New York partner Akiva Shapiro is the author of “Holocaust Survivors Deserve Their Day in Court,” [PDF] published by The Wall Street Journal on December 6, 2020.

On December 1, 2020, The Nasdaq Stock Market LLC (“Nasdaq”) announced that it filed with the U.S. Securities and Exchange Commission (the “SEC”) a proposal to advance board diversity and enhance transparency of board diversity statistics through new listing requirements. This client alert provides a summary of the proposed rules and the rationale for the proposals. In summary, if approved by the SEC, the proposed rules would require certain Nasdaq-listed companies to: (A) annually disclose diversity statistics regarding their directors’ voluntary self-identified characteristics in substantially the format proposed by Nasdaq for the current year and (after the first year of disclosure) the immediately prior year; and (B) include on their boards of directors at least two “Diverse” directors (as defined in the rules) or publicly disclose why their boards do not include such “Diverse” directors.

Nasdaq’s Annual Board Diversity Disclosure Proposal

The proposed rules would require Nasdaq-listed companies, other than “Exempt Entities” (as defined below), to provide statistical information about each director’s self-identified gender, race, and self-identification as LGBTQ+ in substantially the format proposed by Nasdaq under new proposed Rule 5606 (the “Board Diversity Matrix”), which is reproduced as Exhibit A below and is also available at the Nasdaq Listing Center here. Following the first year of disclosure, companies would be required to disclose the current year and immediately prior year diversity statistics using the Board Diversity Matrix or in a substantially similar format.

This statistical information disclosure would be required to be provided (A) in the company’s proxy statement or information statement for its annual meeting of shareholders, or (B) on the company’s website. If the company provides such disclosure on its website, the company must also submit such disclosure and include a URL link to the disclosure through the Nasdaq Listing Center no later than 15 calendar days after the company’s annual shareholders meeting.

The proposed diversity disclosure requirement is limited to the board of directors of the company, and does not require disclosure of diversity metrics for management and staff. Foreign Issuers may elect to satisfy the board composition disclosure requirement through an alternative disclosure matrix template. (See Nasdaq Identification Number 1761).

Include Diverse Directors or Explain

The proposed listing rule would require most Nasdaq-listed companies, other than “Exempt Entities” (as defined below), to:

 

(A)

have at least two members of its board of directors who are “Diverse,” which includes:

   
  

(1)

  

at least one director who self-identifies her gender as female, without regard to the individual’s designated sex at birth (“Female”); and
     

(2)

  

at least one director who self-identifies as one or more of the following:
   
  
 

(i)

  

Black or African American, Hispanic or Latinx, Asian, Native American or Alaska Native, Native Hawaiian or Pacific Islander, or two or more races or ethnicities (“Underrepresented Minority”); or
       
 

(ii)

  

as lesbian, gay, bisexual, transgender or a member of the queer community (“LGBTQ+”); or
   
 

(B)

explain why the company does not have at least two directors on its board who self-identify as “Diverse.”

For the purposes of the proposed rule described above, the term “Diverse” means an individual who self-identifies in one or more of the following categories defined above: Female, Underrepresented Minority or LGBTQ+.

Foreign Issuers (including Foreign Private Issuers) and Smaller Reporting Companies would have more flexibility to satisfy the requirement for two Diverse directors by having two Female directors. In the case of a Foreign Issuer, in lieu of the definition above, “Diverse” means an individual who self-identifies as one or more of the following: Female, LGBTQ+, or an underrepresented individual based on national, racial, ethnic, indigenous, cultural, religious or linguistic identity in the company’s home country jurisdiction.

While Nasdaq’s definition of a “Diverse” director is substantially aligned with California’s Board Gender Diversity Mandate, there are some key differences, which are highlighted by Nasdaq here. Also, according to Nasdaq, the proposed rule “would exclude emeritus directors, retired directors and members of an advisory board. The diversity requirements of the proposed rule would only be satisfied by Diverse directors actually sitting on the board of directors of the company.” (See Nasdaq Identification Number 1770).

The definition of “Underrepresented Minority” is consistent with the categories reported to the U.S. Equal Employment Opportunity Commission through the Employer Information Report EEO-1 Form.

Exempt Entities

The following entities are exempt from the requirements described under “Nasdaq’s Annual Board Diversity Disclosure Proposal” and “Include Diverse Directors or Explain” above (the “Exempt Entities”):

  • acquisition companies listed under IM-5101-2 (Listing of Companies Whose Business Plan is to Complete One or More Acquisitions);
  • asset-backed issuers and other passive issuers (as set forth in Rule 5615(a)(1) (Asset-backed Issuers and Other Passive Issuers));
  • cooperatives (as set forth in Rule 5615(a)(2) (Cooperatives));
  • limited partnerships (as set forth in Rule 5615(a)(4) (Limited Partnerships));
  • management investment companies (as set forth in Rule 5615(a)(5) (Management Investment Companies));
  • issuers of nonvoting preferred securities, debt securities and Derivative Securities (as set forth in Rule 5615(a)(6) (Issuers of Non-Voting Preferred Securities, Debt Securities and Derivative Securities)); and
  • issuers of securities listed under the Rule 5700 Series (Other Securities).

Compliance Period

Annual Board Diversity Disclosure Proposal

Each Nasdaq-listed company would have one calendar year from the date the SEC approves the Nasdaq rules (the “Approval Date”) to comply with the board diversity disclosure requirement. Each company newly listing on Nasdaq, including any Special Purpose Acquisition Company (“SPAC”) listed or listing in connection with a business combination under Nasdaq’s IM-5101-2, would be require to comply with the board diversity requirement within one year of listing, subject to the conditions further discussed under “Phase-in Period” below.

Board Diversity Rule Proposal

Each Nasdaq-listed company would have two calendar years from the Approval Date to have, or explain why it does not have, at least one Diverse director. Further, Nasdaq proposes for each company to have, or explain why it does not have, two diverse directors no later than: (i) four calendar years after the Approval Date, for companies listed on the Nasdaq Global Select or Nasdaq Global Market; or (ii) five calendar years after the Approval Date, for companies listed on the Nasdaq Capital Market. A company listing after the Approval Date, but prior to the end of the periods set forth in this paragraph, must satisfy the Diverse directors requirements by the latter of the periods set forth in this paragraph or one year from the date of listing. A SPAC “would be exempt from the proposed board diversity and disclosure rules until one year following the completion of [the SPAC’s] business combination.” (See Nasdaq Identification Number 1762).

Phase-in Period

Any company newly listing on Nasdaq will be permitted one year from the date of listing on Nasdaq to satisfy the requirements of Diverse directors, as long as such company was not previously subject to a substantially similar requirement of another national securities exchange, including through an initial public offering, direct listing, transfer from the over-the-counter market or another exchange, or through a merger with an acquisition company listed under Nasdaq’s IM-5101-2. This phase-in period will apply after the end of the transition periods described under “Compliance Period” above.

Cure Period

If a company does not have at least two Diverse directors and fails to provide the required disclosure, the Nasdaq’s Listing Qualifications Department will notify the company that it has until the later of the company’s next annual shareholders meeting or 180 days from the event that caused the deficiency to cure the deficiency.

Rationale

The proposed requirements are an extension of Nasdaq’s (and other securities exchanges’) use of the listing rules to improve listed companies’ corporate governance (e.g., the requirement of independent committees). The proposed disclosure requirements build on the SEC Division of Corporation Finance’s Compliance and Disclosure Interpretations 116.11 and 133.13, issued on February 6, 2019, regarding director and director nominee diversity disclosure under Items 401 and 407 of Regulation S-K, and reflect similar movement in the market (e.g., Goldman Sachs’s new standard requirement to have at least one diverse board member on companies it helps take public in 2020 and two in 2021). However, according to the New York Times, “[o]ver the past six months, Nasdaq found that more than 75 percent of its listed companies did not meet its proposed diversity requirements.”

Nasdaq’s proposal cited studies about the positive correlation of diversity and shareholder value, investor protection, decision making and monitoring management. In connection with the proposed rules, Nasdaq also announced that it “conducted an internal study of the current state of board diversity among Nasdaq-listed companies based on public disclosures, and found that while some companies already have made laudable progress in diversifying their boardrooms, the national market system and the public interest would best be served by an additional regulatory impetus for companies to embrace meaningful and multi-dimensional diversification of their boards.”

Additional Information

Nasdaq has provided additional information through a summary and Frequently Asked Questions available on Nasdaq’s Reference Library Advanced Search, in Identification Numbers 1745 through 1777.

Nasdaq also announced a partnership with Equilar, Inc., a provider of corporate leadership data solutions, to aid Nasdaq-listed companies with board composition planning challenges and allowing Nasdaq-listed companies, through the Equilar BoardEdge platform, to have access to diverse board candidates to amplify director search efforts.

Next Steps

The proposed rules will be published in the Federal Register and subject to public comment. Comments to the proposed rules should be submitted to the SEC within 21 days of their publication in the Federal Register.

The approval period may take as little as 30 calendar days and as long as 240 calendar days from the date of publication of the proposed rules in the Federal Register (as described in further detail below). If approved by the SEC, the “Compliance Period” discussed above would begin.

  • Section 19(b)(2)(C)(iii) of the U.S. Securities Exchange Act of 1934, as amended (the “Exchange Act”), provides that the SEC may not approve a proposed rule change earlier than 30 days after the date of publication of the proposed rules in the Federal Register, unless the SEC finds good cause for so doing and publishes the reason for the finding.
  • Under Section 19(b)(2)(A)(i) of the Exchange Act, within 45 days of the date of publication of the proposed rules in the Federal Register, the SEC may approve or disapprove the proposed rule change by order or, under Section 19(b)(2)(A)(ii) of the Exchange Act, extend the period by not more than an additional 45 days (to a total of 90 days).
  • However, if the SEC does not approve or disapprove the proposed rule change, Section 19(b)(2)(B)(i)(II) of the Exchange Act allows the SEC the opportunity for hearings to be concluded no later than 180 days after the notice of the proposed rule change (which can be extended by not more than 60 days (to a total of 240 days), pursuant to Section under Section 19(b)(2)(B)(ii)(II) of the Exchange Act).

Exhibit A

Board Disclosure Format

Board Diversity Matrix (As of [DATE])
Board Size:
Total Number of Directors#
Gender:MaleFemaleNon-BinaryGender Undisclosed
Number of directors based on gender identity####
Number of directors who identify in any of the categories below:
African American or Black####
Alaskan Native or American Indian####
Asian####
Hispanic or Latinx####
Native Hawaiian or Pacific Islander####
White####
Two or More Races or Ethnicities####
LGBTQ+#
Undisclosed#

 

Board Diversity Matrix (As of [DATE])
Foreign Issuer under Rule 5605(f)(1)
Country of Incorporation:[Insert Country Name]
Board Size:
Total Number of Directors#
Gender:MaleFemaleNon-BinaryGender Undisclosed
Number of directors based on gender identity####
Number of directors who identify in any of the categories below:
LGBTQ+#
Underrepresented Individual in Home Country Jurisdiction#
Undisclosed#

 

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. For additional information, please contact the Gibson Dunn lawyer with whom you usually work, any lawyer in the firm’s Securities Regulation and Corporate Governance and Capital Markets practice groups, or the authors:

Hillary H. Holmes – Houston (+1 346-718-6602, [email protected])
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, [email protected])
Ron Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Lori Zyskowski – New York (+1 212-351-2309, [email protected])
Rodrigo Surcan – New York (+1 212-351-5329, [email protected])

Please also feel free to contact any of the following practice leaders and members:

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Co-Chair, Washington, D.C. (+1 202-955-8287, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, [email protected])
Ron Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Michael Titera – Orange County, CA (+1 949-451-4365, [email protected])
Lori Zyskowski – Co-Chair, New York (+1 212-351-2309, [email protected])
Aaron Briggs – San Francisco (+1 415-393-8297, [email protected])
Courtney Haseley – Washington, D.C. (+1 202-955-8213, [email protected])
Julia Lapitskaya – New York (+1 212-351-2354, [email protected])
Cassandra Tillinghast – Washington, D.C. (+1 202-887-3524, [email protected])

Capital Markets Group:
Andrew L. Fabens – Co-Chair, New York (+1 212-351-4034, [email protected])
Hillary H. Holmes – Co-Chair, Houston (+1 346-718-6602, [email protected])
Stewart L. McDowell – Co-Chair, San Francisco (+1 415-393-8322, [email protected])
Peter W. Wardle – Co-Chair, Los Angeles (+1 213-229-7242, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Join our panel of seasoned Gibson Dunn partners from our Paris, Munich and London offices in a discussion concerning the ongoing impact of the current pandemic on employers in Europe.

PANELISTS:

Bernard Grinspan – Moderator: A French and New York qualified partner based in the Paris office of Gibson Dunn. For more than twenty years, Mr. Grinspan has advised publicly traded and privately held business entities on mergers and acquisitions, joint ventures and works closely with clients to provide guidance on strategic and financial investments. He plays a major role in the growth of Gibson Dunn’s European practices. He was and continues to be instrumental in the development of the firm’s European offices into high quality legal service providers, capable of advising foreign clients on the laws of their respective jurisdictions.

James Cox: A partner in the London office and a member of the firm’s Labor and Employment Practice Group. Mr. Cox has extensive experience in contentious and non-contentious labor and employment matters.

Nataline Fleury: A partner in the Paris office and a member of the firm’s Labor and Employment Practice Group. Ms. Fleury heads the employment practice in Paris, which focuses on employment law and social security issues, notably advising French and international clients on employment law aspects of M&A transactions. She has significant expertise in all aspects of employment law, in particular in relation to restructuring transactions, acquisitions and disposals, including the implementation of workforce reduction plans, employment audits, employment contracts, executive earnings programmes, transactional agreements and dealing with employee representatives, in particular for the implementation of collective agreements and codes of compliance.

Mark Zimmer: A partner in the Munich office and a member of the firm’s Labor and Employment Practice Group. Mr. Zimmer advises companies on all employment-related matters. He represents his clients in particular in connection with reorganizations, mergers and acquisitions, as well as the hiring and separation of executives.

The two most influential proxy advisory firms—Institutional Shareholder Services (“ISS”) and Glass, Lewis & Co. (“Glass Lewis”)—recently released their updated proxy voting guidelines for 2021. The key changes to the ISS and Glass Lewis policies are described below along with some suggestions for actions public companies should take now in light of these policy changes and other developments. An executive summary of the ISS 2021 policy updates is available here and a more detailed chart showing additional updates to its voting policies and providing explanations for the updates is available here. The 2021 Glass Lewis Guidelines are available here and the 2021 Glass Lewis Guidelines on Environmental, Social & Governance Initiatives are available here.

ISS 2021 Voting Policy Updates

On November 12, 2020, ISS released updates to its proxy voting guidelines for shareholder meetings held on or after February 1, 2021. This summary reviews the major policy updates that apply to U.S. companies, which are used by ISS in making voting recommendations on director elections and company and shareholder proposals at U.S. companies.

ISS plans to issue a complete set of updated policies on its website in December 2020. ISS also indicated that it plans to issue updated Frequently Asked Questions (“FAQs”) on certain of its policies in December 2020, and it issued a set of preliminary FAQs on the U.S. Compensation Policies and the COVID-19 Pandemic in October 2020, which are available here. In January 2021, ISS will evaluate new U.S. shareholder proposals that are anticipated for 2021 and update its voting guidelines as necessary.

  1. Director Elections

Board Racial/Ethnic Diversity

While ISS has not previously had a voting policy regarding board racial or ethnic diversity, ISS noted that many investors have shown interest in seeing this type of diversity on public company boards, especially in light of recent activism seeking racial justice. In its annual policy survey administered in the summer of 2020, ISS reported that almost 60% of investors indicated that boards should aim to reflect a company’s customer base and the broader societies in which companies operate by including directors drawn from racial and ethnic minority groups, and 57% of investors responded that they would also consider voting against members of the nominating committee (or other directors) where board racial and ethnic diversity is lacking.

Under ISS’s updated policy, at companies in the Russell 3000 or S&P 1500 indices:

  • For the 2021 proxy season, the absence of racial/ethnic diversity on a company’s board will not be a factor in ISS’s voting recommendations, but will be highlighted by ISS in its research reports to “help investors identify companies with which they may wish to engage and foster dialogue between investors and companies on this topic.” ISS will only consider aggregate diversity statistics “if specific to racial and/or ethnic diversity.”
  • For the 2022 proxy season, ISS will generally recommend votes “against” the chair of the nominating committee (or other directors on a case-by-case basis) where the board has no apparent racially or ethnically diverse members. Mitigating factors include the presence of racial and/or ethnic diversity on the board at the preceding annual meeting and a firm commitment to appoint at least one racially and/or ethnically diverse member within a year.

ISS highlighted several factors in support of its new policy, including obstacles to increasing racial and ethnic diversity on boards (citing studies conducted by Korn Ferry and the “Black Corporate Directors Time Capsule Project”), new California legislation, AB 979, to promote the inclusion of “underrepresented communities” on boards, recent comments by SEC Commissioner Allison Lee in support of strengthened additional guidance on board candidate diversity characteristics, diversity-related disclosure requirements and SEC guidance, and investor initiatives focused on racial/ethnic diversity on corporate boards.

Board Gender Diversity

ISS announced a policy related to board gender diversity in 2019, and provided a transitional year (2020) for companies that previously had no female directors to make a commitment to add at least one female director by the following year. In its recent policy updates, ISS removed the transition-related language, as the transition period will end soon. After February 1, 2021, ISS will recommend votes “against” the chair of the nominating committee (or other directors on a case-by-case basis) at any company that has no women on its board except in situations where there was at least one woman on the board at the previous annual meeting, and the board commits to “return to a gender-diverse status” by the next annual meeting.

Material Environmental & Social Risk Oversight Failures

Under extraordinary circumstances, ISS recommends votes “against” directors individually, committee members, or the entire board, in the event of, among other things, material failures of risk oversight. Current ISS policy cites bribery, large or serial fines or sanctions from regulatory bodies, significant adverse legal judgments or settlements, or hedging of company stock as examples of risk oversight failures. The policy updates add “demonstrably poor risk oversight of environmental and social issues, including climate change” as an example of a board’s material failure to oversee risk. ISS previously noted in its proposed policy updates that this policy is intended for directors of companies in “highly impactful sector[s]” that are “not taking steps to reduce environmental and social risks that are likely to have a large negative impact on future company operations” and is “expected to impact a small number of directors each year.”

“Deadhand” or “Slowhand” Poison Pills

ISS generally recommends votes case-by-case on director nominees who adopted a short-term poison pill with a term of one year or less, depending on the disclosed rationale for the adoption and other relevant factors. Noting that the unilateral adoption of a poison pill with a “deadhand” or “slowhand” feature is a “material governance failure,” ISS will now also generally recommend votes “against” directors at the next annual meeting if a board unilaterally adopts a poison pill with this feature, whether the pill is short-term or long-term and even if the pill itself has expired by the time of that meeting.

ISS explains that a deadhand pill provision is “generally phrased as a ‘continuing director (or trustee)’ or ‘disinterested director’ clause and restricts the board’s ability to redeem or terminate the pill” and “can only be redeemed if the board consists of a majority of continuing directors, so even if the board is replaced by shareholders in a proxy fight, the pill cannot be redeemed,” and therefore, “the defunct board prevents [the redemption]” of the pill. Continuing directors are defined as “directors not associated with the acquiring person, and who were directors on the board prior to the adoption of the pill or were nominated by a majority of such directors.” A slowhand pill is “where this redemption restriction applies only for a period of time (generally 180 days).”

Classification of Directors as Independent

While there are several changes to ISS’s policy, the primary change is to limit the “Executive Director” classification to officers only, excluding other employees. According to ISS, this change will not result in any vote recommendation changes under its proxy voting policy, but may provide additional clarity for institutional holders whose overboarding policies apply to executive officers.

  1. Other Board-Related Proposals

Board Refreshment

Previously, ISS generally recommended votes “against” proposals to impose director tenure and age limits. Under the updated policy, ISS will now take a case-by-case approach for tenure limit proposals while continuing to recommend votes “against” age-limit proposals. With respect to management proposals for tenure limits, ISS will consider the rationale and other factors such as the robustness of the company’s board evaluation process, whether the limit is of sufficient length to allow for a broad range of director tenures, whether the limit would disadvantage independent directors compared to non-independent directors, and whether the board will impose the limit evenly, and not have the ability to waive it in a discriminatory manner. With respect to shareholder proposals for tenure limits, ISS will consider the scope of the proposal and whether there is evidence of “problematic issues” at the company combined with, or exacerbated by, a lack of board refreshment.

ISS noted that the board refreshment is “best implemented through an ongoing program of individual director evaluations, conducted annually, to ensure the evolving needs of the board are met and to bring in fresh perspectives, skills, and diversity as needed,” but it cited the growing attention on board refreshment as a mechanism to achieve board diversity as an impetus for this policy change.

  1. Shareholder Rights and Defenses

Exclusive Forum Provisions

Exclusive forum provisions in company governing documents historically have required shareholders to go to specified state courts if they want to make fiduciary duty or other intra-corporate claims against the company and its directors. In March 2020, a unanimous Delaware Supreme Court confirmed the validity of so-called “federal forum selection provisions”—provisions that Delaware corporations adopt in their governing documents requiring actions arising under the Securities Act of 1933 (related to securities offerings) to be filed exclusively in federal court. Noting that the benefits of eliminating duplicative litigation and having cases heard by courts that are “well-versed in the applicable law” outweigh the potential inconvenience to plaintiffs, ISS updated its policy to recommend votes “for” provisions in the charter or bylaws (and announced it would not criticize directors who unilaterally adopt similar provisions) that specify “the district courts of the United States” (instead of particular federal district court) as the exclusive forum for federal securities law claims. ISS will oppose federal exclusive forum provisions that designate a particular federal district court. ISS also updated its policy on state exclusive forum provisions. At Delaware companies, ISS will generally support provisions in the charter or bylaws (and will not criticize directors who unilaterally adopt similar provisions) that select Delaware or the Delaware Court of Chancery. For companies incorporated in other states, if the provision designates the state of incorporation, ISS will take a case-by-case approach, considering a series of factors, including disclosure about harm from duplicative shareholder litigation.

Advance Notice Requirements

ISS recommends votes case-by-case on advance notice proposals, supporting those that allow shareholders to submit proposals/nominations as close to the meeting date as reasonably possible. Previously, to be “reasonable,” the company’s deadline for shareholder notice of a proposal/nomination had to be not more than 60 days prior to the meeting, with a submittal window of at least 30 days prior to the deadline. In its updated policy, ISS now considers a “reasonable” deadline to be no more than 120 days prior to the anniversary of the previous year’s meeting with a submittal window no shorter than 30 days from the beginning of the notice period (also known as a 90-120 day window). ISS notes that this is in line with recent market practice. This policy applies only in limited situations where a company submits an advance notice provision for shareholder approval.

Virtual Shareholder Meetings

In light of the ongoing COVID-19 pandemic and other rule changes regarding shareholder meeting formats, ISS has added a new policy under which it will generally recommend votes “for” management proposals allowing for the convening of shareholder meetings by electronic means, so long as they do not preclude in-person meetings. Companies are encouraged to disclose the circumstances under which virtual-only meetings would be held, and to allow for comparable rights and opportunities for shareholders to participate electronically as they would have during an in-person meeting. ISS will recommend votes case-by-case on shareholder proposals concerning virtual-only meetings, considering the scope and rationale of the proposal and concerns identified with the company’s prior meeting practices.

  1. Social and Environmental Issues

Mandatory Arbitration of Employment Claims

The new policy on mandatory arbitration provides that ISS will recommend votes case-by-case on proposals requesting a report on the use of mandatory arbitration on employment-related claims, taking into account the following factors:

  • The company’s current policies and practices related to the use of mandatory arbitration agreements on workplace claims;
  • Whether the company has been the subject of recent controversy, litigation, or regulatory actions related to the use of mandatory arbitration agreements on workplace claims; and
  • The company’s disclosure of its policies and practices related to the use of mandatory arbitration agreements compared to its peers.

ISS added this policy because proposals on mandatory arbitration have received increased support from shareholders, and ISS clients have expressed interest in a specific policy on this topic.

Sexual Harassment

ISS’s new policy on sexual harassment provides that ISS will recommend votes case-by-case on proposals requesting a report on actions taken by a company to strengthen policies and oversight to prevent workplace sexual harassment, or a report on risks posed by a company’s failure to prevent workplace sexual harassment. ISS will take into account the following factors:

  • The company’s current policies, practices, and oversight mechanisms related to preventing workplace sexual harassment;
  • Whether the company has been the subject of recent controversy, litigation, or regulatory actions related to workplace sexual harassment issues; and
  • The company’s disclosure regarding workplace sexual harassment policies or initiatives compared to its industry peers.

Similar to the new policy on mandatory arbitration discussed above, ISS cited increasing shareholder support for sexual harassment proposals and client demand as reasons for establishing this new policy.

Gender, Race/Ethnicity Pay Gap

ISS recommends votes case-by-case on proposals requesting reports on a company’s pay data by gender or race/ethnicity, or a report on a company’s policies and goals to reduce any gender or race/ethnicity pay gaps. In its updated policy, ISS adds to the list of factors to be considered in evaluating these proposals “disclosure regarding gender, race, or ethnicity pay gap policies or initiatives compared to its industry peers” and “local laws regarding categorization of race and/or ethnicity and definitions of ethnic and/or racial minorities.” ISS notes that this change is to “highlight that some legal jurisdictions do not allow companies to categorize employees by race and/or ethnicity and that definitions of ethnic and/or racial minorities differ from country to country, so a global racial and/or ethnicity statistic would not necessarily be meaningful or possible to provide.”

Glass Lewis 2021 Proxy Voting Policy Updates

On November 24, 2020, Glass Lewis released its updated proxy voting guidelines for 2021. This summary reviews the major updates to the U.S. guidelines, which provides a detailed overview of the key policies Glass Lewis applies when making voting recommendations on proposals at U.S. companies and on environmental, social and governance initiatives.

  1. Board of Directors

Board Diversity

Glass Lewis expanded on its previous policy on board gender diversity, under which it generally recommends votes “against” the chair of the nominating committee of a board that has no female members. Under its expanded policy:

  • For the 2021 proxy season, Glass Lewis will note as a concern boards with fewer than two female directors.
  • For the 2022 proxy season, Glass Lewis will generally recommend votes “against” the nominating committee chair of a board with fewer than two female directors; however, for boards with six or fewer members, Glass Lewis’s previous policy requiring a minimum of one female director will remain in place. Glass Lewis indicated that, in making its voting recommendations, it will carefully review a company’s disclosure of its diversity considerations and may refrain from recommending that shareholders vote against directors when boards have provided a sufficient rationale or plan to address the lack of diversity on the board.

In addition, Glass Lewis noted that several states have begun to address board diversity through legislation, including California’s legislation requiring female directors and directors from “underrepresented communities” on boards headquartered in the state. Under its updated policy, Glass Lewis will now recommend votes in accordance with board composition requirements set forth in applicable state laws when they come into effect.

Disclosure of Director Diversity and Skills

Beginning with the 2021 proxy season, Glass Lewis will begin tracking the quality of disclosure regarding a board’s mix of diverse attributes and skills of directors. Specifically, Glass Lewis will reflect how a company’s proxy statement presents: (i) the board’s current percentage of racial/ethnic diversity; (ii) whether the board’s definition of “diversity” explicitly includes gender and/or race/ethnicity; (iii) whether the board has adopted a policy requiring women and minorities to be included in the initial pool of candidates when selecting new director nominees (also known as the “Rooney Rule”); and (iv) board skills disclosure. Glass Lewis reported that it will not be making voting recommendations solely on the basis of this assessment in 2021, but noted that the assessment will “help inform [its] assessment of a company’s overall governance and may be a contributing factor in [its] recommendations when additional board-related concerns have been identified.”

Board Refreshment

Previously, Glass Lewis articulated in its policy its strong support of mechanisms to promote board refreshment, acknowledging that a director’s experience can be a valuable asset to shareholders, while also noting that, in rare circumstances, a lack of refreshment can contribute to a lack of board responsiveness to poor company performance. In its updated policy, Glass Lewis reiterates its support of periodic board refreshment to foster the sharing of diverse perspectives and new ideas, and adds that, beginning in 2021, it will note as a potential concern instances where the average tenure of non-executive directors is 10 years or more and no new directors have joined the board in the past five years. Glass Lewis indicated that it will not be making voting recommendations strictly on this basis in 2021.

  1. Virtual-Only Shareholder Meetings

Glass Lewis has removed its temporary exception to its policy on virtual shareholder meeting disclosure that was in effect for meetings held between March 30, 2020 and June 30, 2020 due to the emergence of COVID-19. Glass Lewis’s standard policy will be in effect, under which Glass Lewis will generally hold the governance committee chair responsible at companies holding virtual-only meetings that do not include robust disclosure in the proxy statement addressing the ability of shareholders to participate, including disclosure regarding shareholders’ ability to ask questions at the meeting, procedures, if any, for posting questions received during the meeting and the company’s answers on its public website, as well as logistical details for meeting access and technical support.

  1. Executive Compensation

Short-Term Incentives

Glass Lewis has codified additional factors it will consider in assessing a company’s short-term incentive plan, including clearly disclosed justifications to accompany any significant changes to a company’s short-term incentive plan structure, as well as any instances in which performance goals have been lowered from the previous year. Glass Lewis also expanded its description of the application of upward discretion, including lowering goals mid-year and increasing calculated payouts, to also include instances of retroactively prorated performance periods.

Long-Term Incentives

With respect to long-term incentive plans, under its updated policy Glass Lewis has defined inappropriate performance-based award allocation as a criterion that may, in the presence of other major concerns, contribute to a negative voting recommendation. Glass Lewis will also review as “a regression of best practices” any decision to significantly roll back performance-based award allocation, which may lead to a negative recommendation absent exceptional circumstances. Glass Lewis also clarified that clearly disclosed explanations are expected to accompany long-term incentive equity granting practices, as well as any significant structural program changes or any use of upward discretion.

  1. Environmental, Social & Governance Initiatives

Workforce Diversity Reporting

Glass Lewis has updated its guidelines to provide that it will generally recommend votes “for” shareholder proposals requesting that companies provide EEO-1 reporting. It also noted that, because issues of human capital management and workforce diversity are material to companies in all industries, Glass Lewis will no longer consider a company’s industry or the nature of its operations when evaluating diversity reporting proposals.

Management-Proposed E&S Resolutions

Glass Lewis will take a case-by-case approach to management proposals that deal with environmental and social issues, and will consider a variety of factors, including: (i) the request of the management proposals and whether it would materially impact shareholders; (ii) whether there is a competing or corresponding shareholder proposal on the topic; (iii) the company’s general responsiveness to shareholders and to emerging environmental and social issues; (iv) whether the proposal is binding or advisory; and (v) management’s recommendation on how shareholders should vote on the proposal.

Climate Change

Glass Lewis will no longer consider a company’s industry when reviewing climate reporting proposals, noting that because of the extensive and wide-ranging impacts climate change can have, it is an issue that should be addressed and considered by companies regardless of industry. As a result, under its new policy, Glass Lewis will generally recommend votes “for” shareholder proposals requesting that companies provide enhanced disclosure on climate-related issues, such as requesting that the company undertake a scenario analysis or report that aligns with the recommendations of the Task Force on Climate-related Financial Disclosures (“TCFD”). Glass Lewis explained that that while it is generally supportive of these types of proposals, it will closely evaluate them in the context of a company’s unique circumstances and when making vote recommendations will continue to consider: (i) how the company’s operations could be impacted by climate-related issues; (ii) the company’s current policies and the level and evolution of its related disclosure; (iii) whether a company provides board-level oversight of climate-related risks; (iv) the disclosure and oversight afforded to climate change-related issues at peer companies; and (v) if companies in the company’s market and/or industry have provided any disclosure that is aligned with the TCFD recommendations.

Glass Lewis’s updated policy also addresses its approach to proposals on climate-related lobbying. When reviewing proposals asking for disclosure on this issue, Glass Lewis will evaluate: (i) whether the requested disclosure would meaningfully benefit shareholders’ understanding of the company’s policies and positions on this issue; (ii) the industry in which the company operates; (iii) the company’s current level of disclosure regarding its direct and indirect lobbying on climate change-related issues; and (iv) any significant controversies related to the company’s management of climate change or its trade association memberships. Under its policy, while Glass Lewis will generally recommend that companies enhance their disclosure on these issues, it will generally recommend votes “against” any proposals that would require the company to suspend its memberships in or otherwise limit a company’s ability to participate fully in the trade associations of which it is a member.

Environmental and Social Risk Oversight

Glass Lewis has updated its guidelines with respect to board-level oversight of environmental and social issues. Under its existing policy, for large-cap companies and in instances where Glass Lewis identifies material oversight concerns, Glass Lewis will review a company’s overall governance practices and identify which directors or board-level committees have been charged with oversight of environmental and/or social issues. Under its updated policy:

  • For the 2021 proxy season, Glass Lewis will note as a concern when boards of companies in the S&P 500 do not provide clear disclosure (in either the company’s proxy statement or governing documents such as committee charters) on board-level oversight of environmental and social issues.
  • For the 2022 proxy season, Glass Lewis will generally recommend votes “against” the governance committee chair at S&P 500 companies without explicit disclosure concerning the board’s role in overseeing these issues.Glass Lewis clarified in its updated policy that, while it believes it is important that these issues are overseen at the board level and that shareholders are afforded meaningful disclosure of these oversight responsibilities, it believes that companies should determine the best structure for this oversight (which it noted may be conducted by specific directors, the entire board, a separate committee, or combined with the responsibilities of a key committee).
  1. Other Changes

Glass Lewis’s 2021 voting policies also include the following updates:

  1. Special Purpose Acquisition Companies (“SPACs”): New to its policy this year is a section detailing Glass Lewis’s approach to common issues associated with SPACs. Under its new policy, Glass Lewis articulates a generally favorable view of proposals seeking to extend business combination deadlines. The new policy also details Glass Lewis’s approach to determining independence of board members at a post-combination entity who previously served as executives of the SPAC, whom Glass Lewis will generally consider to be independent, absent any evidence of an employment relationship or continuing material financial interest in the combined entity.
  2. Governance Following an IPO or Spin-Off. Glass Lewis clarified its approach to director recommendations on the basis of post-IPO corporate governance concerns. Glass Lewis generally targets the governance committee members for such concerns; however, if a portion of the governance committee members is not standing for election due to a classified board structure, Glass Lewis will expand its recommendations to additional director nominees, based on who is standing for election. Glass Lewis also clarified its approach to companies that adopt a multi-class share structure with disproportionate voting rights, or other anti-takeover mechanisms, preceding an IPO, noting it will generally recommend voting against all members of the board who served at the time of the IPO if the board: (i) did not also commit to submitting these provisions to a shareholder vote at the company’s first shareholder meeting following the IPO; or (ii) did not provide for a reasonable sunset of these provisions.
  3. Board Responsiveness. Glass Lewis did not change its board responsiveness policy, but clarified its approach to assessing significant support for non-binding shareholder resolutions. Specifically, for management resolutions, Glass Lewis will note instances where a resolution received over 20% opposition at the prior year’s meeting and may opine on the board’s response to such opposition; however, in the case of majority-approved shareholder resolutions, Glass Lewis generally believes significant board action is warranted in response.

Recommended Actions for Public Companies

  • Submit your company’s peer group information to ISS for the next proxy statement: As part of ISS’s peer group construction process, on a semiannual basis in the U.S., companies may submit their self-selected peer groups for their next proxy disclosure. Although not determinative, companies’ self-selected peer groups are considered in ISS’s peer group construction, and therefore it is highly recommended that companies submit their self-selected peer groups. Certain companies with annual meetings to be held between February 1, 2021 and September 15, 2021 may submit their self-selected peer groups through the Governance Analytics page on the ISS website from November 16, 2020 to December 4, 2020. The peer group should include a complete peer list used for benchmarking CEO pay for the fiscal year ending prior to the next annual meeting. Companies that have made no changes to their previous proxy-disclosed executive compensation benchmarking peers, or companies that do not wish to provide this information in advance, do not need to participate. For companies that do not submit changes, the proxy-disclosed peers from the company’s last proxy filing will automatically be considered in ISS’s peer group construction process.
  • Evaluate your company’s practices in light of the updated ISS and Glass Lewis proxy voting guidelines: Companies should consider whether their policies and practices, or proposals expected to be submitted to a shareholder vote in 2021, are impacted by any of the changes to the ISS and Glass Lewis proxy voting policies. For example, companies should consider whether their exclusive forum provisions or poison pills in the charter or bylaws contain any specific feature that would lead to adverse voting recommendations for directors by ISS or Glass Lewis.
  • Assess racial/ethnic diversity on your board and consider enhancing related disclosures in the proxy statement: Companies should assess the composition of their board with respect to gender and racial/ethnic diversity, and consider whether any changes are needed to the board’s director recruitment policies and practices. Companies should also consider whether their diversity disclosures in the proxy statements or other public filings are adequate. To facilitate this assessment and support enhanced public disclosures, companies should consider asking their directors to self-identify their diverse traits in their upcoming director and officer questionnaires. As also noted by ISS, investors, too, are increasingly focused on racial/ethnic diversity. California recently passed the new board racial/ethnic diversity bill that expands upon the 2018 gender diversity bill, and the Illinois Treasurer launched a campaign representing a coalition of state treasurers and other investors in October 2020 asking Russell 3000 companies to disclose the race/ethnicity and gender of their directors in their 2021 proxy statements. In August 2020, State Street sent a letter to the board chairs of its U.S. portfolio companies, informing them that starting in 2021, State Street will ask companies to provide “specific communications” to shareholders regarding their diversity strategy and goals, measures of the diversity of the employee base and the board, goals for racial and ethnic representation at the board level and the board’s role in oversight of diversity and inclusion. In addition, earlier this week, Nasdaq filed a proposal with the SEC to adopt new listing rules related to board diversity and disclosure. The proposed rules would require most Nasdaq-listed companies to publicly disclose statistical information in a proposed uniform format on the company’s board of directors related to a director’s self-identified gender, race, and self-identification as LGBTQ+ and would also require such Nasdaq-listed companies “to have, or explain why they do not have, at least two diverse directors, including one who self-identifies as female and one who self-identifies as either an underrepresented minority or LGBTQ+.”
  • Consider enhancing board oversight and disclosures on environmental and social matters: Although ISS noted that its update related to material environmental and social risk oversight failures is expected to affect a small number of directors in certain high-risk sectors, it is notable that ISS explicitly adds environmental and social risk oversight as an area where it will hold directors accountable. Also, institutional investors continue to focus on these issues in their engagements with companies and voice their concerns at companies that lag behind on this front. For example, BlackRock recently reported that, during the 2020 proxy season, it took actions against 53 companies for their failure to make sufficient progress regarding climate risk disclosure or management, either by voting against director-related items (such as director elections and board discharge proposals) or supporting certain climate-related shareholder proposals. Regardless of sector or industry, companies should evaluate whether their board has a system that properly enables them to oversee how the company manages environmental and social risks and establishes policies aligned with recent developments.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these issues. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the Securities Regulation and Corporate Governance and Executive Compensation and Employee Benefits practice groups, or any of the following practice leaders and members:

Securities Regulation and Corporate Governance Group:
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, [email protected])
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, [email protected])
Ron Mueller – Washington, D.C. (+1 202-955-8671, [email protected])
Michael Titera – Orange County, CA (+1 949-451-4365, [email protected])
Lori Zyskowski – New York, NY (+1 212-351-2309, [email protected])
Aaron Briggs – San Francisco, CA (+1 415-393-8297, [email protected])
Courtney Haseley – Washington, D.C. (+1 202-955-8213, [email protected])
Julia Lapitskaya – New York, NY (+1 212-351-2354, [email protected])
Cassandra Tillinghast – Washington, D.C. (+1 202-887-3524, [email protected])

Executive Compensation and Employee Benefits Group:
Stephen W. Fackler – Palo Alto/New York (+1 650-849-5385/+1 212-351-2392, [email protected])
Sean C. Feller – Los Angeles (+1 310-551-8746, [email protected])
Krista Hanvey – Dallas (+ 214-698-3425, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

New York partners Reed Brodsky and Avi Weitzman and associate David Salant are the authors of “Due Process Protections Act Sends a Message to the Government” [PDF] published by the New York Law Journal on December 2, 2020.

Following the U.S. election of 2020, this webcast explores the agenda and policy goals of the Administration and Congress in 2021 that could impact the private sector.  The webcast discusses the upcoming Washington agenda, potential roadblocks, and how the process may play out. The webcast highlights who could lead cabinet-level agencies and powerful congressional committees next year.  With the potential for a new legislative and regulatory environment impacting companies, the webcast addresses questions including:

  • What legislation and regulations should we expect next year?
  • What could be barriers to the new agenda and what are the prospects for reforms?
  • Who will populate the cabinet and chair congressional committees?
  • How will the changing Washington landscape impact corporate America?

View Slides (PDF)

PANELISTS:

Michael Bopp is a partner in the Washington, D.C. office. He spent more than a decade on Capitol Hill running congressional investigations in both the House and Senate and brings his extensive government and private-sector experience to help clients navigate through the most difficult crises, often involving investigations as well as public policy and media challenges.

Roscoe Jones is counsel in the Washington, D.C. office, and a member of the firm’s Public Policy, Congressional Investigations, and Crisis Management groups. Mr. Jones formerly served as Chief of Staff to U.S. Representative Abigail Spanberger, Legislative Director to U.S. Senator Dianne Feinstein, and Senior Counsel to U.S. Senator Cory Booker, among other high-level roles on Capitol Hill.

Chantalle Carles Schropp is an associate in the Washington, D.C. office. As a member of the firm’s Litigation Department, her practice focuses on complex business and commercial litigation at both the trial and appellate levels as well as white collar criminal defense matters.

Developments in 2020, including with respect to the COVID-19 pandemic, have resulted in new ways of doing deals and new issues for dealmakers. Hear from seasoned practitioners on how deals are getting done and the issues being confronted. This discussion covers various M&A-related topics, including the following:

  • Key deal issues to navigate during the current uncertainty;
  • Lessons learned from broken deals during the pandemic;
  • Clauses to include in deal documents to avoid pitfalls; and
  • Current state of play for SPAC transactions, and forecasts for the future.

View Slides (PDF)

PANELISTS:

Robert Little is a partner in the Dallas office and a member of the firm’s Mergers and Acquisitions, Energy and Infrastructure, Private Equity, and Securities Regulation and Corporate Governance practice groups.  Repeatedly admired by clients in Chambers USA for providing “timely, efficient and cost-effective solutions for clients,” Mr. Little’s practice focuses on corporate transactions, including mergers and acquisitions, securities offerings, joint ventures, investments in public and private entities, and commercial transactions.  Mr. Little represents clients in a variety of industries, including energy, retail, technology, transportation, manufacturing, and financial services.

Candice Choh is a partner in the Century City office where she has a broad-based practice encompassing public and private company mergers and acquisitions across a wide variety of industries and other private equity transactions, including investment fund formation, co-investments, secondary transactions, and investments in sponsors.

Evan M. D’Amico is a partner in the Washington, D.C. office where he advises companies, private equity firms, boards of directors and special committees in connection with a wide variety of complex corporate matters, including mergers and acquisitions, asset sales, leveraged buyouts, spin-offs and joint ventures.

Andrew Kaplan is an associate in the New York office where his practice focuses on mergers and acquisitions, and corporate governance matters. Mr. Kaplan represents both public and private acquirors and targets in connection with mergers, acquisitions and takeovers, both negotiated and contested.

The Financial Conduct Authority (“FCA”) continues to show a desire to take action in sectors of the financial services industry where there has been traditionally less supervisory oversight and to push the importance of firm’s internal governance and oversight structures. Enforcement cases are often used as a way to convey key messages to such sectors and an important Final Notice[1] was published on Monday 23 November 2020 when the FCA imposed a fine of nearly £3.5m on TFS-ICAP Limited for breaches of Principle 2 (due skill, care and diligence), Principle 3 (reasonable care in organising and controlling its affairs responsibly and effectively) and Principle 5 (proper standards of market conduct) of the Authority’s Principles for Businesses.

Although many of the issues in the Notice are specific to the facts in question, there are a number of themes underlying them which are of more general application to regulated firms. With today’s very broad application of the Senior Managers and Certification Regime (“SMCR”) and accompanying conduct rules it is important that firms and Senior Managers are aware of the messages in the Notice and consider whether their control frameworks meet the regulatory expectations in this area.

The key themes are set out below, together with some suggestions on practical steps firms can take to address the issues raised.

1. Risk identification should drive control design

The FCA expects firms to consider the specific risks within their business, given the sector of the market in which they operate, execution methods and any firm-specific issues which have arisen.

  • Risks considered must include conduct as well as operational, reputational, prudential and any other relevant risk type. The risks identified should then flow through into the design and implementation of the control framework, and controls must be reasonably designed to prevent and detect each type of risk crystallising.

The obligation to assess risk lies not only with Risk and Compliance Departments but also with the business units.

  • Those involved in day-to-day execution of the firm’s strategy are better placed than any others to properly understand what might go wrong.
  • Business unit senior managers will be expected to own the risks inherent within their areas of the firm and to satisfy themselves that controls are appropriate.
  • In extreme cases, where they are not satisfied that risks are adequately managed or mitigated, they will be expected to stop executing business.

For firms who outsource compliance or rely on off-the-shelf policies or training programmes, a key message is that the FCA is likely to expect a firm to go beyond simply adopting generic material or processes.

  • The firm should consider the particular risks it faces and tailor the generic product to be specifically relevant to its business.

Where allegations of misconduct arise the efficacy of controls should be revisited and where necessary, enhanced.

  • Firms will be expected to read-across from different areas. Where an issue arises in one section of the business, firms should ensure they have both a process in place and a record to show that they have given positive thought to whether the same issue might be arising elsewhere.
  • Equally, good practice would suggest firms should have a process whereby management are alerted to any signs that controls are not operating as intended or otherwise need improving so that they can remediate in a timely fashion (i.e. before issues are raised with regulators).

Managers may wish to ensure that any common industry practices are carefully considered, recognising that although rules may not have drastically changed, standards and regulatory expectations have, especially post-financial crisis.

  • The work of the FICC Market Standards Board can be very helpful in understanding the expected industry standards.
  • Arguments such as ‘everyone else does it’ or ‘that’s just how the market operates’ will not prevent action being taken – in fact, the opposite may be true.
  • Where misconduct is common within a sector of industry, a failure by a firm to recognise it as such, may be seen as a failure of oversight and management.

2. Governance structures and documentation of key decisions are crucial parts of reasonable oversight processes

Governance and oversight must be about more than just delivering financial performance and results. Structures and processes are required to ensure risk is properly managed, conduct is appropriate, delegation and oversight mechanisms work and culture meets expectations.

  • The Notice links inadequate governance structure to inadequate oversight and management in what should be taken as a clear message to Senior Managers looking for statements regarding how they should execute their functions and meet the Senior Manager Conduct Rules.

Any governance structure which cannot produce evidence of its consideration of risk will struggle in the face of the regulatory scrutiny that follows any kind of incident.

  • Sometimes the issue is one of failure to document or record discussions that have actually taken place, and the best fix can be to put in place a structure that makes recordkeeping easier.
  • However, if management meet too infrequently, with limited agendas and focus only on profitability, it will be difficult for them to show that they adequately discharged the full breadth of their responsibilities.

3. Conduct Risk management and robust internal reviews are also key in meeting Senior Manager responsibilities

Firms and Senior Managers must ensure that they have in place all the steps they need to tackle allegations of misconduct. A failure to have a process to manage the risk of misconduct – often called conduct risk – has been deemed by the FCA to be a breach of Principle 3, and therefore could in post-SMCR terms be a breach of a Senior Managers Conduct Rule.

  • Processes must be in place for handling allegations of misconduct whatever the source, recognising that different sources may involve different considerations (e.g. anonymity or confidentiality).
  • Processes should cover robust investigations and notifications to control functions and management so that risks can be properly addressed.
  • It is prudent to make good records where issues are deemed not to be made out or it is determined that no action is required. In these circumstances demonstrating that a robust review has taken place will be crucial when showing that issues were not ignored.
  • It can be particularly useful to use past incidents – proven or not – as scenarios in future training. This allows training to target real or probable issues and also allows management to set out how they expect individuals to react to real-life situations.

_____________________

   [1]   FCA Final Notice, TFS-ICAP, 23 November 2020 (https://www.fca.org.uk/publication/final-notices/tfs-icap-2020.pdf)

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  If you wish to discuss any of the matters set out above – whether issues raised or potential solutions – please contact the Gibson Dunn UK Financial Services Regulation team:

Matthew Nunan (+44 (0) 20 7071 4201, [email protected])

Michelle M. Kirschner (+44 (0) 20 7071 4212, [email protected])

Martin Coombes (+44 (0) 20 7071 4258, [email protected])

Chris Hickey (+44 (0) 20 7071 4265, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Announcements

On November 30, 2020, ICE Benchmark Administration (“IBA”), the administrator of LIBOR, with the support of the Federal Reserve Board and the UK Financial Conduct Authority, announced plans to consult on specific timing for the path forward to cease the publication of USD LIBOR. In particular, IBA plans to consult on ceasing the publication of USD LIBOR on December 31, 2021 for only the one week and two month USD LIBOR tenors, and on June 30, 2023 for all other USD LIBOR tenors (i.e., overnight, one month, three month, six month and 12 month tenors). This announcement is significant as regulators had indicated that all USD LIBOR tenors would cease to exist or become non-representative at the end of 2021. This proposal significantly lengthens the transition period to June 30, 2023 for most legacy contracts, allowing time for many contracts to mature before USD LIBOR ceases to exist. Legacy contracts with maturities beyond June 30, 2023 would still need to be amended to incorporate appropriate fallback provisions to address the ultimate cessation of USD LIBOR.

This announcement follows on the heels of IBA’s November 18th announcement that it plans to consult on ceasing publication of all GBP, EUR, CHF and JPY LIBOR settings after December 31, 2021. IBA plans to close the consultation for feedback on both proposals by the end of January 2021. IBA noted that any publication of the overnight and one, three, six and 12 month USD LIBOR settings based on panel bank submissions beyond December 31, 2021 will need to comply with applicable regulations, including as to representativeness.

Concurrently, a statement by the Federal Reserve Board, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation included supervisory guidance that encourages banks to stop new USD LIBOR issuances by the end of 2021, noting that entering into new USD LIBOR-based contracts creates safety and soundness risks.

The regulators and IBA make clear that these announcements should not be read as an index cessation event for purposes of contractual fallback language (i.e., they should not be read to say that LIBOR has ceased, or will cease, to be provided permanently or indefinitely or that it is not, or no longer will be, representative). IBA will need to receive feedback on the consultation and will make separate announcement(s) regarding the cessation dates once final. Accordingly, the IBA proposal is not final and is subject to the feedback on the consultation.

The Alternative Reference Rates Committee (the “ARRC”) also released a statement in support of the announcements, expressing that the developments “would support a smooth transition for legacy contracts by allowing time for most to mature before USD LIBOR is proposed to cease, subject to consultation outcomes.” The ARRC further stated that “these developments align with the ARRC’s transition efforts, and will accelerate market participants’ use of the Secured Overnight Financing Rate (SOFR), the ARRC’s preferred alternative to USD LIBOR.”

Impact

If commonly used USD LIBOR tenors continue to be published and remain representative until June 30, 2023, this will provide an extra 18 months for the completion of the LIBOR transition process beyond what was previously expected. Fallback provisions in existing contracts using these USD LIBOR tenors would not be triggered until June 30, 2023, when, under the proposal, LIBOR would ultimately cease to exist. This will also allow additional time for the development of a forward-looking version of SOFR (“Term SOFR”), which could further ease the transition.

Counterparties with existing loans, derivatives and other contracts that mature prior to June 30, 2023 and reference most USD LIBOR rates would not need to incorporate fallback amendments, since these contracts will terminate before the transition. Additionally, with respect to derivatives and loans that reference USD LIBOR and have maturities beyond June 30, 2023, counterparties are likely to consider delaying adoption of fallback amendments because there no longer is an immediate threat of application of the fallback, yet uncertainty remains as to the extent of the mismatch between the ARRC-recommended fallback provisions for loans (Term SOFR, if available, or, otherwise, daily simple SOFR) and the ISDA 2020 IBOR Fallbacks Protocol for derivatives (SOFR compounded in arrears).

Furthermore, counterparties may opt to wait and see how the market develops before amending legacy contracts, especially given uncertainty around the appropriate adjustment to contractually specified spreads over the reference rate when adopting SOFR in place of LIBOR.

Although certain tenors of USD LIBOR may continue to be published until mid-2023, banks have now been advised, for safety and soundness concerns, not to enter into any new contracts that reference LIBOR after December 31, 2021. This will result in a longer period during which banks and other market participants will have both LIBOR loans and swaps and SOFR loans and swaps. Banks and other market participants should consider the operational and pricing impacts of maintaining products based on both benchmarks and confirm whether they have any contracts that reference one week or two month USD LIBOR, which are expected to be discontinued after December 31, 2021.

Gibson Dunn’s Capital Markets, Derivatives, and Financial Institutions practice groups are available to answer questions about the LIBOR transition in general and these developments in particular. Please contact any member of the Gibson Dunn team, the Gibson Dunn lawyer with whom you usually work in the firm’s Capital Markets, Derivatives, or Financial Institutions practice group, or the authors of this client alert:

Andrew L. Fabens – New York (+1 212-351-4034, [email protected])
Michelle M. Kirschner – London (+44 (0) 20 7071 4212, [email protected])
Arthur S. Long – New York (+1 212-351-2426, [email protected])
Ben Myers – London (+44 (0) 20 7071 4277, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])
John J. McDonnell – New York (+1 212-351-4004, [email protected])

Please also feel free to contact any of the following practice leaders:

Capital Markets Group:
Andrew L. Fabens – New York (+1 212-351-4034, [email protected])
Hillary H. Holmes – Houston (+1 346-718-6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415-393-8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213-229-7242, [email protected])

Derivatives Group:
Michael D. Bopp – Washington, D.C. (+1 202-955-8256, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])

Financial Institutions Group:
Matthew L. Biben – New York (+1 212-351-6300, [email protected])
Stephanie Brooker – Washington, D.C. (+1 202-887-3502, [email protected])
Arthur S. Long – New York (+1 212-351-2426, [email protected])
Michelle M. Kirschner – London (+44 (0) 20 7071 4212, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

The California Air Resources Board (CARB) recently approved significant changes to the requirements for reporting emissions from stationary sources to help monitor air pollution at local levels. Local air pollution control districts previously controlled reporting, but as of January 1, 2020, the Regulation for the Reporting of Criteria Air Pollutants and Toxic Air Contaminants implements uniform statewide annual reporting of criteria air pollutant and toxic air contaminant emissions data. The amendments adopted last week aim to improve this program by creating a unified reporting mechanism and establishing expanded and consistent reporting criteria.[1] Thus, sources should stay up to date on changes to the regulation’s reporting triggers and formats.

Among other changes, the amendments do the following:

  • “Establish additional applicability specifications for sources emitting more than four tons per year of criteria pollutants (or 100 tons per year for carbon monoxide).”[2]
  • “Establish additional toxics-based applicability specifications based on identified activity levels for specified permitted emissions processes.”[3]
  • Establish a new applicability category encompassing “additional facilities located both statewide, as well as in the most highly impacted communities,” including, for example “retail gasoline fueling stations, dry cleaners, print shops, auto body and auto paint shops, metal plating, metal grinding and finishing facilities, coating and finishing facilities, industrial cleaning and degreasing operations, welding operations, facilities with backup diesel generators and emergency fire pumps, and others.”[4]
  • Create “abbreviated reporting options for specified industrial sectors to simplify reporting requirements.”[5]
  • Expand the regulation’s applicability from about 1,300 facilities to more than 60,000 facilities.[6]
  • Increase the number of reportable emission-producing chemicals from approximately 450 to more than 1,300 over a phase-in period based on chemicals’ known health effects, toxicity, and carcinogenic risks.[7]
  • Include provisions that allow the public to report information about potential emissions sources.[8]

A CARB Board Member explained that emission inventories are “a fundamental tool for understanding the sources that contribute to California’s air quality and climate challenges.”[9] The new amendments are designed to improve data collection and trend assessment to better prioritize reduction efforts in emissions hot spots.

The amendments’ cost impact on the private sector is “projected to be $9.6 million annually, maximum,” primarily for data reporting.[10] Local and state governments are expected to incur “a maximum of $5.6 million and $149,000 per year, respectively,” in implementation costs.[11]

The next step in the process is for the Office of Administrative Law to review the amendments, and when they become final, they may be challenged by industry members who are impacted.[12]

_____________________

   [1]   See Proposed Amendments to the Regulation for the Reporting of Criteria Air Pollutants and Toxic Air Contaminants, art.2 (Requirements for Calculating and Reporting Criteria Pollutant and Toxic Air Contaminant Emissions), https://ww3.arb.ca.gov/regact/2020/ctr/pro.pdf.

   [2]   Public Hearing to Consider Amendments to the Regulation for the Reporting of Criteria Air Pollutants and Toxic Air Contaminants Staff Report: Initial Statement of Reasons at 5 (Sept. 29, 2020), https://ww3.arb.ca.gov/regact/2020/ctr/isor.pdf.

   [3]   Id.

   [4]   Id. at 9-10.

   [5]   Id. at 5.

   [6]   Id. at 2.

   [7]   CARB Approves New Approach to Measuring Stationary Source Emissions to Aid Local Air Pollution Inventory Efforts (Nov. 24, 2020), https://ww2.arb.ca.gov/news/carb-approves-new-approach-measuring-stationary-source-emissions-aid-local-air-pollution.

   [8]   Id.

   [9]   Id.

[10]   Public Hearing to Consider Amendments to the Regulation for the Reporting of Criteria Air Pollutants and Toxic Air Contaminants Staff Report: Initial Statement of Reasons at 2 (Sept. 29, 2020), https://ww3.arb.ca.gov/regact/2020/ctr/isor.pdf.

[11]   Id.

[12]   Amendments to the Regulation for the Reporting of Criteria Air Pollutants and Toxic Air Contaminants, https://ww2.arb.ca.gov/rulemaking/2020/proposed-amendments-reporting-criteria-air-pollutants-and-toxic-air-contaminants (last visited Nov. 30, 2020) (tracking status of proposed amendments).

The following Gibson Dunn lawyers assisted in preparing this client update: Thomas Manakides, Abbey Hudson, Joseph Edmonds and Jessica Pearigen.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Environmental Litigation and Mass Tort practice group, or any of the following:

Stacie B. Fletcher – Co-Chair, Washington, D.C. (+1 202-887-3627, [email protected])
Daniel W. Nelson – Co-Chair, Washington, D.C. (+1 202-887-3687, [email protected])
Thomas Manakides – Orange County (+1 949-451-4060, [email protected])
Abbey Hudson – Los Angeles (+1 213-229-7954, [email protected])
Joseph D. Edmonds – Orange County (+1 949-451-4053, [email protected])
Jessica M. Pearigen – Orange County (+1 949-451-3819, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

President-elect Joe Biden has signaled that robust consumer protections will be a major focus of his policy agenda in what is anticipated to be a dramatic shift from the deregulatory policies of the Trump administration.

In this article, we preview the incoming administration’s anticipated consumer protection agenda in two areas: data privacy and consumer financial protection. We also consider what, if any, impact this policy shift is likely to have on state-level enforcement.

Assuming that Republicans retain control of the Senate, and with a divided Congress consumed at least in the short term with negotiations over COVID-19 relief, we expect to see an initial focus of the Biden administration on pursuing its policy agenda through increased enforcement and regulatory activity. That said, both the Biden administration and key members of Congress are focused on identifying common ground for potential bipartisan legislation.

Read more

Originally published by Law360 on November 24, 2020.

The following Gibson Dunn lawyers assisted in the preparation of this article: Alexander H. Southwell, Ryan Bergsieker and Sarah E. Erickson.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity and Consumer Protection practice group:

United States
Alexander H. Southwell – Co-Chair, PCCP Practice, New York (+1 212-351-3981, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Joshua A. Jessen – Orange County/Palo Alto (+1 949-451-4114/+1 650-849-5375, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Ashley Rogers – Dallas (+1 214-698-3316, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])

Europe
Ahmed Baladi – Co-Chair, PCCP Practice, Paris (+33 (0)1 56 43 13 00, [email protected])
James A. Cox – London (+44 (0)20 7071 4250, [email protected])
Patrick Doris – London (+44 (0)20 7071 4276, [email protected])
Bernard Grinspan – Paris (+33 (0)1 56 43 13 00, [email protected])
Penny Madden – London (+44 (0)20 7071 4226, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Alejandro Guerrero – Brussels (+32 2 554 7218, [email protected])
Vera Lukic – Paris (+33 (0)1 56 43 13 00, [email protected])
Sarah Wazen – London (+44 (0)20 7071 4203, [email protected])

Asia
Kelly Austin – Hong Kong (+852 2214 3788, [email protected])
Connell O’Neill – Hong Kong (+852 2214 3812, co’[email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

The European Commission (Commission) has launched a centralized complaints system through which EU-registered companies, industry associations, trade unions and NGOs can report market access barriers or breaches by third countries of their ‘trade and sustainable development’ (TSD) commitments or commitments undertaken under the EU’s Generalised Scheme of Preferences (GSP).[1]

The centralized complaints system[2] forms part of the Commission’s increased efforts in strengthening the enforcement and implementation of trade agreements that the EU has concluded with third countries and follows the appointment in July 2020 of the first Chief Trade Enforcement Officer (CTEO).[3]

The stated objective of the centralized complaints system is to establish a more accessible, responsive, and structured process for handling complaints by the Commission’s Directorate General for Trade (DG Trade).

The centralized complaints system does not create an obligation for the Commission to pursue each and every complaint and provides for no deadlines for the Commission to act. Complainants will be informed as to whether the complaint leads to an enforcement action. If the Commission decides to take action, it will communicate an action plan and indicative timeline to the complainant. The Commission will prioritize the treatment of complaints on the basis of objective criteria such as the likelihood of resolving the issue, the legal basis, and the economic/systemic impact of market access barriers and the seriousness of the violation of the TSD and GSP commitments.

The entry into force of this new complaints mechanism is accompanied by the Commission’s Operating Guidelines[4] as well as the Commission’s Working Approaches[5] which set out the ways in which the different elements of the EU’s recent enforcement efforts are meant to operate together.

A. Market access barriers complaints

  • This type of complaint relates to the reporting of market access barriers which may include the imposition of standards and other technical requirements, the restriction to foreign participation in a services sector, quantitative restrictions related to imports, lack of transparency of national trade regulation, unfair application of customs formalities and procedures, unreasonable labelling, marking and packaging requirements etc.
  • Market access barriers complaints may be lodged by EU Member States, entities registered within the EU, industry associations of EU companies, associations of EU employers, and trade unions or trade union associations formed in accordance to the laws of any EU Member State.
  • Complainants will have to demonstrate that the market access barrier directly concerns them.

B. Complaints regarding TSD/GSP commitments

  • This type of complaint relates to the reporting of breaches of commitments made by third countries in trade agreements with the EU or by third countries benefitting from the EU’s General Scheme of Preferences.
  • Recent EU trade agreements contain rules on trade and sustainable development, in the form of trade and sustainable development commitments. TSD commitments are for instance included in the 2017 EU-Canada Comprehensive Economic and Trade Agreement (CETA)[6] as well as in the EU-Georgia Association Agreement of 2014,[7] among many.[8]
  • The EU’s General Scheme of Preferences removes import duties from products coming into the EU market from vulnerable developing countries. The GSP offers: (i) a partial or full removal of customs duties on two third of tariff lines for low and lower-middle income countries, such as India, Indonesia, Kenya, Nigeria etc.; (ii) 0% tariffs for vulnerable low and lower-middle income countries that implement 27 international conventions related to human rights, labour rights, protection of the environment and good governance, such as Pakistan, Philippines, Sri Lanka etc.; (iii) a duty-free, quota-free access for all products except arms and ammunition for least developed countries such as Afghanistan, Ethiopia, Mali etc.
  • TSD/GSP complaints may be lodged by citizens of any EU Member State, EU Member States, entities having their registered office, central administration or principal place of business within the EU, industry associations of EU companies, associations of EU employers, trade unions or trade union associations formed in accordance with the laws of any EU Member State and NGOs formed in accordance with the laws of any EU Member State. Importantly, complainants will need to disclose if they are acting exclusively on their own behalf or if they are representing other interests as well.
  • Complainants will have to provide details of the impact and seriousness of the alleged breach in addition to the description of the factual and legal elements.

Beyond the Complaint Mechanism

The centralized complaints system is part of the Commission’s broader enforcement toolkit. The Commission will continue with the overall monitoring of trade barriers and how third countries implement their TSD/GSP commitments. In this, the Commission relies on its network of delegations and on information provided by Member States.

It remains to be seen how many formal complaints will be lodged by the various stakeholders and how many complaints DG Trade will be willing to formally pursue. If sufficient resources are dedicated at DG Trade to reviewing and effectively pursuing stakeholders’ complaints, the centralized complaints system could play an important role in the Commission’s wider push for reaffirming the EU’s economic interest with major trading partners; together with bolder trade defence enforcement[9] and the proposed new mechanism to control foreign State subsidies in the EU.[10]

_______________________

[1]  Official Press Release available at: https://trade.ec.europa.eu/doclib/press/index.cfm?id=2213.

[2]  The complaint forms are accessible at: https://trade.ec.europa.eu/access-to-markets/en/contact-form.

[3]  For more information on the CTEO’s competences please refer to: https://ec.europa.eu/trade/trade-policy-and-you/contacts/chief-trade-enforcement-officer/.

[4]  For the full text of the Commission’s Operating Guidelines of 16 November 2020, please refer to: https://trade.ec.europa.eu/doclib/docs/2020/november/tradoc_159074.pdf.

[5]  For the full text of the Commission’s Working Approaches of 16 November 2020, please refer to: https://trade.ec.europa.eu/doclib/docs/2020/november/tradoc_159075.pdf.

[6]  Chapter 22 of the CETA contains provisions on sustainable development. With this Chapter, both sides agree to ensure economic growth supports their social and environmental goals. The chapter also creates a Joint Committee on Trade and Sustainable Development, and commits both sides to promoting forums with interest groups.

[7]  Chapter 13 of the EU-Georgia Association Agreement contains commitments on sustainable development   relating to sustainable management of forests and trade in forest and fish products, the conservation and the sustainable use of biological diversity etc.

[8]  For a full list of EU trade agreements which include rules on trade and sustainable development, please refer to: https://ec.europa.eu/trade/policy/policy-making/sustainable-development/.

[9]  Gibson Dunn Client Alert of 24 June 2020, regarding the European Commission’s imposition of countervailing duties on imports from Egypt for subsidies provided by China, available at: https://www.gibsondunn.com/european-commission-imposes-countervailing-duties-on-imports-from-  egypt-for-subsidies-provided-by-china/.

[10]  Gibson Dunn Client Alert of 18 June 2020, regarding the European Commission’s White Paper on Foreign Subsidies, available at: https://www.gibsondunn.com/european-commission-publishes-white-paper-on-foreign-subsidies-political-power-meets-legal-ambiguity/.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the above developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s International Trade practice group, or the following authors:

Attila Borsos Brussels (+32 2 554 72 11, [email protected])
Vasiliki Dolka Brussels (+32 2 554 72 01, [email protected])
Kirsty Everley London (+44 (0)20 7071 4043, [email protected])

International Trade Group:

Europe and Asia:
Peter Alexiadis – Brussels (+32 2 554 72 00, [email protected])
Attila Borsos – Brussels (+32 2 554 72 10, [email protected])
Nicolas Autet – Paris (+33 1 56 43 13 00, [email protected])
Susy Bullock – London (+44 (0)20 7071 4283, [email protected])
Patrick Doris – London (+44 (0)20 7071 4276, [email protected])
Sacha Harber-Kelly – London (+44 (0)20 7071 4205, [email protected])
Penny Madden – London (+44 (0)20 7071 4226, [email protected])
Benno Schwarz – Munich (+49 89 189 33 110, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Richard W. Roeder – Munich (+49 89 189 33-160, [email protected])
Fang Xue – Beijing (+86 10 6502 8687, [email protected])
Qi Yue – Beijing – (+86 10 6502 8534, [email protected])

United States:
Judith Alison Lee – Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, [email protected])
Ronald Kirk – Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, [email protected])
Jose W. Fernandez – New York (+1 212-351-2376, [email protected])
Marcellus A. McRae – Los Angeles (+1 213-229-7675, [email protected])
Adam M. Smith – Washington, D.C. (+1 202-887-3547, [email protected])
Stephanie L. Connor – Washington, D.C. (+1 202-955-8586, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice

On November 20, 2020, the Office of the Comptroller of the Currency (“OCC”) proposed a rule to require large national banks and federal savings associations to offer and provide “fair access” to financial services (Fair Access Proposal).[1] The Fair Access Proposal can be seen as a potential preemptive strike against regulatory encouragement of moves to “debank” certain bank customers, such as the fossil fuel industry and agribusiness. This Client Alert contains a summary of the Fair Access Proposal, the OCC’s justifications for it, and the OCC’s asserted legal authority for promulgating it. The deadline for comments on the Fair Access Proposal is January 4, 2021 – suggesting that the OCC may be seeking to finalize it before a new Comptroller of the Currency is appointed and confirmed.

I. Scope of Fair Access Proposal 

The Fair Access Proposal applies to a subset of national banks and federal savings associations – those that have the ability either to (A) raise the price a person has to pay to obtain an offered financial service from the bank or from a competitor or (B) significantly impede a person, or a person’s business activities, in favor of or to the advantage of another person (Covered Bank). A bank or savings association with $100 billion or more in total assets would be presumed to be a Covered Bank; such a bank could rebut this presumption by submitting to the OCC written materials that demonstrate that the bank does not meet the Covered Bank definition. The OCC justified focusing on large banks on the ground that such banks have the greatest potential to affect customers if they withdraw services. It noted that national banks and federal savings associations with $100 billion or more in total assets controlled approximately 55 percent of the nation’s bank assets and deposits.

The OCC also invited public comment on whether a threshold linked to national market share of any financial service should be included, and if so, what percentage share would be appropriate.

II. Substantive Provisions

Under the Fair Access Proposal, a Covered Bank would be required:

  • To make each financial service it offers available to all persons in the geographic market served by the Covered Bank on proportionally equal terms;
  • Not to deny any person a financial service the Covered Bank offers except to the extent justified by such person’s quantified and documented failure to meet quantitative, impartial risk-based standards established in advance by the covered bank;
  • Not to deny any person a financial service the Covered Bank offers when the effect of the denial is to prevent, limit, or otherwise disadvantage the person (i) from entering or competing in a market or business segment or (ii) in such a way that benefits another person or business activity in which the Covered Bank has a financial interest; and
  • Not to deny, in coordination with others, any person a financial service the Covered Bank offers.

Providing financial services “on proportionally equal terms” would include ensuring that pricing and denial decisions are commensurate with measurable risks based on quantitative and qualitative characteristics. This provision would also prohibit a Covered Bank from engaging in geography-based redlining, for example, by refusing to provide financial services to customers solely based on where the customer or the customer’s business activity is located when the customer or business activity is within the geographic market served by the Covered Bank.

A Covered Bank’s decision to deny services would not be permitted to include consideration of the Covered Bank’s opinions of a customer or the customer’s lawful activities. A Covered Bank should, by contrast, consider factors like safety and soundness and compliance with applicable laws, like the Bank Secrecy Act and consumer protection laws, when deciding to provide services to a customer. It should also consider whether it has the knowledge or expertise to offer a service in a particular market.

Because the Fair Access Proposal, if finalized, would be a regulation that had been subject to notice and comment, it would have the force of law. The OCC would examine Covered Banks for compliance, and failure to comply could lead to enforcement actions.

III. Justifications for the Fair Access Proposal

In justifying the Fair Access Proposal, the OCC asserted that some banks have been employing category-based, as opposed to individualized, risk evaluations to deny access to financial services. The OCC contended that those banks had reacted to pressure from policy advocates whose objectives are served when banks deny financial services to certain categories of customers. It cited calls for boycotts of banks that support family planning organizations, reports that some banks have ceased to provide financial services to owners of privately owned correctional facilities, and the alleged debanking of firearm manufacturers, as evidence of such practices.

In particular, the OCC mentioned Operation Choke Point, dating from the Obama Administration, in which it was alleged that certain regulators, not including the OCC, had pressured banks to terminate their business relationships with payday lenders. It also noted a letter that it had received from the Alaska Congressional delegation that discussed decisions by several banks to stop lending to new oil and gas projects in the Arctic. Upon receiving that letter, the OCC requested information from several large banks in order to evaluate their criteria for denying access to financial services. The OCC further stated that certain banks had ceased providing lending and advisory services to coal-mining, coal-fired electricity generation, and oil exploration customers, and such banks intended to make exceptions only when certain non-financial criteria were met, such as whether the country in which a project is located had committed to international climate agreements and whether the project controls carbon emissions adequately. The OCC criticized such actions, declaring that neither it nor banks themselves are capable of evaluating risks unrelated to credit and operational risk.

IV. Legal Authority

The Fair Access Proposal would be a significant development in the scope of OCC regulation, and, as noted above, would have the force of law, thus subjecting Covered Banks to potential enforcement actions for noncompliance. The OCC grounded the proposal in the statutory changes to the National Bank Act made by the the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (Dodd-Frank Act).

In particular, Title III of the Dodd-Frank Act revised the OCC’s mission statement set forth in the National Bank Act by charging the OCC with, among other purposes, “assuring . . . fair access to financial services.”[2] The OCC stated that the concept of “fair access” as used in Title III includes a right of individual bank customers to have access to financial services based on their individual characteristics and not on their membership in a particular customer category. It further stated that as the agency charged by Congress with implementing the National Bank Act, its interpretation of “fair access” was entitled to judicial deference. The OCC also indicated that during the Obama Administration, it had previously focused on individualized customer risk assessments in precedents involving the banking and debanking of money services businesses and correspondent banks, and thus the Fair Lending Proposal was not a novel approach.

Conclusion

The Fair Lending Proposal has a relatively short, 45-day comment period that expires on January 4, 2021. This may reflect that fact that Comptrollers of the Currency may be dismissed by a President without cause, and therefore Acting Comptroller Brooks’ remaining tenure at the OCC may be short after President-elect Biden is inaugurated, notwithstanding that Mr. Brooks was recently nominated by President Trump for a full term as Comptroller. It is therefore reasonable to view the Fair Lending Proposal as seeking to head off, or at least restrict, certain actions by the incoming Biden Administration. Prior to the election, for example, Democratic policy papers advocated for an increased focus on climate change by the banking regulators, and there are other industries where a change in Administrations will mean heightened scrutiny. For this reason, it bears watching whether the OCC’s interpretation of “fair access” in the Dodd-Frank Act ultimately becomes law.

______________________

   [1]   OCC, Notice of Proposed Rule Making: Access to Financial Services (November 20, 2020), available at https://www.occ.gov/news-issuances/federal-register/2020/nr-occ-2020-156a.pdf.

   [2]   12 U.S.C. § 1.

The following Gibson Dunn lawyers assisted in preparing this client update: Arthur S. Long and Samantha J. Ostrom.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Financial Institutions practice group, or the following:

Arthur S. Long – New York (+1 212-351-2426, [email protected])
Matthew L. Biben – New York (+1 212-351-6300, [email protected])
Michael D. Bopp – Washington, D.C. (+1 202-955-8256, [email protected])
Stephanie Brooker – Washington, D.C. (+1 202-887-3502, [email protected])
M. Kendall Day – Washington, D.C. (+1 202-955-8220, [email protected])
Mylan L. Denerstein – New York (+1 212-351- 3850, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
James O. Springer – New York (+1 202-887-3516, [email protected])
Samantha J. Ostrom – Washington, D.C. (+1 202-955-8249, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

Decided November 25, 2020

Roman Catholic Diocese of Brooklyn, New York v. Cuomo, No. 20A87

On Wednesday, November 25, 2020, the Supreme Court ruled in favor of Gibson Dunn client The Roman Catholic Diocese of Brooklyn, New York, holding that provisions of a New York Executive Order that imposed “severe” fixed-capacity restrictions on attendance at religious services likely violate the Free Exercise Clause of the First Amendment, were causing irreparable harm, and must be enjoined pending appeal. 

Background:
New York Governor Andrew Cuomo’s Executive Order 202.68 was issued on October 6, 2020, in response to localized upticks in COVID-19 cases. The Executive Order imposes 10- and 25-person fixed-capacity caps on “house of worship” attendance in so called “red” and “orange” zones throughout New York State.

On October 8, The Roman Catholic Diocese of Brooklyn, New York (the “Diocese”), represented by Gibson Dunn partners Randy M. Mastro and Akiva Shapiro, filed suit in the U.S. District Court for the Eastern District of New York. The Diocese alleged that the fixed-capacity restrictions—which applied to “houses of worship” alone, while many secular businesses in those same “zones” remained free to operate without restriction—violated the Free Exercise Clause as applied.

Despite finding that the Diocese had adequately alleged irreparable harm, the district court declined to enter a preliminary injunction. A divided Second Circuit panel denied the Diocese’s motion for an injunction pending appeal, along with a parallel motion brought by an Orthodox Jewish organization and synagogues. Among other things, the lower courts held that the Executive Order was facially neutral because some secular businesses were shut down entirely, and that the State’s interest in combating the pandemic outweighed any harm to religious organizations and their congregants.

Issue:
Whether the provisions of Executive Order 202.68 that limit in-person “house of worship” attendance to 10 or 25 people, but allow numerous secular businesses to operate without capacity restrictions, violate the First Amendment’s Free Exercise Clause and should be enjoined on an emergency basis pending appeal.

Court’s Holding:
Yes. The Diocese made a strong showing that the challenged restrictions likely violate the First Amendment because they single out houses of worship for especially harsh treatment.  And denying emergency relief would cause irreparable injury, while granting such relief would not harm the public interest, justifying the issuance of an injunction pending appeal. In a companion order, the Court granted the same relief to the synagogues.

“[E]ven in a pandemic, the Constitution cannot be put away and forgotten.  The restrictions at issue here, by effectively barring many from attending religious services, strike at the very heart of the First Amendment’s guarantee of religious liberty.

Per Curiam Opinion of the Court

What It Means:

  • Executive Order 202.68’s 10- and 25-person fixed-capacity caps cannot be enforced during the pendency of appellate proceedings, allowing New Yorkers to prudently attend services in churches, synagogues, and other houses of worship, while complying with all social distancing, mask-wearing and other safety protocols, as well as generally applicable percentage-capacity restrictions.
  • The five-Justice majority held that strict scrutiny applies where restrictions “single out houses of worship for especially harsh treatment.”  Slip. op. 3.  Under the Executive Order, for example, while churches in a red zone may not admit more than 10 persons, businesses “such as acupuncture facilities, camp grounds, garages, as well . . . all plants manufacturing chemicals and microelectronics and all transportation facilities” may “admit as many people as they wish.”  Ibid.  And because the restrictions are “far more severe than has been shown to be required to prevent the spread of the virus” at religious services, they likely violate the First Amendment. Slip. op. 4 (internal quotation marks omitted).
  • The majority rejected the dissenting Justices’ view that emergency relief was unwarranted simply because the restrictions had been modified during the litigation to temporarily allow gatherings at the affected churches and synagogues. As the Court explained, “injunctive relief is still called for because the applicants remain under a constant threat that the area in question will be reclassified as red or orange.” Slip. op. 6.
  • In a concurring opinion, Justice Gorsuch took issue with Chief Justice Roberts’s May 2020 concurrence in South Bay Pentecostal Church v. Newsom, 140 S. Ct. 1613 (2020), which has been cited by a number lower courts around the country as affording blanket deference to state-imposed restrictions on religious worship during the COVID-19 pandemic. Justice Gorsuch cautioned that, “[r]ather than apply a nonbinding and expired concurrence from South Bay, courts must resume applying the Free Exercise Clause,” and that “[e]ven if the Constitution has taken a holiday during this pandemic, it cannot become a sabbatical.”  Slip. op. at 3 (Gorsuch, J., concurring).
  • Justice Kavanaugh also concurred, acknowledging the seriousness of the pandemic but concluding that the Governor’s “restrictions on houses of worship are not tailored to the circumstances given the First Amendment interests at stake.”  Slip. op. 3 (Kavanaugh, J., concurring).  Like Justice Gorsuch, Justice Kavanaugh cautioned that “judicial deference in an emergency or a crisis does not mean wholesale judicial abdication, especially when important questions of religious discrimination, racial discrimination, free speech, or the like are raised.” Ibid.
  • Chief Justice Roberts dissented solely on the procedural ground that the applicants’ houses of worship are not presently in “red” and “orange” zones, but agreed that the fixed-capacity caps “seem unduly restrictive” and “raise serious concerns under the Constitution.”  Slip. op. 1-2 (Roberts, C.J., dissenting).
  • Justice Breyer, with whom Justices Sotomayor and Kagan joined, issued a separate dissent, and Justice Sotomayor issued a separate dissent joined by Justice Kagan.  These dissenters would have denied the injunction on procedural and substantive grounds.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact Randy M. Mastro (+1 212.351.3825, [email protected]) or Akiva Shapiro (+1 212.351.3830, [email protected]), the Gibson Dunn partners representing the Diocese, or the following practice leaders:

Appellate and Constitutional Law Practice

Allyson N. Ho
+1 214.698.3233
[email protected]		Mark A. Perry
+1 202.887.3667
[email protected]

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

The Commodity Futures Trading Commission (“CFTC” or the “Commission”) recently announced that its Division of Enforcement (the “Division”) issued new guidance to its staff when considering a recommendation that the Commission recognize a respondent’s cooperation, self-reporting, or remediation in an enforcement order (the “Guidance”).[1] The Guidance represents the latest step in the Commission’s ongoing efforts to provide clarity and transparency regarding the Division’s practices and procedures.

Prior Advisories on Cooperation, Self-Reporting and Remediation Remain in Effect

The Guidance explicitly states that it does not change how the Division evaluates self-reporting, cooperation, or remediation, nor how the Division considers reductions in penalties in connection with self-reporting, cooperation, or remediation.[2] Rather, these evaluations are guided by factors described in prior advisories published by the Division (the “Advisories”)[3] and set forth in the agency’s Enforcement Manual,[4] which continue to remain in effect.

While the Advisories remain in effect, they are not binding on Division staff. Instead, they emphasize the discretionary nature of both the Division’s evaluation of cooperation and its resulting recommendations.[5] Moreover, the Advisories caution that they “should not be read as requiring the Division staff to recommend, or the Commission to impose or authorize, a reduction of sanctions based on the presence or absence of particular cooperation factors.”[6] Thus, in certain circumstances, and at the discretion of the Division staff, cooperation, self-reporting, and/or remediation may result in a recommendation of recognition and of reduced sanctions in a Commission enforcement order.[7] The Advisories do note, however, that—at the far end of the self-reporting/cooperation/remediation spectrum—“if a company or individual self-reports, fully cooperates, and remediates, the Division will recommend that the Commission consider a substantial reduction from the otherwise applicable civil monetary penalty.”[8] However, where an individual or company did not self-report but otherwise fully cooperated and remediated deficiencies, the Advisories provide that the Division may recommend a reduced civil monetary penalty.[9]

The New Guidance: Clarity on When and How

The Guidance builds upon the Advisories by providing transparency and clarity regarding “when and how” the Division will recommend that assessments relating to self-reporting, cooperation, or remediation be reflected and recognized by the CFTC in its enforcement orders.[10] To achieve this objective, the Guidance sets forth the following four scenarios and the corresponding level of recognition and penalty reduction (if any) to be recommended by the Division.

Scenario

Degree of Self-Reporting, Cooperation and Remediation

Recognition/ Penalty

Enforcement Order Language

1

None

No Recognition in Enforcement Order

N/A

2

No Self-Reporting, But Cognizable Cooperation and/or Remediation

Recognition, But No Reduction in Penalty

“In accepting Respondent’s offer, the Commission recognizes the cooperation of [name of Respondent] with the Division of Enforcement’s investigation of this matter.   The Commission also acknowledges Respondent’s representations concerning its remediation in connection with this matter.”

3

No Self-Reporting, But Substantial Cooperation and/or Remediation

Recognition and Reduced Penalty

“In accepting Respondent’s Offer, the Commission recognizes the substantial cooperation of [name of respondent] with the Division of Enforcement’s investigation of this matter. The Commission also acknowledges Respondent’s representations concerning its remediation in connection with this matter. The Commission’s recognition of Respondent’s substantial cooperation and appropriate remediation is further reflected in the form of a reduced penalty.”

4

Self-Reporting, Substantial Cooperation and Remediation

Recognition and Substantially Reduced Penalty

“In accepting Respondent’s Offer, the Commission recognizes the self-reporting and substantial cooperation of [name of Respondent] in connection with the Division’s investigation of this matter. The Commission also acknowledges Respondent’s representations concerning its remediation in connection with this matter. The Commission’s recognition of Respondent’s self-reporting, substantial cooperation, and appropriate remediation is further reflected in the form of a substantially reduced penalty.”

By arranging the list of factors set forth in the Advisories into four typical combinations (scenarios), and noting when each particular combination should result in a specific recommendation to the Commission, the Guidance provides the Division’s staff with a clear roadmap for exercising its discretion under the Advisories. The Guidance also provides the staff with the exact language it should recommend be included by the Commission in an enforcement order to describe the nature and extent of a respondent’s self-reporting, cooperation, or remediation for each scenario. In addition, the Division’s recommendation to the Commission should include a description of the particular acts of cooperation, self-reporting, or remediation that should be included in the enforcement order. Significantly, the Guidance—unlike the Advisories—is binding on the Staff.[11]

Implications of the Guidance

The new Guidance has several important implications. First, the Guidance is an important contribution to the Commission’s initiative to provide consistency, transparency, and clarity to market participants regarding its enforcement actions. The CFTC published its first Enforcement Manual in May 2019, noting its core value of clarity.[12] On the heels of that publication, the Division issued new civil monetary penalty guidance and compliance program evaluation guidance in, respectively, May 2020 and September 2020.[13] In connection with these publications, the Commission has noted that clarity serves multiple purposes, including deterring misconduct and assisting respondents by enhancing predictability.[14] As explained by Chairman Tarbert, the new Guidance furthers these objectives “by ensuring the public understands the levels of recognition the CFTC may provide in its enforcement orders.”[15]

Second, the Guidance will facilitate consistent practices by the enforcement staff with regard to their recommendations for the recognition of cooperation, self-reporting, or remediation. The binding nature of the Guidance will help promote consistency in that the various geographic offices of the Division will now be required to interpret and apply the Advisories in accordance with the Guidance. Consistent practices by the enforcement staff will, in turn, enhance predictability. While the Commission will continue to exercise its independent judgment in determining when and how self-reporting, cooperation, or remediation should be recognized in its orders, market participants who are considering whether to negotiate a resolution of an enforcement investigation will benefit significantly from increased predictability by the staff.[16] Moreover, increased predictability will further incentivize self-reporting, cooperation, and remediation, which will advance some of the key goals of the Division’s enforcement program.

Finally, the Guidance—as well as enforcement orders issued by the Commission as a result of the Guidance—will be valuable reference points for market participants who are negotiating settlements with the Division. The Guidance, coupled with the Advisories, can be used by parties to frame arguments regarding the nature and extent of the credit they should receive for their self-reporting, cooperation, or remediation. Similarly, enforcement orders issued under the Guidance can be used as benchmarks when parties negotiate settlements. The Guidance’s requirements that staff recommendations include a description of the particular acts of self-reporting, cooperation, or remediation by the respondent and that proposed enforcement orders use uniform language for the recognition of such acts should foster benchmarking. Although parties can still use enforcement orders issued before the Guidance as reference points, such orders sometimes include disparate language to describe what are essentially the same levels of self-reporting, cooperation, or remediation. Going forward, it will be easier for parties to compare “apples to apples.”

In sum, although the Guidance has been issued by the Division for its staff, it will be beneficial both to market participants who are considering whether to self-report, cooperate, or remediate, and to parties who are considering whether to attempt to resolve an investigation being conducted by the Division.

 _____________________

[1]  CFTC Press Release No. 8296-20.

[2]  Memorandum from Vincent A. McGonagle, Acting Director, Division of Enforcement, to Division of Enforcement Staff, Recognizing Cooperation, Self-Reporting, and Remediation in Commission Enforcement Orders (Oct. 29, 2020) (the “Guidance”), at 1.

[3]  Enforcement Advisory: Cooperation Factors in Enforcement Division Sanction Recommendations for Individuals (Jan. 19, 2017) (the “Individual Cooperation Guidance”); Enforcement Advisory: Cooperation Factors in Enforcement Division Sanction Recommendations for Companies (Jan. 19, 2017) (the “Company Cooperation Guidance”); Enforcement Advisory: Updated Advisory on Self-Reporting and Full Cooperation (Sept. 25, 2017) (the “Updated Self-Reporting and Cooperation Guidance”).

[4]  See Commodity Futures Trading Commission, Enforcement Manual (2020).

[5]  See Individual Cooperation Guidance at 5; Company Cooperation Guidance at 5.

[6]  Updated Self-Reporting and Cooperation Guidance at 2.

[7]  Id. at 1, 5.

[8]  Updated Self-Reporting and Cooperation Guidance at 2.

[9]  Id.

[10]  Guidance at 1.

[11]  Guidance at 2.

[12]  CFTC Press Release No. 7925-19.

[13]  CFTC Press Release Nos. 8165-20 and 8235-20.

[14]  See CFTC Press Release No. 7925-19 (“Clarity and transparency in our policies should promote fairness, increase predictability, and enhance respect for the rule of law.”); CFTC Press Release No. 8165-20 (“Clarity about how our statutes and rules are applied is essential to deterring misconduct and maintaining market integrity.”); CFTC Press Release No. 8235-20 (“It’s in both the agency’s interest and the interest of compliance personnel that the Commission is clear about how and what we’ll evaluate.”).

[15]  CFTC Press Release No. 8296-20 (quoting Chairman Heath Tarbert); see also CFTC Press Release No. 8296-20 (“Providing clarity to market participants and the public is one of the CFTC’s core values. . . . Through this and the other public guidance, the division seeks consistency and transparency across CFTC enforcement actions.” (quoting Acting Director Vincent McGonagle)).

[16]  See Cooperation Recognition Guidance at 2, n.4.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Derivatives practice group, or the following authors:

Lawrence J. Zweifach – New York (+1 212-351-2625, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])
Lauren M.L. Nagin – New York (+1 212-351-2365, [email protected])
Darcy C. Harris – New York (+1 212-351-3894, [email protected])

Derivatives Practice Group:
Michael D. Bopp – Washington, D.C. (+1 202-955-8256, [email protected])
Jeffrey L. Steiner – Washington, D.C. (+1 202-887-3632, [email protected])
Arthur S. Long – New York (+1 212-351-2426, [email protected]).com)
Stephanie Brooker – Washington, D.C. (+1 202-887-3502, [email protected])
Lawrence J. Zweifach – New York (+1 212-351-2625, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On November 19, 2020, the U.S. Department of Transportation’s National Highway Traffic Safety Administration (“NHTSA”) announced that it is seeking public comment on the potential development of a framework of principles to govern the safe behavior of automated driving systems (“ADS”) for use in connected and autonomous vehicles (“CAVs”).[1] On the same day, NHTSA issued an advance notice of proposed rulemaking (“NPRM”) on a possible ADS framework (the “ADS NPRM”).[2] The ADS NPRM sends a strong signal that vehicles with ADS may in future be subject to a new generation of performance and safety (as well as design) standards.

Background

Last year, NHTSA announced that it was seeking public feedback about the possibility of removing “regulatory barriers” relating to the introduction of automated vehicles in the United States.[3] Subsequently, NHTSA sought stakeholder comments on proposed regulations intended to address the challenges involved in determining which requirements of the existing Federal Motor Vehicle Safety Standards (“FMVSS”)[4] are relevant to the safety needs of ADS-equipped vehicles without traditional manual controls, as well as on “adapting or developing the requirements and the associated test procedures so that the requirements can effectively be applied to the novel vehicle designs that may accompany such vehicles without adversely affecting safety.”[5]

NHTSA started seeking such public comments as a result of increasing confusion in the industry on how NHTSA plans to address ADS technologies. Although wide-scale deployment still may be years away, many companies are actively developing and testing ADS technology throughout the United States. The lack of specific regulatory guidance for ADS has created obstacles for OEMs trying to meet, and certify compliance with, FMVSS while developing and deploying their products in a way that establishes safety equivalence between traditionally operated vehicles and ADS-DVs. Several CAV manufacturers have applied for exemptions from compliance with existing FMVSS.[6] In February 2020, NHTSA announced its first approved exemption—from three federal motor vehicle standards—to Nuro, a California-based company that plans to deliver packages with a robotic vehicle smaller than a typical car.[7] The exemption allows the company to deploy and produce no more than 5,000 of its “low-speed, occupant-less electric delivery vehicles” in a two-year period, which would be operated for local delivery services for restaurants and grocery stores.[8]

In addition to these actions, on March 17, 2020 (the “March NPRM”), NHTSA issued an earlier NPRM “to improve safety and update rules that no longer make sense such as requiring manual driving controls on autonomous vehicles.”[9] The March NPRM aimed to “help streamline manufacturers’ certification processes, reduce certification costs and minimize the need for future NHTSA interpretation or exemption requests.” Specifically, the March NPRM proposed removing “unnecessary regulatory barriers to ADS-equipped vehicles” in the crashworthiness FMVSS, while seeking to maintain current levels of occupant protection under these standards and also remaining “technology neutral.” For example, the proposed regulation would apply front passenger seat protection standards to the traditional driver’s seat of a CAV, rather than safety requirements that are specific to the driver’s seat. The March NPRM did not propose any changes to existing occupant protection requirements for traditional vehicles with manual controls. NHTSA described the March NPRM as a “[h]istoric first step for the agency to remove unnecessary barriers to motor vehicles equipped with automated driving systems.”

The ADS NPRM

Now, as noted above, NHTSA has issued a new ADS NPRM. According to the ADS NPRM, the contemplated ADS framework would “objectively define, assess, and manage the safety of ADS performance while ensuring the needed flexibility to enable further innovation,” drawing upon “existing Federal and non-Federal foundational efforts and tools in structuring the framework as ADS continue to develop.”

NHTSA is seeking public comments on how to select and design the structure and key elements of a framework and the appropriate administrative mechanisms to achieve the goals of improving safety, mitigating risk, and enabling the development and introduction of new safety innovations, as well as on what aspects of ADS performance are suitable for potential safety standard setting. “This rulemaking will help address legitimate public concerns about safety, security and privacy without hampering innovation in the development of automated driving systems,” said U.S. Secretary of Transportation Elaine Chao.[10]

While NHTSA takes the view that the establishment of FMVSS for ADS would be premature at this stage, it seeks feedback on a proposed governmental safety framework specifically tailored to ADS and the role NHTSA would play with respect to guidance and potential regulation. The proposed framework spans a broad range of potential regulatory approaches—from a “hands-off” approach that would include the issuance of guidance documents addressing best industry practices, providing information to consumers, and describing different approaches to research and summarizing the results of research, to more formal regulation such as rules requiring reporting and disclosure of information or the adoption of ADS-specific FMVSS.[11]

The primary ADS components that would be the focus of NHTSA’s attention are (1) sensors (how the ADS receives information about its environment); (2) “perception” functions (how the ADS detects and categorizes other road users (vehicles, motorcyclists, pedestrians, etc.), infrastructure (traffic signs, signals, etc.), and conditions (weather events, road construction, etc.)); (3) “planning” components (how the ADS analyzes the situation, plans the route it will take on the way to its intended destination, and makes decisions on how to respond appropriately to the road users, infrastructure, and conditions detected and categorized); and (4) “control” functions (how the ADS executes the driving functions necessary to carry out that plan (“control”) through interaction with other parts of the vehicle).[12] NHTSA also seeks feedback on what kind of engineering measures should be included in the framework, and whether ADS-specific regulations should be issued prior to testing and validation or commercial deployment of the technology.[13]

Written comments from stakeholders will be due within 60 days from the date of publication of the ADS NPRM in the Federal Register, likely to be November 24 or 25. After considering such comments, we anticipate that regulatory changes to testing procedures (including pre-programmed execution, simulation, use of external controls, use of a surrogate vehicle with human controls, and technical documentation) and modifications to current FMVSSs (such as crashworthiness, crash avoidance, and indicator standards) will be finalized by NHTSA in 2021. We encourage our clients to contact us if they would like further information or assistance in developing and submitting comments.

Given the fast pace of developments and tangle of applicable rules, it is essential that companies operating in this space stay abreast of legal developments in states as well as cities in which they are developing or testing AVs, while understanding that any new federal regulations may ultimately preempt states’ authorities to determine, for example, safety policies or how they handle their passengers’ data. For more information on legal and policy developments related to CAVs, please contact the authors or see Gibson Dunn’s previous legal updates on legislative developments and NHTSA’s broader policy efforts, including the re-introduction of the SELF-DRIVE Act (here) and NHTSA’s Autonomous Vehicle (“AV”) 4.0 Guidelines (here).

_____________________

   [1]   NHTSA, Press Release, U.S. Department of Transportation Seeks Public Comment on Automated Driving System Safety Principles (Nov. 19, 2020), available at https://www.nhtsa.gov/press-releases/public-comment-automated-driving-system-safety-principles.

   [2]   Framework for Automated Driving System Safety, 49 Fed. Reg. 571 (Nov. 19, 2020), available here.

   [3]   Removing Regulatory Barriers for Vehicles With Automated Driving Systems, 84 Fed. Reg. 24,433 (May 28, 2019) (to be codified at 49 Fed. Reg. 571); see also Removing Regulatory Barriers for Vehicles with Automated Driving Systems, 83 Fed. Reg. 2607, 2607 (proposed March 5, 2018) (to be codified at 49 Fed. Reg. 571).

   [4]   FMVSS provide the minimum safety performance requirements for motor vehicles or items of motor vehicle equipment, but were drafted with traditionally operated vehicles in mind. ADS, as defined by NHTSA, is the “hardware and software that are, collectively, capable of performing the entire dynamic task of driving on a sustained basis.” (Within the SAE automation taxonomy, ADS describes automation Levels 3, 4, and 5).

   [5]   Supra, n.3 at 6.

   [6]   See, e.g., the petition filed by General Motors requesting temporary exemption from FMVSSs which require manual controls or have requirements that are specific to a human driver. General Motors, LLC – Receipt of Petition for Temporary Exemption from Various Requirements of the Safety Standards for an All Electric Vehicle with an Automated Driving System, 84 Fed. Reg. 10182.

   [7]   Congressional Research Service, Issues in Autonomous Vehicle Testing and Deployment (Feb. 11, 2020), available at https://fas.org/sgp/crs/misc/R45985.pdf; U.S. Dep’s of Transp., NHTSA Grants Nuro Exemption Petition for Low-Speed Driverless Vehicle, available at https://www.nhtsa.gov/press-releases/nuro-exemption-low-speed-driverless-vehicle.

   [8]   For more information, see our Artificial Intelligence and Automated Systems Legal Update (1Q20), available at https://www.gibsondunn.com/artificial-intelligence-and-automated-systems-legal-update-1q20/.

   [9]   U.S. Dep’t of Transp., NHTSA Issues First-Ever Proposal to Modernize Occupant Protection Safety Standards for Vehicles Without Manual Controls, available at https://www.nhtsa.gov/press-releases/adapt-safety-requirements-ads-vehicles-without-manual-controls; see further Gibson Dunn’s Artificial Intelligence and Automated Systems Legal Update (1Q20), available at https://www.gibsondunn.com/artificial-intelligence-and-automated-systems-legal-update-1q20/.

[10]   NHTSA, Press Release (Nov. 19, 2020), supra, n.1.

[11]   NHTSA, Framework for Automated Driving System Safety, supra, n.4 at 8.

[12]   Id.

[13]   Id. at 11.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Artificial Intelligence and Automated Systems Group, or the following authors:

H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Frances A. Waldmann – Los Angeles (+1 213-229-7914, [email protected])

Please also feel free to contact any of the following practice group members:

Artificial Intelligence and Automated Systems Group:
H. Mark Lyon – Chair, Palo Alto (+1 650-849-5307, [email protected])
J. Alan Bannister – New York (+1 212-351-2310, [email protected])
Patrick Doris – London (+44 (0)20 7071 4276, [email protected])
Kai Gesing – Munich (+49 89 189 33 180, [email protected])
Ari Lanin – Los Angeles (+1 310-552-8581, [email protected])
Robson Lee – Singapore (+65 6507 3684, [email protected])
Carrie M. LeRoy – Palo Alto (+1 650-849-5337, [email protected])
Alexander H. Southwell – New York (+1 212-351-3981, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Michael Walther – Munich (+49 89 189 33 180, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On 23 November 2020 the UAE government announced that Sheikh Khalifa bin Zayed Al Nahyan, President of the UAE, had issued a decree (the “New Decree”) amending Law No. 2 of 2015 on Commercial Companies (the “2015 Law”). The New Decree is yet to be published, but it will reportedly overhaul the foreign ownership rules in respect of commercial companies in the UAE. Under the 2015 Law (and its predecessors), foreign investors were permitted to hold up to a maximum of 49% of the shares of locally incorporated “onshore” companies, with the remaining 51% required to be held by UAE national(s).

In its latest bid to attract foreign investment and strengthen its position as an international hub, the UAE has overhauled the 2015 Law, removing the requirement for a UAE shareholder to hold at least 51% of the shares of onshore companies (other than in relation to certain strategically important sectors).

Some foreign investors and business owners have, in the past, hesitated to establish or invest in onshore companies because of such ownership restrictions. The new measures, which are expected to take effect from 1 December 2020, should facilitate making investments into and doing business in the UAE and provide flexibility for foreign business owners wishing to operate outside of free zones. In particular, the New Decree should open up UAE-based businesses to investment from international private equity houses and venture capital firms without the need to resort to complex structuring arrangements.

The New Decree builds on Federal Legislative Decree No. 19 of 2018 (the “FDI Law”) which signaled an initial shift away from the strict foreign ownership restrictions by opening up certain activities (a “positive list”) to 100% foreign ownership through an approval process. While the New Decree supersedes (and effectively cancels) the provisions of the FDI Law on foreign ownership requirements, the relaxation will not apply to ownership of state-owned entities and companies that are deemed to operate in strategically important sectors, such as, for example, oil and gas exploration, utilities and transport.

The New Decree represents a clear break from the past and we anticipate that it will strengthen the UAE’s position as a leading international financial center and lead to an increase in foreign direct investment. While the terms of the New Decree are yet to be made available, the announcement is positive and encouraging.

Gibson Dunn’s Middle East practice focuses on regional and global multijurisdictional transactions and disputes whilst also acting on matters relating to financial and investment regulation. Our lawyers, a number of whom have spent many years in the region, have the experience and expertise to handle the most complex and innovative deals and disputes across different sectors, disciplines and jurisdictions throughout the Middle East and Africa.

Our corporate team is a market leader in MENA mergers and acquisitions as well as private equity transactions, having been instructed on many of the region’s highest-profile buy-side and sell-side transactions for corporates, sovereigns and the most active regional private equity funds. In addition, we have a vibrant finance practice, representing both lenders and borrowers, covering the full range of financial products including acquisition finance, structured finance, asset-based finance and Islamic finance. We have the region’s leading fund formation practice, successfully raising capital for our clients in a difficult fundraising environment.

For further information, please contact the Gibson Dunn lawyer with whom you usually work, or the following authors in the firm’s Dubai office, with any questions, thoughts or comments arising from this update.

Hardeep Plahe (+971 (0) 4 318 4611, [email protected])

Fraser Dawson (+971 (0) 4 318 4619, [email protected])

Aly Kassam (+971 (0) 4 318 4641, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

On 10 November 2020, the European Data Protection Board (EDPB) issued important new guidance on transferring personal data out of the European Economic Area (EEA). The guidance addresses a key question for many companies: how to transfer personal data out of the EEA to the United States or other countries not recognized by the European Commission as ensuring an adequate level of protection for personal data. The guidance thus begins to lessen some of the uncertainty caused by the Court of Justice of the European Union’s July 2020 ruling in the landmark Schrems II decision.

The EDPB’s guidance have been published for consultation by citizens and stakeholders until 21 December 2020, and may thus be subject to further changes or amendments. Although the guidance take the form of non-binding recommendations, companies that transfer personal data out of the EEA would be well-served to review their approach to such transfers in light of the EDPB guidance.

I. Context

As a reminder, under the EU’s omnibus privacy law, the General Data Protection Regulation (GDPR), a transfer of personal data out of the EEA may take place if the receiving country ensures an adequate level of data protection, as determined by a decision of the European Commission. In the absence of such an adequacy decision, the exporter may proceed to such data transfer only if it has put in place appropriate safeguards.

In the Schrems II ruling in July 2020, the CJEU invalidated the EU-U.S. Privacy Shield, which had been a framework used by companies transferring personal data from the EEA to the U.S. to provide reassurance that the data would be protected after the transfer. The CJEU’s decision allowed the use of the Standard Contractual Clauses, known as the “SCCs,” approved by the European Commission, to continue as another framework or method to cover such transfers. However, the CJEU required companies to verify, prior to any transfer of personal data pursuant to the SCCs, whether data subjects would be granted a level of protection in the receiving country essentially equivalent to that guaranteed within the EU, pursuant to the GDPR and the EU Charter of Fundamental Rights.[i]

The Court specified that the assessment of that level of protection must take into consideration both the contractual arrangements between the data exporter and the recipient and, as regards any access by the public authorities of the receiving country, the relevant aspects of the legal system of that third country.

Due to their contractual nature, SCCs cannot bind the public authorities of third countries, since they are not party to the contract. Consequently, under Schrems II, data exporters may need to supplement the guarantees contained in the SCCs with supplementary measures to ensure compliance with the level of protection required under EU law in a particular third country.

The EDPB issued on 10 November 2020 two sets of recommendations:

  1. Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data, which are aimed at providing a methodology for data exporters to determine whether and which additional measures would need to be put in place for their transfers; and
  2. Recommendations 02/2020 on the European Essential Guarantees (EEG) for surveillance measures, which are aimed at updating the EEG[ii], in order to provide elements to examine whether surveillance measures allowing access to personal data by public authorities in a receiving country, whether national security agencies or law enforcement authorities, can be regarded as a justifiable interference.

II. Recommendations on how to identify and adopt supplementary measures

The EDPB describes a roadmap of the steps to adopt in order to determine if a data exporter needs to put in place supplementary measures to be able to legally transfer data outside the EEA.

Step 1 – Know your transfers. The data exporter should map all transfers of personal data to countries outside the EEA (and verify that the data transferred is adequate, relevant and limited to what is necessary in relation to the purposes for which it is transferred to and processed in the third country).

Step 2 – Verify the transfer tool on which the transfer relies. If the European Commission has already declared the country as ensuring an adequate level of protection for personal data, there is no need to take any further steps, other than monitoring that the adequacy decision remains valid.

In the absence of an adequacy decision, the data exporter and the data importer would need to rely on one of the transfer tools listed under Articles 46 of the GDPR (including the SCCs) for transfers that are regular and repetitive. Derogations provided for in Article 49 of the GDPR[iii] may be relied on only in some cases of occasional and non-repetitive transfers.

Step 3 – Assess if there is anything in the law or practice of the third country that may impinge on the effectiveness of the appropriate safeguards of the transfer tools relied on, in the context of the transfer (see section III below).

The recommendations specify that: (i) the data importer should be in a position to provide the relevant sources and information relating to the third country in which it is established and the laws applicable to it; and (ii) the data exporter may also refer to several sources of information (e.g., case law of the CJEU and of the European Court of Human Rights; adequacy decisions in the country of destination if the transfer relies on a different legal basis; national caselaw or decisions taken by independent judicial or administrative authorities competent on data privacy and data protection of third countries).

If the assessment reveals that the receiving country’s legislation impinges on the effectiveness of the transfer tool contained in Article 46 of the GDPR, Step 4 should be implemented[iv].

Step 4 – Identify and adopt supplementary measures to bring the level of protection of the data transferred up to the EU standard of “essential equivalence”.

Supplementary measures may have a contractual[v], technical[vi], or organizational[vii] nature—and combining diverse measures may enhance the level of protection and contribute to reaching EU standards.

The EDPB provides for:

  1. Various examples of measures that are dependent upon several conditions being met in order to be considered effective (e.g., technical measures such as encryption or pseudonymization; contractual measures such as obligation to use specific technical measures, transparency obligations, obligations to take specific actions, empowering data subjects to exercise their rights; organizational measures such as internal policies for governance of transfers especially with groups of enterprises, transparency and accountability measures, organization methods and data minimization measures, adoption of standards and best practices); and
  2. A non-exhaustive list of factors to identify which supplementary measures would be most effective: (a) format of the data to be transferred (i.e. in plain text, pseudonymized or encrypted); (b) nature of the data; (c) length and complexity of the data processing workflow, number of actors involved in the processing, and the relationship between them; (d) possibility that the data may be subject to onward transfers, within the same receiving country or even to other third countries.

The EDPB clarifies that certain data transfer scenarios may not lead to the identification of an effective solution to ensure an essentially equivalent level of protection for the data transferred to the third country. Therefore, in these circumstances, supplementary measures may not qualify to lawfully cover data transfers (e.g., where transfer to processors requires access to data in clear text or remote access to data for business purposes).

In addition, the EDPB specifies that contractual and organizational measures alone will generally not overcome access to personal data by public authorities of the third country. Thus, there will be situations where only technical measures might impede or render ineffective such access.

If no supplementary measure can ensure an essentially equivalent level of protection for a specific transfer, in particular if the law of the receiving country prohibits the application of the possible supplementary measures envisaged (e.g., prohibits the use of encryption) or otherwise prevents their effectiveness, the transfer should be avoided, suspended or terminated.

Step 5 – Implement procedural steps if effective supplementary measures have been identified[viii].

For example, this could consist of entering into an amendment to complete the SCCs to provide for the supplementary measures. When the SCCs themselves are modified or where the supplementary measures added “contradict” directly or indirectly the SCCs, the procedural step should consist in requesting the authorization from the competent supervisory authority.

Step 6 – Re-evaluate at appropriate intervals, i.e., monitor developments in the third country that could affect the initial assessment.

III. Recommendations on how to assess the level of protection of a third country (Step 3)

The “Recommendations 02/2020 on the European Essential Guarantees for surveillance measures” specify the four EEGs to be taken into consideration in assessing whether surveillance measures allowing access to personal data by public authorities in a receiving country (whether national security agencies or law enforcement authorities), can be regarded as a justifiable interference. Such EEGs should be seen as the essential guarantees to be found in the receiving country when assessing the interference (rather than a list of elements to demonstrate that the legal regime of a third country as a whole is providing an essentially equivalent level of protection):

  1. Processing should be based on clear, precise and accessible rules;
  2. Necessity and proportionality with regard to the legitimate objectives pursued must be demonstrated;
  3. An independent oversight mechanism should exist; and
  4. Effective remedies need to be available to the individual.

IV. Consequences

Many companies will likely continue to transfer personal data outside of the EEA on the basis of the transfer tools listed under Articles 46 of the GDPR (including the SCCs and binding corporate rules). Companies, in particular data exporters, must therefore document the efforts implemented in order to ensure that the level of protection required by EU law will be complied within the third countries to which personal data are transferred.

Such efforts should include, first, to assess whether the level of protection required by EU law is respected in the relevant third country and, if this is not the case, to identify and adopt supplementary measures (technical, contractual and/or organizational) to bring the level of protection of the data transferred up to the EU standard of “essential equivalence”. If no supplementary measure can ensure an essentially equivalent level of protection for a specific transfer, the transfer should be avoided, suspended or terminated.

It is difficult to predict how local supervisory authorities will assess compliance efforts or sanction non-compliant transfers. While the EDPB’s recommendations are to be implemented on a case-by-case basis based on the specifics of the concerned transfer, we may not exclude supervisory authorities to assess independently the level of protection of certain receiving countries and identifying relevant supplemental measures.

In addition, these recommendations raise sensitive issues with respect to Brexit, and come at a critical moment in the Brexit negotiations. The U.K. will, in the event of a “No-Deal” Brexit, become a third state from the end of the transition period on 31 December 2020, and there is unlikely to be, at least immediately, an adequacy decision in place in respect of the U.K. One might reasonably expect that, given its membership throughout the currency of the GDPR and the forerunner directive, an adequacy decision in favor of the U.K. would be rapidly forthcoming. While that would be a determination for the European Commission, the EDPB has expressed reservations, making specific reference to the October 2019 agreement between the U.K. and the U.S. on Access to Electronic Data for the Purpose of Countering Serious Crime, which, it says, “will have to be taken into account by the European Commission in its overall assessment of the level of protection of personal data in the UK, in particular as regards the requirement to ensure continuity of protection in case of “onward transfers” from the UK to another third country.” The EDPB has indicated that if the Commission presents an adequacy decision in favor of the U.K., it will express its own view in a separate opinion. Absent an adequacy decision, transfers from the EEA to the U.K. would fall to be treated in the same way as transfers to other third countries, requiring consideration of Articles 46 and 49, SCCs, supplementary measures, etc.

A separate question is how the U.K. will, post-Brexit transition, treat these recommendations from the EDPB, and the question of transfers to third countries generally (and to the U.S. specifically). It cannot be excluded that this may be among the first area in which we begin to see a limited divergence between EU and U.K. data privacy laws.

It is also worth noting that on 12 November 2020, the European Commission published a draft implementing decision on SCCs for the transfer of personal data to third countries along with a draft set of new SCCs[ix]. The new SCCs include several modules to be used by companies, depending on the transfer scenario and designation of the parties under the GDPR, namely: (i) controller-to-controller transfers, (ii) controller-to-processor transfers, (iii) processor-to-processor transfers and (iv) processor-to-controller transfers. These new SCCs also incorporate some of the contractual supplementary measures recommended by the EDPB as described above. They are open for public consultation until 10 December 2020 and the final new set of SCCs are expected to be adopted in early 2021. At this stage, the draft provides for a grace period of one year during which it will be possible to continue to use the old SCCs for the execution of contracts concluded before the entry into force of the new SCCs[x].

In light of the above, we recommend that companies currently relying on SCCs to consult with their data protection officer or counsel to evaluate tailored ways to document and implement the steps to be taken in order to minimize the risks associated with continued data transfers to non-EEA countries — particularly to the U.S.

________________________________

[i] The Charter of Fundamental Rights brings together all the personal, civic, political, economic and social rights enjoyed by people within the EU in a single text.

[ii] The European Essential Guarantees were originally drafted in response to the Schrems I judgment (CJEU judgment of 6 October 2015, Maximillian Schrems v Data Protection Commissioner, Case C‑362/14, EU:C:2015:650).

[iii] Under article 49.2 of the GDPR, a transfer to a third country or an international organization may take place only if the transfer is not repetitive, concerns only a limited number of data subjects, is necessary for the purposes of compelling legitimate interests pursued by the controller which are not overridden by the interests or rights and freedoms of the data subject, and the controller has assessed all the circumstances surrounding the data transfer and has on the basis of that assessment provided suitable safeguards with regard to the protection of personal data.

[iv] The CJEU held, for example, that Section 702 of the U.S. FISA does not respect the minimum safeguards resulting from the principle of proportionality under EU law and cannot be regarded as limited to what is strictly necessary. This means that the level of protection of the programs authorized by 702 FISA is not essentially equivalent to the safeguards required under EU law. As a consequence, if the data importer or any further recipient to which the data importer may disclose the data is subject to 702 FISA, SCCs or other Article 46 of the GDPR transfer tools may only be relied upon for such transfer if additional supplementary technical measures make access to the data transferred impossible or ineffective.

[v] Example of contractual measures: The exporter could add annexes to the contract with information that the importer would provide, based on its best efforts, on the access to data by public authorities, including in the field of intelligence provided the legislation complies with the EDPB European Essential Guarantees, in the destination country. This might help the data exporter to meet its obligation to document its assessment of the level of protection in the third country. Such measure would be effective if (i) the importer is able to provide the exporter with these types of information to the best of its knowledge and after having used its best efforts to obtain it, (ii) this obligation imposed on the importer is a mean to ensure that the exporter becomes and remains aware of the risks attached to the transfer of data to a third country.

[vi] Example of technical measures: A data exporter uses a hosting service provider in a third country to store personal data, e.g., for backup purposes. The EDPB considers that encryption measure provides an effective supplementary measure if (i) the personal data is processed using strong encryption before transmission, (ii) the encryption algorithm and its parameterization (e.g., key length, operating mode, if applicable) conform to the state-of-the-art and can be considered robust against cryptanalysis performed by the public authorities in the recipient country taking into account the resources and technical capabilities (e.g., computing power for brute-force attacks) available to them, (iii) the strength of the encryption takes into account the specific time period during which the confidentiality of the encrypted personal data must be preserved, (iv) the encryption algorithm is flawlessly implemented by properly maintained software the conformity of which to the specification of the algorithm chosen has been verified, e.g., by certification, (v) the keys are reliably managed (generated, administered, stored, if relevant, linked to the identity of an intended recipient, and revoked), and (vi) the keys are retained solely under the control of the data exporter, or other entities entrusted with this task which reside in the EEA or a third country, territory or one or more specified sectors within a third country, or at an international organization for which the Commission has established in accordance with Article 45 of the GDPR that an adequate level of protection is ensured.

[vii] Example of organizational measures: Regular publication of transparency reports or summaries regarding governmental requests for access to data and the kind of reply provided, insofar publication is allowed by local law. The information provided should be relevant, clear and as detailed as possible. National legislation in the third country may prevent disclosure of detailed information. In those cases, the data importer should employ its best efforts to publish statistical information or similar type of aggregated information.

[viii] It is worth noting that the EDPB indicates that it will provide more details “as soon as possible” on the impact of the Schrems II judgement on other transfer tools (in particular binding corporate rules and as hoc contractual clauses).

[ix] This set of new SCCs should be distinguished from the new draft of clauses published by the Commission on the same day which relates to Article 28.3 of the GDPR (also called SCCs by the Commission). This new draft of clauses will only be optional (the parties may choose to continue using their own data processing agreements) and is also subject to public consultation until 10 December 2020.

[x] Provided the contract remains unchanged, with the exception of necessary supplementary measures; on the contrary, in case of relevant changes to the contract or new sub-contracting, the old SCCs must be replaced by the new ones.

The following Gibson Dunn lawyers prepared this client alert: Ahmed Baladi, Ryan T. Bergsieker, Patrick Doris, Kai Gesing, Alejandro Guerrero, Vera Lukic, Adelaide Cassanet, and Clemence Pugnet. Please also feel free to contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the Privacy, Cybersecurity and Consumer Protection Group:

Europe
Ahmed Baladi – Co-Chair, PCCP Practice, Paris (+33 (0)1 56 43 13 00, [email protected])
James A. Cox – London (+44 (0)20 7071 4250, [email protected])
Patrick Doris – London (+44 (0)20 7071 4276, [email protected])
Penny Madden – London (+44 (0)20 7071 4226, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Alejandro Guerrero – Brussels (+32 2 554 7218, [email protected])
Vera Lukic – Paris (+33 (0)1 56 43 13 00, [email protected])
Sarah Wazen – London (+44 (0)20 7071 4203, [email protected])

Asia
Kelly Austin – Hong Kong (+852 2214 3788, [email protected])
Connell O’Neill – Hong Kong (+852 2214 3812, co’[email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])

United States
Alexander H. Southwell – Co-Chair, PCCP Practice, New York (+1 212-351-3981, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Joshua A. Jessen – Orange County/Palo Alto (+1 949-451-4114/+1 650-849-5375, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.

New York partner Alexander Southwell, Denver partner Ryan Bergsieker and Denver associate Sarah Erickson are the authors of “Where Data Privacy And CFPB Are Headed Under Biden,” [PDF] published by Law360 on November 24, 2020.

Californians have ushered in a law protecting individuals’ privacy unlike any other in the United States, and businesses are well-advised to evaluate its impact and prepare to comply. Proposition 24, which passed during this month’s vote, establishes the California Privacy Rights Act (CPRA), which will take effect Jan. 1, 2023. If this seems like déjà vu, it is because just two years ago, the California legislature passed an unprecedented privacy law, the California Consumer Privacy Act (CCPA), which the CPRA amends. The continuing shift in privacy law embodied by the CPRA is set to make a significant impact on businesses’ compliance efforts and operational risk, as well as individuals’ expectations.

Businesses should take comfort that the Jan. 1, 2023 effective date, and delayed enforcement start (July 1, 2023), means there is time to come into compliance. However, the law imposes various changes that will require businesses to address new considerations—even factoring in the efforts many already have made to comply with the CCPA.

Read more

Originally published by The Recorder on November 18, 2020.

The following Gibson Dunn lawyers assisted in the preparation of this article: Cassandra Gaedt-Sheckter, Alexander H. Southwell and Ryan Bergsieker.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s California Consumer Privacy Act Task Force or its Privacy, Cybersecurity and Consumer Protection practice group:

California Consumer Privacy Act Task Force:
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, [email protected])
Joshua A. Jessen – Orange County/Palo Alto (+1 949-451-4114/+1 650-849-5375, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Alexander H. Southwell – New York (+1 212-351-3981, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])

Please also feel free to contact any member of the Privacy, Cybersecurity and Consumer Protection practice group:

United States
Alexander H. Southwell – Co-Chair, PCCP Practice, New York (+1 212-351-3981, [email protected])
Debra Wong Yang – Los Angeles (+1 213-229-7472, [email protected])
Matthew Benjamin – New York (+1 212-351-4079, [email protected])
Ryan T. Bergsieker – Denver (+1 303-298-5774, [email protected])
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, [email protected])
Joshua A. Jessen – Orange County/Palo Alto (+1 949-451-4114/+1 650-849-5375, [email protected])
Kristin A. Linsley – San Francisco (+1 415-393-8395, [email protected])
H. Mark Lyon – Palo Alto (+1 650-849-5307, [email protected])
Karl G. Nelson – Dallas (+1 214-698-3203, [email protected])
Deborah L. Stein – Los Angeles (+1 213-229-7164, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, [email protected])
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, [email protected])

Europe
Ahmed Baladi – Co-Chair, PCCP Practice, Paris (+33 (0)1 56 43 13 00, [email protected])
James A. Cox – London (+44 (0)20 7071 4250, [email protected])
Patrick Doris – London (+44 (0)20 7071 4276, [email protected])
Bernard Grinspan – Paris (+33 (0)1 56 43 13 00, [email protected])
Penny Madden – London (+44 (0)20 7071 4226, [email protected])
Michael Walther – Munich (+49 89 189 33-180, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Alejandro Guerrero – Brussels (+32 2 554 7218, [email protected])
Vera Lukic – Paris (+33 (0)1 56 43 13 00, [email protected])
Sarah Wazen – London (+44 (0)20 7071 4203, [email protected])

Asia
Kelly Austin – Hong Kong (+852 2214 3788, [email protected])
Connell O’Neill – Hong Kong (+852 2214 3812, co’[email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])

© 2020 Gibson, Dunn & Crutcher LLP

Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.