U.S. economy. Concerns were also raised that the Proposed Rule would not comply with the tailoring requirements of Section 165 of the Dodd-Frank Act, as amended by EGRRCPA.[6]
Statements made by voting members accompanying the release of the Proposed Rule encourage robust industry engagement during the 120-day comment period and highlight the critical role that engagement in the rulemaking process with the federal banking agencies and other policymakers will play in shaping the substance of the final rule and in the federal banking agencies’ consideration of the myriad issues raised by the Proposed Rule, and may also form the basis for any future court challenges to the federal banking agencies’ final rule (see below under the section heading “Dissenting Votes” for additional discussion).
As with prior rulemakings, the Proposed Rule, if finalized, would include a three-year transition period beginning July 1, 2025 and the capital requirements under any final rule would not be fully phased in until July 1, 2028.
Comments on the Proposed Rule are due by November 30, 2023. The agencies have included 176 questions as prompts (almost all of which include multiple related sub-prompts) to solicit comments and data on all aspects of the Proposed Rule and its potential impacts—both intended and unintended—on large banking organizations, their counterparties and customers, the financial markets, financial stability and the broader U.S. economy, among others.
I. Key Aspects of the Proposed Rule
The Proposed Rule includes several notable changes that would materially increase capital requirements applicable to large banks.[7] In particular, the Proposed Rule would:
- Apply revised, enhanced capital requirements to all banking organizations[8] with total consolidated assets of $100 billion or more and their depository institution subsidiaries (referred to herein as “banking organizations” or “large banks”), and to banking organizations with significant trading activity, while retaining the current U.S. standardized approach applicable to all banking institutions.
- Align regulatory capital requirements for banking organizations with total consolidated assets of between $100 billion and $700 billion (Category III and IV firms) with those currently applicable to the largest banking organizations (Category I and II firms).
- Expand application of the supplementary leverage ratio requirement to banking organizations subject to Category IV capital standards and apply the countercyclical capital buffer, if activated, to banking organizations subject to Category IV capital standards.
- Subject Category III and IV banking organizations to the same treatment of accumulated other comprehensive income (“AOCI”), capital deductions and minority interest treatments as Category I and II banking organizations, including taking into account unrealized gains or losses on available-for-sale securities in their common equity tier 1 capital.
- Replace internal-models-based capital requirements for credit and operational risk[9] (the advanced approaches) currently applicable to banking organizations subject to Category I and II capital standards with new standardized requirements (the “expanded risk-based approach”) that would apply to all banking organizations with $100 billion or more in total assets and replace the current market risk and credit valuation adjustment (“CVA”) risk requirements with revised approaches.
- Maintain the current capital rule’s dual risk-based capital structure but expand its application to all banking organizations with total assets of $100 billion or more.
- Under the Proposed Rule, a banking organization would calculate two sets of risk-based capital ratios (common equity tier 1 capital ratio, tier 1 capital ratio, and total capital ratio) under both the (i) new expanded risk-based approach[10] and (ii) current standardized approach.[11] A banking organization’s common equity tier 1 capital ratio, tier 1 capital ratio, and total capital ratio would be the lower of each ratio of the two approaches to satisfy its minimum capital requirements. All capital buffer requirements would apply regardless of which approach produces the binding risk-based capital ratio.
- With respect to credit risk, the Proposed Rule would eliminate the practice of relying on a banking organization’s internal models for credit risk and instead use the expanded risk-based approach. The Basel Framework and the UK and EU proposals limit—but do not eliminate entirely—banks’ ability to use internal credit risk models.
- With respect to operational risk, the Proposed Rule would remove the advanced measurement approaches based on a banking organization’s internal models and introduce a standardized approach to capture a broad range of operational risks, such as fraud and litigation, but excluding strategic, reputational and climate risk.
- A banking organization’s operational risk capital requirement would be equal to its business indicator component multiplied by its internal loss multiplier. Similar to the current capital rule, risk-weighted assets for operational risk would be equal to 12.5 times the operational risk capital requirement.
- Under the Proposed Rule, the operational risk capital requirements would be higher for larger, more complex banking organizations under the business indicator component and those “that experienced larger operational losses in the past” under the internal loss multiplier, that “increases operational risk capital requirements based on a banking organization’s historical operational loss experience.”[12]
- With respect to market risk, the Proposed Rule would introduce a (i) standardized methodology for calculating risk-weighted assets for market risk and (ii) new models-based methodology to replace the framework in the current capital rule. A banking organization’s total capital requirements for market risk would equal the market risk capital requirement multiplied by 12.5.
- The standardized measure for market risk would be the default methodology for calculating market risk capital requirements for all banking organizations subject to market risk requirements.
- A banking organization would be required to obtain prior approval to use the models-based measure for market risk to determine its market risk capital requirements. The Proposed Rule would restrict the use of internal models by requiring internal models to be subject to supervisory approval at the trading-desk level, and would introduce additional controls.
- The additional capital requirements for market risk would apply to all banking organizations (regardless of asset size) for which average aggregate trading assets and trading liabilities over the previous four calendar quarters equal or exceed $5 billion, or represent 10% or more of total assets at quarter end as reported on the most recent quarterly regulatory report.
- Any holding company subject to Category I, II, III, or IV standards or any subsidiary thereof, if the subsidiary engaged in any trading activity over any of the four most recent quarters, would be subject to the market risk capital rule.
- With respect to CVA risk, the Proposed Rule would provide a (i) basic measure for CVA risk[13] and (ii) standardized measure for CVA risk[14] to calculate the risk-based capital requirement for CVA risk. After calculating the CVA capital requirement using either the basic measure or the standardized measure, a banking organization’s total capital requirements for CVA risk would equal the CVA capital requirement multiplied by 12.5.
- A banking organization would be required to use the basic measure for CVA risk unless it has received prior approval to use the standardized measure for CVA risk.
- Amend the capital plan rule so that institutions subject to the capital plan rule—bank holding companies, U.S. intermediate holding companies, and savings and loan holding companies with total consolidated assets of at least $100 billion—would be subject to a single capital conservation buffer requirement which would include (i) the stress capital buffer, (ii) any applicable countercyclical capital buffer and (iii) any applicable GSIB surcharge. The capital conservation buffer would apply to the institution’s risk-based capital ratios whether such ratios were calculated under the expanded risk-based approach or the standardized approach.
- Revise the calculation of the stress capital buffer to be calculated using the binding common equity tier 1 capital ratio as of the final quarter of the previous capital plan cycle regardless of whether such ratio was calculated under the expanded risk-based approach or the standardized approach.
- The Proposed Rule would require banking organizations subject to Category I, II, or III standards to calculate their risk-based capital ratios in company-run stress tests and capital plans using the method that results in the binding ratios as of the start of the projection horizon. Banking organizations subject to Category IV standards would be required to calculate baseline risk-based capital ratios in their capital plans and FR Y-14A submissions using the risk-weighted assets calculation that results in the binding ratios as of the start of the projection horizon.
- Include a three-year transition period beginning July 1, 2025 for two provisions: (i) the expanded risk-based approach; and (ii) the AOCI regulatory capital adjustments for banking organizations subject to Category III or IV capital standards.
- All other elements of the calculation of regulatory capital would apply upon the effective date of the final rule.
- Any banking organization not subject to Category I, II, III, or IV standards that becomes subject to Category I, II, III, or IV standards during the proposed transition period, would be eligible for the remaining time that the transition provisions provide.
- Beginning January 1, 2028, no transition would be provided to banking organizations that become subject to Category I, II, III, or IV standards.
II. Issues with the Proposed Rule
There are several issues with the Proposed Rule that stakeholders should identify and seek to quantify with data during the 120-day comment period, some of which include:
- The Proposed Rule would materially increase:
- risk-weighted assets across large holding companies by 20% and across depository institutions by 9% (25% for holding companies subject to Category I or II standards, 6% for domestic holding companies subject to Category III or IV standards, and 25% for intermediate holding companies of foreign banking organizations subject to Category III and IV standards);[15]
- common equity tier 1 capital requirements for large holding companies, including minimums and buffers, by an estimated 16% (19% for holding companies subject to Category I or II capital standards, 6% percent for Category III and IV domestic holding companies, and 14% for Category III and IV international holding companies of foreign banking organizations), and by an estimated 9% across depository institutions;[16]
- risk-based capital ratios related to lending activities by 30 basis points across large banking organizations;[17]
- risk-based capital ratios related to trading activities by 67 basis points across large holding companies;[18] and
- Total loss-absorbing capacity, or “TLAC,” requirements for U.S. GSIBs by an estimated 15.2%;[19]
These increased costs on large banks are likely to be passed on to bank counterparties and customers and could lead to a reduction in the provision of banking and financial services by large banks or a pullback by large banks from certain critical financial markets activities, which could have material adverse impacts to financial stability and the broader U.S. economy, particularly during times of stress.
- Specific aspects of the trading book components of the Proposed Rule could lead to reduced large bank participation in certain financial markets—which would increase risk to financial stability and the broader U.S. economy by concentrating derivatives-related products and services in less transparent markets. As highlighted in the Coalition for Derivatives End-Users July 6, 2023 letter to the federal banking agencies (“Coalition Letter”),[20] a copy of which is attached hereto, the Proposed Rule would significantly increase capital requirements for the largest U.S. and non-U.S. banks that provide the bulk of derivatives-related products and services to corporations of all sizes and across many different, diverse sectors of the economy.
- Significant increases in capital requirements in recent years preceding the Proposed Rule already have caused banks to pull back from key capital markets activities, resulting in higher costs for borrowers, derivatives end-users and their customers, and other market participants, reduced competition and transparency in those markets, and signs of diminished liquidity and efficiency in some markets, particularly during periods of stress—all of which increase risk to financial stability. The Proposed Rule, as currently contemplated, could exacerbate these issues.
- Several members of the Federal Reserve Board and the FDIC Board cited similar concerns in their statements accompanying the release of the Proposed Rule (see below under the section heading “Dissenting Votes” for additional discussion).
- It is anticipated the Proposed Rule would result in significant unintended consequences for large banks and the broader markets, the full extent of which are still under consideration. Federal Reserve Board staff acknowledged during the open meeting the “very important tradeoff between the benefit of increased resilience and the potential costs” of increased capital requirements and, in that connection, is actively seeking comment on all aspects of the Proposed Rule and undertaking an additional data collection—a process not always undertaken within the normal rulemaking process—to determine whether or not the Proposed Rule appropriately captures the risks identified in the proposal or a recalibration may be needed.
- In general, though, the federal banking agencies largely justified substantial increases in capital, increased costs to counterparties and bank customers, reductions in bank lending, large banks pulling back from critical financial markets activities, and other consequences of the Proposed Rule by summarily justifying those costs as being “offset by the expected economic benefits associated with the increased resiliency of the financial system.”[21]
- As noted by FDIC Director McKernan in his statement accompanying the release of the Proposed Rule, the proposal “does not propose a fix to address the apparent issue, which was acknowledged in the Basel consultative documents, that the business-indicator approach overcapitalizes banking organizations with high fee revenue and expense.”[22] Similarly, Federal Reserve Governor Bowman highlighted in her statement the “punitive treatment for noninterest and fee-based income through the proposed operational risk requirements, exacerbated by the use of an internal loss multiplier that may result in an excessive overall capital charge for operational risk.”[23]
- The Proposed Rule differs in certain respects from the implementation of the Basel III endgame reforms in other jurisdictions. Most notably, the Proposed Rule would eliminate large banks’ ability to use internal models when determining risk-weighted assets for credit risk, whereas, as noted above, the Basel Framework and the UK and EU proposals limit—but do not eliminate entirely—banks’ ability to use internal credit risk models. In addition, FDIC Director McKernan highlighted additional differences in his statement, including:
- The Proposed Rule would increase the risk weights for residential real estate exposures (by 20 percentage points to each of the corresponding Basel III risk weights), other real estate exposures not dependent on cash flows generated by the real estate (by 25 percentage points for exposures to individuals, 15 percentage points for exposures to small- or medium-sized entities), and retail credit exposures (by 10 percentage points);
- The Proposed Rule would require that, for a corporate exposure to be eligible for the reduced credit-risk-capital requirement for “investment grade” corporate exposures, the company (or its parent) must have securities outstanding on a public securities exchange, (although included in the Basel Framework, this was not included in the UK and EU proposals);
- The Proposed Rule “would not adopt the reduced Basel III credit-risk-capital requirements for exposures to small businesses, securities firms and other nonbank financial institutions, or highly capitalized banking organizations; or for short-term exposures to banking organizations;”
- The Proposed Rule’s operational risk capital requirements under the standardized approach for operational risk would establish a baseline of the internal-loss multiplier at “no less than one,” while other proposals have set the internal-loss multiplier equal to one; and
- With respect to CVA-risk-capital requirements, Director McKernan also raises concerns regarding the impact of the Proposed Rule on end-users: “The capital requirements for CVA risk would not include a tailored approach to commercial end-users. Some other implementing authorities have proposed a commercial end-user exemption for CVA-risk-capital requirements. What considerations should inform whether a commercial end-user exemption is appropriate? Is the absence of an alpha factor under [SA-CCR] for uncleared derivatives with commercial end-users sufficient to address any issues under the proposed capital requirements for CVA risk?”[24]
- The Proposed Rule would effectively eliminate the tailoring requirements of Section 165 of the Dodd-Frank Act, as amended by EGRRCPA, which requires the Federal Reserve Board “shall … differentiate among companies on an individual basis or by category,”[25] and would result in consistent regulatory capital measures for all large banking organizations, without properly taking into account risk, size, business models and complexity. The elimination of the tailoring requirements could result in the final rule being subject to challenge if adopted substantially as proposed.
- By significantly reducing the differences that apply across the four categories for determining the applicability and stringency of regulatory capital requirements for banking organizations, large banks may be incentivized to combine with other large banks because any impacts from a regulatory capital standpoint of “stepping up” in category (e.g., Category IV to III) are significantly diminished. Indeed, the material increases in risk-weighted assets and costs associated with complying with the new capital requirements may incentivize more Category III and IV institutions to consider combinations.
- On the other hand, those banking organizations currently below the $100 billion asset threshold may be incentivized to remain below the $100 billion threshold given the significant consequences from a regulatory capital perspective of transitioning to Category IV. Institutions with less than $100 billion in total assets that are growing in size and are positioned to transition into Category IV must be prepared to adhere to the increased capital requirements, including on a pro forma basis, reflecting any remaining transition period. An inability to demonstrate adherence to the enhanced capital requirements would slow growth, either through prolonged merger application review and approval timelines or regulators throttling growth through other means.
- GSIB Surcharge Proposal. The Proposed Rule would change how cross-jurisdictional exposure is calculated by including derivatives exposures in cross-jurisdictional claims and cross-jurisdictional liabilities, as applicable. This would materially increase the cross-jurisdictional exposure of many foreign banking organizations with operations in the U.S. which would result in seven foreign banking organizations that are currently subject to Category III or IV standards becoming subject to Category II standards, which would be materially impactful from a liquidity risk management and reporting standpoint.[26]
III. Dissenting Votes
The Proposed Rule was not unanimously approved by either the Federal Reserve Board or the FDIC Board, with the Federal Reserve voting 4-2 and the FDIC split along partisan lines with a 3-2 vote.[27]
An absence of unanimity and consensus among Federal Reserve Governors is rare and highly unusual. According to the Federal Reserve Board’s voting record on proposed and final regulations, including implementation of the Dodd-Frank Act, as well as banking applications, enforcement actions and supervisory matters on which the Federal Reserve Board has acted, since 2012, only 29 of 652 votes (4.45%) for proposed or final regulations, banking applications, enforcement actions and supervisory matters have not been unanimous.[28]
Even more unusual, though, were Chair Powell’s public statements citing certain concerns with the Proposed Rule—although voting in support thereof. In particular, Chair Powell raised concerns that the costs of higher capital could diminish large banks’ roles as financial intermediaries and liquidity providers in critical markets and push those activities to less regulated markets.[29] He also voiced concerns that the scope of the Proposed Rule “exceeds what is required by the Basel agreement, and exceeds as well what we know of plans for implementation by other large jurisdictions” and noted “the need to strengthen supervision and regulation for firms with assets between $100 billion and $250 billion” by tailoring rules to “reflect the size and risks of individual institutions.”[30] Chair Powell welcomed public comments on the Proposed Rule, noting that he would “be particularly interested in reviewing public feedback and analysis” in certain areas.[31]
Governor Bowman, who has been a consistent opponent of higher capital requirements for the sake of higher capital requirements, was more direct in her criticism of the Proposed Rule, saying “[i]n my view, there is insufficient evidence that the benefits produced by this proposal would justify the costs.”[32] Governor Bowman has consistently argued that banking organizations need better supervision and greater transparency in supervisory expectations with enforceable and timely consequences when expectations are not met, and reaffirmed this viewpoint in her statement accompanying the release of the Proposed Rule: “… capital charges are an indirect and inefficient tool to encourage strong risk management, particularly in the area of operational risk. I would appreciate hearing from the public on this issue, but in my mind, it would be preferable to address risk management concerns through improved supervision, demanding prompt remediation of risk management shortcomings, and taking enforcement actions when firms fail to remediate known issues.”[33]
Like Chair Powell and others, Governor Bowman also focused on the unintended economic consequences of the Proposed Rule and its potential significant impacts to large banks and their counterparties participating in critical financial markets activities:
The United States has deep debt and equity markets and supports businesses with a wide range of other products and services, including risk-management tools. These products and services are central for business financing and risk management and contribute to an efficient economy. Those who rely on these products and services will bear the cost of capital increases. For example, when a local government issues municipal bonds to finance local infrastructure, they may find that financing is more expensive, or in some cases unavailable. Manufacturers may find it harder to get loans to invest in equipment or facilities. Companies that operate on the international stage may find it more challenging to hedge their foreign exchange risks. Businesses may find it difficult to manage their interest rate risk exposures, or manage the risks of fluctuating commodity prices. We should be cautious about the disruption that capital increases could cause and look critically at whether these increases are justified by risks. And we should ask whether there are more efficient alternatives—like improved supervision—that could address some of the same underlying concerns.[34]
FDIC Vice Chair Hill raised substantially similar concerns in his statement, stating:
Altogether, when also considering – among other things – the impact of (1) the new operational risk charge, which is entirely new and additive to what will often be the binding stack, and (2) the revised market risk charge, which is expected to increase market risk-weighted assets by more than double for the large banks most heavily engaged in capital markets activities, the proposal would have a substantial impact on how banks allocate capital. The result will be some combination of higher prices for consumers, less availability of products and services, migration of U.S. activities out of the regulated banking sector, migration of international activities out of U.S. banks, and more fragile financial markets.[35]
Finally, FDIC Director McKernan, among other issues raised, noted that key aspects of the Proposed Rule were “driven by a single focus” of “pushing capital levels yet higher and higher” and included 29 additional questions with his statement for commenters to address, focused on issues including the dual-requirement structure; regulatory capital deductions for mortgage servicing assets for Category III and Category IV banking organizations; credit risk and credit risk mitigants; and market risk, operational risk and credit valuation adjustment risk.[36]
Each of Federal Reserve Governors Bowman and Waller and FDIC Vice Chair Hill and Director McKernan raised concerns with the authority for the Proposed Rule being in conflict with the tailoring requirements under Section 165 of the Dodd-Frank Act, as amended by EGRRCPA, and the federal banking agencies’ tailoring rules implementing Section 165.[37]
- Governor Bowman: “The proposed revisions under consideration have not been directed by Congress and are not compelled by a new evolution or identified weakness in the U.S. banking system. … A core strength of our current bank regulatory framework is risk-based, tailored regulation. Today’s proposal represents a reversal of this longstanding approach. … I am also concerned that today’s proposal moves one step closer to eliminating the tailoring required by [EGRRCPA] from the prudential capital framework.”
- Governor Waller: “Finally, as this proposal applies to all firms with more than $100 billion in assets, I am concerned that we are headed down a road where we would be no longer in compliance with section 165 of the Dodd-Frank Act, as amended by the [EGRRCPA], which mandates tailoring for firms above $100 billion in assets and provides that firms with between $100 billion and $250 billion in assets are not subject to enhanced prudential standards unless a standard is affirmatively applied to such firms based on specific factors set out by Congress. It is unclear to me whether this proposal meets that statutory bar.”[38]
- Vice Chair Hill: “I oppose unwinding the tailoring of the capital framework for large banks. … Today’s proposal repudiates these concepts, by ‘aligning’ the capital rules for all banks with $100 billion or more in assets. … The proposal undoes almost all of the tailoring of the capital framework for large banks, and is a repudiation of the intent and spirit of [EGRRCPA]. It is further a troubling sign for future policymaking, a signal that regulators intend to treat all large banks alike, in defiance of Congressional directives and in contradiction to the objective of a diverse banking sector with banks of varying sizes, niches, and business models.”[39]
- Director McKernan: “What requirements or restrictions on each agency’s authorities are implicated by the proposal? Does the proposal tailor or otherwise differentiate among banking organizations to the extent required by law?”[40]
These statements highlight a central issue with the Proposed Rule that raises the prospects that the Proposed Rule, if adopted substantially as proposed—particularly as it relates to the effective elimination of tailoring between and among Category I, II, III and IV banking organizations of varying capital structures, riskiness, complexity, financial activities, size and other risk-related factors—could be challenged under the Administrative Procedure Act.
In summary, the statements by Federal Reserve Chair Powell, Governors Bowman and Waller, FDIC Vice Chair Hill and Director McKernan, as well as various comment letters submitted by leading industry trade groups prior to the release of the Proposed Rule—the tone and tenor of which are reflected in the various dissenting statements, underscore both the significance of the Proposed Rule and the range and magnitude of the concerns raised thereby, for large banks, their counterparties and institutional and retail customers, potential homeowners, other industry stakeholders and the broader U.S. economy alike. If finalized as proposed, the Proposed Rule would impose significant “costs on banks, their customers, and the economy”[41] and “would create more economic instability, restrict job growth, decrease productive investment and hamper U.S. competitiveness in the global economy.”[42] If large banks reduce their participation in critical financial markets activities, the effect would be to increase risk to financial stability and the broader U.S. economy by reducing competition and pushing more activities to the unregulated nonbank sector. Moreover, as voiced by several dissenters, the Proposed Rule “undoes almost all of the tailoring of the capital framework for large banks, and is a repudiation of the intent and spirit of [EGRRCPA],”[43] which could result in the final rule being subject to potential challenge if adopted substantially as proposed.
IV. Conclusions
The Proposed Rule would have significant implications and costs for banks and the broader financial system. It is imperative that all stakeholders actively engage in the rulemaking process with the federal banking agencies and other policymakers to facilitate a thoughtful approach to the final Basel III endgame reforms that carefully weighs the costs and benefits of the Proposed Rule and to help design an adjusted and balanced framework that, on the one hand, promotes safety and soundness and resolvability, bolsters financial stability, provides clarity to the markets and reduces complexity and, on the other hand, does not diminish large banks’ critical roles as financial intermediaries, reduce bank participation in critical financial markets activities or the provision of banking services, increase concentration risk in less regulated, more opaque markets, increase costs to consumers and the real economy, and impede large bank counterparties’ and end-users’ ability to safely and efficiently mitigate and manage their commercial risks. Any approach failing to take into account and balance these various considerations and factors could have severe unintended consequences and long-term negative impacts to the broader U.S. economy.
Ultimately, the comment process will play a critical role in shaping the substance of the final rule and the federal banking agencies’ consideration of these matters, and may also form the basis for any future court challenges to the federal banking agencies’ final rule.
Annex A
Proposed Enhanced Capital Requirements
(changes to the capital requirements are shown in red below)
|
Category I |
Category II |
Category III |
Category IV |
||||||||||||||||||||||||
|
U.S. GSIBs |
≥ $700 billion total assets or ≥ $75 billion in cross-jurisdictional activity |
≥ $250 billion total assets or ≥ $75 billion in weighted short-term wholesale funding, nonbank assets, or off-balance sheet exposure |
≥ $100 billion total assets |
||||||||||||||||||||||||
|
TLAC/Long-term debt |
|
|
|
||||||||||||||||||||||||
|
G-SIB surcharge |
|
|
|
||||||||||||||||||||||||
|
Standardized and |
Standardized and |
Standardized approach and expanded risk-based approach* |
Standardized approach and expanded risk-based approach* |
||||||||||||||||||||||||
|
Countercyclical buffer |
Countercyclical buffer |
Countercyclical buffer |
Countercyclical buffer |
||||||||||||||||||||||||
|
No opt-out of AOCI capital impact |
No opt-out of AOCI capital impact |
No opt-out of AOCI capital impact** |
No opt-out of AOCI capital impact** |
||||||||||||||||||||||||
|
Enhanced supplementary leverage ratio |
Supplementary leverage ratio |
Supplementary leverage ratio |
Supplementary leverage ratio |
||||||||||||||||||||||||
|
Enhanced public disclosure and reporting requirements |
Enhanced public disclosure and reporting requirements |
Enhanced public disclosure and reporting requirements |
Enhanced public disclosure and reporting requirements |
||||||||||||||||||||||||
|
Operational risk management function that is independent of business line management |
Operational risk management function that is independent of business line management |
Operational risk management function that is independent of business line management |
Operational risk management function that is independent of business line management |
||||||||||||||||||||||||
|
* expanded risk-based approach subject to a 72.5% output floor; binding ratio would be the lower of each ratio of the two approaches; expanded risk-based approach subject to three-year transition period according to the following:
** AOCI adjustment subject to three-year transition period according to the following:
|
|||||||||||||||||||||||||||
Attachment
Coalition for Derivatives End-Users July 6, 2023 Letter to the Federal Banking Agencies, “Consideration of the Basel III Endgame Reforms and their Impact on the End-User Community”
July 6, 2023
Ms. Ann E. Misback
Secretary
Board of Governors of the Federal Reserve System
20th Street and Constitution Avenue NW
Washington, DC 20551
Ms. Debra Buie Decker
Executive Secretary
Federal Deposit Insurance Corporation
550 17th Street NW
Washington DC 20429
Mr. Michael J. Hsu
Acting Comptroller of the Currency Office of the Comptroller of the Currency
400 7th Street SW
Washington, DC 20219
Re: Consideration of the Basel III Endgame Reforms and their Impact on the End-User Community
The Coalition for Derivatives End-Users (the “Coalition”) respectfully submits this letter to express its concerns about aspects of forthcoming changes to capital requirements for large banks commonly referred to as the Basel III Endgame package of reforms, and to emphasize the need for the Federal Banking Agencies1 to consider carefully the numerous effects the implementation of certain changes could have on the end-user community.
The Coalition represents end-user companies that employ derivatives primarily to manage commercial risks associated with their businesses. Hundreds of companies have been active in the Coalition on both legislative and regulatory matters and our message is straightforward: financial regulatory reform measures should promote economic stability and transparency without imposing undue burdens on derivatives end-users. Imposing unnecessary regulation on derivatives end-users would create more economic instability, restrict job growth, decrease productive investment and hamper U.S. competitiveness in the global economy—and may result in less hedging by end-users.
The use of derivatives to hedge commercial risk benefits the global economy by allowing a range of businesses—from manufacturing to healthcare to agriculture to energy to technology— to improve their planning and forecasting and offer more stable prices to consumers and more stable contributions to economic growth. Banking organizations that may be subject to the new Basel III Endgame capital requirements serve as critical counterparties to end-users for their derivatives transactions. They also serve as capital markets intermediaries, sources of stable credit, underwriters of corporate debt and equity securities and liquidity providers, and play other critical financial intermediary roles. Based on public statements from the heads of the Federal Banking Agencies, independent analyses of Basel III Endgame reform proposals underway in the EU and the UK and expected proposed changes here in the U.S., these new proposals could significantly increase capital requirements for the largest U.S. and non-U.S. banks that provide the bulk of derivatives-related products and services to corporations of all sizes and across many different, diverse sectors of the economy, including many Coalition members. These corporations use derivative products to hedge and mitigate commercial risks associated with their businesses, including interest rate risk, foreign currency risk and commodities risks. Coalition members’ ability to hedge and mitigate such commercial risks is crucial to their business operations and the broader U.S. economy and the Coalition has concerns that the availability and cost of and competition for the delivery of such products, could be materially adversely affected in the wake of changes implemented under the Basel III Endgame’s reforms. Therefore, we urge the Federal Banking Agencies to undertake a thoughtful approach to design an adjusted and balanced framework that, on the one hand, promotes safety and soundness and resolvability, bolsters financial stability and provides clarity to the markets and, on the other hand, does not diminish large banks’ critical role as financial intermediaries, mitigates potential impacts on derivatives end-users and minimizes potential downside to the broader U.S. economy.
We are particularly concerned that specific aspects of the trading book components of the Basel III Endgame reforms could lead to reduced bank participation in certain financial markets— which would increase risk to financial stability and the broader U.S. economy by concentrating these products in less transparent markets and would increase costs for end-users. If these issues are not appropriately calibrated and balanced by the Federal Banking Agencies against those bank- specific risks that the Federal Banking Agencies are intending to address through the Basel III Endgame reforms, the new rules will have serious consequences to end-users and far-reaching negative implications for the broader U.S. economy, economic growth, competition and financial stability.
It has been estimated that implementing the Basel III Endgame reforms could result in an approximately 57 percent increase in the capital requirements for banks’ trading activities.2 This increase is planned despite the fact that Federal Reserve Vice Chair for Supervision Michael Barr has noted on several occasions in written testimony or other formal remarks, including as far back as his nomination hearing before the Senate Banking Committee and as recently as May 18, 2023, that capital and liquidity in the financial system is very strong, a sentiment echoed by current and former regulators.3 Indeed, Common Equity Tier 1 capital (the highest quality form of bank capital) levels at the largest U.S. banks grew more than three-fold between 2007 and 2023.4 This increase, combined with a range of other post-crisis reforms, has made the largest U.S. banks far safer and has reduced risks such banks pose to the broader economic and financial system and financial stability.
As you know, large U.S. banks play a central role in the U.S. and global financial system through, among other things, capital formation and liquidity provision to the U.S. capital markets. The U.S. capital markets fund nearly three-quarters of all U.S. economic activity, making them a crucial source of financing and risk management services for a wide range of end-users. Nevertheless, significant increases in capital requirements in recent years have caused banks to pull back from key capital markets activities, resulting in higher costs for end-users and their customers, reduced competition and transparency in those markets, and signs of diminished liquidity and efficiency in some markets, particularly during periods of stress—all of which increase risk to financial stability.
In our view, the Basel III Endgame reforms’ capital requirements for large banks would dramatically accelerate this trend, thereby increasing risk further. For example, the effects on trading activities resulting from the Fundamental Review of the Trading Book, Credit Valuation Adjustment and the Securities Financing Transaction minimum haircut floor portions of the Basel III Endgame reforms would force large banks to either pass on those costs of higher capital to end- users and their customers or simply withdraw from some capital markets activities altogether which, in the latter case, would increase concentration risk in less regulated, more opaque markets.
Moreover, the nearly 60 percent increase in the capital requirements for banks’ trading activities is expected to significantly impact commercial hedging activities. For example, the cost of hedging foreign exchange risks would likely increase, as would the costs of entering long-dated interest rate swaps. The higher costs would at least partially negate adjustments made to the Standardized Approach to Counterparty Credit Risk rule that were designed to protect the cost savings afforded to end-users as a result of previously enacted Congressional relief. To help facilitate efficient access to the derivatives hedging market, Congress exempted end-users that are hedging business risks from having to post margin on uncleared derivatives transactions and from having to clear derivatives transactions.5 These cost increases, coupled with the potential decrease in large bank participation in these markets, would hinder end-users’ abilities to effectively hedge and reduce business risks. This, in turn, would discourage capital investments, economic growth and job creation.
As the Federal Banking Agencies consider materially increasing both the overall and trading book-related capital requirements for the largest banks as part of the Basel III Endgame reforms, it is critical that the Federal Banking Agencies remain mindful of, and account for, the strong correlation between capital markets activities and the real U.S. economy and duly consider and balance the impact of any potential increases in bank capital requirements on the ability of end-users to effectively hedge important business risks at reasonable cost in highly regulated, more transparent markets. As an example, when an end-user hedges its interest rate, foreign exchange or commodity risk with a bespoke derivative product, that activity generates a derivative exposure for a large bank, that the bank will, in turn hedge. The Basel III Endgame reforms are likely to increase hedging costs, disincentivize prudent risk-management by corporations, and ultimately increase costs and risk and reduce investment in our economy. In that connection, we also request that the Federal Banking Agencies conduct and publish a broader cost-benefit analysis and assessment of both the economic benefits and costs of significantly increasing capital requirements above their already historically robust levels.
The Coalition stands ready to engage with the Federal Banking Agencies and other policymakers in this critically important work with the goal of ensuring that the final Basel III Endgame reforms carefully balance costs and benefits to create an adjusted and balanced framework that promotes safety and soundness and resolvability, bolsters financial stability, provides clarity to the markets and reduces complexity. At the same time, it is important that the new rules do not diminish large banks’ critical roles as financial intermediaries, impede end-users’ ability to safely and efficiently mitigate and manage their commercial risks or create unintended consequences to the detriment of the broader U.S. economy.
Thank you for your consideration of these very important issues to derivatives end-users.
Please contact Michael Bopp at 202-955-8256 or at [email protected] if you have any questions or concerns.
Yours sincerely,
Coalition for Derivatives End-Users
cc:
The Honorable Jerome H. Powell, Chairman
The Honorable Michael S. Barr
The Honorable Michelle W. Bowman
The Honorable Lisa D. Cook
The Honorable Philip N. Jefferson
The Honorable Christopher J. Waller
(Board of Governors of the Federal Reserve System)The Honorable Martin J. Greunberg, Chairman
The Honorable Travis Hill, Vice Chairman
The Honorable Rohit Chopra, Director
The Honorable Michael J. Hsu, Director (addressee)
The Honorable Jonathan McKernan, Director (Federal Deposit Insurance Corporation)
1 For purposes of this letter, the “Federal Banking Agencies” consist of the Department of the Treasury’s Office of the Comptroller of the Currency, the Board of Governors of the Federal Reserve System and the Federal Deposit Insurance Corporation.
2 See PWC, “Basel III Endgame: The next generation of capital requirements,” at 1 (April 2023), available at: https://explore.pwc.com/baseliiiendgame/basel-iii-endgame-exsumm.
3 See, e.g., Nominations of Michael S. Barr, Jaime E. Lizarraga, and Mark Toshiro Uyeda, Hearing Before the S. Comm. on Banking, Housing, and Urban Affairs, 118th Cong, at 15 and 18, available at: https://www.congress.gov/117/chrg/CHRG-117shrg48337/CHRG-117shrg48337.pdf; Oversight of Financial Regulators: Financial Stability, Supervision, and Consumer Protection in the Wake of Recent Bank Failures, Hearing Before the S. Comm. on Banking, Housing, and Urban Affairs, 118th Cong. at 1 (statement of the Honorable Michael S. Barr, Vice Chair for Supervision, Board of Governors of the Federal Reserve System), available at: https://www.banking.senate.gov/imo/media/doc/Barr%20Testimony%205-18-23.pdf; see also, Transcript of Chair Powell’s Press Conference (March 22, 2023), available at: https://www.federalreserve.gov/mediacenter/files/FOMCpresconf20230322.pdf; Remarks by Secretary of the Treasury Janet L. Yellen at Financial Stability Oversight Council Meeting (April 21, 2023), available at: https://home.treasury.gov/news/press-releases/jy1431.
4 See SIFMA, “Identifying an Optimal Level of Capital and Evaluating the Impact of Higher Bank Capital Requirements on US Capital Markets” (May 15, 2023), available at: https://www.sifma.org/resources/news/identifying-an-optimal-level-of-capital-and-evaluating-the-impact-of- higher-bank-capital-requirements-on-us-capital-markets/.
5 See the Business Risk Mitigation Price Stabilization Act of 2015. “Forcing businesses to post margin not only ties up capital, but also makes it more expensive for firms to utilize the risk management tools that they need to protect their businesses from uncertainty. Today’s bill clarifies in statute that Congress meant what it said when it exempted end users from margin and clearing requirements. Specifically, it ensures that those businesses which are exempt from clearing their hedges are also exempt from margining those hedges.” 114th Congr. Rec. H-67- 68 (Jan. 7, 2015) (state of Rep. Mike Conaway).
[1] Federal Reserve, FDIC, OCC, Regulatory capital rule: Amendments applicable to large banking organizations and to banking organizations with significant trading activity (July 27, 2023), available at: https://www.federalreserve.gov/aboutthefed/boardmeetings/frn-basel-iii-20230727.pdf (the “Proposed Rule”). See also the consolidated “Basel Framework” available at: https://www.bis.org/basel_framework/.
[2] Federal Reserve, Regulatory Capital Rule: Risk-Based Surcharges for Globally Systemically Important Bank Holding Companies; Systemic Risk Report (FR Y-15), available at: https://www.federalreserve.gov/aboutthefed/boardmeetings/frn-gsib-20230727.pdf (the “GSIB Surcharge Proposal”).
[3] 12 U.S.C. § 5365.
[4] Under the Dodd-Frank Act, those enhanced prudential standards include enhanced risk-based and leverage capital, liquidity, risk management and risk committee requirements, a requirement to submit a resolution plan, single-counterparty credit limits, supervisory and company-run stress testing requirements, and other prudential standards that the Federal Reserve determines are appropriate.
[5] Federal Reserve, Prudential Standards for Large Bank Holding Companies, Savings and Loan Holding Companies, and Foreign Banking Organizations, 84 Fed. Reg. 59032 (Nov. 1, 2019); OCC, Federal Reserve, FDIC, Changes to Applicability Thresholds for Regulatory Capital and Liquidity Requirements, 84 Fed. Reg. 59230 (Nov. 1, 2019).
[6] See 12 U.S.C. § 5365(a)(2)(A) (requiring that the Federal Reserve, “in prescribing more stringent prudential standards under [Section 165], … differentiate among companies on an individual basis or by category, taking into consideration their capital structure, riskiness, complexity, financial activities (including the financial activities of their subsidiaries), size, and any other risk-related factors that the [Federal Reserve] deems appropriate.”).
[7] A visual depicting certain changes to the capital requirements applicable to banking organizations under the Proposed Rule is included as Annex A.
[8] The term “banking organizations” includes national banks, state member banks, state nonmember banks, federal savings associations, state savings associations, top-tier bank holding companies domiciled in the U.S. not subject to the Federal Reserve’s Small Bank Holding Company and Savings and Loan Holding Company Policy Statement, U.S. intermediate holding companies of foreign banking organizations, and top-tier savings and loan holding companies domiciled in the U.S., except for certain savings and loan holding companies that are substantially engaged in insurance underwriting or commercial activities and savings and loan holding companies that are subject to the Small Bank Holding Company and Savings and Loan Holding Company Policy Statement.
[9] As noted in the preamble to the Proposed Rule, “[a]lthough the proposal would remove use of internal models for calculating capital requirements for credit and operational risk, internal models can provide valuable information to a banking organization’s internal stress testing, capital planning, and risk management functions. Large banking organizations should employ internal modeling capabilities as appropriate for the complexity of their activities.” Proposed Rule, p. 18.
[10] Total risk-weighted assets under the expanded risk-based approach would equal the sum of risk-weighted assets for credit risk, equity risk, operational risk, market risk, and CVA risk, less any amount of the banking organization’s adjusted allowance for credit losses that is not included in tier 2 capital and any amount of allocated transfer risk reserves. An “output floor” of 72.5 percent of expanded total risk-weighted assets would serve as a lower bound on the risk-weighted assets under the expanded risk-based approach. See Proposed Rule, p. 23-24.
[11] For calculating standardized total risk-weighted assets, the Proposed Rule would revise the methodology for determining market risk-weighted assets and would require banking organizations subject to Category III or IV capital standards to use the standardized approach for counterparty credit risk (“SA-CCR”) for derivatives exposures. See Proposed Rule, p. 23.
[12] Proposed Rule, p. 199.
[13] The basic measure for CVA risk would include risk-based capital requirements for all CVA risk covered positions and eligible CVA hedges calculated using the BA-CVA, and any other additional capital requirement for CVA risk established by the banking organization’s primary federal regulator if the regulator determines that the capital requirement for CVA risk as calculated under the BA-CVA is not commensurate with the CVA risk of the banking organization’s CVA risk covered positions. See Proposed Rule, p. 446.
[14] The standardized measure for CVA risk would include risk-based capital requirements calculated under (1) the SA-CVA for all standardized CVA risk covered positions and standardized CVA hedges, (2) the BA-CVA for all basic CVA risk covered positions and basic CVA hedges, and (3) any additional capital requirement for CVA risk established by the banking organization’s primary federal regulator if the regulator determines that the capital requirement for CVA risk as calculated under the SA-CVA and BA-CVA is not commensurate with the CVA risk of the banking organization’s CVA risk covered positions. See Proposed Rule, p. 446-47.
[15] See Proposed Rule, p. 497, n. 463 and accompanying text.
[16] See Proposed Rule, p. 494-95, n. 465 and accompanying text.
[17] See Proposed Rule, p. 497.
[18] See Proposed Rule, p. 500.
[19] See Proposed Rule, p. 504.
[20] Coalition for Derivatives End-Users, “Consideration of the Basel III Endgame Reforms and their Impact on the End-User Community” (July 6, 2023). A copy of the Coalition Letter is attached hereto.
[21] Proposed Rule, p. 489.
[22] Statement by FDIC Director Jonathan McKernan (July 27, 2023), available at: https://www.fdic.gov/news/speeches/2023/spjul2723c.html (“Director McKernan Statement”). In addition to the Proposed Rule’s 176 questions as prompts (almost all of which include multiple related sub-prompts) to solicit comments and data on all aspects of the Proposed Rule and its potential impacts, FDIC Director McKernan’s statement includes an additional 29 questions as prompts (almost all of which include multiple related sub-prompts) to solicit comments and data.
[23] Statement by Federal Reserve Governor Michelle W. Bowman (July 27, 2023), available at: https://www.federalreserve.gov/aboutthefed/boardmeetings/bowman-statement-20230727.pdf
(“Governor Bowman Statement”).
[24] Director McKernan Statement.
[25] 12 U.S.C. § 5365(a)(2)(A) (emphasis supplied).
[26] See GSIB Surcharge Proposal, p. 46-47.
[27] Federal Reserve Board vote (votes in favor: Chair Powell, Vice Chair for Supervision Barr, Governor Cook, Governor Jefferson; votes against: Governor Bowman, Governor Waller); FDIC Board vote (votes in favor: Chairman Gruenberg; Director Hsu; Director Chopra; votes against: Vice Chair Hill, Director McKernan). The Federal Reserve voted unanimously to approve the GSIB Surcharge Proposal.
[28] See Board of Governors of the Federal Reserve System: Board Votes, available at: https://www.federalreserve.gov/aboutthefed/boardvotes.htm.
[29] See Statement by Federal Reserve Chair Jerome H. Powell (July 27, 2023), available at: https://www.federalreserve.gov/aboutthefed/boardmeetings/powell-statement-20230727.pdf.
[30] Id.
[31] Id.
[32] Governor Bowman Statement.
[33] Id.
[34] Id.
[35] See Statement by FDIC Vice Chair Travis Hill (July 27, 2023), available at: https://www.fdic.gov/news/speeches/2023/spjul2723b.html (“Vice Chair Hill Statement”).
[36] See Director McKernan Statement.
[37] As noted above, EGRRCPA amended Section 165 of the Dodd-Frank Act to raise the minimum asset threshold for application of enhanced prudential standards from $50 billion to $250 billion in total consolidated assets, while (i) providing the Federal Reserve discretion in determining whether an institution with assets of $100 billion or more must be subject to such standards and (ii) requiring a more tiered and tailored enhanced prudential standards regime for large banks. See 12 U.S.C. § 5365.
[38] Statement by Federal Reserve Governor Christopher J. Waller (July 27, 2023), available at: https://www.federalreserve.gov/aboutthefed/boardmeetings/waller-statement-20230727.pdf.
[39] Vice Chair Hill Statement.
[40] Director McKernan Statement.
[41] Governor Bowman Statement.
[42] Coalition Letter.
[43] Vice Chair Hill Statement.
Gibson Dunn’s Distressed Banks Resource Center provides resources and regular updates to our clients. Please check the Resource Center for the latest developments.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please feel free to contact the Gibson Dunn lawyer with whom you usually work, any member of Gibson Dunn’s Global Financial Regulatory, Financial Institutions, Derivatives, Public Policy or Administrative Law and Regulatory practice groups, or the following authors:
Jason J. Cabral – New York (+1 212-351-6267, [email protected])
Michael D. Bopp – Washington, D.C. (+1 202-955-8256, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])
Adam Lapidus – New York (+1 212-351-3869, [email protected])
Zachary Silvers – Washington, D.C. (+1 202-887-3774, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published a Revised Proposed Second Amendment to its Part 500 Cybersecurity Rules (“Revised Proposed Amendment”). This is the third draft NYDFS has put out for this round of amendments, following the initial Draft Proposed Second Amendment (released on July 29, 2022) and the issuance of the Proposed Second Amendment (released on November 9, 2022, and covered in our prior alert), and reflects NYDFS’ response to stakeholder comments.
We highlight seven key takeaways of the Revised Proposed Amendment:
- Reduce requirements for audits, risk assessments, and penetration testing;
- Reduce governance requirements;
- Change notification requirements;
- Expand requirements for multi-factor authentication;
- Change requirements for incident response and business continuity and disaster recovery plans;
- Clarify certification requirements; and
- Clarify penalties.
- Reduced Requirements for Audits, Risk Assessments, and Penetration Testing
In the initial Proposed Second Amendment, NYDFS imposed strict requirements that those conducting audits, risk assessments, and penetration testing be independent, including specifically requiring external experts to conduct audits and risk assessments. Public commenters focused on these requirements, noting concerns about potential costs (e.g., from hiring an outside vendor), limits on human capital (e.g., taking staff away from critical operations to ensure the independence of an internal party), and backlogs (e.g., due to the increased demand for external vendors). Appearing to acknowledge these concerns, and the implicit assumption that using external vendors does not guarantee additional value, NYDFS modified the independence requirements in the Revised Proposed Amendment. Specifically, the Revised Proposed Amendment includes three such modifications:
- The definitions are revised to clarify that while Class A companies[1] need to conduct independent audits, such audits can now be conducted by internal auditors rather than only by external auditors, as long as the auditors are free to make their decisions without influence from the covered entity. This change realigns the Revised Proposed Amendment with the initial Draft Proposed Second Amendment from July 2022, which also specified that audits could be conducted by internal or external auditors.
- The requirement that Class A companies use external experts to conduct risk assessments at least once every three years is removed. The relevant section no longer mentions experts and only requires risk assessments be reviewed and updated at least annually and whenever a change in the business or technology causes a “material change.”[2]
- The scope of who can conduct penetration testing is expanded to include any “qualified internal or external party,” removing the requirement that the party be independent.
- Reduced Governance Requirements
In the Proposed Second Amendment, NYDFS required that the board of directors have “sufficient expertise and knowledge,” or be advised by persons with sufficient expertise and knowledge, to effectively oversee cybersecurity risk management. Noting that the phrase “expertise and knowledge” is vague, NYDFS clarified that it did not intend to suggest that cybersecurity experts are required on the board, but meant that a board should have sufficient understanding of cybersecurity-related matters. NYDFS therefore revised this section to require effective oversight of the entity’s cybersecurity risk management and “sufficient understanding of cybersecurity-related matters to exercise such oversight, which may include the use of advisors.”
NYDFS also removed the requirement that senior governing bodies “provide direction to management” on cybersecurity risk management because of confusion that this implied the board should become involved in the day-to-day management of the covered entity’s cybersecurity program. NYDFS clarified that the board’s job is to determine the strategic direction of the entity, while the day-to-day management of the cybersecurity program should be handled by management.
- Changes to Notification Requirements
The Revised Proposed Amendment expands the requirements around notification of cybersecurity events. Specifically, covered entities must notify NYDFS regarding security events that occur not only at the covered entity, but also those that occur at an affiliate or third-party service provider. This is a notable expansion of NYDFS’ notification requirement.
In its Assessment of Public Comments, NYDFS provided guidance clarifying that notification is required where cybersecurity events at third-party service providers: (i) require notice to a government body, self-regulating agency, or any other supervisory body; or (ii) have a reasonable likelihood of materially harming any material part of the normal operations of the covered entity. While NYDFS is not explicit about this, the same threshold can likely be applied to affiliates, which are defined in the Cybersecurity Regulation as “any person that controls, is controlled by, or is under common control with another person.” In response to public requests to clarify or delete the term “affiliate,” NYDFS commented that this term is clearly defined.
The requirement that, following initial notification, entities provide NYDFS with information requested to assist with investigating events within 90 days was met with objections from commenters suggesting it would be difficult or impossible to meet this deadline. In response, NYDFS relaxed this specific timetable requirement and the Revised Proposed Amendment now provides that requested information must be provided “promptly.”
- Expanded Requirements for Multi-Factor Authentication
Requirements related to multi-factor authentication are notably expanded in the Revised Proposed Amendment to require multi-factor authentication for any individual who accesses a covered entity’s information system. There are exceptions to these requirements for small covered entities that meet certain criteria and where “reasonably equivalent or more secure compensation controls” are used, which must be reviewed by the chief information security officer and approved in writing at least annually. These expanded requirements for multi-factor authentication are now more aligned with those outlined in the FTC Safeguards Rule (a federal regulation requiring financial institutions develop, implement, and maintain an information security program to protect customer information). In its past enforcement actions, NYDFS has often alleged violations of the Cybersecurity Regulation’s provisions covering multi-factor authentication. Covered entities should therefore be careful to ensure compliance with these new expanded requirements.
- Changes to Requirements for Incident Response and Business Continuity and Disaster Recovery Plans
On incident response plans, the Revised Proposed Amendment makes a number of changes, including narrowing the requirement that incident response plans address ways to specifically mitigate “disruptive” events to just “cybersecurity” events. NYDFS made this change to address concerns that “disruptive event” was undefined and therefore might include events that are not cybersecurity events. Signaling the importance of determining the root cause of a cybersecurity event, NYDFS also added a requirement that, as part of the incident response plan, covered entities prepare a “root cause analysis that describes how and why the event occurred, what business impact it had, and what will be done to prevent reoccurrence.”
There are also updates to the requirements around business continuity and disaster recovery (“BCDR”) plans, including specifying that BCDR plans should include procedures to enable the timely recovery of “critical data and information systems” rather than “data and documentation.” The Revised Proposed Amendment additionally specifies that covered entities must maintain “backups necessary to restoring material operations” that are “adequately protected from unauthorized alterations or destruction.”
Consistent with the Proposed Second Amendment, both incident response plans and BCDR plans must be tested at least annually.
- Clarification of Certification Requirement
The Revised Proposed Amendment changes the obligation that covered entities submit written confirmation to NYDFS of compliance with the Part 500 requirements by qualifying that only “material” compliance “during the prior calendar year” must be certified. This materiality qualifier was added in direct response to a comment requesting it. Although NYDFS does not provide a specific definition for what constitutes “material” compliance, this update will presumably make it easier for covered entities to achieve certification.
The second change, made in response to concerns that remediation during the year would prevent a covered entity from submitting a certification of compliance, suggests that material compliance at the time of submission, or the last day of the prior calendar year, is not adequate to certify compliance. Where a covered entity does not fully comply with the requirements, they must submit a written acknowledgment identifying the requirements they did not materially comply with, describing such noncompliance, and providing a remediation timeline.
In several recent enforcement actions, NYDFS found violations of the certification requirement where covered entities that have been subject to cybersecurity events, raising concerns that NYDFS is imposing effectively a strict liability regime. Adding a materiality qualifier suggests that a threat actor’s success in obtaining unauthorized access to data does not itself evidence a violation of the Cybersecurity Regulation.
- Clarification of Penalties
The Revised Proposed Amendment provides additional clarity on the factors NYDFS should consider in assessing any penalty by adding a new criterion—the extent to which the relevant policies comply with nationally recognized cybersecurity frameworks.
It is also worth noting that the Revised Proposed Amendment changes the transitional periods for several sections, extending most of the effective dates.
Next Steps
This alert is not an exhaustive list of the changes contained in the Revised Proposed Amendment, but provides a high-level overview of the updates from NYDFS’ Proposed Second Amendment. The Revised Proposed Amendment will be subject to an additional 45-day comment period, which ends on August 14, 2023. Pending further revisions, the amendment will take effect following the updated transitional periods.
The Revised Proposed Amendment demonstrates NYDFS’ continued efforts to weigh comments received while also ensuring covered entities are taking preventative measures to protect customer information and information technology systems from new and evolving threats. This underscores NYDFS’ risk-based approach to cybersecurity. Covered entities should review these requirements and ensure they have appropriate measures in place to comply if they are finalized.
________________________
[1] In the initial Draft Proposed Second Amendment, NYDFS established a group of larger companies it titled “Class A companies” to be subject to heighted compliance requirements. The Revised Proposed Amendment narrows the companies that qualify as “Class A companies” by revising this term’s definition to specify that when calculating the number of employees and gross annual revenue, affiliates should only include “those that share information systems, cybersecurity resources or all or any part of a cybersecurity program with the covered entity.”
[2] The definition of “risk assessment” is also revised to remove the requirement that such assessments “take into account the specific circumstances of the covered entity,” such as size, business, products, and location.
The following Gibson Dunn lawyers assisted in preparing this alert: Alexander Southwell, Vivek Mohan, Stephenie Gosnell Handler, Terry Wong, and Ruby Lang.
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity & Data Innovation practice group:
United States
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, [email protected])
Jane C. Horvath – Co-Chair, PCDI Practice, Washington, D.C. (+1 202-955-8505, [email protected])
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, [email protected])
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
David P. Burns – Washington, D.C. (+1 202-887-3786, [email protected])
Gustav W. Eyler – Washington, D.C. (+1 202-955-8610, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, [email protected])
Svetlana S. Gans – Washington, D.C. (+1 202-955-8657, [email protected])
Lauren R. Goldman – New York (+1 212-351-2375, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202-955-8510, [email protected])
Nicola T. Hanna – Los Angeles (+1 213-229-7269, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
Vivek Mohan – Palo Alto (+1 650-849-5345, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Rosemarie T. Ring – San Francisco (+1 415-393-8247, [email protected])
Ashley Rogers – Dallas (+1 214-698-3316, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])
Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0) 1 56 43 13 00, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Joel Harrison – London (+44(0) 20 7071 4289, [email protected])
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, [email protected])
Asia
Connell O’Neill – Hong Kong (+852 2214 3812, [email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])
In a recent landmark judgment, the EU’s Court of Justice (the Court) has sided with the European Commission (the Commission) on how the EU merger control rules should be interpreted and applied.
In a 2020 judgment, the lower EU General Court (GC) had faulted the Commission for an incomplete analysis and annulled the 2016 prohibition of the combination of mobile network operators Three and O2.[1] The 2020 GC judgment was widely seen as significantly raising the standard for when the Commission could challenge a merger.
The Court’s 2023 judgment now definitively establishes a number of key principles, and strengthens the Commission’s hand in its assessment of mergers in the EU. It has legitimized the Commission’s prior approach and underlined the margin of discretion afforded to the Commission in carrying out its assessment in certain respects. Continued vigorous merger control enforcement by the Commission can therefore be expected in the coming years.
I. Background
The revised EU Merger Regulation which entered into force in 2004 introduced an additional ground on which the Commission might take issue with mergers. As from 2004, the Commission was not only able to find that a merger created or strengthened a dominant position as had previously been the case, but could also (or alternatively) find that it would lead to a ‘significant impediment of effective competition’ (SIEC) in the EU internal market even without a finding of dominance. This additional ground was introduced to capture so-called “gap” cases.[2] The most prominent such “gap” cases in the years that followed related to the mobile telecommunications market. In a number of these cases, which generally involved the reduction of the number of mobile network operators in a given market from four to three, the Commission found that the proposed merger would lead to a SIEC through the removal of an important competitive constraint, without any finding of dominance.[3]
The Commission’s prohibition of the proposed merger between Three and O2 in 2016 was one such case. In its prohibition decision, the Commission found that the combination of Three and O2 would have created a new market leader in the UK mobile market and that, through the removal of an important competitor and with only two remaining mobile network operators able to challenge the merged company, the merger would have significantly reduced competition in the UK market.
The GC annulled this decision in full in 2020 following an appeal by CK Telecoms, the parent company of Three. The GC held that the Commission had failed to prove all three of its theories of harm to the requisite legal standard of “strong probability”. In particular, the GC held that: (1) the classification of a party as an “important competitive force” does not relieve the Commission from a full-fledged analysis of the elimination of important competitive constraints; (2) the merging parties were not “particularly” close competitors; and (3) “standard” efficiencies were not taken into account by the Commission in its quantitative price assessment. The judgment was widely viewed as significantly raising the requirements on the Commission to prove that a transaction should be prohibited.
II. The Court’s Judgment
The Three/O2 case was the first “gap” case since the entry into force of the revised Merger Regulation which had reached the Court. The judgment of the Court was therefore highly anticipated.
The Court,[4] annulled the judgment of the GC in full and referred the case back to it. In doing so, it established a number of important principles that the GC was required to apply in its review of the case, but which also apply more generally to the Commission’s review of mergers.
The Standard of Review is “More Likely Than Not” for All Cases
While the GC effectively raised the standard of proof required for the Commission to show a SIEC to the existence of “a strong probability”,[5] the Court made clear that the relevant standard of review is a “balance of probabilities” – irrespective of the type of merger or complexity of the theory of harm. Therefore, in order to prohibit a transaction, it is sufficient for the Commission to demonstrate, “by means of a sufficiently cogent and consistent body of evidence that it is more likely than not”[6] that the transaction leads to a SIEC. According to the Court, a higher burden of proof would be untenable given the forward-looking nature of the Commission’s assessment in its ex ante control of concentrations.[7]
The Commission Has a Certain Margin of Discretion
The Court sided with the Commission in giving it a certain margin of discretion in its interpretation of the legal framework for its substantive SIEC analysis – in particular with regard to economic matters. The judgment went on to highlight the forward-looking nature of the Commission’s assessment in ex ante merger control and implied that, as such, a very high burden of proof could reduce the effectiveness of the EU merger control regime. The Court nevertheless emphasized that the EU Courts should not refrain entirely from reviewing the Commission’s interpretation of EU law concepts when it comes to matters of economic analysis – and as such the Commission’s margin of discretion should not be unfettered.[8] While this does not mean that the EU Courts need to conduct their own economic analysis to verify the Commission’s findings, they must ascertain “whether the evidence relied on is factually accurate, reliable and consistent”, as well as whether this evidence contains all the necessary information and whether “it is capable of substantiating the conclusions drawn from it”.[9] To this end, the Court recalled that in the past EU Courts have interpreted concepts such as ‘dominant position’ or ‘relevant market’, and the concepts of ‘important competitive force’ and ‘close competitors’ are in a similar category.[10]
No Special Test for SIEC in Oligopolistic Markets
As regards the assessment of a SIEC in oligopolistic markets, the Court rejected the GC’s finding that the two conditions set out in recital 25 of the Merger Regulation must be fulfilled, namely: (1) the elimination of an important competitive constraint that the merging parties had exerted upon each other; and (2) a reduction of competitive pressure on remaining competitors. According to the Court, either prong is sufficient. A different interpretation would mean that the finding of a likely unilateral price increase following a merger would not in itself be sufficient to challenge a transaction.[11]
Specifically, the Commission had relied primarily on the concepts of “important competitive force” and “close competitors” to demonstrate a SIEC in the prohibition decision. For the GC, this was not enough. It found that in such a concentrated market, the Commission had to establish “particularly” close competition and find a stronger impact on pricing by Three rather than to call it an “important competitive force” based on what the GC considered to be a cursory reference to evidence and circumstances.[12]
The Court disagreed with the GC and emphasized that there are different ways the Commission could have demonstrated a SIEC in this case. As regards the definition of an ‘important competitive force’, the judgment made reference to the Commission’s Horizontal Merger Guidelines and specified that on a given oligopolistic market, a number of companies could be classified as an important competitive force.[13] The Court also rejected the exclusively price-focused approach of the GC, noting that such an assessment would be incomplete, in particular in markets where quality and innovation play a role.[14] The judgment also disagreed that only a merger between “particularly close competitors” could lead to a SIEC in the case at hand – it outlined that even where substitutability between the merging parties’ products is not particularly high, a lower level of substitutability between those parties’ products and those of the non-merging parties may lead to higher incentives to increase prices, and also that high pre-merger margins may suggest possible price increases as a result of the merger.[15]
No Such Thing as “Standard” Efficiencies
One of the more controversial elements of the GC judgment was its finding that, given that most mergers lead to efficiencies, the Commission must take “standard” efficiencies into account in its quantitative assessments.[16] The Court disagreed in strong terms, noting that no EU Regulations or Guidelines refer to a category of “standard” efficiencies.[17] According to the Court, while it is true that certain mergers may give rise to efficiencies, it is for the merging parties to demonstrate them. Reversing the burden of proof with regard to efficiencies would reduce the effectiveness of merger control.[18]
III. Implications of the Judgment
The judgment has strengthened the Commission’s hand in its assessment of mergers in a number of significant respects. First, it has clarified that all mergers, regardless of the pursued theory of harm or markets in which they occur, are subject to the “more likely than not” standard, which is more favorable to the Commission. Second, it has confirmed that the Commission enjoys a degree of flexibility in relation to the finding of a SIEC, and that the requirements to demonstrate a SIEC are not as high as the GC had previously identified. Finally, it has rowed back on the GC’s finding that all mergers are presumed to generate some efficiencies and has put the onus back on the merging parties to demonstrate that there are any such efficiencies. As a result, we can expect the Commission to be emboldened and continue to vigorously enforce merger control in the coming years.
________________________
[1] Case M.7612 — Hutchison 3G UK/Telefónica UK [2016].
[2] “Gap” cases are transactions in oligopolistic markets in which non-coordinated effects arise without the creation or strengthening of a dominant position.
[3] Between 2012 and 2014, under Commissioner Almunia, the Commission approved three four-to-three mergers subject to remedies, and hence where competition issues had been identified: Case M.6497, H3G/Orange Austria [2012], Case M.6992 H3G/Telefonica Ireland [2014], and Case M.7018 Telefonica Deutschland/E-Plus [2014]. Under Commissioner Vestager, the Commission blocked four-to-three mergers in Denmark and the UK (Case M.7419 TeliaSonera/Telenor/JV [2015] (withdrawn) and Case M.7612 H3G UK/Telefónica UK [2016]), and cleared a four-to-three merger in Italy, subject to divestment and entry of a new mobile operator on the market (Case M.7758 H3G Italy/Wind/JV [2016]). Currently pending: Case M.10896 Orange/Masmovil/JV.
[4] The Court sat in its Grand Chamber, which occurs in particularly complex or important cases.
[5] Case T-399/16, CK Telecoms UK v Commission, ECLI:EU:T:2020:217, para. 118.
[6] Case C-376/20 P, Commission v CK Telecoms UK, ECLI:EU:C:2023:561, para. 87.
[7] Ibid., para. 86.
[8] Ibid., para. 126.
[9] Ibid., para. 125.
[10] Ibid., para. 127.
[11] Ibid., para. 112.
[12] Case T-399/16, CK Telecoms UK v Commission, ECLI:EU:T:2020:217, para. 249 and 288.
[13] Case C-376/20 P, Commission v CK Telecoms UK, ECLI:EU:C:2023:561, para. 163.
[14] Ibid., para. 165.
[15] Ibid., para. 190.
[16] Ibid., para. 279.
[17] Ibid., para. 241.
[18] Ibid., para. 244.
The following Gibson Dunn lawyers prepared this client alert: Christian Riis-Madsen, Nicholas Banasevic, Attila Borsos, Stéphane Frank, Zuzanna Bobowiec, and Jan Przerwa.*
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Antitrust and Competition, Mergers and Acquisitions, or Private Equity practice groups, or the following authors and practice leaders:
Antitrust and Competition Group:
Christian Riis-Madsen – Brussels (+32 2 554 72 05, [email protected])
Ali Nikpay – London (+44 (0) 20 7071 4273, [email protected])
Rachel S. Brass – San Francisco (+1 415-393-8293, [email protected])
Stephen Weissman – Washington, D.C. (+1 202-955-8678, [email protected])
Mergers and Acquisitions Group:
Robert B. Little – Dallas (+1 214-698-3260, [email protected])
Saee Muzumdar – New York (+1 212-351-3966, [email protected])
Private Equity Group:
Wim De Vlieger – London (+44 (0) 20 7071 4279, [email protected])
Federico Fruhbeck – London (+44 (0) 20 7071 4230, [email protected])
Scott Jalowayski – Hong Kong (+852 2214 3727, [email protected])
Michael Piazza – Houston (+1 346-718-6670, [email protected])
Ari Lanin – Los Angeles (+1 310-552-8581, [email protected])
Richard J. Birns – New York (+1 212-351-4032, [email protected])
*Nicholas Banasevic is managing director and Zuzanna Bobowiec is an associate in the Brussels office who are not admitted to practice law.
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
In a precedential decision on July 6, 2023, the Delaware Court of Chancery lowered stockholder-plaintiffs’ incentives to pursue meritless deal litigation by raising the standard that supplemental disclosures must meet to justify an award of attorneys’ fees from “helpful” to “material.” Anderson v. Magellan Health, Inc., et al. — A.3d —, C.A. No. 2021-0202-KSJM.
Much ink has been spilled regarding the shift in merger-related disclosure claims to federal court after the Delaware Court of Chancery announced in Trulia that it would approve disclosure-only settlements only where the additional information is “plainly material.” Because the merger tax levied by these strike suits continues to plague Delaware corporations—typically now in the form of a “mootness fee” to settle stockholder claims on an individual, rather than class-wide, basis—Delaware Chancellor Kathaleen St. J. McCormick recently announced in Anderson v. Magellan Health, Inc. that the Court of Chancery is raising the standard for pricing supplemental disclosures in mootness-fee proceedings from merely “helpful” to “material.” The Chancellor also provided guidance regarding the corporate benefit doctrine and how Delaware courts interpret case law applying it.
Under the corporate benefit doctrine, Delaware courts may award fees to plaintiffs’ counsel for the beneficial results they produce for a defendant corporation even without a favorable adjudication. In Magellan, the Court of Chancery revisited standards for pricing corporate benefits that it adopted in 2016. The Chancellor’s decision will likely reduce the overall amount of attorneys’ fees and expenses paid by corporations to resolve stockholder litigation providing no discernable benefit to stockholders, and may reduce the volume of meritless disclosure demands in M&A transactions.
Factual Background
The complaint filed in Magellan challenged Magellan Health, Inc.’s (the “Company”) 2021 acquisition by a managed care company (the “Buyer”). A Company stockholder claimed that certain deal protections from an abandoned sale process in 2019 impeded the more recent sale to the Buyer and were inadequately described in the Company’s proxy. The Company responded by loosening the deal protections and issuing supplemental disclosures, which mooted the plaintiff’s claims. Loosened deal protections and supplemental disclosures are common forms of non-monetary benefits.
In subsequent mootness-fee proceedings, the plaintiff petitioned the Court of Chancery for an award of attorneys’ fees and expenses. The plaintiff argued that its litigation resulted in corporate benefits worth more than $1 million. The Company argued in opposition that the benefits were worth approximately $100,000. After reexamining Delaware’s standards for pricing non-monetary corporate benefits, the court sided with the Company and awarded only $75,000 in fees and expenses.
Loosened Deal Protections
Delaware law recognizes a corporate benefit in this context because, “[a]s a theoretical matter, loosening deal protection devices makes topping bids more likely.” In Magellan, the plaintiff sought over $1 million in fees for causing the Company to waive don’t-ask-don’t-waive provisions that continued to bind three potential bidders from an abandoned 2019 sale process. Rejecting the plaintiff’s application of Delaware law, the court found that the waivers “d[id] not justify a fee award” because “the increased likelihood of a topping bid was close to zero.”
The court rejected the plaintiff’s application of Delaware law for two reasons. First, the plaintiff improperly omitted “the qualitative evaluation of the increased likelihood of a topping bid due to the plaintiff’s efforts.” Under a proper reading of Delaware precedent, the plaintiff was not entitled to full credit for the likelihood of a topping bid, only “the increased likelihood (if any) of a topping bid generated by the [w]aivers.” The plaintiff also erred in assuming the waivers increased the likelihood of a topping bid. In the court’s analysis of the likelihood of a topping bid, it found that two potential bidders had not expressed serious interest in the Company and the waiver released the third bidder only one day early.
Second, the plaintiff improperly relied on Court of Chancery decisions issued in 2014 or earlier for the resolution of claims challenging don’t-ask-don’t-waive provisions. The court found the plaintiff’s reliance on these decisions was misplaced because (i) they were “issued at a time when Delaware courts were still developing their views on don’t-ask-don’t-waive provisions,” (ii) “[e]ach involved far greater effort from the plaintiffs’ counsel than [the plaintiffs] invested in this case,” and (iii) “each achieved far more than [the plaintiffs] achieved here.” Finally, and perhaps most importantly, the court criticized the plaintiffs’ reliance on precedent decisions predating doctrinal shifts in 2015 and 2016—including the court’s decision in Trulia—and it characterized such precedents as “less useful in determining the value of otherwise comparable benefits.”
Supplemental Disclosures
Supplemental disclosures also can provide a compensable corporate benefit under Delaware law. According to the court, however, “developments in deal litigation since” 2016 warrant reexamining “the standard for pricing that benefit.”
In 2016, the Court of Chancery announced new standards for pricing supplemental disclosures in settlement-approval proceedings and mootness-fee proceedings. In Trulia, the court held that it would only approve disclosure-only settlements where the disclosures were “plainly material”—that is, where the supplemental disclosures procured met a higher materiality standard than the one applied when determining whether a disclosure claim is adequately pleaded. The court also concluded that mootness-fee proceedings were a preferable mechanism for pricing the corporate benefit resulting from the supplemental disclosures. In mootness-fee proceedings a few months later, however, the court declined to apply the defendant-friendly “plainly material” standard announced in Trulia. Instead, in Xoom, it “ratchet[ed] down the standard from ‘material’ to ‘helpful.’”
The effect of these decisions was significant. Trulia incentivized plaintiffs to repackage fiduciary duty claims as federal securities claims and file them in federal courts, which limited the Court of Chancery’s opportunities to clarify Delaware policy on disclosure-based mootness fees. Xoom incentivized plaintiffs to pursue weak or meritless disclosure claims expecting that defendants would rather issue supplemental disclosures and pay a mootness fee than expend the resources necessary to defend weak or meritless litigation.
Troubled by “a rule that seems to encourage the pursuit of legally meritless disclosure claims” and the resulting “merger tax of deal litigation” that “continues to plague Delaware corporations” in other courts, the Chancellor announced a new standard for pricing supplemental disclosures in mootness-fee proceedings. Barring disagreement by the Delaware Supreme Court, “mootness fees based on supplemental disclosures” are available under Delaware law “only when the information is material.”
Because the parties in Magellan had not argued for the heightened standard, however, the court applied Xoom one last time. The supplemental disclosures at issue were “marginally helpful” because they “provided a more easy-to-read summary of the existence, terms, and operation of the standstills, including why Magellan did not believe that certain of its standstill obligations impeded the sale process.” Based on “one post-Trulia academic survey” and “the limited set of court-ordered mootness fees awards post-Trulia,” the court valued the Company’s supplemental disclosures at $75,000.
Key Takeaways
Chancellor McCormick wrote the precedential decision in Magellan in response to the plaintiff’s “eye-popping request for $1,100,000,” which caught the attention of two professors who filed amicus briefs urging the Court of Chancery to “issue a written decision to warn other courts applying Delaware law of these policy concerns.” The following key takeaways should guide practitioners and jurists applying Delaware law.
- When pricing mootness fees, courts applying Delaware law should apply a “materiality” standard rather than the “helpful” standard originally announced in Xoom. Because Delaware has adopted the federal standard for materiality in the stockholder disclosure context, this means that courts will only award mootness fees “if there is a substantial likelihood that a reasonable shareholder would consider” the supplemental disclosures “important in deciding how to vote” or tender shares.
- Chancellor McCormick clearly instructed courts applying Delaware law to give less weight to corporate benefit cases pre-dating Trulia, because “Trulia and other doctrinal changes in Delaware law adopted around that time” drove “an overall decline in settlements and fee awards” that “renders pre-Trulia precedent less useful in determining the value of otherwise comparable benefits.” Practitioners and non-Delaware courts should be mindful of this guidance when relying on pre-Trulia corporate benefit cases applying the materiality standard.
- It is hornbook law that plaintiffs are only entitled to compensation for the incremental value of a corporate benefit they cause. In Magellan, the Court of Chancery clarified how practitioners and courts should analyze the incremental value of loosened deal protections. In this context, pricing the incremental value created by a plaintiff requires a fact-specific “qualitative evaluation of the increased likelihood of a topping bid,” implicating the range of protections loosened, the nature and effect of each loosened protection, and the nature and extent of interest expressed by potential bidders who benefited from the loosened protections.
- The decision will likely reduce the overall amount of attorneys’ fees and expenses paid by Delaware corporations to settle stockholder litigation providing no discernable benefit to stockholders. The falling price may also reduce the overall volume of demands for supplemental disclosures.
The Court’s opinion is available here.
The following Gibson Dunn attorneys assisted in preparing this client update: Jonathan D. Fortney, Brian M. Lutz, and Mark H. Mixon, Jr.
Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding the developments in the Delaware Court of Chancery. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Securities Litigation, Securities Regulation and Corporate Governance, Mergers and Acquisitions, or Private Equity practice groups:
Securities Litigation Group:
Christopher D. Belelieu – New York (+1 212-351-3801, [email protected])
Jefferson Bell – New York (+1 212-351-2395, [email protected])
Michael D. Celio – Palo Alto (+1 650-849-5326, [email protected])
Jonathan D. Fortney – New York (+1 212-351-2386, [email protected])
Monica K. Loseman – Co-Chair, Denver (+1 303-298-5784, [email protected])
Brian M. Lutz – Co-Chair, San Francisco/New York (+1 415-393-8379/+1 212-351-3881, [email protected])
Mary Beth Maloney – New York (+1 212-351-2315, [email protected])
Jason J. Mendro – Washington, D.C. (+1 202-887-3726, [email protected])
Alex Mircheff – Los Angeles (+1 213-229-7307, [email protected])
Jessica Valenzuela – Palo Alto (+1 650-849-5282, [email protected])
Craig Varnen – Co-Chair, Los Angeles (+1 213-229-7922, [email protected])
Mark H. Mixon, Jr. – New York (+1 212-351-2394, [email protected])
Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, [email protected])
James J. Moloney – Orange County, CA (+ 949-451-4343, [email protected])
Lori Zyskowski – New York (+1 212-351-2309, [email protected])
Mergers and Acquisitions Group:
Robert B. Little – Dallas (+1 214-698-3260, [email protected])
Saee Muzumdar – New York (+1 212-351-3966, [email protected])
Private Equity Group:
Richard J. Birns – New York (+1 212-351-4032, [email protected])
Ari Lanin – Los Angeles (+1 310-552-8581, [email protected])
Michael Piazza – Houston (+1 346-718-6670, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
This update provides an overview of key class action-related cases during the second quarter of 2023 (April through June).
Part I recaps recent developments regarding the Federal Arbitration Act (“FAA”), including the Supreme Court’s decision requiring automatic stays pending appeals from denials of motions to compel arbitration and a Third Circuit opinion on the scope of the Section 1 exemption for interstate transportation workers.
Part II discusses Article III standing cases from the Seventh and Third Circuits.
Part III discusses a Sixth Circuit decision that rejects the juridical link doctrine, deepening the circuit split on this issue.
And Part IV discusses noteworthy cases from the Eleventh and Ninth Circuits on issues relating to class settlement approval.
I. The Supreme Court and Third Circuit Resolve Important Questions Relating to Arbitration
In Coinbase v. Bielski, 143 S. Ct. 1915 (2023), the Supreme Court held that appealing the denial of a motion to compel arbitration automatically stays district court proceedings pending resolution of that appeal. Please see our prior client alert for an analysis of this important decision, which helps protect defendants from losing the benefits of arbitration. As the Court recognized, absent these protections, the “potential for coercion is especially pronounced in class actions, where the possibility of colossal liability can lead to . . . ‘blackmail settlements.’” Id. at 1921.
In another decision that will be of interest to class action practitioners, the Third Circuit held that drivers who use the Uber app are not exempt from the FAA under the interstate transportation worker exception of Section 1. See Singh v. Uber Techs., Inc., 67 F.4th 550 (3d Cir. 2023). In this case, drivers appealed from orders compelling arbitration under Uber’s arbitration agreements, arguing that they are exempt from the FAA because it does not apply to “contracts of employment of seamen, railroad employees, or any other class of workers engaged in foreign or interstate commerce.” Id. at 553 (citing 9 U.S.C. § 1).
The Third Circuit disagreed with the drivers, holding that the last category—”workers engaged in foreign or interstate commerce”—applies only if “interstate movement of goods or passengers is a central part of the job description of the class.” Id. at 557 (citation and internal quotation marks omitted). The court reasoned that the “work of Uber drivers is centered on local transportation,” and even “[w]hen Uber drivers do cross state lines, they do so only incidentally, as part of Uber’s fundamentally local transportation business.” Id. at 553. With this opinion, the Third Circuit joins the First and Ninth Circuits, which similarly ruled that rideshare drivers do not qualify as “workers engaged in . . . interstate commerce” under FAA. See Cunningham v. Lyft, Inc., 17 F.4th 244 (1st Cir. 2021); Capriole v. Uber Techs., Inc., 7 F.4th 854 (9th Cir. 2021). Gibson Dunn represented Uber in this appeal.
II. The Seventh and Third Circuits Address Article III Standing in Putative Class Actions
Questions regarding Article III standing continue to arise in class action cases, with the Seventh and Third Circuits to be the latest courts to address standing this quarter.
In Pucillo v. National Credit Systems, Inc., 66 F.4th 634 (7th Cir. 2023), the Seventh Circuit affirmed a district court’s dismissal of a complaint for lack of Article III standing, holding that feelings of being “concerned,” “upset,” “confused,” and “alarmed” did not provide the plaintiff standing to sue for money damages under the Fair Debt Collection Practices Act (“FDCPA”). Id. at 636, 638, 642. The case involved debt collectors who sent two letters to the plaintiff demanding payment on a debt that had been discharged through bankruptcy proceedings. Id. at 636. The plaintiff filed suit against the debt collectors, relying on his emotional reactions to the letters. Id. The Seventh Circuit held that the plaintiff’s emotional responses were insufficient to support standing. Id. at 638. In addition, while the court agreed that contact with a credit rating agency or repeated automated phone messages might be sufficiently similar to the common law tort of intrusion upon seclusion to provide standing, the two letters sent to the plaintiff in Pucillo were not. Id. at 641–42. The court also found persuasive that the two letters sent by mail a year apart did not represent the “kind of abusive practice” the FDCPA was meant to address, noting that Congress’s “judgment is also instructive and important for determining whether an intangible harm constitutes injury in fact.” Id. (citing Spokeo, Inc. v. Robins, 578 U.S. 330, 341 (2016)).
By contrast, in Weichsel v. JP Morgan Chase Bank, N.A., 65 F.4th 105 (3d Cir. 2023), the Third Circuit held that a plaintiff who received a credit card renewal notice that allegedly failed to itemize annual fees in violation of the Truth in Lending Act (“TILA”) and Regulation Z had sufficiently alleged an Article III injury—even though his alleged injury had nothing to do with the purposes underlying the statutory cause of action. Id. at 108–10. The court reasoned the plaintiff had standing because he suffered a traceable, economic injury: he said he read and understood the non-itemized renewal notice and would not have paid the full annual fee if he had known it included an additional card fee. Id. at 111. At least in the Third Circuit’s view, it did not matter that the plaintiff’s alleged injury was not tied to TILA’s “underlying concrete interest,” which is to remind borrowers of an upcoming obligation. Id. at 112 (citation omitted). Instead, the court reasoned that “while a statutory violation gives Plaintiff his cause of action, that statutory cause of action is distinct from his Article III injury,” such that the plaintiff “need not allege any additional injury with a connection to the statute’s purpose.” Id. Nevertheless, the court agreed that the disconnect between his allegations and the purposes of the statute was sufficient to dismiss the complaint for failure to state a claim. Id. at 112–14.
III. Sixth Circuit Deepens Circuit Split by Rejecting “Juridical Link” Doctrine
Article III standing generally requires a plaintiff’s injuries to be “fairly traceable” to the defendant. But what about named plaintiffs in putative class actions—can they sue defendants who have not injured them if these defendants have injured other, similarly situated absent class members? Some courts have answered that question in the affirmative, relying on the so-called “juridical link” doctrine, which generally provides that a plaintiff may sue defendants that did not injure the plaintiff if all the defendants are “juridically linked” (such as through a “conspiracy” or “concerted scheme”) and if it would be “expeditious” to sue all the defendants in one action. See, e.g., Payton v. Cnty. of Kane, 308 F.3d 673, 678–79 (7th Cir. 2002). At least two circuits—the Second and Eighth—have previously rejected it. See Mahon v. Ticor Title Ins. Co., 683 F.3d 59 (2d Cir. 2012); Wong v. Wells Fargo Bank N.A., 789 F.3d 889 (8th Cir. 2015).
This past quarter, the Sixth Circuit in Fox v. Saginaw County, 67 F.4th 284 (6th Cir. 2023), joined these circuits in rejecting this doctrine. In Fox, the plaintiff claimed to have suffered an unconstitutional taking when his county took ownership of his property for failing to pay property taxes and sought to represent a class of other similarly situated property owners. Id. at 288. He sued not only the county in which the taking occurred, but also 26 other counties where putative class members suffered similar takings. Id. The Sixth Circuit held that the plaintiff lacked standing to sue the other counties because his own injury was not sufficiently traceable to the 26 other counties where he experienced no personal taking. Id. at 293. In so holding, the Sixth Circuit rejected the juridical link doctrine, which other courts have invoked to “allow[] a named plaintiff in a putative class action to sue defendants who have not injured the plaintiff if these defendants have injured absent class members.” Id. at 288. The Sixth Circuit found that juridical link doctrine conflicted with Supreme Court precedent on a number of basic principles, including “that a class-action request ‘adds nothing to the question of standing,’” id. (quoting Simon v. E. Ky. Welfare Rts. Org., 426 U.S. 26, 40 n.20 (1976)), that standing be determined “at the outset of the litigation” (rather than after a class is certified), id. at 294 (quoting Friends of the Earth, Inc. v. Laidlaw Env’t Servs. (TOC), Inc., 528 U.S. 167, 180 (2000)), and that the three-part standing test sets an “irreducible constitutional minimum,” id. at 294 (quoting Lujan v. Defs. of Wildlife, 504 U.S. 555, 560 (1992)).
IV. The Eleventh and Ninth Circuits Reverse Class Settlement Approvals
This past quarter, the Eleventh and Ninth Circuits reversed settlement class approvals, which reflects the continued trend towards greater scrutiny of class settlements.
In Williams v. Reckitt Benckiser LLC, 65 F.4th 1243 (11th Cir. 2023), the Eleventh Circuit vacated a class settlement that awarded injunctive and monetary relief to a class of individuals who purchased the defendants’ “brain performance supplements” on the ground that the plaintiffs lacked standing to pursue injunctive relief. Id. at 1247, 1253. The court explained that “even if a plaintiff can establish standing to pursue separate claims for monetary relief based on allegations of past harm, before a court may grant that plaintiff injunctive relief, the plaintiff must separately establish a threat of ‘real and immediate,’ as opposed to ‘conjectural or hypothetical,’ future injury.” Id. at 1253 (citations omitted). The named plaintiffs did not meet that standard because they did not “allege any ‘continuing, present adverse effects’ associated with prior purchases of [defendants’] [p]roducts,” or any “‘concrete plans’ to purchase [defendants’] [p]roducts again in the future.” Id. at 1255 (citation omitted). Because the named plaintiffs lacked standing to seek injunctive relief, the district court did not have jurisdiction to grant injunctive relief—even in the settlement context—and therefore should not have approved the settlement as drafted. Id. at 1256–57.
In Lowery v. Rhapsody International, Inc., 69 F.4th 994 (9th Cir. 2023), the Ninth Circuit reversed a $1.7 million attorneys’ fee award in a “claims-made” settlement where class members submitted claims for less than 0.3% of a capped $20 million settlement fund. Id. at 997, 1001. The court explained that district courts awarding fees “must consider the actual or realistically anticipated benefit to the class¾not the maximum or hypothetical amount¾in assessing the value of a class settlement” for purposes of evaluating the reasonableness of a fee award. Id. at 1001. On remand, the Ninth Circuit ordered the district court to “disregard the theoretical $20 million settlement cap and instead start with the $52,841.05 that the class claimed” because “[a]ny other approach would allow parties to concoct a high phantom settlement cap to justify excessive fees, even though class members receive nothing close to that amount.” Id.
The following Gibson Dunn lawyers contributed to this client update: Jessica Pearigen, Allie Miller, Yixian Sun*, Wesley Sze, Lauren Blas, Bradley Hamburger, Kahn Scolnick, and Christopher Chorba.
Gibson Dunn attorneys are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Class Actions, Litigation, or Appellate and Constitutional Law practice groups, or any of the following lawyers:
Theodore J. Boutrous, Jr. – Los Angeles (+1 213-229-7000, [email protected])
Christopher Chorba – Co-Chair, Class Actions Practice Group – Los Angeles (+1 213-229-7396, [email protected])
Theane Evangelis – Co-Chair, Litigation Practice Group, Los Angeles (+1 213-229-7726, [email protected])
Lauren R. Goldman – New York (+1 212-351-2375, [email protected])
Kahn A. Scolnick – Co-Chair, Class Actions Practice Group – Los Angeles (+1 213-229-7656, [email protected])
Bradley J. Hamburger – Los Angeles (+1 213-229-7658, [email protected])
Lauren M. Blas – Los Angeles (+1 213-229-7503, [email protected])
*Yixian Sun is an associate practicing in the firm’s New York office who is not yet admitted to practice law in New York.
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
R (on the application of PACCAR Inc and others) (Appellants) v Competition Appeal Tribunal and others (Respondents), [2023] UKSC 28
In a greatly anticipated judgment of the UK’s Supreme Court (the “UKSC”), a 4-1 majority has ruled that litigation funding agreements (“LFAs”), under which the funder’s remuneration is calculated by reference to a share of the damages ultimately recovered, fall within the statutory definition of damages-based agreements (“DBAs”). Although the decision largely turns on principles of statutory interpretation, the consequences of the UKSC’s ruling are potentially significant:
- Existing and future LFAs under which the funder’s remuneration is calculated by reference to a share of the damages ultimately received will now be unenforceable in England & Wales unless they comply with the conditions set out in the Damages-Based Agreements Regulations 2013 (the “Regulations”).
- In the context of opt-out collective proceedings before the Competition Appeal Tribunal (the “CAT”), such LFAs will be unenforceable even if they comply with the Regulations as a result of a prohibition on DBAs for opt-out collective proceedings.
Although the full extent of its implications is not yet clear, the decision will undoubtedly have a significant impact on litigation funding in the UK, and in particular in collective proceedings before the CAT. It remains to be seen whether, in light of the decision, the UK Parliament will consider direct intervention to regulate this area.
I. Background to the UKSC Judgment and Procedural History
The case concerned the question of whether LFAs are to be classified as DBAs, and therefore subject to the UK legislation governing DBAs, including the Regulations and the Courts and Legal Services Act 1990 (the “CLSA”). Lord Henderson underscored the importance of this question in his judgment at the Court of Appeal stage in 2021 as follows:
The issue […] is in general terms whether funding agreements entered into with claimants by third parties who play no part in the conduct of the litigation, but whose remuneration is fixed as a share of the damages recovered by the client, are “damages-based agreements” within the meaning of the relevant legislation which regulates such agreements. If they are, the likely consequence would be that most, if not all, litigation funding agreements currently in existence would be unenforceable […].[1]
The UKSC was therefore asked to consider whether the principles governing DBAs extended to litigation funders as well as to solicitors. In essence: should a LFA be treated as the same type of agreement as a client-solicitor DBA, despite the fact the litigation funder will be a third-party to the proceedings?
The question mainly turned upon the definition of a DBA, which is found at section 58AA(3)(a) of the CLSA:
[A DBA is] an agreement between a person providing advocacy services, litigation services or claims management services and the recipient of those services which provides that—
(i) the recipient is to make a payment to the person providing the services if the recipient obtains a specified financial benefit in connection with the matter in relation to which the services are provided, and
(ii) the amount of that payment is to be determined by reference to the amount of the financial benefit obtained.[2]
Since 1 April 2013, DBAs have been a permitted form of fee arrangement for contentious proceedings in England & Wales.[3] But despite the introduction of DBAs being characterized as a positive development for flexibility and accessibility to justice for applicants,[4] DBAs in high-value English civil cases remain relatively rare.[5] Legal professionals have been reticent to embrace the practice due to the lack of certainty regarding compensation for their services, as well as the lack of clarity in the existing drafting of the Regulations that govern DBAs.[6]
a. The Competition Appeal Tribunal Phase
The case originates from a cartel decision by the European Commission (the “EC”), dated 19 July 2016. In that decision, the EC held that five major European truck manufacturing groups, ((1) DAF, (2) Daimler, (3) Iveco, (4) Volvo/Renault and (5) MAN)), infringed EU Competition Law by, inter alia, exchanging information on their respective future gross pricing.[7] Subsequently in 2018, Road Haulage Association Limited (“RHA”), a haulage trade association, and UK Trucks Claim Limited (“UKTC”), an SPV set up specifically to pursue the claim (together, the “Applicants”), brought proceedings in the CAT seeking damages from the manufacturers pursuant to section 47B of the UK Competition Act 1998.[8] Both the Applicants had LFAs in place. The CAT heard the case in June 2019, having ordered in December 2018 that the two applications be heard together.[9]
DAF contended that the Applicants’ LFAs constitute DBAs, with the consequence that they were unenforceable as they did not comply with the requirements under 58AA(3)(a) of the CLSA. Further, DAF contended that the Applicants did not satisfy the requirements for being authorised to bring the collective proceedings because section 47C(8) of the Compensation Act 2006 (the “CA”) stipulated that a DBA is unenforceable if it relates to opt-out proceedings.[10]
In its judgment dated 28 October 2019, the CAT found in favour of the Applicants.[11] DAF thereafter applied to the Court of Appeal for permission to apply for judicial review.
b. The Court of Appeal Phase
The Court of Appeal handed down its judgment on 5 March 2021,[12] dismissing DAF’s appeal and holding that it would not grant DAF permission to apply for judicial review on the substantive DBA issue.[13]
The Court of Appeal focused on the interpretation of the definition of “claims management services” in section 4(2)(b) of the CA; in particular, whether that term encompassed LFAs.[14] The phrase was imported into section 58AA(3)(a) of the CLSA’s DBA definition, as outlined above. The Court of Appeal determined that the definition of DBAs under these statutes did not include LFAs. DAF thereafter opted to appeal directly to the UKSC; permission to do so was granted in May 2022.
II. The UKSC Judgment
The case was heard on 16 February 2023.[15] By a majority of 4-1, the UKSC overturned the Court of Appeal’s judgment on 26 July 2023 and held that LFAs could amount to “claims management services” such that they are considered DBAs which must comply with the Regulations in order to be enforceable. As noted above, much of the UKSC’s analysis focused on English law rules of statutory interpretation.
Lord Sales (with whom Lords Reed, Leggatt and Stephens agreed) held that “claims management services”, as referred to in section 58AA(3)(a) of the CLSA, includes LFAs. Lord Sales focused on construing what he understood to be the original intention of the drafting and, as such, found that “Parliament used wide language […] deliberately and with the intention that the words of the definition of “claims management services” should be given their natural meaning.”[16] His Lordship concluded that the natural meaning included the role of litigation funders in financing claims, and noted that “[p]articipants in the third party funding market may have made the assumption that such arrangements are not DBAs and hence are not made unenforceable by section 58AA(2). But this would not justify the court in changing or distorting the meaning of “claims management services” as it is…”[17]
In a dissenting minority view, Lady Rose would have upheld the CAT and Court of Appeal’s position that LFAs did not constitute DBAs. Her Ladyship found that LFAs did not constitute “claims management services” because “the giving of financial assistance is only included in the term claims management services if it is given by someone who is providing claims management services within the ordinary meaning of that term.”[18] In reaching her conclusion, Lady Rose maintained that Parliament did not intend for 58AA(3)(a) of the CLSA to “to render unenforceable damages-based litigation funding agreements.”[19]
III. Implications of the UKSC Judgment
The UKSC’s judgment has significant implications for third party litigation funding in the UK. Parties involved in UK litigation that are supported by a third party funding agreement will need to assess whether their existing LFAs are (or might be considered) DBAs in light of the judgment and, if so, consider whether amendments are needed to ensure that they comply with the Regulations. There may be further risks for fully resolved cases under funding arrangements, in that amounts already paid to the funders may be challenged on the basis that the funding agreement could be deemed unenforceable.
For opt-out collective proceedings in the CAT, the implications of the UKSC’s judgment are more acute given the general prohibition on DBAs for such cases. It remains to be seen whether – and how – funders might seek to restructure LFAs in opt-out collective proceedings, so that they are not considered DBAs. It is likely that the judgment will, in the short term at least, create complications for funders and class representatives involved in current and future opt-out proceedings.
The wider and more long term impact of this decision on the litigation funding market in the UK (which has been strong and growing in recent years) remains to be seen.
_____________________________
[1] Paccar Inc. v RHA and UKTC [2021] EWCA Civ 299, para. 2 (emphasis added).
[2] The Courts and Legal Services Act 1990, section 58AA.
[3] The Damages-Based Agreements Regulations 2013.
[4] See Ministerial Foreword, Ministry of Justice, “Reforming Civil Litigation Funding and Costs in England and Wales – Implementation of Lord Justice Jackson’s Recommendations – The Government Response”, March 2011, p. 3-4.
[5] In the Civil Justice Council 2 September 2015 Press Release on DBA Recommendations, Professor Rachael Mulheron, Chairman of the CJC’s working party, noted: “DBAs have been used very sparingly by the legal profession since the Jackson reforms took effect in 2013. This has been unfortunate, given that the use of DBAs in contentious litigation was, arguably, the most novel aspect of those 2013 reforms.”
[6] Lord Justice Jackson proposed wide-ranging reforms to the civil litigation costs system in 2009 – these are widely referred to as the “Jackson Reforms” and included the introduction of DBAs addressed above. Following a public consultation, these were implemented in large part via the Legal Aid, Sentencing and Punishment of Offenders Act 2012 (“LASPO”) and the 2013 Regulations. In November 2014, the Ministry of Justice recognised that there were drafting issues with the Regulations and asked the Civil Justice Council to review them to consider possible improvements.
[7] Case AT. 39824 – Trucks, 19 July 2016; UK Trucks Claim Limited v Fiat Chrysler Automobiles N.V. and Others [2019] CAT 26, paras. 1-2.
[8] N.B: The UKTC application was brought against Iveco and Daimler; the RHA application against Iveco, MAN and DAF.
[9] UK Trucks Claim Limited v Fiat Chrysler Automobiles N.V. and Others [2019] CAT 26, paras. 1-2.
[10] Id., para. 15.
[11] Id., para. 110(1).
[12] Paccar Inc. v RHA and UKTC [2021] EWCA Civ 299.
[13] Id., paras. 105-107.
[14] The Compensation Act 2006, section 4(2)(b).
[15] The UKSC had, earlier, granted permission for the Association of Litigation Funders of England & Wales to make written submissions as an intervener, which it did (a reflection of the importance the appeal had to the litigation funding sector in this jurisdiction).
[16] R (on the application of PACCAR Inc and others) (Appellants) v Competition Appeal Tribunal and others (Respondents), [2023] UKSC 28, para. 72.
[17] Id., para. 91.
[18] Id., para. 254.
[19] Id., para. 253.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s global Litigation, International Arbitration, or Transnational Litigation practice groups, or any of the following authors in London:
Doug Watson (+44 20 7071 4217, [email protected])
Piers Plumptre (+44 20 7071 4271, [email protected])
Ceyda Knoebel (+44 20 7071 4243, [email protected])
Dan Warner (+44 20 7071 4213, [email protected])
Hannah Lewis (+44 20 7071 4059, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
The False Claims Act (“FCA”) has had a somewhat mixed first half of 2023, marked by two Supreme Court decisions, significant decisions in the lower federal courts, and a large jury verdict for the government, but also by lower-than-usual recoveries by the government through settlements.
The June decisions by the Supreme Court settled circuit splits over scienter and the government’s dismissal authority in ways that generally aligned with expectations among the FCA bar as far as the core issues went, but that also highlighted key questions for the lower courts to resolve going forward. Meanwhile, the U.S. Department of Justice (“DOJ”) reached FCA resolutions totaling more than $485 million during the first half of the year, as well as an FCA judgment that by itself equaled approximately $487 million. Lower federal courts grappled with issues surrounding causation, the FCA’s public disclosure bar, and the standard for pleading FCA allegations with particularity under Federal Rule of Civil Procedure 9(b).
Below, we summarize recent enforcement activity, then provide an overview of notable legislative and policy developments at the federal and state levels, and finally analyze significant court decisions from the first half of the year. Gibson Dunn’s recent publications regarding the FCA may be found on our website, including in-depth discussions of the FCA’s framework and operation, industry-specific presentations, and practical guidance to help companies navigate the FCA. And, of course, we would be happy to discuss these developments—and their implications for your business—with you.
I. Noteworthy DOJ Enforcement Activity During the First Half of 2023
During the first half of 2023, DOJ announced 36 FCA resolutions totaling more than $485 million. By comparison, in the first half of 2022, there were 29 resolutions totaling over $500 million—but by year end, DOJ had collected over $2.2 billion in FCA recoveries for the year. While 2023 appears to be off to a slower start in dollar terms compared to prior years, the number of resolutions in the first half shows that the government is as active as ever in this space.
Below, we summarize the most notable settlements and judgments from the first half of this year, organized by industry and focused on key theories of liability at issue in the resolutions.[1] As usual, FCA recoveries in the healthcare and life sciences industries dominated enforcement activity during the first half of the year in terms of the number and value of settlements. DOJ, however, also announced notable resolutions in the government contracting and procurement space, described below.
In addition to the settlements summarized below, there also was a federal jury trial under the FCA during the first half of the year—a relative rarity given the treble damages and punitive liability the statute imposes. On May 15, a U.S. District Court Judge for the District of Minnesota entered a judgment of approximately $487 million against an ophthalmic supplies company and the company’s owner. Previously, on February 27, a jury had concluded that the defendants in the case violated the FCA and the Anti-Kickback Statute (“AKS”) by paying kickbacks to ophthalmic surgeons to incentivize them to use the company’s products in cataract surgeries for Medicare beneficiaries. The alleged kickbacks included luxury travel and entertainment, some of which was paid for out of what was referred to within the company as a “secret fund” and a “slush fund.” The jury found that the defendants’ conduct led to the submission of 64,575 false claims to Medicare, resulting in approximately $43,695,000 in damages to Medicare. Pursuant to the FCA, the court trebled these damages and imposed approximately $358,446,000 in statutory penalties—a number which may well be decreased under the Eighth Amendment’s prohibition on excessive fines, but will still stand as a daunting recovery. The underlying lawsuit was initially brought by a qui tam relator, whose share of the judgment was not disclosed in the press release.[2]
A. Healthcare and Life Science Industries
- On January 9, a physicians group agreed to pay approximately $1.85 million to resolve allegations that it violated the FCA by billing the government for medically unnecessary cataract surgeries and diagnostics tests, tests that were incomplete or of no value, and office visits in which the level of service claimed was not provided. As part of the settlement, the physicians’ group entered into a five‑year Integrity Agreement and Conditional Exclusion Release with the Office of Inspector General for the Department of Health and Human Services (“HHS-OIG”). Under the agreement, HHS-OIG did not release its permissive exclusion authority and will provide such a release only after the physicians group has satisfied its obligations under the agreement. The settlement resolved a qui tam suit brought by a former employee; the former employee’s share of the recovery was not disclosed.[3]
- On January 12, an orthopedic company and its owner agreed to pay approximately $1.8 million to resolve FCA allegations that between 2008-2015 the company submitted false claims for reimbursement for a particular knee agent when it was using a less expensive knee agent on beneficiaries of federal healthcare programs. The government alleged that the company and its owner profited from the use of the higher-priced products. The settlement resolved a qui tam suit brought by a medical device sales representative, whose share of the recovery was not disclosed at the time of the settlement.[4]
- On February 7, a clinical laboratory services provider agreed to pay $19 million to resolve allegations that it caused the submission of false claims to Medicare in violation of the FCA. The government alleged that the company provided phlebotomy services to doctors who ordered laboratory testing from the company and two other third-party providers when it knew the third-party providers paid fees to the doctors to induce referrals. The settlement resolved a qui tam suit brought by two relators, who together received approximately $5.6 million of the settlement.[5]
- On February 22, a company operating a long-term care hospital agreed to pay approximately $21.6 million to resolve claims that the company improperly billed Medicare. The government alleged that the company submitted claims for unauthorized services, services not provided, and services considered worthless. The settlement resolved a qui tam suit brought by an individual working at the long-term care hospital; the relator will receive $4,327,502 of the settlement amount.[6]
- On February 27, a Pennsylvania physician, a university medical center, and a healthcare practice agreed to pay a total of $8.5 million to resolve allegations that the physician improperly billed for concurrent surgeries. Specifically, the government alleged that the physician regularly performed multiple complex surgical procedures at the same time, failed to participate in all of the “key and critical” portions of the surgeries, and forced patients to endure hours of medically unnecessary anesthesia time, as the physician moved between surgeries. In June 2022, a court had denied the defendants’ motion to dismiss the complaint. The settlement requires a corrective action plan for the physician and a third-party audit of the physician’s Medicare billings. Under the resolution, the university medical center has the ability to request guidance and/or an advisory opinion from the Centers for Medicare and Medicaid Services (CMS) regarding certain Medicare regulations related to surgical practices.[7]
- On February 27, a New York nursing facility, its landlord, and several individuals agreed to collectively pay $7,168,000 to resolve allegations that the parties violated the FCA by submitting claims for payment for services the government claimed were worthless because of the facility’s alleged failure to maintain a license and ensure proper staffing and maintenance.[8]
- On March 1, a medical equipment company agreed to pay $7 million to resolve allegations that it violated the FCA by making false statements in reimbursement claims submitted to three states’ Medicaid programs. The government alleged that the company failed to disclose all discounts it received from, or actual costs it paid to, manufacturers. As part of the settlement, the company entered into a five-year corporate integrity agreement (CIA) with HHS-OIG, which requires the company to implement a centralized risk assessment program and hire an independent review organization to complete annual reviews of its Medicare and Medicaid claims. The settlement resolved a qui tam suit brought by a former employee, who received approximately $1.05 million of the settlement.[9]
- On March 3, a Florida medical center agreed to pay $4 million to resolve allegations that it improperly funded Florida’s share of certain Medicaid payments by making donations to a local unit of government that were then returned to the medical center as Medicaid reimbursements. The government alleged that between October 2014 and September 2015, the medical center assumed and paid the Medicaid contribution obligations of a local unit of government under the guise of a donation. These donations were allegedly designed to increase Medicaid payments received by the medical center, by freeing up funds for the local government unit to contribute to the state as part of the state’s share of Medicaid payments to the medical center.[10]
- On March 23, a Texas-based provider of ophthalmology services committed to pay approximately $2.9 million to settle allegations that it violated the AKS, and in turn the FCA, by offering and paying kickbacks to optometrists in exchange for referrals of Medicare and Medicaid patients for cataract surgery. The alleged kickbacks included payments as well as free continuing education courses and travel and entertainment. The allegations stem from a qui tam lawsuit, but the relator’s share of the recovery was not disclosed at the time of the press release.[11]
- On March 27, a clinical laboratory services provider agreed to pay $2.1 million to resolve allegations that it violated the FCA by overbilling the Department of Defense for genetic tests performed for military members by a third-party reference laboratory. The settlement resolved a qui tam suit brought by a former employee, who received $357,000 of the settlement.[12]
- On March 29, a regional hospital system and two physicians agreed to pay a total of more than $69 million to resolve allegations under the FCA of improper financial relationships with eight referring physicians and a physician-owned investment group. The settlement resolves claims brought in a qui tam suit; the relator will receive a combined $12,384,927.36 from the government’s recovery.[13]
- On April 19, a Virginia-headquartered healthcare company agreed to pay $3 million to settle allegations that it violated the FCA through fraudulent billing practices related to pediatric in-home health, personal care, and related services. The allegations include billing Virginia Medicaid for in-home healthcare services for pediatric patients who were actually hospitalized during that time, as well as billing for home health services that were not provided. The settlement also resolves claims brought by a qui tam relator. The United States and Virginia intervened in the qui tam case and obtained default prior to settlement.[14]
- On April 20, an ophthalmologist agreed to pay approximately $1.17 million to resolve allegations that he violated the FCA by paying kickbacks to optometrists for referrals of Medicare beneficiaries to his practice for cataract surgeries. The settlement agreement resolved a qui tam lawsuit brought by two relators, who together will receive approximately $257,000 as a result of the settlement.[15]
- On April 21, a Pennsylvania medical equipment company agreed to pay $5.3 million to resolve allegations that it violated the FCA by submitting false claims to federal healthcare programs for respiratory devices that patients did not need or use. The settlement resolved a qui tam suit brought by a former employee, who received approximately $950,000 of the settlement.[16]
- On May 9, two Kentucky companies that perform urine drug tests and related services agreed to collectively pay approximately $1.7 million to resolve allegations that they improperly billed federal and state healthcare programs for urine drug tests that were performed pursuant to court order rather than for medical reasons. The settlement resolves allegations brought in a qui tam complaint. The two relators will receive approximately $295,000 of the recovery.[17]
- On May 24, a Massachusetts hospital group agreed to pay over $5.7 million to resolve allegations that seven of its physician compensation plans, involving 44 doctors, violated the Stark Law and the FCA. The settlement resolved a qui tam suit brought by a whistleblower, who received 17% of the recovery. The settlement included language that required the hospital group to “admit, acknowledge, and accept responsibility for” certain facts—a requirement that has not become universal in DOJ settlements but that we have seen certain U.S. Attorneys’ Offices imposing with increasing frequency.[18]
- On May 25, a Philadelphia-based primary care physician practice and two of its physicians agreed to pay a total of $1.5 million to settle allegations that they misrepresented to Medicare the severity of patients’ illnesses and the services provided to them. The practice allegedly submitted unsupported diagnosis codes, including morbid obesity and smoking cessation codes for patients who did not qualify for them. The settlement resolves a qui tam lawsuit filed by former employees of the practice.[19]
- On May 25, a vascular surgeon agreed to pay up to $43.42 million to resolve allegations that his fraudulent billings to healthcare programs violated the FCA. The government alleged that the surgeon submitted false claims for procedures that he never performed and improperly used Modifier 59 to “unbundle” services that should have been billed together in a single claim. In a related criminal case, the surgeon was sentenced to 80 months in prison and ordered to pay $19.5 million in restitution. The FCA settlement resolved a qui tam suit, whose relator will receive up to $4,341,900 of the recovery.[20]
- On May 31, a Detroit hospital system agreed to pay over $29 million to resolve allegations that it violated the FCA and the AKS by providing kickbacks to certain referring physicians. The settlement resolved a qui tam suit brought by a former employee of an affiliated medical school, who received approximately $5.2 million of the settlement.[21]
- On June 15, a South Carolina healthcare system agreed to pay $36.5 million to resolve allegations that it violated the FCA, the Stark Law, and the AKS by tying payments to an orthopedic practice to the volume or value of the practice’s referrals. The settlement resolved a qui tam suit; the relator received approximately $10.2 million of the settlement.[22]
- On June 15, two Jacksonville pharmacies agreed to pay $7.4 million (and more, in potential contingency amounts) to resolve allegations that they added an antipsychotic drug to topical pain creams to boost reimbursement as well as routinely waived patient copayments. As part of the settlement, the owner of the pharmacies entered into a three-year integrity agreement with HHS-OIG, which includes an annual claims review by an independent review organization. The settlement resolved two qui tam suits brought by two former employees; their share of the recovery had not been determined at the time of settlement.[23]
- On June 16, a Maryland-based healthcare information technology company agreed to pay $1.7 million to settle allegations that it violated the FCA by billing the National Institutes of Health (NIH) for costs that were not eligible for reimbursement, including personal expenses unrelated to work on the contract at issue, in the form of luxury vehicles, housekeeping services, mortgage payments, and wedding costs. The settlement resolves qui tam lawsuits filed by multiple relators, of which two will receive $171,294.94, collectively, and the other will receive $171,294.94.[24]
- On June 16, a diagnostic laboratories billing company based in Maryland agreed to pay $300,479.58 to resolve FCA allegations relating to billing for unnecessary respiratory pathogen panels run on seniors who received COVID-19 tests. According to the government, a diagnostics laboratory that tested senior living community residents for COVID-19 directed the billing company to bill Medicare for respiratory pathogen panels; the government alleged that the physician who purportedly ordered the tests was ineligible to treat Medicare beneficiaries and had not actually ordered the respiratory tests. Allegedly, the billing company used a different physician’s medical credentials and, without authorization, billed Medicare.[25]
- On June 20, DOJ announced a $1.6 million settlement with two Georgia companies that own and operate a number of clinics and COVID-19 rapid testing sites. The settlement resolves allegations that the companies upcoded when billing Medicare for Evaluation and Management services for testing and treatment of patients with COVID-19 symptoms. Several relators filed complaints making these allegations; the settlement resolves all of those cases. As part of this resolution, the relators will receive $320,000.[26]
- On June 21, DOJ announced that Alta Vista Healthcare & Wellness Centre, LLC (“Alta Vista”) and its management company agreed to pay $3.23 million to the United States and $596,700 to California to resolve allegations that Alta Vista had submitted false claims based on violations of the AKS. Alta Vista allegedly paid several physicians monthly stipends and provided them with travel and entertainment, in return for their referral of patients to Alta Vista. In parallel with the DOJ settlement, Alta Vista agreed to enter into a five-year CIA with HHS-OIG. The settlement resolves case filed in 2015 by a former Alta Vista employee, who received a $581,094 share of the total recovery.[27]
- On June 29, a California county organized health system and three healthcare providers agreed to pay a combined $68 million to resolve allegations that they violated the FCA and the California False Claims Act. The settlements resolve allegations that the four defendants knowingly submitted or caused the submission of false claims to California’s Medicaid program (Medi-Cal) for “Enhanced Services” that were purportedly provided to Adult Expansion Medi-Cal members under the Affordable Care Act. The United States and California alleged that the payments were not “allowed medical expenses” permissible under the relevant contract; were pre-determined amounts that did not reflect the fair market value of any Enhanced Services provided; and/or were duplicative of services already required to be rendered. The United States and California further alleged that the payments were unlawful gifts of public funds in violation of the California Constitution. The relator in the case will receive approximately $12.56 million as his share of the federal recovery.[28]
B. Government Contracting and Procurement
- On February 27, a South Carolina-based 3D printing company holding contracts with the National Aeronautics & Space Administration (NASA) and the Department of Defense (DOD) agreed to pay up to $4.54 million to resolve allegations that it violated the FCA by improperly transmitting controlled technical data to China. Between January 2012 and December 2017, and in connection with its NASA and DOD contracts, the company allegedly transmitted certain items and/or intellectual property to China without the appropriate license or authorization. The company also reached parallel settlements with the Department of State (DOS) and the Department of Commerce (DOC) over the alleged export control violations underlying the FCA case, worth $20 million and $2.77 million, respectively. The agreement with DOJ permits crediting of amounts paid to DOS and DOC against penalties owed to DOJ.[29]
- On March 2, a paint manufacturer agreed to pay $1 million to resolve allegations that it participated in a scheme to defraud the federal Disadvantaged Business Enterprise (DBE) program in connection with a contract to paint a bridge in Philadelphia. The government alleged that the joint venture that was awarded the contract for the project worked with the paint manufacturer, rather than a qualified DBE as required by the contract—while nominally subcontracting with a DBE in what the government alleged was a sham arrangement.[30]
- On April 24, a manufacturer of military communications equipment agreed to pay $21.8 million to resolve allegations that it violated the FCA by knowingly submitting and causing the submission of false claims to DOD by including in contract proposals the cost of certain parts twice. The government alleged that the manufacturer submitted contract proposals that double-counted the cost of low-cost common-stock items, such as nuts and bolts. In conjunction with the resolution, DOJ agreed to settle for just under $8 million a breach of contract lawsuit by the manufacturer against the United States alleging that in its effort to prevent the manufacturer from continuing to double-charge for common-stock items, DOD improperly prohibited the manufacturer from charging certain other costs.[31]
- On May 30, a U.S. Postal Service (USPS) contractor and its parent company agreed to pay $2.75 million to settle allegations that they knowingly withheld funds owed to USPS and related to the agency’s change of address process, by allegedly deducting the contractor’s own costs before sharing revenue with USPS. Additionally, the contractor allegedly improperly allocated labor costs from one contract to another, increasing its profits and passing off a portion of its labor costs to USPS. The settlement resolves claims in a qui tam lawsuit brought by a former employee of the contractor.[32]
- On June 20, DOJ announced the resolution of two cases involving alleged false statements by a project superintendent and a construction company in connection with the federal Route 6/10 Interchange Project. The company paid $1 million to resolve the FCA portion of the cases. The company’s construction contract for the project prohibited the removal, use, and transport of contaminated soil in the course of construction. DOJ alleged that the superintendent, a former employee of the company, misled state inspectors into believing that stone for the Route 6/10 Interchange Project had been tested as required by the construction contract and environmental standards, when in fact no tests had been performed. In parallel with DOJ’s civil settlement with the company, the company entered a non-prosecution agreement with DOJ, and the superintendent pled guilty to making false statements and was sentenced to one year of probation and a $40,000 fine.[33]
- On June 29, a space and defense company based in Florida, its owner, and an Ohio-based affiliate agreed to pay $7,759,693.32 to resolve allegations that the company knowingly provided false information to the SBA to gain access to contracts set aside for small businesses. The government alleged that the company failed to accurately report distributions and payments the company had made to the owner’s family members and misreported the owner’s assets. According to the government, had the company provided correct information, it and its affiliate would not have been eligible for contracts it obtained with NASA, the U.S. Army, and the U.S. Air Force. The settlement resolves claims in a qui tam lawsuit brought by another space and defense company, which will receive $1,357,964 of the settlement amount.[34]
- On June 30, a government contractor agreed to pay $80,944 to settle a civil fraud case alleging that it violated the Trade Agreements Act (TAA) and the FCA by fraudulently misrepresenting the country of origin for over a dozen printer toner products and offering them for sale, as TAA compliant, through a General Services Administration (GSA) Multiple Award Schedule (MAS) contract and an Air Force Blanket Purchase Agreement.[35]
C. Other
- On April 10, a company that provides engineering services and staffing services agreed to pay approximately $9.9 million to resolve “reverse” FCA allegations that it underpaid visa fees owed to the federal government by seeking less expensive B-1 visas for foreign national employees, rather than more expensive H-1B visas. The settlement resolves claims brought in a qui tam suit; the relator’s share of the recovery was not disclosed at the time of the settlement.[36]
- On May 11, an Alaska telecommunications company agreed to pay $40.24 million to settle allegations that it violated the FCA by inflating its prices in connection with the Federal Communications Commission’s (FCC) Rural Health Care Program. This program provides subsidies to rural healthcare providers for telecommunications services, awarded through a mandatory competitive bidding process. The government alleged that between 2013 and 2020, the company received more subsidy payments than it was entitled to by inflating its prices and failing to comply with FCC regulations. The company entered into a corporate compliance agreement with the FCC and resolved a pending administrative investigation with the FCC. The settlement resolved claims brought in a qui tam suit filed by a former director of business administration at the company, who will receive $6.4 million of the settlement amount.[37]
- On May 12, a South Korean company agreed to pay $2.05 million plus interest to resolve its potential liability under the FCA in connection with an alleged customs avoidance scheme. The company also pled guilty to the scheme and was sentenced to a criminal fine of $250,000 and restitution in the amount of $2.05 million. The resolutions resolved allegations that from 2012 to 2019, the company evaded customs duties on clothing and apparel that it manufactured abroad and imported into the United States, by preparing an accurate invoice for U.S. purchasers and a false invoice for U.S. Customs that undervalued the goods. Accordingly, the government alleged that the company underpaid customs duties that it owed based on the true value of the goods. The FCA settlement resolves a qui tam suit whose relator will receive 18 percent of the settlement amount.[38]
- On June 27, a think tank agreed to pay $501,161 to resolve allegations that it falsely certified that it was eligible to receive a Second Draw Paycheck Protection Program (PPP) Loan from the SBA. The Coronavirus Aid, Relief, and Economic Security Act (CARES Act) authorized forgivable loans to small businesses for job retention and certain approved expenses, through the PPP. Entities that applied for Second Draw PPP loans were required to certify that they were not primarily engaged in political or lobbying activities. According to the settlement, the think tank certified to the SBA that it was not a think tank primarily engaged in political or lobbying activities, when it had publicly stated otherwise on LinkedIn, in various sections of its website, and in press releases. The settlement resolves a qui tam suit filed by a relator, who will receive 10 percent of the recovery.[39]
- On June 29, a mortgage company agreed to pay $23.75 million to resolve allegations that it violated the FCA by failing to comply with material program requirements when it originated and underwrote mortgages insured by the Department of Housing and Urban Development’s (HUD) Federal Housing Administration (FHA) or guaranteed by the Department of Veterans Affairs (VA). According to the settlement, the company falsely certified for FHA mortgage insurance and VA home loan guarantees a material percentage of loans that did not meet applicable requirements and, therefore, were not eligible under those programs, and HUD and the VA would not have insured or guaranteed the loans but for the company’s submission of false certifications. The relators in this case, two former employees of the company, will receive a total of $4,037,566 of the settlement proceeds.[40]
II. Legislative and Policy Developments
A. Senate Passes Amendments to the Program Fraud Civil Remedies Act
On March 30, 2023, the Senate passed the Administrative False Claims Act of 2023 (AFCA), which was co-sponsored by Senators Chuck Grassley and Dick Durbin. The bill would expand the scope of the existing Program Fraud Civil Remedies Act of 1986, a law that targets lower dollar‑value frauds against the government, provides for an administrative process for government agencies to use in pursuing such claims when DOJ declines to do so, and establishes conditions for judicial review.[41] The AFCA would raise the statutory ceiling for these smaller claims from $150,000 to $1 million, and would mandate the adjustment of the statutory ceiling for inflation. It also would allow the government to recover costs for investigating and pursuing cases within the scope of the statute.[42] The legislation has now moved to the House of Representatives for further action.[43]
B. Tax-Related Claims at the State Level
The first half of 2023 has witnessed notable developments related to the efforts of certain states to expand their false claims laws to cover claims predicated on non-payment of taxes. Such claims are unique to the state context, because the federal FCA expressly excludes them. Granted, most state FCAs do as well. Virginia’s Fraud Against Taxpayers Act, for example, tracks the federal statute’s language closely and provides that the law “shall not apply to claims, records, or statements relating to state or local taxes.”[44]
But a small minority of states do allow for tax-related claims to be brought under the False Claims Act—the most notable among them being New York, the District of Columbia, Illinois, and Indiana. Until recently, all of these states’ FCAs required affirmative false statements to the government as a condition of liability; they did not cover scenarios in which the defendant simply failed to file required taxes with the state altogether. In at least one jurisdiction, this principle was recently affirmed in a decision granting a motion to dismiss for failure to allege a false claim, record, or statement pursuant to the jurisdiction’s tax laws.[45]
In May of this year, New York became the first state to depart from this norm by amending its FCA to cover persons who improperly fail to file a tax return in New York. On May 3, 2023, 2023-S. 4009-C was signed into law by Governor Hochul.[46] With that amendment, the statute now applies to those who commit “tax law violations” rather than only those who submit false “claims, records, or statements made under the tax law.”[47] With this change, New York’s False Claims Act has become the most aggressive amongst the state Acts that address tax law violations.
The New York amendment follows two prior unsuccessful attempts by the state’s lawmakers to enact even more expansive changes. On December 31, 2021, Governor Hochul vetoed Senate Bill 4730, which had proposed expanding the application of the statute to tax-related “claims, records, or statements” to “claims, records, or statements, and obligations.”[48] In her veto statement, the Governor explained that the use of the word “obligations” was too broad and could encompass more than only non-filers.[49] Just over a year later, on January 30, 2023, Governor Hochul vetoed Senate Bill 8815, which added some limiting language related to scienter but still contained the vague “obligations” language, and provided “an undefined retroactive lookback period” that would not provide filers with sufficient notice of how the amendment would be applied.[50] The amendment that was eventually signed into law, in addition to eliminating the “obligations” language, also specified that the amendment would only be applied to future actions filed against “tax obligations knowingly concealed or knowingly avoided after May 1, 2020,” thereby eliminating the “undefined retroactive lookback period” contained in the previously proposed amendment.[51]
Notwithstanding the shortening of the lookback period, the New York amendment still has significant implications for companies and individuals with New York touchpoints. The statute covers both income taxes and other types of taxes as well—and, critically, it does not carve tax-based claims out of the provisions permitting suits by qui tam relators.[52] As a result, we can expect to see increased efforts by the plaintiffs’ bar to bring cases grounded in alleged technical non‑compliances with New York tax law, including mere failures to file tax returns. And while the amendment has faced its fair share of criticism from trade associations and other groups,[53] it remains possible that legislatures in other states that allow tax-based FCA liability will attempt similar expansions of their laws.
The New York amendment also could serve to re-invigorate attempts in states with no tax-based FCA liability to enshrine such liability in their statutes. Ohio will be one state to watch in that regard. In January 2022, Ohio House Bill 533 proposed extending the state’s FCA to cover claims brought under the state’s tax laws.[54] The bill was referred to the Committee on Civil Justice in February 2022, but has not made any progress since then.[55] Elsewhere, New York’s approach could continue to prove an outlier. After New York passed its amendment, Connecticut passed HB 6826, which expands the state’s FCA to cover most state programs and benefits, rather than only state-administered health and human services programs, but expressly carves out tax-based liability.[56] Connecticut lawmakers had—before New York’s amendment—unsuccessfully attempted an that would have allowed tax-based claims.[57]
C. HHS-OIG Incentives for States
HHS-OIG provides an incentive for states to enact false claims statutes in keeping with the federal FCA. If HHS‑OIG approves a state’s FCA, the state receives an increase of 10 percentage points in its share of any recoveries in cases involving Medicaid. Consistent with our reporting in prior alerts, the lists of “approved” and “not approved” state false claims statutes remain at 22 and 7, respectively.[58]
III. CASE LAW DEVELOPMENTS
A. Supreme Court Rules in Two Long-Awaited False Claims Act Cases
i. Supreme Court Rules that Subjective Standard Governs Scienter
Our 2022 Year-End False Claims Act Update also highlighted the Court’s decision to grant certiorari in United States ex rel. Schutte v. SuperValu Inc., 143 S. Ct. 1391 (2023), the consolidation of two decisions of the Seventh Circuit: United States ex rel. Schutte v. SuperValu Inc., 9 F.4th 455 (7th Cir. 2021), cert. granted, 143 S. Ct. 644 (Jan. 13, 2023), and United States ex rel. Proctor v. Safeway, Inc., 30 F.4th 649 (7th Cir. 2022), cert. granted, 143 S. Ct. 643 (Jan. 13, 2023). On June 1, 2023, the Court reversed the Seventh Circuit’s rulings in those cases, holding that knowledge under the FCA turns on a subjective standard—what the defendant actually knew and believed at the time of the alleged false claim—not on an objectively reasonable interpretation the defendant may have had after the fact. Schutte, 143 S. Ct. at 1399, 1401.
Defendants SuperValu and Safeway operated retail drug pharmacies nationwide. Id. at 1396. In both cases, Relators alleged that defendants misrepresented their “usual and customary” drug prices in the process of seeking reimbursement from Medicare and Medicaid over the course of several years. Id. at 1397. Rather than reporting the “usual and customary charges [for the drug] to the general public,” as CMS instructs, see 42 C.F.R. § 447.512(b)(2), which the Relators alleged were the heavily discounted prices the defendants provided to patients through cost-matching programs, the defendants allegedly submitted retail drug costs. Id.
The district court agreed with Relators that the discounted drug prices the defendants charged customers were the companies’ usual and customary prices, and that by failing to disclose the lower prices, the defendants had submitted false claims to the government. Id. at 1398. Ultimately, however, the district court granted summary judgment in favor of the defendants, finding that the defendants had not submitted false claims knowingly. Id. The Seventh Circuit affirmed, applying Safeco Insurance Co. of America v. Burr, 551 U.S. 47 (2007), to conclude that “[b]ecause SuperValu had an objectively reasonable understanding of the regulatory definition of U&C price and no authoritative guidance placed it on notice of its error, the Relators have not shown that SuperValu acted knowingly.” Schutte, 9 F.4th at 472.
The Supreme Court reversed, holding that “[w]hat matters for an FCA case is whether the defendant knew the claim was false.” 136 S. Ct. at 1396. Looking first to the text of the FCA and noting that “either actual knowledge, deliberate ignorance, or recklessness will suffice” to satisfy the “knowingly” element, the Court explained that “[t]hat three-part test largely tracks the traditional common-law scienter requirement for claims of fraud.” 143 S. Ct. at 1400. The Court explained its reliance on the common law by reference to its incorporation of common‑law concepts into the 2016 Escobar decision. Id. On the basis of this textual and common‑law analysis, the Court articulated the meaning of each of the FCA’s three alternatives for scienter, notably characterizing reckless disregard as occurring when a defendant is “conscious of a substantial and unjustifiable risk that [its] claims are false, but submit[s] the claims anyway”—but caveating this discussion by saying that it was not considering whether recklessness exists when a defendant submits claims despite “an unjustifiably high risk of illegality that was so obvious that it should have been known, even if the defendant was not actually conscious of that risk.” Id. at 1401 & n.5.
As noted in Gibson Dunn’s alert immediately following the Court’s decision, this decision will potentially make it harder for courts to resolve FCA cases at the pleading stage because measuring scienter according to contemporaneous subjective knowledge may be an inquiry that some courts deem to be too fact-intensive. And while the decision was unsurprising given the significant majority of federal appellate courts that had already held that a post hoc legal interpretation cannot vitiate a defendant’s contemporaneous, subjective belief, the decision also articulated a standard for “reckless disregard” under the FCA without much guidance for lower courts on when the standard is satisfied. We can expect that question to become a battleground in FCA cases now that the Court has foreclosed the so-called “Safeco” defense.
ii. Following SuperValu, Supreme Court Sends Sheldon Back to the Fourth Circuit and Olhausen to the Eleventh
In an order list, the Supreme Court sent two major wins for FCA defendants—the Fourth Circuit’s Sheldon v. Allergan decision and the Eleventh Circuit’s decision in Olhausen v. Arriva Medical—back to the appellate courts “for further consideration in light of United States ex rel. Schutte v. SuperValu.” Sheldon v. Allergan Sales, LLC, No. 20-2330, Dkt. No. 105 (4th Cir.); Olhausen v. Arriva Med., LLC, No. 22-374, Dkt No. 46 (11th Cir.). Now, both Circuits must further consider their rulings in light of SuperValu’s holding that scienter under the FCA turns on a defendant’s “subjective beliefs” about its conduct, even when those practices are “objectively reasonable.” In April 2022, the Eleventh Circuit held in Olhausen that a provider of mail-order diabetic testing supplies and other medical products had not acted with the requisite scienter to defraud Medicaid because “the Medicare rules that [the relator] alleged the Defendants violated are susceptible to multiple reasonable interpretations.” Olhausen v. Arriva Med., LLC, No. 21-10366, 2022 WL 1203023, at *2 (11th Cir. Apr. 22, 2022), cert. granted, judgment vacated sub nom. Olhausen v. Arriva Med., LLC, No. 22-374, 2023 WL 4278438 (U.S. June 30, 2023). In September 2022, an en banc Fourth Circuit examined the FCA’s scienter element in Sheldon, joining the then-growing number of circuits to incorporate the so-called “Safeco” defense into FCA cases. The Fourth Circuit had held that “a defendant cannot act ‘knowingly’ if it bases its actions on an objectively reasonable interpretation of the relevant statute when it has not been warned away from that interpretation by authoritative guidance”—an “objective standard” that “precludes inquiry into a defendant’s subjective intent.” Sheldon, 24 F.4th at 348. Shortly thereafter, in a per curiam order on rehearing en banc, the full Fourth Circuit reached an impasse and vacated the panel opinion and affirmed the district court. United States ex rel. Sheldon v. Allergan Sales, LLC, 49 F.4th 873 (4th Cir. 2022).
iii. Supreme Court Clarifies When the Government May Dismiss Qui Tam Cases Over the Objections of Relators
As discussed in Gibson Dunn’s 2022 Year-End False Claims Act Update, the Supreme Court heard oral argument in United States ex. rel. Polansky v. Executive Health Resources, Inc., 143 S. Ct. 1720 (2023) in December 2022. In June 2023, the Court issued its opinion in Polansky, clarifying when the government could dismiss an FCA suit over a relator’s objection, as long as it intervened sometime in the litigation. 143 S. Ct. at 1727. The FCA provides that “the Government may dismiss the action notwithstanding the objections of the person initiating the action if the person has been notified by the Government of the filing of the motion and the court has provided the person with an opportunity for a hearing on the motion.” 31 U.S.C. § 3730(c)(2)(A). In Polansky, the government initially declined to intervene in the relator’s suit during the investigative “seal period” after the relator had filed the complaint. Polansky, 143 S. Ct. at 1729. The government, however, later moved to dismiss without formally intervening. Id. The district court granted the request and dismissed the case. The Third Circuit affirmed, determining that although the government had declined to intervene during the seal period, the government’s motion to dismiss was reasonably construed as an intervention in the case. Id. The Third Circuit further determined that the district court had not abused its discretion in concluding that dismissal was warranted under Federal Rule of Civil Procedure 41(a), which governs voluntary dismissals. Id. at 1730.
The Supreme Court affirmed by a vote of 8-1. In an opinion authored by Justice Kagan, the Court held that “the Government may seek dismissal of an FCA action over a relator’s objection so long as it intervened sometime in the litigation, whether at the outset or afterward” and that, in resolving such motions, district courts “should apply the rule generally governing voluntary dismissal of suits: Federal Rule of Civil Procedure 41(a).” Id. at 1727. The Court explained that the government need not intervene during the seal period of the case to have the right to later dismiss it. The Court also made clear that the government cannot move to dismiss unless it intervenes at some point, which the Third Circuit deemed the government had done here through its motion to dismiss. The Supreme Court then explained that any motion for dismissal by the government is to be evaluated under Federal Rule of Civil Procedure 41(a), whose “standard varies with the case’s procedural posture.” Id. at 1733.
The Court added two caveats, namely: (1) unlike Rule 41(a), the FCA requires notice and an opportunity for a hearing before the government’s motion to dismiss may be granted; and (2) a court’s analysis of such a motion to dismiss under Rule 41(a) must “consider the[] interests” of the relator, and not only the defendant as in non‑FCA cases. Id. at 1734. According to the Court, a government motion to dismiss “will satisfy Rule 41 in all but the most exceptional cases.” Id. Thus, the district court had not abused its discretion in determining that the government had met this standard by “enumerat[ing] the significant costs of future discovery in the suit, including the possible disclosure of privileged documents,” and by “explain[ing] in detail why [the government] had come to believe that the suit had little chance of success on the merits.” Id. at 1735. Notably, the Court agreed with the district court’s assessment that the “billions of dollars of potential recovery” the government was foregoing “could not outweigh the Government’s reasonable view of the suit’s costs and benefits.” Id. (internal quotation marks removed).
Justice Thomas, in dissent, would have held that the government must intervene during the seal period in order to later dismiss the case. Perhaps more significantly, Justice Thomas also stated that “[t]here are substantial arguments that the qui tam device is inconsistent with Article II and that private relators may not represent the interests of the United States in litigation.” Id. at 1741 (Thomas, J., dissenting). According to Justice Thomas, the qui tam provisions of the FCA improperly “authorize a private relator to wield executive authority to represent the United States’ interests in civil litigation.” Id. Justice Kavanaugh, joined by Justice Barrett, authored a short concurrence suggesting agreement with Justice Thomas on this point and adding that “the Court should consider the competing arguments on the Article II issue in an appropriate case.” Id. at 1737 (Kavanaugh, J., concurring). Going forward, we will be watching closely to see whether this skepticism of the constitutionality of the qui tam provisions of the FCA takes root more deeply and broadly among the Justices.
Polansky should clarify the standard lower courts must apply in considering government motions to dismiss qui tam actions after years of divergent approaches. While this issue was previously the subject of a circuit split, the split was not so dramatic as to meaningfully deprive DOJ of dismissal power writ large; instead, the devil was in the details, as some courts purported to apply some level of scrutiny to government dismissal motions and thus created less predictability for defendants seeking to persuade the government to exercise its dismissal authority. While time will tell what exactly the lower courts deem to be the “extraordinary circumstance” justifying denial of a dismissal motion, id. at 1735, we are cautiously optimistic that U.S. Attorneys’ Offices around the country that previously had been more reluctant than others to exercise dismissal authority will see fewer risks in doing so when the considerations animating such a step are already present.
B. Circuit Split Deepens Over Proper Causation Standard for AKS-Predicated FCA Claims
The Anti-Kickback Statute imposes criminal liability on a person who knowingly and willfully pays, offers, solicits, or receives remuneration in return for referrals or orders of items or services reimbursed by federal health programs. In 2010, Congress amended the AKS to provide that “a claim that includes items or services resulting from a violation of [the AKS] constitutes a false or fraudulent claim for purposes of [the FCA].” 42 U.S.C. 1320a-7b(g) (emphasis added). Notwithstanding the statute’s use of language sounding in causation, the government and relators routinely take the position that all claims submitted by the recipient of an alleged kickback are false claims because they were “tainted” by the kickback, and that a greater showing of causation is not required. In March, the Sixth Circuit weighed in on a growing circuit split regarding what causation standard a plaintiff must satisfy to show that a false claim “resulted from” a violation of the AKS. In United States ex rel. Martin v. Hathaway, the Sixth Circuit joined the Eighth Circuit in concluding that the AKS imposes a “but-for” causation standard. 63 F.4th 1043, 1052–53 (6th Cir. 2023) (Sutton, J.) (citing United States ex rel. Cairns v. D.S. Medical L.L.C., 42 F.4th 828 (8th Cir. 2022)). As the Sixth Circuit explained, “the ordinary meaning of ‘resulting from’ is but-for causation” and this understanding applies absent strong textual or contextual indications to the contrary. Id. at 1052. This interpretation of the AKS’s causation standard is the same one reached by the Eight Circuit in the Cairns case, which we covered in our 2022 Year-End Update. See Cairns, 42 F.4th at 836. The court in Hathaway relied both on that case and on the Supreme Court precedent interpreting similar language in the criminal context on which Cairns itself had relied. See 63 F.4th at 1052 (citing Burrage v. United States, 571 U.S. 204, 210–11); 42 F.4th at 834. Applying a but-for causation standard, the Sixth Circuit in Hathaway concluded there is no violation of the FCA if “the alleged scheme did not change anything.” Id. at 1053. This is different than the position taken by the Third Circuit several years ago, which rejected a “but‑for” causation standard and instead determined that the FCA and AKS “require[] something less than proof that the underlying medical care would not have been provided but for a kickback.” United States ex rel. Greenfield v. Medco Health Solutions, Inc., 880 F.3d 89, 96 (3d Cir. 2018).
In Hathaway, one ophthalmologist (Dr. Shannon Martin) claimed that another ophthalmologist (Dr. Darren Hathaway) and a local hospital had violated the FCA by submitting claims for reimbursement that had been caused by kickbacks. According to the allegations, Hathaway was the owner of the sole ophthalmology business in a small town in Michigan that made its surgery referrals to the local hospital that also made its eye check-up referrals to Hathaway’s ophthalmology business. Hathaway, 63 F.4th at 1046. Martin was made a tentative offer of employment at the hospital. Id. According to Martin, Hathaway told the hospital that if it hired Martin, he would be forced to direct his surgical referrals elsewhere. Id. at 1046–47. The hospital responded by deciding not to hire Martin—allegedly “in return for Dr. Hathaway’s commitment to continue sending local surgery referrals,” thus “violat[ing] the Anti-Kickback Statute.” Id. at 1047. The government declined to intervene and the district court granted the defendants’ motion to dismiss. Id. Martin appealed. Id.
The Sixth Circuit affirmed the district court for two separate reasons. First, the Sixth Circuit concluded the complaint did not allege remuneration under the AKS. The complaint alleged that the hospital’s “refusal to hire Dr. Martin in return for Dr. Hathaway’s general commitment to continue sending surgery referrals for his patients” to the hospital constituted remuneration. Id. at 1051. The Sixth Circuit rejected this theory of remuneration because it did “not entail a payment or transfer of value to Dr. Hathaway,” which the Court deemed necessary for remuneration. Id. Because Hathaway had already been sending his surgery referrals to the hospital, “refusing to hire Dr. Martin . . . simply left things where they were.” Id. at 1052. Second, the Sixth Circuit concluded the complaint failed to allege but-for causation. Because Hathaway already made his referrals to the local hospital, the Sixth Circuit concluded that “[t]here’s not one claim for reimbursement identified with particularity in this case that would not have occurred anyway, no matter whether the underlying business dispute occurred or not.” Id. at 1053. The mere fact that surgeons at the hospital had submitted claims for reimbursement from the government after Martin’s tentative offer of employment was retracted was not enough to plead causation. Id. (“Temporal proximity by itself does not show causation.”).
C. Courts Continue to Grapple with Sufficiency of Pleading Under Rule 9(b)
DOJ’s or a relator’s FCA allegations must be pled with particularity under Federal Rule of Civil Procedure 9(b). Courts differ over what an FCA plaintiff alleging that false claims were presented to the government must do to allege presentment with particularity. The first half of 2023 witnessed the Second Circuit reaffirming a relatively stringent standard in this regard, in a case concerning alleged billing for unnecessary medical services.
i. Second Circuit Finds Blanket Allegations Insufficient to Satisfy Pleading Standard
In Doe 1 v. eviCore Healthcare MSI, LLC, No. 22-530-CV, 2023 WL 2249577, at *2 (2d Cir. Feb. 28, 2023), the U.S. Court of Appeals for the Second Circuit affirmed the district court’s denial of the Plaintiff’s claim for failure to plead fraud with sufficient particularity. Relators Jane Doe 1, Jane Doe 2—both former employees—and SW Challenger, LLC, brought 22 claims against eviCore Healthcare MSI, LLC (“eviCore”), including under the FCA. Relators alleged that eviCore contracted with private health insurance companies that cover Medicare and Medicaid beneficiaries to provide reimbursement determinations for medical services. Relators alleged that eviCore undertook a scheme to auto-approve requests related to certain providers, therapies, and populations, irrespective of the patient, and utilized an artificial intelligence program to approve certain requests based on flawed criteria and without manual review. As a result, Relators alleged, eviCore provided “worthless services” which caused those insurance companies to bill the government for unnecessary and fraudulently approved medical services. 2023 WL 2249577, at *1.
The district court granted eviCore’s motion to dismiss, including for failure to plead with sufficient particularity under Rule 9(b). The Second Circuit agreed with the district court’s determination that Relators “failed to identify even a single instance of a medical procedure, involving any particular patient on a specific date, that was fraudulent or unnecessary but that was nevertheless approved by eviCore,” and instead merely alleged that “the volume of eviCore’s approvals made it inevitable that fraudulent claims were approved.” Id. at *2. While the court’s analysis thus seems to align in principle with that of courts that require plaintiffs to plead “representative examples” of false claims, the court did not explicitly rely on that standard. In fact, the court stated that “Relators’ argument that their allegations created a strong inference of fraud is unpersuasive,” id. at *3—language seemingly more aligned with the majority rule that an FCA plaintiff need only plead details of a fraudulent scheme along with “reliable indicia” that false claims were submitted. Ultimately, the court did not make any definitive statements as to which standard it preferred, as it seemingly deemed the Relators’ allegations insufficient regardless of the exact level of detail required in the pleading.
D. Second Circuit Holds that FCA’s Public Disclosure Bar Prohibits Suit Even Where Defendant Is Named by Implication
The FCA bars qui tam suits with allegations similar to information already in the public domain, in an effort to incentivize relators to alert the government to potential cases to which it has not already been alerted. A relator may overcome this public disclosure bar by establishing that she is the “original source” of the information notwithstanding its public nature. 31 U.S.C. § 3730(e)(4). The statute defines “original source” as “an individual who either (i) prior to a public disclosure . . . has voluntarily disclosed to the Government the information on which allegations or transactions in a claim are based, or (2) who has knowledge that is independent of and materially adds to the publicly disclosed allegations or transactions, and who has voluntarily provided the information to the Government before filing an action” under the statute. Id. at § 3730(e)(4)(B). The Second Circuit in Piacentile v. U.S. Oncology, Inc., No. 22-18, 2023 WL 2661579, at *3 (2d Cir. Mar. 28, 2023), denied Relators’ appeal under the original source doctrine. In Piacentile, Relators alleged that U.S. Oncology, Inc. was involved in a kickback scheme carried out by pharmaceutical companies that resulted in the submission of false Medicare and Medicaid reimbursement claims. The district court found that three previously filed lawsuits had disclosed the existence of the kickback scheme at issue, naming one of the pharmaceutical companies later sued in the Piacentile case and “describ[ing] U.S. Oncology’s involvement in the scheme by implication.” 2023 WL 2661579, at *2. Applying the public disclosure bar, the district court dismissed the case.
The Second Circuit affirmed, holding that the public disclosure bar applies “even if the prior disclosure does not identify a defendant by name,” so long as it “set[s] the government squarely on the trail of a specific and identifiable defendant’s participation in the fraud.” Id. “‘[O]nce the government knows the essential facts of a fraudulent scheme, it has enough information to discover related frauds.’” Id. (citations omitted). The Second Circuit held that the previously filed complaints met this standard: they “provided notice to the government of the essential elements of the kickback scheme such that it would have been able to discover that U.S. Oncology—which the relators repeatedly described throughout this litigation as ‘one of [the defendant pharmaceutical company’s] major customers,’… participated in it.” Id. (citations omitted).
E. Fifth Circuit Finds No Retaliation Without Employer Knowledge of Protected Activity
The FCA prohibits retaliation against individuals for actions taken “in furtherance of an action under [the FCA] or other efforts to stop 1 or more violations of [the FCA].” 31 U.S.C. § 3730(h)(1). Courts typically apply this standard by requiring a showing, as part of a plaintiff’s prima facie case, that her employer knew of her FCA‑protected activity and retaliated against her because of it. In April, the Fifth Circuit reaffirmed this standard, particularly the knowledge requirement. In United States ex rel. Toledo v. HCA Holdings, Inc., No. 21-20620, 2023 WL 2823899, (5th Cir. Apr. 7, 2023), the Fifth Circuit affirmed the district court’s grant of summary judgment to Bayshore, an inpatient rehabilitation facility in Texas, in an administrator’s suit alleging she was fired for making complaints about alleged fraudulent claims. The administrator had served as Bayshore’s prospective payment system coordinator, and was responsible for sending information about the facility’s rehabilitation patients to CMS. Bayshore terminated the administrator when her new supervisor discovered that she had made coding errors on Inpatient Rehabilitation Facility Patient Assessment Instruments (IRF-PAIs) submitted to CMS. Even after Bayshore required the administrator to undergo one-on-one training, provided access to webinar trainings, and sent her to a three-day certification and training course, her supervisor discovered that she had continued to enter non-compliant codes, and she was terminated. The next day, she called an internal ethics hotline, alleging that Bayshore was engaging in fraudulent practices and insisting she was wrongfully terminated. Id. at *2. An internal investigation found these claims were unsubstantiated. Id.
In examining the administrator’s retaliation claim, the Fifth Circuit panel determined that even if the administrator had engaged in protected activity, (1) the relevant decisionmakers were unaware of any protected conduct and (2) such conduct did not contribute to her termination. Id. at *3. Neither the administrator’s single email addressing the use of group therapy to meet CMS therapy minute requirements, nor her single question about using data from late discharge paperwork on CMS forms, alerted her supervisor to allegedly protected activity. Id. A third communication, in which the administrator claimed she found a few patients admitted without a physician admit order, could have constituted protected conduct sufficient to alert her supervisor, but she still had not shown that the conduct contributed to her termination. Id.
F. Seventh Circuits Interprets Agreement with Insurer About When FCA Settlement Payments Are Covered
The first half of 2023 has seen the Seventh Circuit address a significant but infrequently‑examined issue related to the aftermath of FCA cases—insurance coverage for FCA settlements. In Astellas US Holding, Inc. v. Federal Insurance Co., 66 F.4th 1055 (7th Cir. 2023), the Seventh Circuit determined that Illinois public policy did not forbid insurance coverage of a settlement between the federal government and a company being investigated for potential FCA liability. The government had investigated Astellas for contributions made to patient assistance programs which aided in covering the cost for patients of a drug used to treat metastatic prostate cancer. Id. at 1059–60. Astellas and the government eventually settled the potential claims for $100 million, $50 million of which was labeled in the settlement agreement as “restitution to the United States” for tax purposes. Id. at 1060. Astellas sought coverage of the settlement amount through its liability insurance carriers, including Federal. Federal denied coverage, pointing to a provision of the insurance agreement between the parties that indicated a claim could not be based on a loss “for matters which may be deemed uninsurable under the applicable law.” Id. at 1061. Under Illinois law, compensatory payments are insurable, but “insurance coverage for losses incurred from settlement payments that are restitutionary in character” are not. Id. at 1063 (internal quotation marks omitted). The parties filed cross-motions for summary judgment and the district court granted summary judgment for Astellas.
The Seventh Circuit affirmed. The Seventh Circuit acknowledged that the “settlement payment here could be deemed uninsurable restitution if Federal could show that the payment disgorged either something that belonged of right . . . to the federal government or profit that Astellas made from the alleged scheme.” Id. at 1064 (internal citation and quotation marks omitted; alterations incorporated). But the Seventh Circuit ultimately determined that the settlement payment was not “restitutionary.” The Seventh Circuit concluded that it was Federal’s burden to show that the settlement was restitutionary in nature, but that it did not do so. As the Court explained, the “fact that a party has been accused of (let alone just investigated for) violating the False Claims Act or the Anti-Kickback Statute falls well short of establishing that its payment to settle such an accusation or investigation is uninsurable.” Id. at 1069. The Court further explained that it did not believe that the settlement was restitutionary in nature here given that “no court has ever interpreted the False Claims Act as allowing restitutionary remedies.” Id. at 1076. This decision could prove significant for FCA defendants facing similar insurability rules in the jurisdictions governing their insurance policies, particularly as it has become increasingly common for FCA settlement agreements to explicitly categorize a portion of the settlement amount as restitution to the government.
IV. CONCLUSION
We will monitor these developments, along with other FCA legislative activity, settlements, and jurisprudence throughout the year and report back in our 2023 False Claims Act Year-End Update, which we will publish in January 2024.
_______________________
[1] These summaries cover the period from January 1, 2023 through July 11, 2023.
[2] See Press Release, U.S. Atty’s Office for the Dist. of Minn., Court Enters $487 Million Judgment Against Precision Lens and Owner Paul Ehlen for Paying Kickbacks to Doctors in Violation of the False Claims Act (May 15, 2023), https://www.justice.gov/usao-mn/pr/court-enters-487-million-judgment-against-precision-lens-and-owner-paul-ehlen-paying.
[3] See Press Release, U.S. Atty’s Office for the Northern Dist. of Ga., Conyers doctor pays $1,850,000 to resolve allegations that she performed and billed for medically unnecessary cataract surgeries and diagnostic tests (Jan. 9, 2023), https://www.justice.gov/usao-ndga/pr/conyers-doctor-pays-1850000-resolve-allegations-she-performed-and-billed-medically.
[4] See Press Release, U.S. Atty’s Office for the Northern Dist. of Miss., Mitias to Pay $1.87 Million to Settle False Claims Act Allegations of Medicare and Medicaid Overbilling (Jan. 12, 2023), https://www.justice.gov/usao-ndms/pr/mitias-pay-187-million-settle-false-claims-act-allegations-medicare-and-medicaid.
[5] See Press Release, U.S. Atty’s Office for the Dist. of S.C., Labcorp to Pay the United States $19 Million to Settle Allegations Under the False Claims Act (Feb. 7, 2023), https://www.justice.gov/usao-sc/pr/labcorp-pay-united-states-19-million-settle-allegations-under-false-claims-act.
[6] See Press Release, U.S. Atty’s Office for the Southern Dist. of Tex., Medical center pays over $21M to settle alleged false claims (Feb. 22, 2023), https://www.justice.gov/usao-sdtx/pr/medical-center-pays-over-21m-settle-alleged-false-claims.
[7] See Press Release, U.S. Atty’s Office for the Western Dist. of Pa., James L. Luketich, M.D., University of Pittsburgh Medical Center, and University of Pittsburgh Physicians Agree to Pay $8.5 Million and Implement Monitoring Actions to Resolve False Claims Allegations (Feb. 27, 2023), https://www.justice.gov/usao-wdpa/pr/james-l-luketich-md-university-pittsburgh-medical-center-and-university-pittsburgh.
[8] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Landlord and Former Operators of Upstate New York Nursing Home Pay $7,168,000 to Resolve False Claims Act Allegations of Worthless Services Provided to Residents (February 27, 2023), https://www.justice.gov/opa/pr/landlord-and-former-operators-upstate-new-york-nursing-home-pay-7168000-resolve-false-claims.
[9] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Ky., Medical Equipment Company Pays $7 Million to Resolve False Claims Act Allegations (Mar. 1, 2023), https://www.justice.gov/usao-edky/pr/medical-equipment-company-pays-7-million-resolve-false-claims-act-allegations.
[10] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Florida’s Lakeland Regional Medical Center Agrees to Pay $4 Million to Settle Common Law Allegations for Impermissible Medicaid Donations (Mar. 3, 2023). https://www.justice.gov/opa/pr/florida-s-lakeland-regional-medical-center-agrees-pay-4-million-settle-common-law-allegations.
[11] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Tex., Ophthalmology Practice Agrees to Pay Over $2.9 Million to Settle Kickback Allegations (Mar. 23, 2023), https://www.justice.gov/usao-edtx/pr/ophthalmology-practice-agrees-pay-over-29-million-settle-kickback-allegations.
[12] See Press Release, U.S. Atty’s Office for the Dist. of Md., Laboratory Corporation of America Agrees to Pay $2,100,000 to Settle False Claims Act Allegations Related to Overbillings on Department of Defense Contracts (Mar. 27, 2023), https://www.justice.gov/usao-md/pr/laboratory-corporation-america-agrees-pay-2100000-settle-false-claims-act-allegations.
[13] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Mich., Covenant Healthcare System and Physicians Pay Over $69 Million to Resolve False Claims Act Allegations Related to Improper Financial Relationships (Mar. 29, 2023), https://www.justice.gov/usao-edmi/pr/covenant-healthcare-system-and-physicians-pay-over-69-million-resolve-false-claims-act.
[14] See Press Release, U.S. Atty’s Office for the Western Dist. of Va., 1st Adult & Pediatrics Healthcare to Pay $3 Million to Settle False Claims Act Allegations (April 19, 2023), https://www.justice.gov/usao-wdva/pr/1st-adult-pediatrics-healthcare-pay-3-million-settle-false-claims-act-allegations.
[15] See Press Release, U.S. Atty’s Office for the Dist. of R.I., Former Owner of RI Ophthalmology Chain to Pay $1.1M in Settlement of False Claims Inquiry by the United States (Apr. 20, 2023), https://www.justice.gov/usao-ri/pr/former-owner-ri-ophthalmology-chain-pay-11m-settlement-false-claims-inquiry-united-states.
[16] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Pa., Plymouth Meeting, Pa Company to Pay $5.3 Million to Resolve False Claims Act Allegations Related to False Billing For Respiratory Devices (Apr. 21, 2023), https://www.justice.gov/usao-edpa/pr/plymouth-meeting-pa-company-pay-53-million-resolve-false-claims-act-allegations.
[17] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Ky., Drug Testing Companies Agree to Collectively Pay $1.7 Million to Resolve False Claims Act Allegations (May 9, 2023), https://www.justice.gov/usao-edky/pr/drug-testing-companies-agree-collectively-pay-17-million-resolve-false-claims-act.
[18] See Press Release, U.S. Atty’s Office for the Dist. of Mass., Massachusetts Eye and Ear Agrees to Pay Over $5.7 Million to Resolve False Claims Act Allegations, (May 24, 2023), https://www.justice.gov/usao-ma/pr/massachusetts-eye-and-ear-agrees-pay-over-57-million-resolve-false-claims-act.
[19] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Pa., Primary Care Physicians to Pay $1.5 Million to Resolve False Claims Act Liability for Submitting Unsupported Diagnoses to the Medicare Advantage Program (May 25, 2023), https://www.justice.gov/usao-edpa/pr/primary-care-physicians-pay-15-million-resolve-false-claims-act-liability-submitting.
[20] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, Michigan Vascular Surgeon Sentenced to 80 Months in Prison for Health Care Fraud Conviction and Agrees to Pay UP to $43.419 Million to Resolve False Claims Act Allegations (May 25, 2023), https://www.justice.gov/opa/pr/michigan-vascular-surgeon-sentenced-80-months-prison-health-care-fraud-conviction-and-agrees.
[21] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, Detroit Medical Center, Vanguard Health Systems, and Tenet Healthcare Corporation Agree to Pay Over $29 Million to Settle False Claims Act Allegations (May 31, 2023), https://www.justice.gov/opa/pr/detroit-medical-center-vanguard-health-systems-and-tenet-healthcare-corporation-agree-pay.
[22] See Press Release, U.S. Atty’s Office for the Dist. of S.C., St. Francis to Pay the United States $36.5 Million to Settle Allegations Under the False Claims Act (June 15, 2023), https://www.justice.gov/usao-sc/pr/st-francis-pay-united-states-365-million-settle-allegations-under-false-claims-act.
[23] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, Two Jacksonville Compounding Pharmacies and Their Owner Agree to Pay at Least $7.4 Million to Resolve False Claims Act Allegations (June 15, 2023), https://www.justice.gov/opa/pr/two-jacksonville-compounding-pharmacies-and-their-owner-agree-pay-least-74-million-resolve.
[24] See Press Release, U.S. Atty’s Office for the Dist. of Md., Health Care Information Technology Contractor Agrees to Pay More Than $1.7 Million to Resolve False Claims Act Allegations for Charging Unallowable Costs to the National Institutes of Health (June 16, 2023), https://www.justice.gov/usao-md/pr/health-care-information-technology-contractor-agrees-pay-more-17-million-resolve-false.
[25] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, Lab Billing Company Settles False Claims Act Allegations Relating to Unnecessary Respiratory Panels Run on Seniors Receiving COVID-19 Tests (June 16, 2023), https://www.justice.gov/opa/pr/lab-billing-company-settles-false-claims-act-allegations-relating-unnecessary-respiratory.
[26] See Press Release, U.S. Atty’s Office for the N.D. of Ga., Georgia Urgent Care Chain Agrees to Pay $1,600,000 to Resolve False Claims Act Allegations (June 20, 2023), https://www.justice.gov/usao-ndga/pr/georgia-urgent-care-chain-agrees-pay-1600000-resolve-false-claim-act-allegations.
[27] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, California Skilled Nursing Facility and Management Company Agree to Pay $3.825 Million to Settle Allegations of Kickbacks to Referring Physicians (June 21, 2023), https://www.justice.gov/opa/pr/california-skilled-nursing-facility-and-management-company-agree-pay-3825-million-settle.
[28] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, California County Organized Health System and Three Health Care Providers Agree to Pay $68 Million for Alleged False Claims to California’s Medicaid Program (June 29, 2023), https://www.justice.gov/opa/pr/california-county-organized-health-system-and-three-health-care-providers-agree-pay-68
[29] See Press Release, U.S. Atty’s Office for the Northern Dist. of Tex., 3D Printing Company to Pay Up to $4.54 Million to Settle False Claims Act Allegations for Export Violations in Connection with NASA and DOD Contracts (Feb. 27, 2023), https://www.justice.gov/usao-ndtx/pr/3d-printing-company-pay-454-million-settle-false-claims-act-allegations-export#:~:text=A%203D%20printing%20company%20has,certain%20NASA%20and%20DOD%20contracts%2C.
[30] See Press Release, U.S. Atty’s Office for the Eastern Dist. of Pa., Sherwin-Williams to Pay $1 Million to Resolve Alleged False Claims Act Violations Arising from Bridge Painting Project (Mar. 2, 2023), https://www.justice.gov/usao-edpa/pr/sherwin-williams-pay-1-million-resolve-alleged-false-claims-act-violations-arising.
[31] See Press Release, Office of Public Affairs, U.S. Dep’t of Justice, L3 Technologies Settles False Claims Act Allegations Relating to Double-Charging for Certain Material Costs (Apr. 24, 2023), https://www.justice.gov/opa/pr/l3-technologies-settles-false-claims-act-allegations-relating-double-charging-certain-0.
[32] See Press Release, U.S. Atty’s Office for the Western Dist. of N.C., Red Ventures, LLC And MYMOVE, LLC Agree To Pay $2.75 Million To Resolve False Claims Act Allegations Arising From Agreements With The U.S. Postal Service (May 30, 2023), https://www.justice.gov/usao-wdnc/pr/red-ventures-llc-and-mymove-llc-agree-pay-275-million-resolve-false-claims-act.
[33] See Press Release, U.S. Atty’s Office for the Dist. of R.I., Former 6/10 Construction Project Supervisor Sentenced for Making False Statements (June 20, 2023), https://www.justice.gov/usao-ri/pr/former-610-construction-project-supervisor-sentenced-making-false-statements.
[34] Press Release, Office of Public Affairs, U.S. Dep’t of Justice, Florida Contractors and Owner to Pay More than $7.7 Million to Resolve False Claims Act Allegations Relating to Procurement of Small Business Contracts (June 29, 2023), https://www.justice.gov/opa/pr/florida-contractors-and-owner-pay-more-77-million-resolve-false-claims-act-allegations.
[35] See Press Release, U.S. Atty’s Office for the Eastern D. of VA, Government Contractor Settles False Claims Act Allegations Based on Violations of the Trade Agreements Act (June 20, 2023), https://www.justice.gov/usao-edva/pr/government-contractor-settles-false-claims-act-allegations-based-violations-trade
[36] See Press Release, U.S. Atty’s Office for the Dist. of S.C., Larsen & Toubro Technology Services Pays $9,928,000 To Resolve False Claims Act Allegations (Apr. 10, 2023), https://www.justice.gov/usao-sc/pr/larsen-toubro-technology-services-pays-9928000-resolve-false-claims-act-allegations.
[37] See Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, GCI Communications Corp. to Pay More than $40 Million to Resolve False Claims Act Allegations Related to FCC’s Rural Health Care Program (May 11, 2023), https://www.justice.gov/opa/pr/gci-communications-corp-pay-more-40-million-resolve-false-claims-act-allegations-related-fcc.
[38] See Press Release, U.S. Atty’s Office, Dist. of N.J., South Korean Clothing Manufacturer Admits Evading U.S. Customs Duties and Enters Civil Settlement Agreement (June 12, 2023), https://www.justice.gov/usao-nj/pr/south-korean-clothing-manufacturer-admits-evading-us-customs-duties-and-enters-civil.
[39] See Press Release, U.S. Atty’s Office, Dist. of Mass., Think Tank Agrees to Pay More than $500,000 to Resolve Allegations That It Falsely Certified Its Eligibility to Receive PPP Loan (Jun. 27, 2023), https://www.justice.gov/usao-ma/pr/think-tank-agrees-pay-more-500000-resolve-allegations-it-falsely-certified-its.
[40] See Press Release, U.S. Atty’s Office, Northern Dist. of NY, Movement Mortgage to Pay $23.7 Million to Resolve Allegations it Caused the Submission of False Claims to Government Mortgage Programs (June 29, 2023), https://www.justice.gov/usao-ndny/pr/movement-mortgage-pay-237-million-resolve-allegations-it-caused-submission-false
[41] See generally 31 U.S.C. §§ 3801 et seq.
[42] News Release, Bipartisan Fraud Fighting Bill Unanimously Passes Senate, Chuck Grassley (Apr. 3, 2023), https://www.grassley.senate.gov/news/news-releases/bipartisan-fraud-fighting-bill-unanimously-passes-senate#:~:text=The%20Administrative%20False%20Claims%20Act%20(AFCA)%2C%20S.659,fraud%20committed%20against%20the%20government.
[43] Id.
[44] Va. Code Ann. §§ 8.01-216.3(D).
[45] District of Columbia v. Saylor, et al., No. 2021 CA 001319 (D.C. Super. Ct., Feb. 28, 2023) (order granting in part defendants’ motion to dismiss).
[46] Senate Bill S4009‑C, N.Y. St. Senate, https://www.nysenate.gov/legislation/bills/2023/S4009/amendment/C (last visited July 12, 2023).
[47] N.Y. State Fin. Law § 189(4)(a); S.B. 4009-C, 2023 Sess. (N.Y. 2023).
[48] Senate Bill S4730 Current Status, N.Y. St. Senate, https://www.nysenate.gov/legislation/bills/2021/S4730 (last visited July 12, 2023).
[49] Governor’s Veto Message No. 83 (N.Y. 2021).
[50] S.B. 8815, 2022 S. Sess. (N.Y. 2022); Governor’s Veto Message No. 199 (N.Y. 2023).
[51] N.Y. State Fin. Law § 189(4)(b).
[52] Id. § 189(4)(a)-(b).
[53] See, e.g., See, e.g., S.4009-B, Part KK/A.3009-B, Part KK, Bus. Council, https://www.bcnys.org/memo/s4009-b-part-kka3009-b-part-kk (Apr. 3, 2023).
[54] H.B. 533, 135th Gen. Assemb., § 2747.02(1) (Ohio 2022).
[55] House Bill 533 Status, Ohio Legislature, https://www.legislature.ohio.gov/legislation/134/hb533/status (last visited July 12, 2023).
[56] H.B. 6826, 2023 Gen. Assemb. (Conn. 2023).
[57] S.B. 426, 2022 Gen. Assemb. (Conn. 2022).
[58] State False Claims Act Reviews, HHS-OIG, https://oig.hhs.gov/fraud/state-false-claims-act-reviews/ (last visited July 12, 2023) (FCA Reviews); 42 U.S.C. § 1396h(a).
The following Gibson Dunn lawyers assisted in the preparation of this alert: Jonathan Phillips, Winston Chan, John Partridge, James Zelenay, Michael Dziuban, Chelsea Knudson, Blair Watler, John Turquet Bravard, Ben Gibson, Wynne Leahy, José Madrid, Adrienne Tarver, Chumma Tum, and Francesca Broggini.
Gibson Dunn lawyers regularly counsel clients on the False Claims Act issues. Please feel free to contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following members of the firm’s False Claims Act/Qui Tam Defense Group:
Washington, D.C.
Jonathan M. Phillips – Co-Chair (+1 202-887-3546, [email protected])
F. Joseph Warin (+1 202-887-3609, [email protected])
Joseph D. West (+1 202-955-8658, [email protected])
Geoffrey M. Sigler (+1 202-887-3752, [email protected])
Lindsay M. Paulin (+1 202-887-3701, [email protected])
Gustav W. Eyler (+1 202-955-8610, [email protected])
San Francisco
Winston Y. Chan – Co-Chair (+1 415-393-8362, [email protected])
Charles J. Stevens (+1 415-393-8391, [email protected])
New York
Reed Brodsky (+1 212-351-5334, [email protected])
Mylan Denerstein (+1 212-351-3850, [email protected])
Alexander H. Southwell (+1 212-351-3981, [email protected])
Brendan Stewart (+1 212-351-6393, [email protected])
Denver
John D.W. Partridge (+1 303-298-5931, [email protected])
Robert C. Blume (+1 303-298-5758, [email protected])
Monica K. Loseman (+1 303-298-5784, [email protected])
Ryan T. Bergsieker (+1 303-298-5774, [email protected])
Dallas
Andrew LeGrand (+1 214-698-3405, [email protected])
Los Angeles
Nicola T. Hanna (+1 213-229-7269, [email protected])
Jeremy S. Smith (+1 213-229-7973, [email protected])
Deborah L. Stein (+1 213-229-7164, [email protected])
James L. Zelenay Jr. (+1 213-229-7449, [email protected])
Palo Alto
Benjamin Wagner (+1 650-849-5395, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Decided July 31, 2023
Boermeester v. Carry, S263180
Yesterday, the California Supreme Court held that private universities do not need to provide students accused of misconduct with the right to cross examine accusers and other witnesses at live hearings during administrative disciplinary proceedings.
Background: The University of Southern California expelled student Matthew Boermeester after determining he violated USC’s policy against intimate partner violence. Boermeester filed a petition for writ of administrative mandate under Code of Civil Procedure 1094.5(b), alleging that he was deprived a “fair trial.” Specifically, he claimed that his common-law right to a fair procedure was violated when he was denied the right to attend a live hearing at which he or his attorney could directly cross examine his accuser and third-party witnesses.
The trial court disagreed with Boermeester and denied the petition. A divided Court of Appeal reversed, concluding that USC provided unfair procedures because USC did not provide Boermeester with the opportunity to cross examine critical witnesses at an in-person hearing.
Issue: The common-law right to fair procedure requires fair notice of the charges and a meaningful opportunity to be heard. Must private organizations provide in-person hearings with the right to cross examination in order to comply with the common-law right to a fair procedure?
Court’s Holding:
No. Private organizations are not required to provide accused individuals with the opportunity to directly or indirectly cross examine the accuser and other witnesses at a live hearing.
“[T]here is no absolute right to a live hearing with cross-examination in administrative proceedings, even where constitutional due process applies.”
Justice Groban, writing for the Court
Gibson Dunn submitted an amicus brief on behalf of the California Women’s Law Center and Equal Rights Advocates in support of respondent: University of Southern California
What It Means:
- Although this case arose in the context of private university disciplinary proceedings, the Court’s reasoning appears to extend to administrative proceedings in other private organizations.
- The opinion distinguishes between the procedures afforded to individuals in criminal trials versus private administrative hearings. Even “where constitutional due process applies,” “there is no absolute right to a live hearing with cross-examination” in private “administrative proceedings.”
- Instead, private universities “must balance competing interests, including the accused student’s interests in a fair procedure and completing a postsecondary education, the accuser’s interest in not being retraumatized by the disciplinary process, and the private university’s interests in maintaining a safe campus and encouraging victims to report instances of sexual misconduct or intimate partner violence without having to divert too many resources from its main purpose of education.”
- The Court recognized that there are “practical limitations” on the ability of private organizations to “function as courts” because they, for example, lack subpoena power, rely on voluntary participation of witnesses, and such administrative hearings “divert both resources and attention from” the organization’s main calling.
- The Court expressly declined to consider under what circumstances an individual must be permitted to submit questions for an adjudicator to ask any accuser or third-party witnesses outside the presence of the individual under investigation.
The Court’s opinion is available here.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the California Supreme Court. Please feel free to contact the following practice leaders:
Appellate and Constitutional Law Practice
| Thomas H. Dupree Jr. +1 202.955.8547 [email protected] |
Allyson N. Ho +1 214.698.3233 [email protected] |
Julian W. Poon +1 213.229.7758 [email protected] |
| Blaine H. Evanson +1 949.451.3805 [email protected] |
Bradley J. Hamburger +1 213.229.7658 [email protected] |
Michael J. Holecek +1 213.229.7018 [email protected] |
Related Practice: Litigation
| Theodore J. Boutrous, Jr. +1 213.229.7804 [email protected] |
Theane Evangelis +1 213.229.7726 [email protected] |
On July 28, 2023, a new EU regulation regarding the cross-border access to electronic evidence in criminal proceedings was announced in the Official Journal of the European Union (the “Regulation”).[1] The Regulation, which will apply as of August 18, 2026, contains rules under which an authority of a EU Member State may issue a European Production Order or a European Preservation Order to request a service provider in another Member State to produce or to preserve electronic evidence regardless of the location of the data.[2] Failing to comply with such orders may involve severe sanctions for such service providers.
The Regulation is a considerable step forward for cross-border government investigations in the European Union. Currently, to obtain electronic evidence, EU Member State authorities must rely either on lengthy judicial cooperation procedures with the risk that data are moved or deleted or on the voluntary cooperation of service providers, a process which, according to the EU Commission, lacks reliability, transparency, accountability, and legal certainty.[3]
1. European Production Orders
Pursuant to the Regulation, a judicial authority of a Member State will be entitled to issue a European Production Order to request electronic evidence directly from a service provider located in another Member State. In the case of requesting traffic data[4] or content data,[5] a judge, a court or an investigating judge will be a proper issuing authority. If a Member State wanted to obtain subscriber data[6] or data for the sole purpose of identifying the user, a public prosecutor would also be entitled to issue a European Production Order. The Member States may define further competent issuing authorities, but in these case the Regulation requires a validation process.[7]
A European Production Order for obtaining traffic data or content data may be issued if these data are necessary and proportionate to the purpose of criminal proceedings relating to offenses punishable in the issuing State by a custodial sentence of a maximum of at least three years or to specific offenses[8] referenced in the Regulation. Further, a European Production Order requires that a similar order could have been issued under the same conditions in a domestic case. These data may also be requested for the execution of a custodial sentence or a detention order of at least four months, following criminal proceedings and imposed by a decision that was not rendered in absentia in cases where the person convicted absconded from justice.[9]
In the case of subscriber data or of data requested for the sole purpose of identifying the user, the same conditions apply, but in these cases European Production Orders may be issued for all offenses subject to a criminal investigation.[10]
A European Production Order will be addressed directly to the service provider,[11] but in certain cases of requesting traffic or content data the issuing authority must notify an enforcing authority based in the Member State where the service provider resides.[12] The enforcing authority will assess the case as soon as possible, but no later than ten days following the receipt of the notification, and decide whether it wants to invoke a ground for refusal, such as the protection of fundamental rights or of immunities and privileges.[13]
Upon receipt of a European Production Order, a service provider must expeditiously preserve the requested data and transmit them at the latest within ten days directly to the issuing authority or to the law enforcement authority designated on the order.[14]In cases of emergency, the service provider must transmit the data without undue delay and at the latest within eight hours following the receipt of the order.[15]
2. European Preservation Orders
By way of a European Preservation Order, a judge, a court, an investigating judge, a public prosecutor or – upon validation – another designated authority may order that a service provider located in another Member State preserve electronic evidence for the purposes of a subsequent request for production.[16]
Such an order may be issued for all criminal offenses if necessary for and proportionate to the purpose of preventing the removal, deletion or alteration of data with a view to issuing a subsequent request for production of those data and if it could have been issued under the same conditions in a similar domestic case. These orders may also serve for the execution of a custodial sentence or a detention order of at least four months, following criminal proceedings, imposed by a decision that was not rendered in absentia, in cases where the person convicted absconded from justice.[17]
In the case of a European Preservation Order, the service provider must preserve the requested data without undue delay. The obligation to preserve the data will cease after 60 days, unless the issuing authority confirms that a subsequent request for production has been issued. During that 60-day period, the issuing authority may extend the duration of the obligation to preserve the data by an additional 30-day period if necessary to allow for the issuing of a subsequent request for production.[18]
3. Notion of a Service Provider Offering Services in the Union
The Regulation applies to service providers which offer services in the European Union.[19] The Regulation defines a “service provider” as any natural or legal person that provides one or more of the following categories of services:
- Electronic communications services;[20]
- Internet domain name and IP numbering services, such as IP address assignment, domain name registry, domain name registrar and domain name-related privacy and proxy services;
- Other information society services[21] that enable their users to communicate with each other; or make it possible to store or otherwise process data on behalf of the users to whom the service is rendered, provided that the storage of data is a defining component of the service provided to the user.[22]
Financial services such as such as banking, credit, insurance and re-insurance, occupational or personal pensions, securities, investment funds, payment and investment advice are not covered by the Regulation.[23]
A service provider in that sense offers services within the European Union if it enables natural or legal persons in a Member State to use the services listed above and if it has a substantial connection, based on specific factual criteria, to that Member State.[24] Such a substantial connection is considered to exist where the service provider has an establishment in a Member State, where there is a significant number of users in one or more Member States or where the service provider targets its activities towards one or more Member States.[25]
Pursuant to a EU Directive announced on the same day as the Regulation in the Official Journal of the European Union (the “Directive”), Member States will have to ensure that all service providers offering services in the European Union designate a legal representative or a designated establishment to receive, comply with, and enforce requests to gather electronic evidence.[26]
4. Sanctions, Enforcement, Conflict of Laws
The Regulation sets forth that Member States must enact rules on pecuniary penalties for infringements of the execution of European Production Orders or European Preservation Orders. These pecuniary penalties must be effective, proportionate and dissuasive. In that respect, Member States must ensure that pecuniary penalties of up to 2% of the total worldwide annual turnover of the service provider’s preceding financial year can be imposed.[27] Pursuant to the Directive, Member States will have to ensure that that both the designated establishment or the legal representative and the service provider can be held jointly and severally liable for non-compliance so that each of them may be subject to penalties.[28]
Apart from pecuniary penalties, the Regulation contains detailed rules on the enforcement by the enforcing state.[29] However, a service provider must inform the issuing authority and the enforcing authority if it considered that the execution of a European Production Order or of a European Preservation Order could interfere with immunities or privileges, or with rules on the determination or limitation of criminal liability that relate to freedom of the press or freedom of expression in other media, under the law of the enforcing State. In such cases, the issuing authority decides whether to withdraw, adapt or maintain the respective order. In addition, in the case of a European Production Order, the enforcing authority may raise a ground for refusal.[30]
A special review procedure applies, if a service provider invoked that complying with a European Production Order would conflict with an obligation under the law of a third country. Then, the service provider would have to file a “reasoned objection” within ten days after receipt of the European Production Order. If the issuing authority decided to uphold the order, a competent court of the issuing state would have to review the case. Importantly, if this court found that the law of the third country prohibits disclosure of the data concerned, the court would not automatically lift the European Production Order but rather balance relevant factors (some of which are set out in more detail in the Regulation[31]) to decide whether to uphold or lift the order.
______________________
[1] Eur-Lex, Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings, available under https://eur-lex.europa.eu/eli/reg/2023/1543/oj (last visited [July 31, 2023]).
[2] Article 1(1) of the Regulation.
[3] EU Commission, press release of November 29, 2022, https://ec.europa.eu/commission/presscorner/detail/es/ip_22_7246 (last visited [July 31, 2023]).
[4] Article 3 no. 11 of the Regulation.
[5] Article 3 no. 12 of the Regulation.
[6] Article 3 no. 9 of the Regulation.
[7] Article 4(1) and (2) of the Regulation.
[8] Article 5(4) of the Regulation.
[9] Article 5(2) and (4) of the Regulation.
[10] Article 5(2) and (3) of the Regulation.
[11] Article 7 of the Regulation.
[12] Article 3 no. 16, 17 and Article 8 of the Regulation. No notification is necessary where the offense has been committed, is being committed or is likely to be committed in the issuing State and the person whose data are requested resides in the issuing State.
[13] Article 12 of the Regulation.
[14] Article 10 of the Regulation.
[15] Article 10(4) of the Regulation.
[16] Article 5(3) of the Regulation.
[17] Article 6(2) and (3) of the Regulation.
[18] Article 11(1) of the Regulation.
[19] Article 2(1) of the Regulation.
[20] Article 2 no. 4 of Directive (EU) 2018/1972 establishing the European Electronic Communications Code.
[21] As referred to in Article 1(1) (b) of Directive (EU) 2015/1535 laying down a procedure for the provision of information in the field of technical regulations and of rules on Information Society services.
[22] Article 3 no. 3 of the Regulation.
[23] Article 3 no. 3 of the Regulation, see also Article 2(2) lit. b of the Directive 2006/123/EC of the European Parliament and of the Council of 12 December 2006 on services in the internal market.
[24] Article 3 no. 4 of the Regulation.
[25] Article 3 no. 4 of the Regulation.
[26] Eur-Lex, Directive (EU) 2023/1544 of the European Parliament and of the Council of 12 July 2023 laying down harmonised rules on the designation of designated establishments and the appointment of legal representatives for the purpose of gathering electronic evidence in criminal proceedings, available under https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32006L0123 (last visited [July 31, 2023]).
[27] Article 15 of the Regulation.
[28] Article 3(5) of the Directive.
[29] Article 16 of the Regulation.
[30] Articles 10(5) and 11(4) of the Regulation.
[31] According to Article 17(6) of the Regulation, the assessment shall in particular be based on the following factors, while giving particular weight to the factors referred to in points (a) and (b): (a) the interest protected by the relevant law of the third country, including fundamental rights as well as other fundamental interests preventing disclosure of the data, in particular national security interests of the third country; (b) the degree of connection between the criminal case for which the European Production Order was issued and either of the two jurisdictions, as indicated inter alia by: (i) the location, nationality and place of residence of the person whose data are being requested or of the victim or victims of the criminal offense in question; (ii) the place where the criminal offense in question was committed; (c) the degree of connection between the service provider and the third country in question; in this context, the data storage location alone shall not suffice for the purpose of establishing a substantial degree of connection; (d) the interests of the investigating State in obtaining the evidence concerned, based on the seriousness of the offence and the importance of obtaining evidence in an expeditious manner; (e) the possible consequences for the addressee or for the service provider of complying with the European Production Order, including the potential penalties.
The following Gibson Dunn attorneys assisted in preparing this update: Andreas Dürr, Kai Gesing, Katharina Humphrey, and Benno Schwarz.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. If you wish to discuss any of the matters set out above, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following members of Gibson Dunn’s White Collar Defense and Investigations or Anti-Corruption and FCPA practice groups in Germany:
Corporate Compliance / White Collar Matters
Andreas Dürr (+49 89 189 33 219, [email protected])
Ferdinand Fromholzer (+49 89 189 33 270, [email protected])
Kai Gesing (+49 89 189 33 285, [email protected])
Katharina Humphrey (+49 89 189 33 217, [email protected])
Markus Nauheim (+49 89 189 33 222, [email protected])
Markus Rieder (+49 89 189 33 260, [email protected])
Benno Schwarz (+49 89 189 33 210, [email protected])
Finn Zeidler (+49 69 247 411 530, [email protected])
Mark Zimmer (+49 89 189 33 230, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
On July 26, 2023, the Securities and Exchange Commission (“SEC” or “Commission”), in a 3-to-2 vote, adopted a final rule requiring the disclosure of material cybersecurity incidents and cybersecurity risk management, strategy, and governance by public companies, including foreign private issuers. The Commission’s rule proposal, issued in March 2022,[1] was the subject of much commentary and criticism. In response, the Commission made important changes to the required disclosures regarding cybersecurity risk management, strategy, and governance, but the final rule will significantly change the status quo and will impose a substantial burden and introduce complexity to incident response for all public companies.
In summary, the final rule requires: (i) Form 8-K disclosure of material cybersecurity incidents within four (4) business days of the company’s determination that the cybersecurity incident is material; (ii) new annual disclosures in Form 10-K regarding the company’s cybersecurity risk management and strategy, including with respect to the company’s processes for managing cybersecurity threats and whether risks from cybersecurity threats have materially affected the company; and (iii) new annual disclosures in Form 10-K regarding the company’s cybersecurity governance, including with respect to oversight by the board and management. The annual disclosures are also required in foreign private issuers’ annual reports on Form 20-F, and material cybersecurity incident disclosure will be covered by Form 6-K.
The adopting release is available here, a Fact Sheet from the SEC is available here, and a two page summary prepared by Gibson Dunn is available here. The final rule will become effective 30 days after publication in the Federal Register.
- Most public companies will be required to comply with the Form 8-K incident disclosure requirements beginning on the later of December 18, 2023 and 90 days after the final rule is published in the Federal Register.
- Smaller reporting companies are eligible for an extension for complying with the Form 8-K incident disclosure requirements and have until the later of June 15, 2024 and 270 days after the date the final rule is published in the Federal Register.
- All public companies will be required to comply with the new annual disclosure requirements beginning with the annual report on Form 10-K or 20-F for the fiscal year ending on or after December 15, 2023.
Set forth below is a summary of the final rule and some considerations for public companies.
I. Disclosure of Material Cybersecurity Incidents
Timing of Disclosure. The final rule adds new Item 1.05 to Form 8-K, which requires companies to determine whether a cybersecurity incident[2] is material “without unreasonable delay after discovery of the incident.” If a company determines that a cybersecurity incident is material, it is required to disclose the incident within four (4) business days of such determination.
Consistent with the SEC’s rule proposal, the final rule uses the date of the materiality determination as the trigger for when the four (4) business day time period begins to run, rather than the date of discovery of the incident—an important distinction.
The timeline for the materiality determination – which must be made “without unreasonable delay” – reflects a change from the rule proposal, which required the determination to be made “as soon as reasonably practicable” after discovery of an incident.[3] Commenters noted that the proposed standard could pressure companies to draw conclusions about incidents with insufficient information. While the SEC revised the timeline in the final rule, the adopting release notes that there may be instances where a company does not have complete information about the incident but knows enough to determine that the incident was material, such as when incidents impact key systems and information or involve unauthorized access to or exfiltration of large quantities of particularly important data. The adopting release states that, in such instances, the materiality determination should not be delayed.[4] Examples of unreasonable delay provided by the adopting release include deferring committee meetings for the responsible committee past the normal time it takes to convene its members or revising existing incident response policies and procedures to support a delayed materiality determination of an ongoing cybersecurity event.[5]
Scope of Disclosure and Materiality Determination. When disclosing the material cybersecurity incident, companies must disclose the material aspects of the nature, scope, and timing of the incident, and the material impact or “reasonably likely” material impact on the company, including on its financial condition and results of operations. If a company determines a cybersecurity incident is material, but the information that is required to be disclosed has not been determined or is unavailable at the time of the required filing, companies must later update the disclosure through a Form 8-K amendment. In contrast to the SEC’s rule proposal, which would have provided for updates to appear in subsequent quarterly reports on Form 10-Q, companies must disclose this information within four (4) business days after the company, without unreasonable delay, determines such information or after such information “becomes available.”
In the adopting release, the Commission indicated that companies should consider qualitative factors in assessing the material impact of an incident, and indicated that harm to a company’s reputation, customer or vendor relationships, or competitiveness, and the possibility of litigation or regulatory investigations or actions, were all examples of potential material impacts on a company.[6]
The final rule’s focus on the material aspects of the incident and material impacts on the company represents a narrowing in the scope of required incident disclosure, in comparison to the rule proposal, although compliance will likely present a significant burden to companies actively working to respond to a cybersecurity incident. The SEC’s rule proposal would have required disclosure of the specific details of the incident, such as remediation status, whether the incident was ongoing, and whether data were compromised, regardless of materiality. The final rule provides companies with slightly more flexibility, as the instructions to Item 1.05 note that companies “need not disclose specific or technical information” about incident response, systems, networks, or potential vulnerabilities “in such detail as would impede” response or remediation of the incident. However, commentary in the adopting release suggests that the SEC may nonetheless expect companies to disclose sensitive information where it is a significant factor in the determination that a cybersecurity incident is material.[7]
In the adopting release, the Commission took the view that this change in scope alleviates some of the concerns commenters raised about the difficulty of the four (4) business day reporting deadline. The Commission argued that the materiality analysis for most companies will include consideration of the financial impact, so the company will have already developed information about the impact on the company’s financial condition and results of operations when Item 1.05 is triggered by the materiality determination.[8] In rejecting a longer deadline suggested by commenters, the SEC asserted that “in the majority of cases registrants will have had additional time leading up to the materiality determination, such that disclosure becoming due less than a week after discovery should be uncommon.”[9]
Exceptions Permitting Reporting Delays. The Commission introduced two narrow exceptions that allow for a delay in reporting a material cybersecurity incident on Form 8-K. The only generally applicable exception permitting a delay in reporting applies only if the U.S. Attorney General notifies the SEC in writing that the disclosure poses a substantial risk to national security or public safety. Outside of extraordinary circumstances or an exemptive order issued by the SEC, the maximum delay permitted under this exception will be 60 days.[10]
The second exception is also extraordinarily limited, and applies only to companies subject to the Federal Communications Commission’s (“FCC’s”) notification rule for breaches of customer proprietary network information (“CPNI”). The FCC’s rule requires covered entities to notify the United States Secret Service (“USSS”) and Federal Bureau of Investigation (“FBI”) no later than seven (7) business days after reasonable determination of a CPNI breach and to refrain from disclosing the breach until seven (7) days have passed following notification to the USSS and FBI.[11] The SEC notes that the FCC has proposed amending the CPNI rule to remove this seven (7) business day waiting period, and suggests that this conflict may be eliminated if the FCC’s proposed rule is adopted.[12] The SEC’s final rule permits companies subject to the notification requirements to delay making the Item 1.05 disclosure up to seven (7) business days following notification to the USSS and FBI, with written notification to the SEC. This exception is being provided as, according to the SEC, this was the only Federal law or regulation that conflicted with Item 1.05.[13]
Additionally, as noted by Commissioner Uyeda during the meeting adopting the final rule, while not an exception built into Item 1.05, the adopting release gives deference to Rule 0-6 under the Securities Exchange Act of 1934 (the “Exchange Act”). Rule 0-6 provides for the omission of information that has been classified by an appropriate department or agency of the Federal government for the protection of the interest of national defense or foreign policy. The adopting release provides that if any information that a registrant would otherwise disclose under Item 1.05 (or pursuant to Item 106 of Regulation S-K, as discussed below) is classified, companies should comply with Rule 0-6, meaning that such information should not be disclosed.[14]
Broad Definition of “Cybersecurity Incident.” The final rule broadly defines a cybersecurity incident as “an unauthorized occurrence, or a series of related unauthorized occurrences, on or conducted through a registrant’s information systems that jeopardizes the confidentiality, integrity, or availability of a registrant’s information systems or any information residing therein.”[15] The final rule also broadly defines “information system” to mean electronic systems “owned or used by” a company, which covers information resources owned by third parties.[16] The SEC’s adopting release reaffirmed the SEC’s view that an accidental incident is an “unauthorized incident” within the scope of the rule.[17] The SEC acknowledged that the use of the term “jeopardizes” requires a forward-looking assessment of whether the effect of an incident is or is reasonably likely to be material.
The final rule adds the concept of “a series of related unauthorized occurrences”[18] to the definition of “cybersecurity incident,” a situation it had proposed to address through a quarterly Form 10-Q reporting requirement. The change means that companies materially affected by a series of related intrusions will still be required to comply with Item 1.05, even when the material impact attributable to each individual intrusion is immaterial by itself. The SEC provided two examples of such a series that would necessitate disclosure under Item 1.05:[19]
- The same malicious actor engages in a number of smaller but continuous cyberattacks related in time and form against the same company and collectively, they are either quantitatively or qualitatively material; and
- A series of related attacks from multiple actors exploit the same vulnerability and collectively impede the company’s business materially.
Safe Harbors. Consistent with the rule proposal, an untimely filing under Item 1.05 would not result in a loss of Form S-3 eligibility and the failure to file the Item 1.05 Form 8-K would not be deemed to be a violation of Section 10(b) and Exchange Act Rule 10b-5.
II. Cybersecurity Risk Management, Strategy, and Governance Disclosure
Risk Management and Strategy Disclosure. The final rule introduces new Item 106 of Regulation S-K, which will require a description in the Form 10-K of a company’s processes, if any, for assessing, identifying, and managing material risks from cybersecurity threats[20] in sufficient detail for a reasonable investor to understand those processes. Item 106 states that in providing such disclosure, a company should address, as applicable, the following non-exclusive list of disclosure items:
- Whether and how any such processes have been integrated into the company’s overall risk management system or processes;
- Whether the company engages assessors, consultants, auditors, or other third parties in connection with any such processes; and
- Whether the company has processes to oversee and identify such risks from cybersecurity threats associated with its use of any third-party service provider.
Companies must also describe whether any risks from cybersecurity threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the company, including its business strategy, results of operations, or financial condition and if so, how.
The list of disclosure items under this caption represents a significant paring back from the rule proposal. In the adopting release, the SEC acknowledged concerns on the rule proposal’s prescriptiveness and its potential to affect a company’s risk management and strategy decision-making.[21] The Commission believes that the formulation in the final rule will not result in companies providing a level of detail that goes beyond material information or that could increase a company’s vulnerability.[22] Notably, the final rule requires disclosure of “processes” rather than “policies and procedures,” with the SEC noting that the former avoids disclosing operational details that could be used by malicious actors and removes the question of whether companies without written policies and procedures should disclose that fact.[23] Other changes aimed at reducing the prescriptiveness of the rule include the removal of the list of risk types (e.g., intellectual property theft, fraud, etc.) and the removal of certain disclosure items, such as the company’s activities undertaken to prevent, detect, and minimize effects of cybersecurity incidents, and the company’s business continuity, contingency, and recovery plans in the event of a cybersecurity incident.
Governance Disclosure. Item 106 also requires companies to describe the board of directors’ oversight of risks from cybersecurity threats. If applicable, companies must identify any board committee or subcommittee responsible for the oversight of risks from cybersecurity threats and describe the processes by which the board or such committee is informed about such risks. Importantly, the final rule omits the proposed requirement to disclose cybersecurity expertise within the board of directors, although the SEC noted that a company that has determined that board-level expertise is a necessary component to its cyber-risk management would likely provide that disclosure under Item 106.[24]
In addition, companies must describe management’s role in assessing and managing the registrant’s material risks from cybersecurity threats, with such disclosure addressing, as applicable, the following non-exclusive list of disclosure items:
- Whether and which management positions or committees are responsible for assessing and managing such risks, and the relevant expertise of such persons or members in such detail as necessary to fully describe the nature of the expertise;
- The processes by which such persons or committees are informed about and monitor the prevention, detection, mitigation, and remediation of cybersecurity incidents; and
- Whether such persons or committees report information about such risks to the board of directors or a committee or subcommittee of the board of directors.
With respect to management’s expertise, the instructions to Item 106 provide that it may include “[p]rior work experience in cybersecurity; any relevant degrees or certifications; any knowledge, skills, or other background in cybersecurity.”
The final governance disclosure requirements also are significantly less prescriptive than under the rule proposal. Exclusions from the final rule include the proposed requirement to disclose whether and how the board integrates cybersecurity into its business strategy, risk management, and financial oversight, and details such as whether the company has a chief information security officer, the frequency of the board’s discussions on cybersecurity, and the frequency with which responsible management positions or committees report to the board on cybersecurity risk. However, the SEC indicated that details such as frequency of discussions or updates may be included in Item 106 disclosure to the extent relevant to an understanding of the board’s oversight of risks from cybersecurity threats.[25] While the requirement to disclose whether the company has a chief information security officer was also omitted from the final rule, the SEC noted that the remaining requirement to discuss which management positions or committees are responsible for assessing and managing cybersecurity risk “would typically encompass identification of whether a registrant has a chief information security officer, or someone in a comparable position.”[26]
Foreign Private Issuers. The final rule amends Form 20-F to include requirements parallel to Item 106 regarding a foreign private issuer’s risk management, strategy, and governance. In addition, the final rule adds “material cybersecurity incidents” to the items that may trigger a current report on Form 6-K. Under the new rule, foreign private issuers will be required to furnish on Form 6-K information about material cybersecurity incidents that the issuers disclose or otherwise publicize in a foreign jurisdiction, to any stock exchange or to security holders.
XBRL Requirements. All new disclosure requirements must be tagged in Inline XBRL (block text tagging for narrative disclosures and detail tagging for quantitative amounts) beginning one year after the initial compliance date for the applicable disclosure requirement.
III. Considerations and Next Steps
Companies should review their cybersecurity incident response playbooks to reflect the processes contemplated under the new Form 8-K requirements. Companies should review and test their procedures for responding to cybersecurity incidents and amend or supplement those procedures as appropriate to address the procedures and attendant documentation contemplated under the new Form 8-K reporting requirements. The final rule provides that the materiality determination for a given cybersecurity incident may not be “unreasonably delayed,” so companies should confirm that their disclosure controls and procedures provide for effective communication between the cybersecurity team, the legal team supporting cybersecurity, the legal team responsible for securities disclosure, and the disclosure committee, as well as for appropriate interaction with the board of directors or a responsible committee of the board. Maintaining clearly understood channels of communication will be important in fulfilling the need for a reasonable and timely assessment and escalation of detected cybersecurity incidents, and will assist companies in meeting the cybersecurity incident disclosure requirements. In addition, companies should confirm that their disclosure controls and procedures reflect the considerations discussed in the final rule’s adopting release for assessing materiality, including inputs to consider potential reputational harm and damage to customer and vendor relationships. Companies should plan to carefully document both their materiality analysis and the reasonableness of the time that it takes to assess materiality. As Commissioner Peirce noted during the meeting at which the SEC approved the final rule, the days and weeks following detection of a cybersecurity incident are incredibly demanding and stressful on companies, and the new SEC disclosure rules significantly heighten those pressures, but a well-documented playbook that is both sufficiently detailed and sufficiently flexible will serve companies well. In addition, while the final rule did not impose new insider trading procedures relating to cybersecurity incidents, companies should continue to carefully assess that topic during the course of their response to a cybersecurity incident and consider whether and when to suspend any purchases or sales of company securities by the company and by insiders.[27]
Only a narrow set of circumstances qualify for delaying the reporting of material cybersecurity instances and the delay may be difficult to obtain. As described above, the SEC retained the proposed requirement to disclose material cybersecurity incidents within four (4) business days of the company’s materiality determination with only narrow exceptions. The only generally applicable exception will require the Attorney General’s determination that disclosure poses substantial risk to national security or public safety. While the SEC stated that it has established an interagency communication process, we expect that there may be difficulty in a company obtaining a determination by the Department of Justice, through the Attorney General, that is provided to the Commission in writing within the four (4) business day window following the company’s materiality determination, at which point disclosure would be required. It is possible that companies will seek, and the Department of Justice will issue, such a notification of such determination to the Commission in only the most exceptional circumstances. For companies that regularly interact with agencies of the U.S. government responsible for national security, it is possible that certain incidents may be classified and consequently omitted from disclosure.
Companies may need to revisit their processes for managing cybersecurity risk. While the final rule is less prescriptive than the rule proposal, there are still a number of details regarding a company’s cybersecurity risk management processes that will need to be disclosed. Companies hoping to avoid disclosure of processes that lack features addressed in the final rule or that appear less robust than those of their peers may want to revisit their processes as they develop their disclosure. Specifically, companies should be aware of the need to describe their engagement of third parties in connection with the risk management process, any processes to oversee and identify risks associated with the use of third-party service providers, and the delegation of responsibility for cybersecurity risks between the board and management. While the SEC did not adopt the requirement to disclose cybersecurity expertise among board members, Commissioner Crenshaw stated that the Commission should continue to consider requiring such disclosure.[28]
Disclosures regarding material cybersecurity incidents and company’s risk management processes will require careful drafting. While some of the information required to be disclosed under the final rule has historically been disclosed to regulatory agencies and affected customers, the need to publicly disclose the information in an SEC filing will subject this information to much greater scrutiny and potential liability as a result of possible regulatory enforcement or litigation. These disclosures will require careful drafting to balance the obligation to timely disclose material information without material omission with the important business objective of avoiding unintentionally exposing weaknesses in a company’s cybersecurity profile that can be further exploited by malicious actors. While, as discussed above, incident disclosures do not require specific technical information, as Commissioner Peirce noted in her dissent,[29] disclosures could nonetheless provide attackers with important information, such as what the company knows about the incident and the potential financial impact, among other details, and may make it easier for attackers to identify targets. While the final rule allows companies a reasonable time to assess materiality, companies will be well served by avoiding a rushed drafting experience when preparing Form 8-K disclosures by involving inside and outside experts at an early stage. A careful review of companies’ cybersecurity incident response playbook, as addressed above, will also facilitate drafting the annual risk management and strategy disclosures. Companies’ disclosure controls and procedures should also address post-incident monitoring that allows them to address the highly fraught requirement to annually disclose how risks from previous cyber threats, including as a result of any previous cybersecurity incidents, have materially affected or are reasonably likely to materially affect the company. Assuming the final rule’s publication in the Federal Register is not substantially delayed, companies will have less than six months to review their existing incident response plans, consider them in light of the new disclosure rules, and make updates as needed.
Companies should coordinate their disclosure of cybersecurity risk management, strategy, and governance with existing disclosures. One of the SEC’s stated objectives in adopting the final rule is to consolidate disclosure into a single location in company filings. As noted by the SEC, many companies address cybersecurity risks and incidents in the risk factor sections of their filings, and risk oversight and governance is often addressed in companies’ proxy statements. However, the new rule requires disclosure to appear in a newly designated item in Part I of the annual report on Form 10-K and does not allow the disclosures to be incorporated from the proxy statement. Therefore, companies should review their risk factor and proxy statement disclosures when drafting the new discussions of cybersecurity risk management, strategy, and governance for the Form 10-K in order to maintain consistency with the company’s past public statements regarding its cybersecurity governance and processes and to assess how those disclosures may be enhanced or revised going forward. We expect companies will continue to include disclosure of cybersecurity governance in their proxy statements, and therefore should consider whether any details disclosed in response to Item 106 should be incorporated into the proxy statement disclosure.
__________________________
[1] For our discussion of the rule proposal, see Gibson Dunn Client Alert, SEC Proposes Rules on Cybersecurity Disclosure (Mar. 11, 2022).
[2] The SEC adopted the definition of “cybersecurity incident” used in Regulation S-K for purposes of Item 1.05. Accordingly, “cybersecurity incident” is defined to mean an unauthorized occurrence, or a series of related unauthorized occurrences, on or conducted through a company’s information systems that jeopardizes the confidentiality, integrity, or availability of a company’s information systems or any information residing therein. “Information systems” is defined to mean electronic information resources, owned or used by the company, including physical or virtual infrastructure controlled by such information resources, or components thereof, organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of the company’s information to maintain or support the company’s operations. Importantly, an unauthorized occurrence on or conducted through an information system that is used by, but not owned by, a company would still be considered a cybersecurity incident, meaning that companies may need to disclose cybersecurity incidents impacting information systems developed by a third party that the company uses.
[3] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, 87 FR 16590, 16624 (Mar. 23, 2022).
[4] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023) (“Adopting Release”) at 37-38.
[5] Id. at 38.
[6] Id. at 29-30.
[7] See Id. at 30.
[8] Id. at 31-32.
[9] Id. at 33.
[10] In extraordinary circumstances, disclosure may be delayed for a final additional period of up to 60 days if the Attorney General notifies the SEC in writing that disclosure continues to pose a substantial risk to national security. Public safety concerns alone would not be a sufficient basis to grant this additional 60-day delay. Id. at 34.
[11] See 46 CFR 64.2011(b)(1).
[12] Adopting Release, supra note 4, at 42 n.143.
[13] Id. at 41-42. This is despite the direct conflict that would arise should an “investigative agency,” such as the United States Secret Service, a component agency of the Department of Homeland Security, require a covered telecommunications carrier to delay disclosure consistent with 46 CFR 64.2011(b)(3). The SEC dismisses this conflict by suggesting that the Department of Homeland security may “work with the Department of Justice to seek a delay of disclosure,” presumably pursuant to a determination by the Attorney General. Id. at 42 n.145.
[14] Id. at 35 n.131.
[15] Id. at 169-170.
[16] Id. at 170.
[17] The Adopting Release mentions “chance technology outages” as an example of an accidental incident, which suggests that a crashed website (which, by definition, jeopardizes the availability of the company’s information systems) could meet the definition of a “cybersecurity incident.” Id. at 72.
[18] Id. at 169.
[19] Id. at 53.
[20] “Cybersecurity threat” is defined to mean any potential unauthorized occurrence on or conducted through a registrant’s information systems that may result in adverse effects on the confidentiality, integrity, or availability of a registrant’s information systems or any information residing therein.
[21] Adopting Release, supra note 4, at 60.
[22] Id. at 61.
[23] Id.
[24] Id. at 85.
[25] Id. at 70.
[26] Id. at 69-70.
[27] The Adopting Release specifically pointed out that the 2018 interpretative guidance issued by the Commission addressing the application of insider trading prohibitions in the context of cybersecurity remains in place. Id. at 96.
[28] See Commissioner Caroline A. Crenshaw, “Statement on Cybersecurity Adopting Release” (Jul. 26, 2023), available here.
[29] See Commissioner Hester M. Peirce, “Harming Investors and Helping Hackers: Statement on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure” (Jul. 26, 2023), available here.
The following Gibson Dunn attorneys assisted in preparing this update: Matthew Dolloff, Nicholas Whetstone, Stephenie Gosnell Handler, Thomas Kim, Brian Lane, Julia Lapitskaya, Vivek Mohan, Ronald Mueller, Michael Scanlon, Alexander Southwell, Michael Titera, and Lori Zyskowski.
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. To learn more, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Privacy, Cybersecurity and Data Innovation, Securities Regulation and Corporate Governance, or Securities Enforcement practice groups:
Privacy, Cybersecurity and Data Innovation Group:
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
S. Ashlie Beringer – Co-Chair, Palo Alto (+1 650-849-5327, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202-955-8510, [email protected])
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202-955-8505, [email protected])
Vivek Mohan – Palo Alto (+1 650-849-5345, [email protected])
Ashley Rogers – Dallas (+1 214-698-3316, [email protected])
Alexander H. Southwell – Co-Chair, New York (+1 212-351-3981, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202-955-8287, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, [email protected])
Brian J. Lane – Washington, D.C. (+1 202-887-3646, [email protected])
Julia Lapitskaya – New York (+1 212-351-2354, [email protected])
James J. Moloney – Co-Chair, Orange County (+1 949-451-4343, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Michael J. Scanlon – Washington, D.C. (+1 202-887-3668, [email protected])
Michael Titera – Orange County (+1 949-451-4365, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212-351-2309, [email protected])
Securities Enforcement Group:
Richard W. Grime – Co-Chair, Washington, D.C. (+1 202-955-8219, [email protected])
Mark K. Schonfeld – Co-Chair, New York (+1 212-351-2433, [email protected])
David Woodcock – Co-Chair, Dallas (+1 214-698-3211, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
Over the last few years, market conditions have changed so dramatically that today, no matter its products or services, every company is also in the environmental business. Prompted by the real-world impacts of climate change, many consumers now demand environmental action from corporations and prefer to buy products marketed as environmentally friendly. Many companies therefore market their products as “net-zero” or “carbon neutral”—and make pledges to be, as a business, “net-zero” by a certain date. In support of these pledges, companies often buy carbon credits from voluntary carbon markets to offset or mitigate their carbon emissions voluntarily.
Voluntary carbon markets present opportunity, but also create financial, regulatory, and litigation risks. Because the voluntary markets are often fragmented, suffer from a lack of transparency and, above all, are not subject to any statutory common standards, there is a lack of trust in the credits issued under these system, which also limits the tradability of the credits.
This quarterly newsletter aggregates the knowledge and experience of Gibson Dunn attorneys around the globe as we help our clients across all sectors navigate the ever-changing landscape of voluntary carbon markets.
The following Gibson Dunn lawyers assisted in the preparation of this alert: Susy Bullock, Michael Cannon, Matt Donnelly, Abbey Hudson, Brad Roach, Lena Sandberg, Jeffrey Steiner, Adam Lapidus, Jonathan Cockfield, Arthur Halliday, Natalie Harris, Yannis Ioannidis, Alexandra Jones, Mark Tomaier, Richie Vaughan, and Alwyn Chan.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Environmental, Social and Governance (ESG), Environmental Litigation and Mass Tort, Global Financial Regulatory, Energy, or Tax practice groups, or the following authors:
Environmental, Social and Governance (ESG) Group:
Susy Bullock – London (+44 (0) 20 7071 4283, [email protected])
Environmental Litigation and Mass Tort Group:
Abbey Hudson – Los Angeles (+1 213-229-7954, [email protected])
Global Financial Regulatory Group:
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])
Energy, Regulation and Litigation Group:
Lena Sandberg – Brussels (+32 2 554 72 60, [email protected])
Oil and Gas Group:
Brad Roach – Singapore (+65 6507 3685, [email protected])
Tax Group:
Michael Q. Cannon – Dallas (+1 214-698-3232, [email protected])
Matt Donnelly – Washington, D.C. (+1 202-887-3567, [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.
Palo Alto partner Vivek Mohan and associates Evan Kratzer and Wesley Sze are the authors of “White House announces commitments by leading companies to responsible development of AI technology” [PDF] published by the Daily Journal on July 21, 2023.
This client alert provides an overview of shareholder proposals submitted to public companies during the 2023 proxy season, including statistics and notable decisions from the staff (the “Staff”) of the Securities and Exchange Commission (the “SEC”) on no-action requests.
I. Summary of Top Shareholder Proposal Takeaways from the 2023 Proxy Season
As discussed in further detail below, based on the results of the 2023 proxy season, there are several key takeaways to consider for the coming year:
- Shareholder proposal submissions rose yet again. For the third year in a row, the number of proposals submitted increased. In 2023, the number of proposals increased by 2% to 889—the highest number of shareholder proposal submissions since 2016.
- The number of executive compensation proposals significantly increased, along with a continued increase in environmental and social proposals. Executive compensation proposals increased notably, up 108% from 2022, with the increase largely attributable to proposals seeking shareholder approval of certain executive severance agreements. The number of both environmental and social proposals also increased, up 11% and 3% respectively, compared to 2022 and 68% and 24% respectively, compared to 2021. In contrast, governance proposals declined 14%, and civic engagement proposals declined 6%. The five most popular proposal topics in 2023, representing 43% of all shareholder proposal submissions, were (i) climate change, (ii) independent chair, (iii) nondiscrimination and diversity-related, (iv) shareholder approval of certain severance agreements, and (v) special meetings. Of the five most popular topics in 2023, all but one (shareholder approval of certain severance agreements replacing lobbying spending and political contributions) were also in the top five in 2022.
- While the number of no-action requests dropped significantly, the percentage of proposals excluded pursuant to a no-action request rebounded from 2022’s historic low. Only 175 no-action requests were submitted to the Staff in 2023, representing a submission rate of 20%, down from a submission rate of 29% in 2022 and 34% in 2021. The overall success rate for no-action requests, after plummeting to only 38% in 2022, rebounded to 58% in 2023, but was still well below the 71% success rate in 2021, and marked the second lowest success rate since 2012. Success rates in 2023 improved for duplicate proposals (100% in 2023, up from 31% in 2022), procedural (80% in 2023, up from 68% in 2022), ordinary business (50% in 2023, up from 26% in 2022), and substantial implementation grounds (26% in 2023, up from with 15% in 2022), while success rates declined for resubmissions (43% in 2023, compared with 56% in 2022) and violation of law (33% in 2023, compared with 40% in 2022).
- The number of proposals voted on increased yet again, but overall voting support decreased significantly, and less than 3% of proposals submitted received majority support. In 2023, over 54% of all proposals submitted were voted on, compared with 50% of submitted proposals voted on in 2022. Despite this increase, average support for all shareholder proposals plummeted to 23.3% in 2023, down from 30.4% in 2022. The decrease in average support was primarily driven by decreased support for both social and environmental proposals, with support for social (non-environmental) proposals decreasing to 17.2% in 2023 from 23.2% in 2022 and support for environmental proposals decreasing to 21.3% in 2023 from 33.8% in 2022. And in line with lower support overall, only 25 shareholder proposals received majority support in 2023, down from 55 in 2022.
- More change is in store for the shareholder proposal process, as the SEC considers further amendments to Rule 14a-8, Congress homes in on reform of Rule 14a-8, and stakeholders challenge the SEC’s role in the process. In July 2022, the SEC proposed amendments to Rule 14a-8 that, if adopted, would make it significantly more challenging for companies to exclude shareholder proposals on substantial implementation, duplication, and resubmission grounds. The SEC targeted approval of these amendments by October 2023, which means the 2024 proxy season could see further changes in how companies approach no-action requests. Additionally, the Financial Services Committee of the U.S. House of Representatives recently formed a Republican ESG Working Group, which has identified reforming the Rule 14a-8 no-action request process as a key priority of the Working Group’s focus on reforming the proxy voting system for retail investors. And, as discussed below, legal action by two stakeholder groups, the National Center for Public Policy Research and the National Association of Manufacturers, could disrupt the shareholder proposal process altogether.
- Proponents’ use of exempt solicitations grows again, and now others are joining the game. Exempt solicitation filings continued to proliferate, with the number of filings reaching a record high again this year and increasing almost 22% over last year and 64% compared to 2021. As in prior years, the vast majority of exempt solicitations filed in 2023 were filed by shareholder proponents on a voluntary basis—i.e., outside of the intended scope of the SEC’s rules—in order to draw attention and publicity to pending shareholder proposals. Interestingly, third parties have begun intervening in the shareholder proposal process by using exempt solicitation filings to provide their views on shareholder proposals submitted by unaffiliated shareholder proponents.
The following Gibson Dunn attorneys assisted in preparing this update: Elizabeth Ising, Thomas J. Kim, Julia Lapitskaya, Ronald O. Mueller. Michael Titera, Lori Zyskowski, Geoffrey Walter, Victor Twu, Natalie Abshez, Meghan Sherley, Michael Svedman*, and Nicholas Whetstone.
Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work, or any of the following lawyers in the firm’s Securities Regulation and Corporate Governance practice group:
Aaron Briggs – San Francisco, CA (+1 415-393-8297, [email protected])
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, [email protected])
Julia Lapitskaya – New York, NY (+1 212-351-2354, [email protected])
Ronald O. Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Michael Titera – Orange County, CA (+1 949-451-4365, [email protected])
Lori Zyskowski – New York, NY (+1 212-351-2309, [email protected])
Geoffrey E. Walter – Washington, D.C. (+1 202-887-3749, [email protected])
David Korvin – Washington, D.C. (+1 202-887-3679, [email protected])
*Michael Svedman is an associate practicing in the firm’s Washington, D.C. office who currently is admitted to practice only in New York.
Texas is known for its business-friendly environment, with low taxes and minimal government regulation. But the state has faced criticism for years about its legal system being slow, unpredictable, and costly, hindering economic growth and development. While nearly thirty other states have created specialized business courts, Texas has not updated its judicial system since the late 1960s. Consequently, elected judges who may never have been exposed to large-scale commercial litigation are called upon to preside over such complex cases alongside run-of-the-mill family law disputes and personal injury claims. And, unlike their federal colleagues, they usually do so without the benefit of full-time clerks to work through what can be mountains of paper.
The predictable result of this combination of bet-the-company cases with small-dollar disputes is that state trial judges’ dockets can become overwhelmed when faced with a complex, large-scale mergers-and-acquisitions or securities issue. These cases often require in-depth research by the judge, lengthy judicial consideration of complex motions, and extremely detailed parsing of complex commercial agreements, all of which are time-consuming and resource-intensive, taking time from their regular dockets. Consequently, these cases can be subject to significant processing delays at the state trial court level. Similarly, the lack of a requirement for written opinions in all cases and the comparatively rare nature of complex commercial cases in state trial courts—for many state trial court judges the first of these massive cases heard in their courtroom may also be the last—has led to a lack of certainty and stability around these types of cases in Texas business law.
Thus, despite its world-class economy, Texas’s judicial system has sometimes led corporations and other business entities to incorporate and litigate in other states, such as Delaware or New York, which have specialized business courts where the timeline for dispute resolution is more certain.
However, following the recently concluded legislative session, specialized business courts are coming to Texas. Last month, Texas enacted House Bill 19 (HB 19), which will create a specialized business trial court: the Texas Business Court (TBC)[1].
The TBC’s stated primary objective is to provide a faster, more efficient, and more cost-effective dispute resolution mechanism for businesses. It will be a specialized trial court designed to handle complex commercial disputes and streamline the litigation process. In this way, the new court will change the procedures for commercial litigation in Texas, with significant implications for businesses and individuals.
Supporters argue that the TBC will provide a more specialized and tailored approach to handling commercial disputes. The new court will also have the power to hear cases from other jurisdictions, potentially making Texas more attractive for businesses seeking a more predictable and efficient legal system.
Specialization
The TBC will oversee cases concerning corporate governance disputes, certain contract and commercial transactions, and actions seeking declaratory or injunctive relief. The TBC will have jurisdiction over matters in which the amount in controversy exceeds $5 million in some cases and $10 million in others, excluding interest, statutory damages, exemplary damages, penalties, attorney’s fees, and court costs.
The specialized nature of the court is intended to streamline the litigation process, reducing the time and cost associated with resolving disputes. Currently, businesses must navigate a court system that may not have the same level of specialization in commercial litigation, resulting in additional costs and delays.
As the enacting legislation is currently written, the court will start with only five divisions that oversee major metropolitan areas. The governor would appoint judges to the business court for a two-year term, and judges can be re-appointed multiple times. As time goes on, additional divisions will come online until the TBC covers all 11 existing judicial administrative regions.
Judges
Like probate or criminal courts, the TBC will be a specialized court and have specialized judges with expertise in business law and commercial litigation. Instead of being elected like other Texas district judges, business court judges will be appointed by the governor. And instead of being open to any attorney who meets the minimum legal requirement to stand for election—just four years of legal practice—business court judges appointed to the TBC by the governor must meet a set of requirements designed to ensure they have the knowledge, skills, and ability to handle complex commercial cases smoothly and efficiently. As currently written, business court judges must have ten years of experience practicing complex civil business litigation, practicing business transaction law, or serving as a judge of a Texas state court with civil jurisdiction (or any combination thereof). These requirements are designed to ensure a baseline level of business law experience and expertise for complex commercial cases being adjudicated in the new TBC.
Importantly, judges on the TBC will have access to more resources and information, allowing them to make more informed decisions on cases. For example, they may have access to technical experts or business consultants who can provide specialized knowledge on a particular issue. This can speed up the decision-making process and ensure that the court’s rulings are accurate and informed.
TBC judges will also be required to issue written opinions in their cases. This requirement should go far towards building up a stable and predictable body of precedent for Texas business law and put businesses on notice as to how Texas judges actually apply that precedent.
Efficiency
The TBC will aim to provide a more efficient dispute resolution mechanism, which is critical for businesses looking to resolve disputes quickly and cost-effectively. The TBC will also allow for more streamlined discovery, which is a process of gathering evidence before trial. Currently, discovery in commercial cases can be extensive and costly, taking up valuable time and resources. This is especially true when there are no prior written opinions from the judges outlining their approach to discovery in large-scale, complex cases. The TBC will limit discovery to only what is necessary, reducing the time and cost of the litigation process.
Removal and Transfer
Under HB 19, businesses will have the opportunity to remove cases to the TBC within 30 days of receiving the initial notice of summons that named the party in state court. Removing the case to the TBC will not waive a defect in venue or constitute an appearance to determine personal jurisdiction. Similarly, a transfer provision in HB 19 allows for the judge of a court in which an action was initially filed to request the transfer of the case to the business court if it was within the business court’s jurisdiction.
These provisions will help prevent businesses from being hauled into state court for disputes which fall under the more specialized jurisdiction of the business court and will ensure fair and equal access to the TBC for all businesses and disputes which fall under its specialized jurisdiction.
Appeals
HB 19 also provides that the new statewide 15th Court of Appeals, created by additional legislation from the Texas Legislature last session, will have exclusive jurisdiction over all appeals from an order or judgment of the business court, or an original proceeding related to an action or order of the business court. The 15th Court of Appeals will be composed of judges elected in statewide elections. The creation of this new appellate court, in conjunction with the creation of the TBC, means that Texas business law will have consistent precedents generated at both the district and appellate levels.
Predictions
It is difficult to predict exactly what will happen to the number of lawsuits filed after the TBC is enacted, as there are several factors that could influence those numbers. However, it is likely that the TBC’s creation will increase the filings of commercial and business suits in Texas as business grow more confident in the revamped Texas judicial system.
First, it is likely that the establishment of the TBC will lead to more businesses choosing Texas as the preferred jurisdiction for their commercial disputes due to the TBC’s specialization, efficiency, and predictability. Such a result will naturally attract more lawsuits to Texas. Based on anecdotal evidence, it appears that many Texas companies will adopt mandatory venue clauses that will place their commercial lawsuits in the TBC. This could lead to an increase in the number of lawsuits filed in Texas, particularly from businesses based outside of the state.
Second, it is likely that the TBC’s specialization in business disputes could lead to a virtuous cycle of an ever-increasing number of disputes being resolved through the TBC. If businesses have confidence in the TBC’s ability to handle complex commercial disputes and see a body of strong precedent and caselaw being built up by the TBC and the 15th Court of Appeals, they may be more willing to initiate disputes in the TBC, or remove existing disputes to the TBC. As time goes on, this may lead to an increase in the number of lawsuits filed in Texas.
Third, the certainty offered by the TBC for business law issues moving forward will, over time, likely result in more businesses choosing to incorporate in Texas and more individuals choosing to start businesses in Texas. It is an unfortunate reality that some of these businesses eventually will become embroiled in litigation, and when they do they will likely take their cases to the TBC. This too probably will lead to an increase in the number of lawsuits filed in Texas.
Overall, the impact of the TBC on the number of lawsuits filed in Texas will depend on a variety of factors, including the court’s effectiveness in handling commercial disputes, the degree to which businesses trust the TBC, and the willingness of litigants to pursue lawsuits in a court with strict timelines and streamlined procedures. But the establishment of the TBC is a major change in Texas law that will affect businesses and litigants for decades to come.
__________________________
[1] Please see the enacted bill and Texas House Research Organization analysis for additional details.
The following Gibson Dunn attorneys assisted in preparing this client update: Trey Cox and John Daniel Rimann.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Appellate, Litigation, or Trials practice groups, or any of the following in Texas:
Gregg J. Costa – Co-Chair, Trials Group, Houston (+1 346-718-6649, [email protected])
Collin J. Cox – Houston (+1 346-718-6604, [email protected])
Trey Cox – Dallas (+1 214-698-3256, [email protected])
Allyson N. Ho – Co-Chair, Appellate & Constitutional Law Group, Dallas
(+1 214-698-3233, [email protected])
John Daniel Rimann – Dallas (+1 214-698-3178 , [email protected])
© 2023 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice. Please note, prior results do not guarantee a similar outcome.