Reviewing key executive orders and administrative actions.
In his first two weeks in office, President Trump unleashed a series of executive orders (EOs) and other administrative actions signalling significant shifts in federal tech policy. Some of these changes will have immediate implications for the tech sector and are already shaping client engagement strategies with federal agencies and departments. Key changes include:
- Artificial Intelligence: Revocation of President Biden’s signature AI EO, additional support for AI infrastructure, and a new directive prioritizing U.S. acceleration in AI with fewer regulatory constraints.
- Content Moderation & Social Media: Prohibiting the federal government from interfering with social media platforms’ content moderation decisions, while launching a federal investigation into the prior administration’s efforts to pressure online platforms to address misinformation online.
- Crypto & Digital Assets: A new EO emphasizing innovation and directing a review of current crypto regulations.
- Cybersecurity: Reinforced efforts to shore up government computer systems and dismissal of members of a key cybersecurity board.
- Deregulation Policies: Tech Impact: A moratorium and rollback of new and pending federal rules, including those affecting tech policy, and a new EO designed to implement friction into rulemaking, including by reverting to pre-2023 methods for cost-benefit analysis.
- Federal Trade Commission: A promise of increased scrutiny of the agency after years of criticism, and a potential end to several Biden-era investigations.
- Technology Investment: The launch of the $500 billion Stargate Project to expand U.S. AI infrastructure and computing power and the rechartering of the President’s Council of Advisors on Science and Technology with a focus on emerging technologies.
Below we review the EOs and actions impacting tech policy in the new Administration (as well as a few late Biden Administration actions).
Artificial Intelligence
President Trump’s executive actions confirm his campaign promises to chart a new deregulatory approach to federal AI policy, pivoting from the workforce displacement, AI transparency, privacy, and bias concerns that were a hallmark of President Biden’s AI policy. The President is intent on shifting the focus of federal AI policy to achieve global “dominance” in AI through a policy of reducing government friction to innovation and development of advanced AI. Below we review some of the recent pronouncements on AI and what they signal.
Executive Order Revoked: Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence
On his first day in office, President Trump revoked EO 14110 – the Biden Administration’s most extensive AI-related EO (Biden AI EO), which aimed to promote and formulate principles for the safe and ethical use of AI. Some of the stated goals of the rescinded Biden AI EO were to (i) develop standardized metrics to assess AI safety, (ii) facilitate watermarking and clear labeling of AI-generated content, (iii) promote responsible innovation and invest in AI-related training, (iv) ensure that American workers were not negatively affected by AI developments, (v) protect privacy and civil rights including by mitigating the use of AI to discriminate based on personal information, and (vi) manage the risks arising from the government’s use of AI.
New Executive Order: Removing Barriers to American Leadership in Artificial Intelligence
After revoking the Biden AI EO, President Trump issued a shorter one of his own, EO 14179, “Removing Barriers to American Leadership in Artificial Intelligence.” This new AI EO sets out the organizing principles for AI policy, aiming to “solidify [America’s] position as the global leader in AI.”
Key provisions and actions include:
- Stating that the development of AI systems must be “free from ideological bias or engineered social agendas.”
- Directing presidential advisors to identify and “suspend, revise or rescind” actions taken pursuant to the Biden AI EO to the extent inconsistent with the stated goals of the Trump Administration’s AI policy.
- Ordering the Office of Management and Budget (“OMB”) to revise OMB Memoranda M-24-10 and M-24-18 (which created a set of requirements for federal agencies procuring AI) for consistency with the new AI policy.
- Announcing the “policy of the United States to sustain and enhance America’s global AI dominance in order to promote human flourishing, economic competitiveness, and national security.”
- Naming several officials (most importantly, the Assistant to the President for Science and Technology, the Special Advisor for AI and Crypto, and the Assistant to the President for National Security Affairs) responsible for developing an “action plan” to achieve the Administration’s AI goals.
These provisions, though vague, are intended to promote AI deregulation and reject Biden’s policies on AI equity, workforce protection, and “safe and responsible” innovation – including the OMB memorandum that required government agencies to consider equity, anti-discrimination, and environmental concerns when implementing AI.
While many of President Biden’s policies are being phased out, the new EO leaves some leeway to keep others in place. Notably, the Trump Administration has not yet announced its position on the Commerce Department’s recently announced export control rules for AI chips and frontier model weights (titled the “Framework for Artificial Intelligence Diffusion” (further discussed in our recent client alert)), leaving its fate uncertain.
No Repeal of President Biden’s Executive Order: Advancing United States Leadership in Artificial Intelligence Infrastructure
As of today, President Trump has not rescinded EO 14141, “Advancing United States Leadership in Artificial Intelligence Infrastructure,” which President Biden issued during his last week in office. EO 14141 directs certain federal agencies to implement procedures by which non-federal entities, including private-sector companies, can apply to lease certain federal sites for the purpose of constructing and operating “AI infrastructure.” The EO is largely consistent with President Trump’s AI priorities – in fact, as further outlined below, President Trump has announced even more aggressive investment to improve AI infrastructure. For more information about EO 14141, see our recent client alert.
Content Moderation & Social Media
President Trump’s EO 14149, “Restoring Freedom of Speech and Ending Federal Censorship,” prohibits federal action or the “use [of] any Federal resources” in a manner that “would unconstitutionally abridge the free speech of any American citizen” and, in the same stroke, directs the Attorney General, together with agencies, to investigate and report on “activities of the Federal Government” during the Biden Administration that “exert[ed] substantial coercive pressure on third parties, such as social media companies, to moderate, deplatform, or otherwise suppress speech that the Federal Government did not approve.” The EO primarily applies to federal agencies and their respective employees and agents, although the prohibition on using “taxpayer resources” to encroach on First Amendment protections could potentially extend to state, public, or private actors receiving federal funding.
Although the EO harshly criticizes the prior administration’s efforts to combat online misinformation as motivated by “advanc[ing] the Government’s preferred narrative about significant matters of public debate,” early signals from the Trump Administration suggest continued pressure on content policies of online media platforms that are in tension with the EO. In selecting Andrew Ferguson as FTC Chair, President Trump praised his “proven record of standing up to Big Tech censorship,” and Chair Ferguson has previously “urge[d] the Commission to investigate online platforms for unfair acts or practices relating to their opaque, unpredictable processes for banning users and censoring content,” noting that “President Trump himself asked the Commission in 2020 to investigate such practices.” (FCC Commissioner Carr has similarly criticized alleged tech censorship.)
During both the first Trump Administration and the Biden Administration, online platforms and social media companies have faced a stream of lawsuits, regulatory action, Congressional inquiries, and public pressure challenging the types of user content that are – or are not – available to be viewed among the billions of daily posts on their services. Gibson Dunn successfully has defended platforms’ immunity from government action targeting user content posted on their services, including under the First Amendment, see, e.g., Meta Platforms, Inc. v. District of Columbia, and the Supreme Court has indicated that efforts to divulge and constrain platforms’ approaches to content moderation likely intrude on protected speech. These and numerous other appellate decisions upholding platforms’ content-moderation policies on First Amendment grounds suggest a fundamental tension in the EO’s espoused commitment to freedom of speech and the underlying policy objectives of the Trump Administration.
Similarly, the EO’s mandate to investigate and “correct past misconduct by the Federal Government related to censorship of protected speech” could raise First Amendment concerns to the extent it seeks to invade or penalize the editorial decisions and content policies implemented by online platforms in response to a rapidly evolving policy and technical landscape or to leverage government resources to target viewpoints contrary to those supported by the current administration.
Cryptocurrency & Digital Assets
President Trump’s EO 14178, “Strengthening American Leadership in Digital Financial Technology,” according to the accompanying fact sheet, signals the Trump Administration’s interest in promoting innovation in “digital financial technology” and establishing America’s leadership in the space, and revokes President Biden’s 2022 EO outlining priorities for crypto regulation. President Trump’s EO establishes the President’s Working Group on Digital Asset Markets, tasked with evaluating current crypto regulations and issuing recommendations for modifying or rescinding them, with deadlines over the next few months.
President Trump has directed the group – chaired by David Sacks, the White House AI and Crypto Czar, and including the heads of the SEC and the Commodity Futures Trading Commission – to develop a framework for regulating digital assets and stablecoins, taking into account consumer protection, risk management, and market structure, and to evaluate the idea of creating a digital asset stockpile, which would be derived from “cryptocurrencies lawfully seized by the Federal Government through its law enforcement efforts.” On the campaign trail, President Trump floated the idea of a Bitcoin stockpile with the aim of making the U.S. the “crypto capital of the planet” and reducing the national debt. The recently issued EO does not specifically refer to a Bitcoin stockpile, but rather directs the working group to analyze the idea of a stockpile of digital assets, generally.
By contrast, the revoked 2022 EO 14067 from President Biden outlined six key priorities for crypto regulation: protecting U.S. interests, maintaining global financial stability, preventing illicit uses, promoting responsible innovation, enhancing financial inclusion, and ensuring U.S. leadership in the digital finance space. The Biden Administration’s regulatory framework faced criticism from cryptocurrency industry leaders, who argued that it created barriers for crypto firms and startups in accessing traditional banking services. President Trump’s EO appears oriented towards reversing these trends and making it easier for crypto companies to operate and access banking services. Additionally, the EO rescinds the Biden Treasury Department’s digital asset framework issued on July 7, 2022, which aimed to leverage central bank digital currencies to reinforce U.S. leadership in the global financial system while preventing illegal uses of digital currencies.
Cybersecurity
Biden’s Cybersecurity EOs Remain Intact
In his last week in office, President Biden issued EO 14144, “Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” building on his 2021 EO 14028 (“Improving the Nation’s Cybersecurity”). To date, President Trump has not rescinded either EO 14114 or EO 14028. EO 14114 directs federal government agencies to improve cybersecurity and defend digital infrastructure, promoting in particular secure software development and cloud security. The EO seeks to address persistent cyber threats from “adversarial countries and criminals” – in particular China – which, the EO states, disrupt the delivery of critical services and threaten Americans’ security and privacy. Given the bipartisan alignment on cybersecurity threats, especially from China, and National Security Advisor Mike Waltz’s statement that the Trump Administration is “hand in glove” with the Biden Administration on U.S. adversaries and national security issues, these EOs are likely to survive. Key provisions include:
- Agencies, including the OMB and NIST, must issue guidance on cybersecurity standards, and the Federal Acquisition Regulation Council must amend its regulations to require federal contractors to follow the new minimum cybersecurity standards.
- Agencies must adopt procedures to ensure that the software they use is secure and can be accessed only by appropriate parties.
- Agencies must implement “strong identity authentication and encryption” to secure their internal communications.
- To combat identity theft and benefits fraud, agencies are strongly encouraged to accept digital identity verification when determining eligibility for public benefits programs.
- As part of a new comprehensive framework for integrating AI into federal cybersecurity efforts, DOE must launch a pilot program to evaluate AI-enhanced cyber defense capabilities. Similarly, the DOD must also establish an advanced AI cyber defense program within 270 days.
- The types of cyber-related activities that will trigger sanctions have been expanded.
Key Appointments and Removals: Cybersecurity
Even while there are signals that the Trump Administration will continue to pursue similar cybersecurity policy objectives, there are important indicators of change. On January 20, 2025, Acting Secretary of Homeland Security Benjamine Huffman directed the termination of all current memberships on advisory committees within DHS, effective immediately. This had the effect of removing the private-sector representatives of the Cyber Safety Review Board (CSRB), a component of the DHS, established in May 2021 by President Biden’s EO 14028 (“Improving the Nation’s Cybersecurity”). The CSRB was charged with “review[ing] and assess[ing]” significant cyber incidents, and was composed of representatives from within the private sector and the U.S. Government. Since its establishment, the CSRB has published reports following reviews of three cyber incidents (Log4j, Lapsus$ and related threat actor groups, and the Summer 2023 Microsoft Exchange Intrusion).
The CSRB publicly confirmed in October 2024 that it would initiate a review of the “Salt Typhoon” incident, which involved attacks from a China state-backed threat actor, and held its first meeting to begin the investigation on December 6, 2024. The future membership of the CSRB is unknown, and it is uncertain whether the investigation into the “Salt Typhoon” incident will continue.
New Federal Acquisition Regulation: Controlled Unclassified Information
Just days before President Trump took office, the Department of Defense, General Services Administration, and National Aeronautics and Space Administration proposed new regulations related to Controlled Unclassified Information (CUI). The proposal would amend the Federal Acquisition Regulation that implements EO 13556, an Obama-era directive instructing agencies to create unified standards to define and protect CUI across all aspects of government. The proposed rule creates a standardized set of requirements to be incorporated into all government contracts that involve the handling of CUI. These requirements are comprehensive and broad in scope – covering (among other things) how CUI is identified, which cybersecurity standards apply to CUI, and how contractors must train employees and report CUI incidents.
The proposed rule carries both benefits and risks for government contractors. On the one hand, it aims to standardize the many existing cybersecurity requirements that vary across agencies, providing much-needed uniformity and clarity. However, the proposed rule also tightens many requirements, potentially creating new compliance risks for government contractors. Since the announcement of the DOJ’s Civil Cyber Fraud Initiative in October 2021, combatting cybersecurity-related fraud by government contractors under the False Claims Act has been a top priority for the DOJ, and the proposed rule could give rise to further enforcement actions if enacted.
The comment period expires on March 17, 2025. Although the proposed rule is subject to President Trump’s regulatory freeze memorandum (discussed below), given the ongoing importance of cybersecurity, it seems likely that the proposed rule will move forward in some form.
Deregulation Policies: Tech Impact
Regulatory Freeze
As is customary, President Trump (in addition to rescinding more than 70 EOs issued by the Biden Administration) issued a freeze of numerous Biden Administration policy and regulatory directives. His memorandum – which is similar to the regulatory freeze issued by the OMB on behalf of the President at the beginning of the Biden Administration – (1) places a moratorium on any new “rules” or “regulatory actions,” pending review by President Trump’s appointees; (2) directs agencies to immediately withdraw any rules sent out for publication but not yet published in the Federal Register; and (3) directs agencies to consider postponing, by 60 days, the effective dates of any rules that have been published but not taken effect.
The moratorium may affect several final rules or rule proposals during Biden’s Administration including executive actions on cybersecurity, data privacy, and AI, including:
- The DOJ’s recent final rule on bulk U.S. sensitive personal data, which prohibits or restricts U.S. persons from engaging in covered data transactions involving certain categories of U.S. residents and/or government bulk sensitive personal data with covered persons and countries of concern (China, Cuba, Iran, North Korea, Russia, and Venezuela). Although the rule has an exception for certain corporate group transactions, the Biden Administration took a narrow view of the exception, and U.S. companies will need to proceed cautiously if the rule comes into effect as drafted.
- The U.S. Commerce Department’s Bureau of Industry and Security’s connected-vehicles final rule, which bans certain imports and sales of vehicles from China (including Hong Kong) and Russia, as well as key hardware and software components, based on “undue or unacceptable risks” to U.S. national security.
- The Information and Communications Technology and Services Supply Chain (ICTS) final rule, which permits the Secretary of Commerce to prohibit ICTS transactions or impose mitigation measures for ICTS transactions involving “persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries” posing certain “undue or unacceptable risks.”
- The infrastructure-as-a-service (IaaS) notice of proposed rulemaking, which imposes restrictions on the activities of U.S. IaaS providers, including the training of large AI models, and relied significantly on the Biden AI EO.
For more information on the impact of the new administration’s regulatory freeze memorandum on regulations relevant to privacy, data, cybersecurity, technology, and artificial intelligence, see our recent client alert.
New Executive Order: Unleashing Prosperity Through Deregulation
On January 31, President Trump continued his deregulatory efforts, issuing an EO titled “Unleashing Prosperity Through Deregulation,” which aims to “promote prudent financial management and alleviate unnecessary regulatory burdens.” The EO directs:
- Departments and agencies to identify 10 regulations for repeal for every new regulation issued,
- Department and agency heads to ensure that the total cost of all new regulations for fiscal year 2025, including repealed regulations, is “significantly less than zero,”
- OMB to issue guidance to agencies regarding the implementation of the above, including processes for standardizing the measurement and estimation of regulatory costs, and
- OMB to revoke the Biden Administration’s 2023 version of OMB Circular No. A-4 and reinstate the prior version, which was issued in 2003. This action will return the threshold for conducting rigorous analysis to account for uncertainties about the benefits and costs of “significant” regulations from $200 million to $100 million, increasing scrutiny on more rules. The action also returns the discount rates for conducting cost-benefit analysis from a single 2% rate to a 7% rate for the cost of capital and a 3% rate for the social rate of time preference, meaning that rules with future, speculative benefits will be less likely to be considered cost-justified.
The EO demonstrates the Trump Administration’s commitment to across-the-board deregulation as a tool to reduce compliance costs, stimulate economic growth and innovation, and increase global competitiveness. It will have a significant impact on the rulemaking process during President Trump’s second term and increase the likelihood that many Biden Administration rules will be rescinded.
Federal Trade Commission
New Executive Order: Ending the Weaponization of Federal Government
President Trump’s EO 14147, “Ending the Weaponization of the Federal Government,” purports to address the Biden Administration’s “systematic campaign against its perceived political opponents.” The EO instructs the Attorney General to review all agencies with enforcement authority to identify any actions taken as part of this alleged campaign and prepare a report recommending remedial actions. The Director of National Intelligence must do the same for the intelligence community. Notably, the order singles out three agencies for scrutiny: the FTC, the DOJ, and the Securities and Exchange Commission (SEC).
This notable FTC callout comes on the heels of criticism of Chair Lina Khan’s leadership of the agency under the Biden Administration. In March 2023 and October 2024, Republican House staff issued two reports attacking Chair Khan’s purported mismanagement of the agency to pursue political and ideological aims, undermine agency norms, and centralize power.
Republican Commissioners had also been critical of former Chair Khan’s leadership. On February 14, 2023, Commissioner Christine Wilson publicly resigned in protest over what she alleged was Chair Khan’s “disregard for the rule of law and due process” that had made “it impossible to continue serving.” Similarly, in the waning days of the Biden Administration, Commissioner Andrew Ferguson (whom President Trump recently appointed as Chair) published multiple opinions criticizing the agency’s last minute actions as political, including one in which he described the FTC’s filing of a suit to be “one final insult to the Commission, its staff, and the rule of law” that was about “partisan politics, pure and simple.”
While the full implications of the EO are not yet clear, it provides support for the incoming Republican Commissioners to reevaluate ongoing or planned investigations, including several tech industry investigations launched under Chair Khan’s watch. At the very least, the EO signals that the FTC may move away from several of Chair Khan’s more ambitious enforcement initiatives and administrative changes.
Technology Investment
New Federal Initiative: Stargate Project
On January 21, 2025, the Trump Administration announced the Stargate Project, a $500 billion AI infrastructure venture backed by leading technology and investment firms. The project represents a precedent-setting public-private partnership aimed at making the U.S. a global leader in AI infrastructure and compute capability.
This announcement builds on EO 14141, which, as noted above, similarly aims to accelerate AI infrastructure development via clean energy resources on federal lands. But in contrast to the Biden plan, Stargate seeks to deploy significantly more resources by leveraging private capital and private enterprise. Key takeaways include:
- The project is structured as a phased investment, with an initial $100 billion deployment and a promise to hit $500 billion within five years. Among the projects mentioned at the press conference, the greatest focus was on an ongoing data-center development.
- The project aims to secure U.S. technological dominance in AI processing capacity, support domestic and allied security interests, and mitigate reliance on foreign AI infrastructure.
- From an economic standpoint, Stargate is expected to create over 100,000 jobs in AI infrastructure, cloud computing, and clean energy development.
- Initial Stargate equity funders include OpenAI, which will lead AI model development and operations, SoftBank (which will oversee financing), and Oracle and MGX (which, alongside technology partners such as Microsoft, NVIDIA, and Arm, will provide the cloud, semiconductor, and compute capabilities necessary to scale operations).
New Executive Order: President Trump Revamps Science and Technology Advisory Council, With a Focus on Emerging Technologies and Promoting American Technological Leadership
On January 23, 2025, President Trump issued EO 14177, rechartering the President’s Council of Advisors on Science and Technology (PCAST) for a minimum of two years to advise on policies related to science, technology, and innovation, with a specific emphasis on emerging technologies including AI, quantum computing, and advanced biotechnology. The accompanying fact sheet explains that PCAST will “champion bold investments in innovation, the elimination of bureaucratic barriers, and actions to help the United States remain the world’s premier hub for scientific and technological breakthroughs.” The fact sheet also announces that the President’s science and technology policies will be “refocused” on “results-driven excellence and merit-based achievement” to combat the “threat from ideological agendas,” which, according to the EO, have “eroded public trust, undermined the integrity of research, stifled innovation, and weakened America’s competitive edge.” The EO additionally states that achieving and maintaining “unquestioned and unchallenged global technological dominance” is a “national security imperative,” and that PCAST’s advice will inform policies concerning national and homeland security, the American economy, and the American worker.
President Trump’s restructured PCAST will include up to 24 members and will be co-chaired by the White House A.I. and Crypto Czar (technology investor David Sacks) and the Assistant to the President for Science and Technology (President Trump’s former Chief Technology Officer Michael Kratsios), who may in turn designate up to two PCAST members as vice chairs. PCAST is tasked with meeting regularly to respond to requests for information and advice from the President or the co-chairs; soliciting information from a broad range of stakeholders; and serving as an advisory body related to high-performance computing and nanotechnology, and to the National Science and Technology Council. PCAST is also authorized to create standing subcommittees and ad hoc groups.
In his first term, President Trump waited nearly two years to recharter PCAST and appointed only seven members, many of whom had backgrounds in business rather than technology. The timing and structure of President Trump’s EO suggests that PCAST will play a more significant role during his second term, and that it will be fully staffed to support his administration’s efforts to cultivate emerging technologies and the artificial intelligence and cryptocurrency industries.
Looking Ahead
The Trump Administration has set a deregulatory, pro-innovation tone for domestic tech policy, with reversals from Biden-era policies on the approach to AI, content moderation, digital assets and regulation of the tech sector. There is more continuity on the international front, with the Trump Administration continuing the Biden Administration’s focus on cybersecurity and export controls of sensitive technology, particularly as to China, albeit while dismantling key public-private partnerships that focused on these areas.
As the Trump Administration fills in the details of its new tech policy agenda, Gibson Dunn lawyers will be watching closely and are ready to advise businesses on breaking developments.
Please click on the link below to view our previous alert and charts covering some of the most relevant recent rulemaking in the areas of data privacy, cybersecurity, and AI:
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Artificial Intelligence or Privacy, Cybersecurity & Data Innovation practice groups:
Artificial Intelligence:
Keith Enright – Palo Alto (+1 650.849.5386, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Robert Spano – London/Paris (+33 1 56 43 13 00, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, [email protected])
Frances A. Waldmann – Los Angeles (+1 213.229.7914,[email protected])
Privacy, Cybersecurity, and Data Innovation:
United States:
Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, [email protected])
Ryan T. Bergsieker – Denver (+1 303.298.5774, [email protected])
Gustav W. Eyler – Washington, D.C. (+1 202.955.8610, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, [email protected])
Svetlana S. Gans – Washington, D.C. (+1 202.955.8657, [email protected])
Lauren R. Goldman – New York (+1 212.351.2375, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Natalie J. Hausknecht – Denver (+1 303.298.5783, [email protected])
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, [email protected])
Martie Kutscher Clark – Palo Alto (+1 650.849.5348, [email protected])
Kristin A. Linsley – San Francisco (+1 415.393.8395, [email protected])
Timothy W. Loose – Los Angeles (+1 213.229.7746, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Rosemarie T. Ring – Co-Chair, San Francisco (+1 415.393.8247, [email protected])
Ashley Rogers – Dallas (+1 214.698.3316, [email protected])
Sophie C. Rohnke – Dallas (+1 214.698.3344, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650.849.5395, [email protected])
Debra Wong Yang – Los Angeles (+1 213.229.7472, [email protected])
Europe:
Ahmed Baladi – Co-Chair, Paris (+33 (0) 1 56 43 13 00, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Joel Harrison – Co-Chair, London (+44 20 7071 4289, [email protected])
Lore Leitner – London (+44 20 7071 4987, [email protected])
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, [email protected])
Lars Petersen – Frankfurt/Riyadh (+49 69 247 411 525, [email protected])
Robert Spano – London/Paris (+44 20 7071 4000, [email protected])
Asia:
Connell O’Neill – Hong Kong (+852 2214 3812, [email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
We are pleased to provide you with the January edition of Gibson Dunn’s digital assets regular update. This update covers recent legal news regarding all types of digital assets, including cryptocurrencies, stablecoins, CBDCs, and NFTs, as well as other blockchain and Web3 technologies. Thank you for your interest.
ENFORCEMENT ACTIONS
UNITED STATES
- Federal Judge Grants Coinbase Leave to Seek Interlocutory Appeal in SEC Enforcement Action
On January 7, in the SEC’s enforcement action against Coinbase, U.S. District Judge Katherine Polk Failla of the Southern District of New York granted Coinbase permission to seek an interlocutory appeal of the court’s ruling denying in part Coinbase’s motion for judgment on the pleadings. The district court authorized Coinbase to seek leave from the Second Circuit to resolve the issue “whether transactions involving crypto-assets of the kind Coinbase intermediates are ‘investment contracts,’ and thus securities, for purposes of the Securities Act.” The district court also stayed the enforcement action pending appeal. On January 21, Coinbase filed its brief in the Second Circuit seeking that court’s permission to proceed with the interlocutory appeal. Banking Dive; Denial of Judgment on the Pleadings; Grant of Interlocutory Appeal; Second Circuit Brief. - KuCoin Agrees to Pay Nearly $300 Million in Criminal Penalties
On January 27, 2025, Peken Global Limited—the Seychelles-based entity that operates “KuCoin”—pled guilty to one count of operating an unlicensed money transmitting business. According to the DOJ’s press release, KuCoin and its affiliates failed to implement effective AML and KYC programs in violation of the Bank Secrecy Act, failed to report suspicious transactions, and failed to register with the U.S. Department of Treasury’s Financial Crimes Enforcement Network (FinCEN). According to the DOJ, KuCoin had approximately 1.5 million registered users in the United States and earned approximately $184.5 million in fees from those users. KuCoin agreed to criminally forfeit $184.5 million and pay a criminal fine of approximately $112.9 million, however, the total monetary penalty is expected to be offset by a potential settlement with the U.S. Commodity Futures Trading Commission and a $5.3 million fine KuCoin already paid as part of a civil settlement with the New York Attorney General’s Office. KuCoin will also exit the U.S. market for at least the next two years, and KuCoin founders Chun “Michael” Gan and Ke “Eric” Tang, who were indicted along with Peken in March 2024, reached deferred prosecution agreements whereby they agreed to no longer have any role in KuCoin’s management or operations. DOJ; Law360; Reuters; The Block; MLex. - BitMEX Fined $100 Million For Bank Secrecy Act Violations
On January 15, crypto exchange HDR Global Trading Ltd., a/k/a BitMEX, was fined $100 million and ordered to serve two years of unsupervised probation for violating the Bank Secrecy Act by failing to establish an adequate anti-money laundering and know-your-customer program. BitMEX said in a statement that it is “glad to move past this matter, and look[s] forward to continuing to focus on innovation and delivering the best products and services to our users without further distraction.” DOJ; Global Investigations Review; Law360; BitMEX. - DCG and Ex-Genesis CEO Agree to Pay SEC $38.5 Million to Settle SEC Charges
On January 17, Digital Currency Group (DCG) and Sochiro “Michael” Moro, former CEO of DCG’s crypto trading subsidiary, Genesis Global Capital LLC, agreed to pay the SEC $38.5 million in civil penalties to settle securities fraud claims. DCG will pay $38 million to the SEC, with Moro paying the remaining $500,000. Both DCG and Moro also agreed to a cease-and-desist order; neither admitted liability. A spokesperson for DCG said that the company is “pleased to have concluded an extensive investigation process that was limited in its findings and focused on the social media posts and communications made by our former operating subsidiary.” SEC; Law360; CoinDesk. - NYAG Initiated Suit to Recover $2.2M from Crypto Scammers
On January 11, NY Attorney General Letitia James filed a lawsuit to recover $2.2 million of frozen cryptocurrency allegedly fraudulently solicited from New Yorkers. The complaint alleges a scheme whereby scammers sent text messages to New Yorkers promising them fake remote jobs as product reviewers: victims were told to create crypto accounts, deposit funds with their own bank accounts, and then review products on fake websites. They were told they would get their money back plus commission, but allegedly never received payment. None of the alleged scammers’ identities are named in the complaint. As the scammers are unidentified, James plans to serve process on them by airdropping an NFT to the wallets used to allegedly steal the victims’ cryptocurrency. According to the New York Attorney General, this would be the first time a state or federal regulator has proposed serving a lawsuit in this manner; New York courts have allowed a private plaintiff to serve process via NFT in the past. The Block; Cointelegraph; Complaint. - Operators of Cryptocurrency Privacy Services Charged with Money Laundering
Russian operators of the cryptocurrency privacy services Blender.io and Sinbad.io, have been indicted by a federal grand jury. According to the DOJ, Blender.io and Sinbad.io were used by cybercriminals “launder funds stolen from victims of ransomware, virtual currency thefts, and other crimes.” The government alleges that Blender.io and Sinbad.io, the operators, designed the services to hide the source of cryptocurrency, making them “save havens” for laundering criminally derived funds. The indictment of the individual operators come after Blender.io and Sinbad.io were sanctioned by the Department of Treasury’s Office of Foreign Assets Control (OFAC) in 2022 and 2023 respectively. According to the Department of Justice, Ostapenko and Oleynik have been arrested; Tarasov remains at large. DOJ; The Block. - Terraform Labs Co-founder Do Kwon Pleads Not Guilty to Criminal Charges in New York Following Extradition
On January 2, Do Kwon pleaded not guilty to charges including wire fraud, securities fraud, and money laundering following his extradition to the United States from Montenegro a few days before. The charges stem from Kwon’s alleged involvement with the stablecoin Terra USD, which fell dramatically in value in 2022. Montenegro extradited Kwon after months of debate on whether Kwon should face charges in the United States or in South Korea. The Block; DOJ.
REGULATION AND LEGISLATION
UNITED STATES
- President Trump Signs Executive Order on Crypto to Promote U.S. Leadership in Blockchain and Digital Assets
On January 23, President Trump signed an Executive Order titled “Strengthening American Leadership in Digital Financial Technology” which outlines several key policies regarding crypto, including: ensuring access to open public blockchain networks, ensuring fair access to banking services for the crypto industry, providing regulatory clarity, and protecting against the risk of central bank digital currencies (CBDCs) by prohibiting their establishment in the U.S. This Executive Order revoked former President Biden’s Order on crypto and effectively rescinded all policies and directives issued pursuant to it. The Order also establishes a working group within the National Economic Council to craft a new federal regulatory scheme for digital assets. The Block; Cointelegraph. - President Trump Picks Caroline Pham as Acting Chair of the CFTC
Caroline Pham, who had been serving as a CFTC commissioner since April 2022 after being nominated by former President Biden, will be acting Chair of the financial regulator and replace Rostin Behnam. As a commissioner, Pham had called on the government to address crypto regulation and had proposed initiatives to protect investors. Pham nominated Harry Jung as Chief of Staff; according to the CFTC’s statement, Jung will lead the CFTC’s engagement with the crypto industry. CFTC; Cointelegraph; CoinDesk. - Trump Names Mark Uyeda Acting SEC Chair
On January 21, the SEC announced that President Trump designated Mark T. Uyeda as Acting Chairman of the agency, assuming the role left open by Gary Gensler’s resignation until the Senate confirmation of Paul Atkins as the nominated permanent Chair. Uyeda has been a strong critic of Gensler’s approach to regulating digital assets, and is expected to be much friendlier to the industry. “The environment we have created for the crypto asset markets, especially as it relates to secondary trading, is untenable,” said Acting Chairman Uyeda and Commissioner Hester M. Peirce in a March 5, 2024 statement. SEC; Reuters; AP; March 5, 2024 Statement. - SEC Launching Crypto Task Force
On January 21, SEC Acting Chairman Mark T. Uyeda launched a “crypto task force” “dedicated to developing a comprehensive and clear regulatory framework for crypto assets.” According to the press release, SEC Commissioner Hester Peirce will head the task force. “We look forward to working hand-in-hand with the public to foster a regulatory environment that protects investors, facilitates capital formation, fosters market integrity, and supports innovation,” said Peirce. Richard Gabbert, Senior Advisor to the Acting Chairman, and Taylor Asher, Senior Policy Advisor to the Acting Chairman, will serve as the task force’s Chief of Staff and Chief Policy Advisor. Significantly, the Commission’s press release announcing the task force noted that “[t]o date, the SEC has relied primarily on enforcement actions to regulate crypto retroactively and reactively, often adopting novel and untested legal interpretations along the way. Clarity regarding who must register, and practical solutions for those seeking to register, have been elusive. The result has been confusion about what is legal, which creates an environment hostile to innovation and conducive to fraud. The SEC can do better.” SEC; CoinDesk; The Hill. - SEC Rescinds Crypto Accounting Guidance SAB 121
The SEC’s Division of Corporate Finance and Office of the Chief Accountant have issued Staff Accounting Bulletin (SAB) 122, which rescinds the prior and controversial SAB 121. SAB 121 required firms that custody cryptocurrencies to record their customers’ holdings as liabilities on their balance sheet. The guidance had sparked much criticism in the industry in the past year. Last year, the House and Senate voted to repeal SAB 121, though the measure was vetoed by former President Biden. The Block; CoinDesk. - IRS Delays Implementing Crypto Cost-Basis Reporting Rules
The IRS announced that it is postponing the new tax reporting requirements for crypto until 2026. Under the proposed rule, if a taxpayer has not identified a preferred accounting method, the First-in, First-out (FIFO) will be used, treating the earliest acquired asset as sold first. Under this method, the IRS would maximize capital gains (and therefore tax) for investors. This temporary relief will give brokers a grace period during which they can develop other, more advantageous accounting methods. IRS; The Block.
INTERNATIONAL
- Proposal to Mandate Swiss National Bank to Hold Bitcoin Underway
On December 31, 2024, the Swiss Federal Chancellery set in motion a proposal that, if adopted, would mandate the Swiss National Bank to hold Bitcoin on its balance sheet. In order to be put to a national referendum, the proposal must garner 100,000 signatures by June 30, 2026. Several other countries are considering adopting Bitcoin, notably the United States (where Senator Cynthia Lummis sponsored a Bitcoin reserve bill), Brazil, and Poland. Reuters; Cointelegraph.
CIVIL LITIGATION
UNITED STATES
- Gibson Dunn Secures Win for Coinbase against the SEC in the Third Circuit
On January 13, a unanimous Third Circuit panel held that the SEC’s denial of Coinbase’s petition for rulemaking regarding digital assets was “conclusory and insufficiently reasoned” and therefore arbitrary and capricious under the Administrative Procedure Act. In an opinion penned by Judge Ambro, the Court remanded Coinbase’s petition to the SEC for a more complete explanation. A concurring opinion by Judge Bibas further took the SEC to task on due-process grounds. Judge Bibas faulted the agency for failing to provide “meaningful guidance on which crypto assets it views as securities,” adding that the SEC’s “silence and contradictory unofficial signals breed uncertainty,” target “a whole industry,” and risk “de facto banning it.” Judge Bibas added that the SEC’s “caginess” about how the securities laws apply to digital assets “creates a serious constitutional problem” that should be addressed in SEC enforcement actions against crypto firms. Westlaw Today; Opinion. - OKX Facing Nationwide Class Action
On January 13, a proposed nationwide class action was filed in the U.S. District Court for the Northern District of California alleging that OKX, one of the world’s largest crypto exchanges, violated the Bank Secrecy Act by allegedly failing to comply with anti-money laundering and know-your-customer rules. The class-action complaint also asserts RICO claims, among others. The proposed class is defined as U.S. users whose digital assets were taken from a non-OKX wallet and transferred to an account on the platform. Law360; Law.com. - Celsius to Challenge $445M Claim Denial in FTX Bankruptcy
On January 2, Celsius filed a notice in Delaware district court that it is appealing U.S. bankruptcy Judge John T. Dorsey’s findings that FTX had not received sufficient notice an avoidance claim was coming and that Celsius’ attempt to amend the claim a year after the claim deadline was improper. Celsius had filed a $2 billion proof of claim in June 2023, only one day before the claims deadline in the FTX bankruptcy. Celsius alleged that it might have had claims based on disparaging statements about Celsius made by FTX officers pre-bankruptcy and that it was investigating other potential claims, including some that might allow it to claw back asset transfers from Celsius. One year later, Celsius filed a revised proof of claim, alleging $445M in preferential transfers to FTX that were subject to clawback. Judge Dorsey issued an opinion holding that the June 2023 statement that Celsius was investigating other potential claims did not give FTX sufficient notice of the avoidance claim. Law360.
SPEAKER’S CORNER
UNITED STATES
- Wisconsin Rep. Bryan Steil to lead U.S. House Subcommittee on Digital Assets
On January 9, Republican Representative FTX was announced as the new leader of the Subcommittee on Digital Assets, Financial Technology and Artificial Intelligence. Congressman Steil previously served as a member of the Subcommittee on Digital Assets, Financial Technology and Inclusion in the 118th Congress and is serving his fourth term on the Financial Services Committee. As a member of the Committee, Steil voted for both the FIT21 and the stablecoin bill. He has also been particularly critical of the SEC and their approach to crypto, under the Biden Administration. The Block. - Treasury Secretary Nominee Opposes U.S. CBDC
On January 16, during his nomination hearing before the Senate Finance Committee, Scott Bessent, who was confirmed as Treasury Secretary in a bipartisan vote, expressed strong opposition to the idea of a U.S. central bank digital currency (CBDC): “I see no reason for the U.S. to have a central bank digital currency. . . . In my mind, a central bank digital currency is for countries who have no other investment alternatives.” Separately, when asked about the Treasury’s financial-crimes arm, and in the context of terrorist financing, Bessent said: “I believe we have to have a 2025 approach to . . . digital currencies.” CoinDesk; Decrypt. - Congress To Investigate “Debanking” Practices
The House Oversight Committee and the Senate Banking Committee unveiled plans to investigate “debanking” practices, with a focus on those levied against digital asset businesses and founders. “Debanking,” or “de-risking,” in this context is the practice of government authorities issuing guidance or exerting pressure on financial institutions to close or refuse to open bank accounts on behalf of a certain class of business. On January 24, Representative James Comer, Chairman of the House Oversight Committee, published a letter he sent to six “leaders of digital asset corporations and associations,” writing that the “Committee is interested in engaging individuals who have been debanked and, specifically, how these actions hurt innovation, entrepreneurs, and workers,” and that “the Committee seeks to understand the financial institutions and regulators involved.” On the same day, Senator Tim Scott, Chair of the Senate Banking Committee, announced plans to hold a hearing on debanking on February 5, 2025, stating that “under Operation Chokepoint 2.0, Biden regulators abused their power and forced financial institutions to cut off services to digital asset firms.” Comer; Scott; The Block. - Senate Digital Assets Chair Warns FDIC Not To Destroy Materials Related To “Debanking”
On January 16, Senator Cynthia Lummis sent a letter to the Chair of the FDIC urging the agency to “preserve all existing materials . . . relating to the FDIC’s digital asset activities since January 1, 2022 . . . .” Senator Lummis asserted that whistleblowers at the FDIC informed her that “destruction of materials is occurring” and that “staff have been threatened with legal action to prevent them from speaking out.” Senator Lummis, Chair of the Senate Banking Subcommittee on Digital Assets, appears to be particularly concerned with the destruction of evidence related to an alleged FDIC effort to limit banks’ provision of services to digital asset businesses. Letter; Press Release; CoinDesk.
OTHER NOTABLE NEWS
- New York Department of Financial Services Launches Transatlantic Regulatory Exchange with Bank of England
On January 13, the New York Department of Financial Services (DFS) launched the Transatlantic Regulatory Exchange (TRE), “an international secondment program which allows DFS and other regulators to exchange staff, enabling greater sharing of resources, knowledge, and regulatory approaches.” According to the DFS’ press release, the first secondment under the program will begin in February with DFS and the Bank of England exchanging staff with expertise in emerging payments and digital assets. The initiative is designed to strengthen regulatory frameworks, protect consumers, and support innovation by connecting New York and London, says DFS Superintendent Adrienne A. Harris. NYDFS; JD Supra. - New York Department of Financial Services Issues a Consumer Alert Warning of Risks Associated with Memecoins
On January 16, the NYDFS issued an alert on “rapidly proliferating, sentiment-based” cryptocurrencies, typically referred to as memecoins. The agency noted that the platforms used to create these coins are not regulated by the NYDFS and are thus not subject to the rules and regulations in place for other virtual currencies. The agency warned of significant price volatility and manipulation by the creators of the coins, including “pump-and-dump schemes” (artificially inflating price while selling one’s own supply) and “rug pulls” (removing the liquidity from a coin so that selling is no longer possible). The alert warned consumers that these virtual currencies present “exceptional risk of fraud and loss of funds.” NYDFS. - President Trump Pardons Silk Road Founder Ross Ulbricht
On January 21, President Trump pardoned the founder of what prosecutors had described as a “global, black-market bazaar” where over 100,000 individuals were able to purchase drugs and other illegal services before Ulbricht’s arrest in 2013. The network used the Tor network and accepted Bitcoin as payment to allow users to interact anonymously. Ulbricht was serving multiple life sentences without the possibility of parole. The Block; Reuters.
The following Gibson Dunn lawyers contributed to this issue: Jason Cabral, Kendall Day, Jeff Steiner, Sara Weed, Sam Raymond, Nick Harper, Jamie Miller*, Justin Fishman, Theo Curie, and Tin Le.
FinTech and Digital Assets Group Leaders / Members:
Ashlie Beringer, Palo Alto (+1 650.849.5327, [email protected])
Michael D. Bopp, Washington, D.C. (+1 202.955.8256, [email protected]
Stephanie L. Brooker, Washington, D.C. (+1 202.887.3502, [email protected])
Jason J. Cabral, New York (+1 212.351.6267, [email protected])
Ella Alves Capone, Washington, D.C. (+1 202.887.3511, [email protected])
M. Kendall Day, Washington, D.C. (+1 202.955.8220, [email protected])
Michael J. Desmond, Los Angeles/Washington, D.C. (+1 213.229.7531, [email protected])
Sébastien Evrard, Hong Kong (+852 2214 3798, [email protected])
William R. Hallatt, Hong Kong (+852 2214 3836, [email protected])
Martin A. Hewett, Washington, D.C. (+1 202.955.8207, [email protected])
Sameera Kimatrai, Dubai (+971 4 318 4616, [email protected])
Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])
Stewart McDowell, San Francisco (+1 415.393.8322, [email protected])
Mark K. Schonfeld, New York (+1 212.351.2433, [email protected])
Orin Snyder, New York (+1 212.351.2400, [email protected])
Ro Spaziani, New York (+1 212.351.6255, [email protected])
Jeffrey L. Steiner, Washington, D.C. (+1 202.887.3632, [email protected])
Eric D. Vandevelde, Los Angeles (+1 213.229.7186, [email protected])
Benjamin Wagner, Palo Alto (+1 650.849.5395, [email protected])
Sara K. Weed, Washington, D.C. (+1 202.955.8507, [email protected])
*Jamie Miller, an associate in the firm’s New York office, is admitted to practice only in the District of Columbia.
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Recent amendments to Massachusetts’ FCA mark a dramatic expansion of potential civil fraud liability for private equity firms and their investors.
I. Introduction
In a significant development for private equity firms that operate in the health care and life science spaces, lawmakers in Massachusetts greatly expanded the state’s civil fraud enforcement powers against private equity firms and other investors. On January 8, 2025, Massachusetts Governor Maura Healey signed House Bill 5159, “An Act Enhancing the Market Review Process” (the Act), into law. In addition to expanding reporting requirements for private equity transactions, the Act amends the Massachusetts False Claims Act (the MA FCA) to impose civil liability on any entity that “has an ownership or investment interest” in an entity that violates the MA FCA and fails to disclose that violation to the Commonwealth “within 60 days of identifying the violation.”[1]
The Act represents a dramatic expansion of potential civil liability for private equity firms and other investors (regardless of their location) whose companies do business with the Massachusetts government. The impetus for the Act appears to be increased concerns by state lawmakers over the patient care implications of private equity investment in the health care industry, but the Act sweeps broadly to cover investors in all industries. The Act also comes on the heels of ever-growing scrutiny of private equity firms by the U.S. Department of Justice, which has made clear during each of the last two administrations that enforcement of the federal False Claims Act (the federal FCA) against private equity firms is a DOJ priority.[2]
II. Overview of the MA FCA
The MA FCA prohibits various types of fraudulent conduct against the state and its political subdivisions.[3] Similar to the federal FCA, the MA FCA prohibits the knowing presentment of false or fraudulent claims for payment and the knowing use of material false records or statements in the submission of claims.[4] The MA FCA also contains a “reverse” provision, which, like its federal counterpart, prohibits the knowing use of a false or fraudulent statement that is material to an obligation to pay money to the Commonwealth, as well as the knowing concealment or improper avoidance of an obligation to pay money to the Commonwealth.[5]
Unlike the federal FCA, the MA FCA also imposes liability on any “beneficiary” of an “inadvertent submission of a false claim” to the Commonwealth or of “an overpayment from” the Commonwealth who “discovers the falsity of the claim or the receipt of overpayment” and does not disclose the claim or overpayment within 60 days of the date on which the beneficiary “identifie[s]” either one.[6]
The MA FCA applies to any person, whether or not a resident of Massachusetts, who engages in covered conduct as to claims for payment made to the Commonwealth, its political subdivisions, officers, employees, agents, representatives, and contractors, and/or as to funds the person receives or retains to which they are not entitled.[7] Like the federal FCA, the statute imposes treble damages and per-violation civil penalties.[8]
III. The Act’s Amendments to the MA FCA
The Act, which is set to go into effect on April 8 of this year, expands the scope of existing “beneficiary” liability under the MA FCA to apply explicitly to private equity firms and other investors. The Act amends the MA FCA to impose liability on any person who:
[i] has an ownership or investment interest in any person who violates [the MA FCA];
[ii] knows about the violation; and
[iii] fails to disclose the violation to the commonwealth or a political subdivision thereof within 60 days of identifying the violation.[9]
The Act defines “ownership or investment interest” as any:
(1) direct or indirect possession of equity in the capital, stock or profits totaling more than 10 per cent of an entity;
(2) interest held by an investor or group of investors who engages in the raising or returning of capital and who invests, develops or disposes of specified assets; or
(3) interest held by a pool of funds by investors, including a pool of funds managed or controlled by private limited partnerships, if those investors or the management of that pool or private limited partnership employ investment strategies of any kind to earn a return on that pool of funds.[10]
The Act thus appears to extend MA FCA liability to (1) private equity firms, (2) private equity managed funds, and (3) investors holding at least a 10% stake, directly or indirectly, in a company that has violated the MA FCA. Moreover, that liability is not for the submission of false claims or for any other violation of the MA FCA actually committed by a private equity firm—but instead for the failure to disclose to the Commonwealth a known violation of the MA FCA “within 60 days of identifying the violation.”
This is a dramatic departure from what is required to establish liability under the federal FCA, which, at minimum, requires a showing that a party “cause[d]” the submission of false claims.[11] In the private equity context, this typically requires proof that the private equity firm or its investors exercised control over the portfolio company and then ratified the company’s alleged violation of the FCA after becoming aware of it,[12] or was more actively involved in the company’s alleged misconduct—such as by approving or funding the alleged scheme.[13]
The liability risks under the MA FCA to private equity firms and investors are heightened even further by a number of ambiguities in the amended statute, including what it means to “identify” a violation that triggers the 60-day notice requirement. The term is not defined in the statute, but is used seemingly interchangeably with the term “knowing,” which is defined as “actual knowledge,” “deliberate ignorance,” or “reckless disregard” with “no proof of specific intent to defraud” required.[14] It is not clear whether this definition is meant to also define “identifying” or if that term is meant to have its own separate meaning. This is an issue that will likely be litigated under the statute, as a similar issue was in the federal context before the Centers for Medicare and Medicaid Services attempted to resolve it in a final rule issued this last November. We covered that rule and its implications for the health care industry in a client alert following the rule’s publication.
IV. Implications for Due Diligence and Compliance Controls
The Act’s amendments to the MA FCA underscore the importance of private equity firms conducting robust diligence in transactions involving companies that receive funds from the Commonwealth, particularly Medicaid funds and government contract monies. At the same time, especially given the ambiguity around the meaning of the term “identifying,” it remains to be seen whether the Commonwealth treats pre-closing knowledge of a potential FCA violation as sufficient to start the running of the 60-day disclosure clock. Pre-closing diligence should be robust enough to identify risk areas and areas for rapid, efficient post-closing diligence—but should stop short of the sort of detailed investigation into specific government interactions or payments that is more appropriate for post-closing diligence and that risks being mis-interpreted later as having imbued the acquiring firm with knowledge of an FCA violation. In parallel, private equity firms should consider seeking commercial terms that offset the risk of subsequent regulatory scrutiny borne of the Act’s broad sweep.
Post-closing, private equity firms should conduct thorough diligence into any FCA risk areas identified during pre-closing diligence. Post-closing efforts should be swift, given the Act’s short window for reporting violations following their “identif[ication].” While each set of facts and circumstances will be unique, if a potential FCA violation is discovered, firms should strongly consider proactive disclosure to the Commonwealth. Private equity firms must also remain vigilant in monitoring portfolio companies for any potential MA FCA violations. And, of course, firms should ensure that their portfolio companies have strong compliance programs, including mechanisms for conducting regular audits and risk assessments, as well as robust processes for ongoing monitoring and reporting so that violations can be identified early and dealt with appropriately and efficiently.
[1] Mass. Gen. Laws ch. 12 § 5B(a)(11), as amended by H.5159 § 29.
[2] See, e.g., Statement of Ethan Davis, Deputy Assistant Attorney General, DOJ’s Civil Division (June 2020) (Trump Administration) (“Where a private equity firm takes an active role in illegal conduct by the acquired company, it can expose itself to False Claims Act liability.”) (available at https://www.justice.gov/civil/speech/principal-deputy-assistant-attorney-general-ethan-p-davis-delivers-remarks-false-claims); Statement of Brian Boynton, Principal Deputy Assistant Attorney General, DOJ’s Civil Division (Feb. 2024) (Biden Administration) (“We have already had a few cases involving private equity firms. And given the significant role that private equity is increasingly playing in the healthcare field, we anticipate that their impact on healthcare billings will continue to grow as well.”) (available at https://www.justice.gov/opa/speech/principal-deputy-assistant-attorney-general-brian-m-boynton-delivers-remarks-2024).
[3] Mass. Gen. Laws ch. 12 § 5A.
[4] Mass. Gen. Laws ch. 12 § 5B(a)(1)–(2).
[5] Compare Mass. Gen. Laws ch. 12 § 5B(a)(9) with 31 U.S.C. § 3729(a)(1)(G).
[6] Mass. Gen. Laws ch. 12 § 5B(a)(10).
[7] See Mass. Gen. Laws ch. 12 §§ 5A, 5B.
[8] Mass. Gen. Laws ch. 12 § 5B(a).
[9] Mass. Gen. Laws ch. 12 § 5B(a)(11), as amended by H.5159 § 29.
[10] Mass. Gen. Laws ch. 12 § 5A, as amended by H.5159 § 27.
[11] 31 U.S. Code § 3729(a)(1)(A), (B).
[12] See, e.g., United States ex rel. Martino-Fleming v. S. Bay Mental Health Ctrs., 540 F. Supp. 3d 103, 130 (D. Mass. 2021) (private equity firm’s “knowing ratification of ‘the prior policy of submitting false claims by rejecting recommendations to bring South Bay into regulatory compliance constitutes sufficient participation in the claims process to trigger [False Claims Act] liability’” (citation omitted) (alteration in original)); cf. United States ex rel. Schagrin v. LDR Indus., LLC, 2018 WL 6064699, at *6 (N.D. Ill. Nov. 20, 2018) (“if the Greenspons knew that LDR—the company they owned and managed—was not paying customs duties, they can be liable under the False Claims Act for failing to rectify the situation”).
[13] United States ex rel. Carmen Medrano v. Diabetic Care RX, LLC, 2018 WL 6978633, at *11 (S.D. Fla. Nov. 30, 2018) (denying dismissal of claims against private equity firm because the complaint alleged that the firm “(i) approved of PCA’s decision to use marketers to generate referrals; (ii) knew that TRICARE was the source of the majority of PCA’s revenue; (iii) received monthly financial statements, which reported the monthly compounding revenue and the commission paid to the Marketers; and (iv) RLH funded $2 million in commissions to the Marketers in January 2015”).
[14] Mass. Gen. Laws ch. 12 § 5A.
Gibson Dunn lawyers regularly counsel clients on the False Claims Act issues and are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s False Claims Act/Qui Tam Defense practice group:
Washington, D.C.
Jonathan M. Phillips – Co-Chair (+1 202.887.3546, [email protected])
Stuart F. Delery (+1 202.955.8515,[email protected])
F. Joseph Warin (+1 202.887.3609, [email protected])
Jake M. Shields (+1 202.955.8201, [email protected])
Gustav W. Eyler (+1 202.955.8610, [email protected])
Lindsay M. Paulin (+1 202.887.3701, [email protected])
Geoffrey M. Sigler (+1 202.887.3752, [email protected])
Joseph D. West (+1 202.955.8658, [email protected])
San Francisco
Winston Y. Chan – Co-Chair (+1 415.393.8362, [email protected])
Charles J. Stevens (+1 415.393.8391, [email protected])
New York
Reed Brodsky (+1 212.351.5334, [email protected])
Mylan Denerstein (+1 212.351.3850, [email protected])
Denver
John D.W. Partridge (+1 303.298.5931, [email protected])
Ryan T. Bergsieker (+1 303.298.5774, [email protected])
Monica K. Loseman (+1 303.298.5784, [email protected])
Dallas
Andrew LeGrand (+1 214.698.3405, [email protected])
Los Angeles
James L. Zelenay Jr. (+1 213.229.7449, [email protected])
Nicola T. Hanna (+1 213.229.7269, [email protected])
Jeremy S. Smith (+1 213.229.7973, [email protected])
Deborah L. Stein (+1 213.229.7164, [email protected])
Dhananjay S. Manthripragada (+1 213.229.7366, [email protected])
Palo Alto
Benjamin Wagner (+1 650.849.5395, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Kristen Limarzi, Andrew Cline, Ryan Foley, Tristan Locke and Graham Valenta are the authors of “Gibson Dunn Discusses Record Gun Jumping Penalty Securedby FTC” [PDF] published by The CLS Blue Sky Blog on January 31, 2025.
Stephanie Brooker, Kevin Bettsteller, David Ware, Sam Raymond and Connor Mui are the authors of “Gibson Dunn Discusses Supreme Court Ruling on Beneficial Ownership Information Reporting” [PDF] published by The CLS Blue Sky Blog on February 3, 2025.
Ever since President Trump announced that he would create a Department of Government Efficiency (DOGE), clients have raised questions regarding how it would be established, what powers it would have, and how its work could affect their operations.
Gibson Dunn previously addressed some of those questions in a December 6, 2024 client alert based on information available at the time. Now that President Trump has taken office, more details are coming to light. In one of his first acts as president, on January 20, 2025, Trump signed an executive order titled “Establishing and Implementing the President’s ‘Department of Government Efficiency’” (the Order),[1] which brings additional clarity regarding some of the key questions about DOGE and raises others, as discussed below. In addition, recent administration actions, such as freezing (and subsequently unfreezing) federal spending and deferred resignation offers to federal employees suggest that the DOGE is having an impact.[2]
I. Formal Establishment of DOGE as USDS
Initially, then President-elect Trump said DOGE would operate from outside the government. Much ink was spilled on whether DOGE would be a federal advisory committee (FAC) governed by the Federal Advisory Committee Act (FACA), a non-profit entity, or some other kind of non-governmental organization. With the Order, however, he has established DOGE as a federal government entity operating out of the Executive Office of the President (EOP). The Order renames the U.S. Digital Service, an existing government entity also established by presidential directive, as the U.S. DOGE Service. For the sake of clarity, this Alert will refer to the new U.S. DOGE Service as “USDS” and the former U.S. Digital Service by its full name.
The U.S. Digital Service appears to have been an attractive office to replace with DOGE for several reasons. As a matter of optics, using the USDS as a vehicle for DOGE minimizes perception that this is an entirely new office. The office comes with an established funding stream.[3] And the U.S. Digital Service was part of the Office of Management and Budget, with which DOGE is working closely both to gather information across the government and to implement recommendations.
The U.S. Digital Service’s mission to improve federal government technology also aligns with at least some of DOGE’s goals. President Obama created the U.S. Digital Service after private sector technology experts saved HealthCare.gov in the wake of its failed initial launch.[4] Its purpose was to import “private sector best practices to the Federal Government.”[5] Its projects have included improvements to SSA.gov, building COVID-19 vaccine finder tools, simplifying VA.gov, and improving government technology procurement.[6] According to the Order, the purpose of the new USDS is to “implement the President’s DOGE Agenda, by modernizing Federal technology and software to maximize governmental efficiency and productivity.”
II. USDS Personnel
Although the Order offers some insight into USDS personnel, it also raises new questions.
A. USDS Leadership
Originally, Elon Musk and Vivek Ramaswamy were announced as the co-leads of DOGE, and Bill McGinley was announced as General Counsel. Ramaswamy and McGinley have both recently departed the team. Musk continues to lead DOGE, but his exact role is unclear. The Order establishes a USDS Administrator who will report to the White House Chief of Staff. It is possible Musk could fill that role, but no such public announcement has been made.
The White House recently did announce that Musk is serving as a special government employee (SGE). SGEs are often required to file financial disclosures and comply with federal employee criminal conflict of interest rules. In addition, the Federal Acquisition Regulation imposes conflict-of-interest restrictions that prohibit the award of contracts that arise out of an SGE’s activity where the SGE is in a position to influence the award, or another conflict of interest is determined to exist.[7] The head of the contracting agency may grant an exception to this policy only if there is “a most compelling reason to do so, such as when the Government’s needs cannot reasonably be otherwise met.”[8] Musk’s continued leadership of his companies, including government contractors SpaceX and Tesla, could raise significant conflict of interest concerns.
B. DOGE Employees and DOGE Teams
The Order instructs each federal agency to establish a DOGE Team of at least four employees selected by agency leaders in consultation with the USDS Administrator. This directive facially applies to both executive agencies and independent agencies like the Federal Trade Commission, Federal Communications Commission, Securities and Exchange Commission, and others. The Order specifies that these DOGE Team members may include SGEs.
The Order also establishes within USDS the U.S. DOGE Service Temporary Organization. This organization will terminate on July 4, 2026 and is tasked with advancing the President’s 18-month DOGE agenda. At this point it is unclear what unique purpose the temporary organization may fulfill as compared to the USDS, but the temporary status may make it easier to hire temporary employees or volunteers. The head of a temporary organization may appoint employees into the excepted service of the civil service, exempting them from some federal employee hiring requirements.[9] The head of a temporary organization also may accept volunteer services as well as detailees from government departments or agencies.[10]
The role of the current 230 U.S. Digital Service employees is unclear, and they are reportedly being reinterviewed.[11]
III. USDS Activities
The Order tasks the USDS administrator with a “Software Modernization Initiative to improve the quality and efficiency of government-wide software, network infrastructure, and information technology (IT) systems.” Priorities of this initiative include inter-operability between agencies, data integrity, and responsible data collection. The Order instructs agency heads to “ensure USDS has full and prompt access to all unclassified agency records, software systems, and IT systems.”
Another executive order titled “Hiring Freeze” tasks USDS with working with the OMB Director to produce a plan to reduce the size of the federal workforce, and effectuates a freeze on hiring federal civilian employees.[12] In support of that goal, on January 28, 2025, the administration offered federal employees a deferred resignation option.[13] The subject of the email, “Fork in the Road” was the same as that used by Elon Musk in a similar email to Twitter employees, suggesting Musk’s involvement with the resignation offer.[14]
Other recent administration actions appear to be advancing the DOGE agenda, as well. The General Services Administration, the Department of Energy, and likely other executive branch agencies have halted all new contracting awards with certain exceptions.[15] OMB issued a memorandum (before rescinding it) that some interpreted as freezing funding for all “financial assistance programs and supporting activities,” but OMB then clarified that the freeze applied only to discretionary payments for specific programs involving immigration, foreign aid, DEI programs, and gender issues that were already ordered paused via executive orders.[16]
IV. Transparency Requirements
Housing DOGE in the EOP may mean it is subject to fewer transparency requirements than it would have been as a federal advisory committee. As a government office, FACA disclosure requirements likely do not apply. Whether the Freedom of Information Act (FOIA) applies to the new USDS’s records remains an open question. The Order states that the USDS “shall be established in the Executive Office of the President.” As OMB is part of the EOP, it’s not clear whether the Order means to pull the USDS out of OMB. OMB is subject to FOIA and so is the EOP, except for any part of the EOP “whose sole function is to advise and assist the President.”[17] The Order states that the USDS Administrator “shall report to the White House Chief of Staff” suggesting the administration could argue that the USDS exists to advise and assist the president and is therefore exempt from FOIA. Hence, it is possible that the USDS will not be subject either to FACA’s or FOIA’s transparency requirements.
The U.S. Digital Service was subject to the Federal Records Act and Presidential Records Act according to its own privacy policy.[18] It remains to be seen if the Trump administration will amend that policy.
V. Challenges to DOGE
Minutes after Trump was inaugurated, public interest groups sued the administration seeking to enjoin DOGE from conducting its business.[19] The lawsuits were premised on the argument that DOGE is in fact a FAC and it is violating FACA requirements regarding its establishment, records preservation, and public access. Committees composed wholly of federal government employees, such as the original U.S. Digital Service, are not subject to FACA.[20] If DOGE is comprised solely of government employees and not private sector advisors as initially contemplated, FACA likely will not apply to it. If advisors remain outside the government, it is possible that a court could determine that some of the USDS activities fall under FACA.[21]
DOGE—or, now, USDS—is already having an impact, although it will take months or years to understand the full implications of its actions. Gibson Dunn will continue to monitor USDS’s activities and help clients understand their effect on the U.S. government, businesses, and individuals.
[1] Exec. Order, Establishing and Implementing the President’s “Department of Government Efficiency,” (Jan. 20, 2025), available here.
[2] Christ Megerian, Zeke Miller, and Lisa Mascaro, Trump White House Rescinds Memo Freezing Federal Money After Widespread Confusion, Associated Press (Jan. 29, 2025) https://apnews.com/article/donald-trump-pause-federal-grants-aid-6d41961940585544fa43a3f66550e7be; Scott Neuman, Trump Wants to Cut the Federal Workforce, NPR (Jan. 31, 2025), here.
[3] The U.S. Digital Service receives funding from the Information Technology Oversight and Reform account along with the Office of the Federal Chief Information Office. In recent years, the funds in this account have come from the American Rescue Plan Act.
[4] The White House Office of the Press Secretary, Fact Sheet: Improving and Simplifying Digital Services (Aug. 11, 2014), https://obamawhitehouse.archives.gov/the-press-office/2014/08/11/fact-sheet-improving-and-simplifying-digital-services.
[5] U.S. Digital Service, How We Work, https://www.usds.gov/how-we-work (last visited Jan. 21, 2025).
[6] U.S. Digital Service, Our Projects, https://www.usds.gov/projects (last visited Jan. 21, 2025).
[7] 48 CFR § 3.601.
[8] 48 CFR § 3.602.
[9] 5 U.S.C. § 3161.
[10] 5 U.S.C. § 3161(i).
[11] Natalie Alms, U.S. Digital Service Employees are Being Re-interviewed Under DOGE Transition, NextGov/FCW (Jan. 22, 2025), here.
[12] Exec. Order, Hiring Freeze, (Jan. 20, 2025), available here.
[13] Off. of Pers. Mgmt., Fork in the Road, https://www.opm.gov/fork.
[14] Garrett Haake and Amanada Terkel, Trump Administration Offers Roughly 2 Million Federal Worker a Buyout to Resign, NBC News (Jan. 28, 2025), here.
[15] Memorandum from Stephen Ehikian, Acting Adm’r. and Deputy Adm’r., Gen. Serv. Admin. to GSA Acquisition Workforce et al. (Jan. 24, 2025), here.
[16] Memorandum from Matthew J. Vaeth, Acting Dir. Off. Mgmt. and Budget to Heads of Exec. Dep’t and Agencies (Jan. 27, 2025), here; OMB Q&A Regarding Memorandum M-25-13 (Jan. 28, 2025), here.
[17] Meyer v. Bush, 981 F.2d 1288, 1291 n.1 (D.C. Cir. 1993) (quoting H.R. Rep. No. 1380, 93d Cong., 2d Sess. 14 (1974)).
[18] U.S. Digital Service, U.S. Digital Service Privacy Policy, https://www.usds.gov/privacy (last visited Jan. 22, 2025).
[19] Complaint, Am. Pub. Health Ass’n v. Off. Mgmt. Budget, No. 1:25-cv-00167 (D.D.C. Jan. 20, 2025); Complaint, Jerald Lentini v. Dep’t Gov. Efficiency, No. 1:25-cv-00166 (D.D.C. Jan. 20, 2025); Complaint, Public Citizen Inc. v. Donald Trump, No. 1:25-cv-164 (D.D.C. Jan 20, 2025); Ctr. for Biological Diversity v. Off. Mgmt Budget, No. 25-165 (D.D.C. Jan 20, 2025).
[20] 5 U.S.C. § 1001(2)(B)(i).
[21] FACA provides that the term “advisory committee” excludes “a committee that is composed wholly of full-time, or permanent part-time, officers or employees of the Federal Government.” 5 U.S.C. § 1001(2)(B)(i).
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Public Policy, Administrative Law & Regulatory, Energy Regulation & Litigation, Labor & Employment, or Government Contracts practice groups, or the following in Washington, D.C.:
Michael D. Bopp – Co-Chair, Public Policy Practice Group,
(+1 202.955.8256, [email protected])
Stuart F. Delery – Co-Chair, Administrative Law & Regulatory Practice Group,
(+1 202.955.8515, [email protected])
Tory Lauterbach – Partner, Energy Regulation & Litigation Practice Group,
(+1 202.955.8519, [email protected])
Amanda H. Neely – Of Counsel, Public Policy Practice Group,
Washington, D.C. (+1 202.777.9566, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
We are pleased to share with you the Gibson Dunn 2024 Legal Retrospective Report, a comprehensive collection of our thought leadership and insights on the most significant legal developments of the past year. This report highlights our expert analysis on key judicial decisions, regulatory trends, and legislative shifts across the depth of our practices. As a corollary to our real-time updates, we hope this compendium will serve as a valuable resource in assimilating changes that transpired in 2024, and the shape of the legal landscape entering the new year. Looking to 2025, we remain dedicated to providing you practical guidance to navigate rapidly evolving circumstances, and to address the impact of legal developments on your business, operations, and strategic planning.
Our content is always intended as a touchstone to engage with our clients – thank you, and we eagerly anticipate continuing these critical conversations in the year ahead!
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Leading practitioners from our Los Angeles, Orange County, San Francisco, and Palo Alto offices hosted Gibson Dunn’s annual complimentary MCLE briefing, offering 10 hours of CLE credit, including specialty subjects such as Ethics, Elimination of Bias, Competence, and the new Technology and Civility requirements.
The three-day program featured discussions on key developments at the United States Supreme Court and SEC, labor and employment trends, litigating in the press, the use of AI by legal professionals, and new tools to promote civility, among other relevant topics.
Recordings, materials, and CLE details are available below.
For any questions regarding the program or future events, please contact [email protected]. For inquiries about CLE accreditation, please reach out to [email protected].
Imposter Syndrome in the Legal Profession
PANELISTS:
- Tiaunia Henry
- Miguel Loza Jr.
- James Keshavarz
The Constitution, Homelessness, and the Supreme Court: Post Grants Pass Victory
PANELISTS:
- Theane Evangelis
- Bradley J. Hamburger
- Jesse Sharf
SEC and Other Developments for Public Companies and Investment Advisers
PANELISTS:
- Michael A. Titera
- Kevin Bettsteller
- Lauren M. Assaf-Holmes
Supreme Court Roundup
PANELISTS:
- Lauren M. Blas
- Samuel Eckman
The Pitfalls of Litigating in the Press
PANELISTS:
- Michael H. Dore
- Abbey A. Barrera
- Wesley Sze
Enough Already! New Tools to Reduce Incivility
PANELISTS:
- Presiding Justice Brian S. Currey
- Poonam G. Kumar
Latest Trends & Hot Topics in CA Labor & Employment
PANELISTS:
- Cynthia Chen McTernan
- Megan Cooney
MCLE CREDIT INFORMATION:
Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 6.0 credit hours, of which 0.25 credit hour may be applied toward the Elimination of Bias requirement, 1.0 credit hour may be applied toward the Wellness Competence requirement, 1.0 credit hour may be applied toward the Ethics requirement, 1.0 credit hour may be applied toward the Civility in the Legal Profession requirement, and 2.75 credit hours may be applied toward the General Practice requirement.
This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 6.0 credit hours, of which 2.0 credit hours may be applied toward Ethics and Professionalism, 1.0 credit hour may be applied toward Law Practice Management, and 3.0 credit hours may be applied toward Areas of Professional Practice. These courses are approved for transitional/non-transitional credit.
Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. It is the opinion of this provider that this activity qualifies for up to 6.0 hours toward your annual CLE requirement in Connecticut, including 3.25 hours of ethics/professionalism.
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Josiah Bethards, Michael Cannon, Matt Donnelly and Alissa Fromkin Freltz are the authors of “Lessons From the First Years of Tax Credit Transfers” [PDF] published by Tax Notes Federal on January 27, 2025.
The memorandum could have implications for companies—including those in the technology sector—confronting questions relating to privacy, data, cybersecurity, and artificial intelligence.
On January 20, 2025, President Trump issued an executive memorandum ordering “all executive departments and agencies” to implement a regulatory freeze. This memorandum follows similar regulatory freeze memoranda issued by the Office of Management and Budget (OMB) on behalf of the president at the beginning of the Biden Administration in 2021 and issued by OMB on behalf of the president at the beginning of the Trump Administration in 2017. The memorandum:
- Places a moratorium on the issuance, proposal, or publication of any new “rules” or “regulatory actions”, pending review by President Trump’s appointees;
- Directs executive departments and agencies to immediately withdraw for review any rules sent to the OFR but not yet published in the Federal Register; and
- Directs executive departments and agencies to consider postponing for 60 days the effective dates for any rules that have been published in the Federal Register or otherwise issued which have not taken effect.
The issuance of a regulatory freeze is not unusual for a new administration. However, the scope of President Trump’s memorandum—against the backdrop of the frenetic regulatory activity of the post-2024 election Biden administration—means that this memorandum may carry meaningful impact for a number of regulations that companies are already taking steps to comply with. Several of the rule moratoria could have implications for companies—including those in the technology sector—confronting questions relating to privacy, data, cybersecurity, and artificial intelligence (AI). For example, two potentially significant rules appear to be in procedural limbo as a result of the order:
- The U.S. Commerce Department’s Bureau of Industry and Security’s (BIS) connected vehicles final rule, which bans certain imports and sales of vehicles from China (including Hong Kong) and Russia, as well as key hardware and software components, based on identified “undue or unacceptable risks” to U.S. national security and the safety and security of U.S. persons, was published in the Federal Register on January 16, 2025 and goes into effect on March 17, 2025.
- The Commerce Department’s Information and Communications Technology and Services Supply Chain (ICTS) final rule, which permits the Secretary of Commerce to prohibit ICTS transactions or impose mitigation measures for ICTS transactions involving “persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries” posing certain “undue or unacceptable risks,” was published in the Federal Register on December 6, 2024 and goes into effect on February 4, 2025. Again, while both rules are directionally consistent with the Trump administration’s approach to China, it is possible their implementation could be delayed for review and potential modification under the regulatory freeze order.
The application of the regulatory freeze memorandum is complicated in practice. For example, the Department of Justice’s (DOJ) bulk U.S. sensitive personal data final rule, which seeks to ensure that U.S. persons’ sensitive personal data cannot be legally sold to foreign adversaries by preventing specified “countries of concern” and “covered persons” from obtaining in “covered data transactions” bulk sensitive personal data of U.S. persons and U.S. government-related data, was published in the Federal Register on January 8, 2025 and goes into effect on April 8, 2025. Under the regulatory freeze memorandum, DOJ may postpone the effective date for 60 days to review the rule. DOJ could also pursue notice and comment rulemaking to further delay the effective date, modify, or withdraw the rule. However, because the underlying statutory authority for the rule was the International Emergency Economic Powers Act (IEEPA), which grants the executive broad rulemaking authority and is not subject to the rulemaking requirements of the Administrative Procedures Act (APA), DOJ was not required to engage in rulemaking in the first place. Accordingly, DOJ and President Trump have more authority to modify, withdraw, or issue a new rule without formal rulemaking. While the rule is directionally consistent with the Trump administration’s tough-on-China stance, the future of this rule is uncertain and it is possible the rule could be delayed to allow the administration to review its specific provisions.
Below are two charts that cover some of the most relevant recent rulemaking in the areas of data privacy, cybersecurity, and AI, analyzed to reflect the impact of the regulatory freeze memorandum. The first chart focuses on rules issued by executive agencies led by cabinet secretaries. The second chart focuses on rules issued by independent agencies. The extent to which independent agencies are subject to the regulatory freeze memorandum is likely to be subject to litigation. Some independent agencies have taken steps consistent with the order set out in the memorandum, but it is not yet fully clear whether all independent agencies will view themselves as bound to do so. The scope of presidential authority over such agencies is expected to be an area of focus in this administration.
Executive Agencies Led By Cabinet Secretaries |
|||||
Agency |
Regulation |
Status |
Published in Federal Register? |
Change Post Regulatory Freeze of January 20, 2025 |
Prognosis |
DOJ |
Bulk Sensitive Personal Data Rule |
Final Rule: issued December 27, 2024 Effective date: April 8, 2025 (pending conclusion of Congressional review under Congressional Review Act) |
Yes: January 8, 2025 |
Finalized, but DOJ may postpone the effective date for 60 days to review. Government could pursue notice and comment for further delay of effective date, modification, or withdrawal of rule. Because rule issued under IEEPA, no rulemaking was required in the first place. President has more authority to modify, withdraw, or issue new rule without formal rulemaking. |
Uncertain. May be delayed. |
DoC |
Connected Vehicles Rule |
Final Rule: issued January 14, 2025 Effective date: March 17, 2025 |
Yes: January 16, 2025 |
Finalized, but DoC may postpone the effective date for 60 days to review. Government could pursue notice and comment for further delay of effective date, modification, or withdrawal of rule. Because rule issued under IEEPA, no rulemaking was required in the first place. President has more authority to modify, withdraw, or issue new rule without formal rulemaking. |
Uncertain. May be delayed. |
DoC |
IaaS NPRM |
NPRM |
Yes: January 29, 2024 |
Because not a final rule, to move forward, must be reviewed and approved by department or agency head appointed by President Trump. |
Uncertain. Unlikely to move forward in current form. |
DoC |
ICTS Regulations |
Final Rule: issued December 5, 2024 Effective date: February 4, 2025 |
Yes: December 6, 2024 |
Finalized, but DoC may postpone the effective date for 60 days to review. Government could pursue notice and comment for further delay of effective date, modification, or withdrawal of rule. Because rule issued under IEEPA, no rulemaking was required in the first place. President has more authority to modify, withdraw, or issue new rule without formal rulemaking. |
Uncertain. Unlikely to be delayed given the effective date. |
DoC |
ICTS Licensing Procedures Regulations |
ANPRM |
Yes: March 29, 2021 |
To move forward, must be reviewed and approved by department or agency head appointed by President Trump. |
Uncertain. Unlikely to move forward in current form. |
DoC |
AI Diffusion Rule |
Interim Final Rule Effective date: January 13, 2025 Deadline for comments: May 15, 2025 |
Yes: January 15, 2025 |
Since the IFR is already in effect, the regulatory freeze memorandum likely will have little impact on this rule. DoC/BIS are not able to delay the effective date for 60 days because the IFR is already in effect. However, DoC/BIS (with Trump-appointed leadership) may revise the IFR and replace it with a non-interim final rule in response to any comments received before May 15, 2025. |
Companies should take steps now to prepare to comply with the new regulations. The IFR is likely to face significant critique during the public comment period. Implementation will require coordination and cooperation among U.S. allies and may face pushback from countermeasures from affected countries and entities. Final rule likely to include changes. For more information about this IFR, please see Gibson Dunn client alert here. |
DoD / GSA / NASA |
Federal Acquisition Regulation: Controlled Unclassified Information |
Proposed Rule Deadline for comments: March 17, 2025 |
Yes: January 15, 2025 |
DoD/GSA/NASA could postpone deadline for comments on proposed rule, but the regulatory freeze memorandum is unlikely to have material impact. Unclear if proposed rule deemed to raise “substantial questions of law, fact, or policy.” Because not a final rule, to move forward, must be reviewed and approved by department or agency head appointed by President Trump. |
Likely to move forward in some form. |
DHS/ CISA |
Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) Reporting Requirements |
Proposed Rule Deadline for comments: June 3, 2024 |
Yes: April 4, 2024 |
Because not a final rule, to move forward, must be reviewed and approved by department or agency head appointed by President Trump. |
There is significant uncertainty regarding the role that CISA will play in the Trump Administration, and it appears unlikely that these rules will move forward as proposed. However, because CIRCIA requires CISA to promulgate regulations implementing the statute’s covered cyber incident and ransom payment reporting requirements for covered entities, we may see revised regulations from CISA under the Trump Administration. |
Independent Agencies |
|||||
Agency |
Regulation |
Status |
Published in Federal Register? |
Impact if Regulatory Freeze Memorandum Were To Apply |
Prognosis |
FTC |
COPPA Rule |
Final Rule: issued January 16, 2025 Effective date: 60 days after publication in the Federal Register |
No: as of February 3, 2025 |
Since the rule is final but not yet published in the Federal Register, it could be subject to a regulatory freeze, if a majority of the Commissioners so decide. |
Uncertain. See Gibson Dunn client alert here for more information about the COPPA Rule. |
FTC |
Negative Option Rule (“Click to Cancel”) |
Final Rule: issued October 16, 2024 Effective dates: January 14, 2025 for some provisions; May 14, 2025 for most of the rule. |
Yes: November 15, 2024 |
The final rule has not fully taken effect. |
Currently pending a challenge in 8th Circuit. Gibson Dunn represents challengers consisting of an individual company and seven trade associations. The parties are currently briefing the merits of the rule challenge. |
FTC |
Non-Compete Rule |
Final Rule: issued April 23, 2024 Effective date: September 4, 2024 (but rule vacated by district court; the rule is not currently in effect) |
Yes: May 7, 2024 |
Since the final rule is published in the Federal Register and has been vacated, the regulatory freeze memorandum does not impact the rule. |
A district court set aside (vacated) the rule nationwide on August 20, 2024. FTC’s appeal of that decision is currently pending in the Fifth Circuit. The rule remains invalid, pending the resolution of the appeal. A separate district court granted a preliminary injunction applicable only to the plaintiff in that case. FTC’s appeal of that decision is currently pending the Eleventh Circuit. |
FTC |
Premerger Notification; Reporting and Waiting Period Requirements (Hart-Scott-Rodino (HSR) Rules) |
Final Rule: issued October 10, 2024 Effective date: February 10, 2025 |
Yes: November 12, 2024 |
The FTC and/or DOJ may postpone the effective date for 60 days to review.
|
The rule is currently being challenged in the United States District Court for the Eastern District of Texas. See here for more information. |
FCC |
CALEA Declaratory Ruling and NPRM |
Declaratory Ruling Adopted: January 15, 2025 Released: January 16, 2025 NPRM Adopted: January 15, 2025 Released: January 16, 2025 |
Declaratory Ruling: No, as of February 3, 2025 NPRM: No, as of February 3, 2025 |
Declaratory Ruling: “Declaratory ruling” is a term used by the FCC. Courts have generally concluded that FCC declaratory rulings are “declaratory orders” under the APA, and thus adjudications.[1] Therefore, an FCC declaratory ruling would likely not be in scope, as the regulatory freeze memorandum covers “rules” under APA section 551(4), not adjudications under APA section 554(e). NPRM: Because not a final rule, to move forward, must be reviewed and approved by department or agency head appointed by President Trump. |
Uncertain. In the waning days of the Biden administration, prior to assuming the Chairmanship, then FCC Chair-Nominee Brendan Carr issued a statement criticizing the Declaratory Ruling and Notice of Proposed Rulemaking, which was approved by the Commission’s Democrats on a party-line basis (3-2). How Chair Carr approaches the future of the Declaratory Ruling and NPRM remains to be seen. |
CFPB |
Request for Information Regarding the Collection, Use, and Monetization of Consumer Payment and Other Personal Financial Data |
Notice and request for information: issued January 10, 2025 Comments must be received on or before April 11, 2025 |
Yes: January 15, 2025 |
If the regulatory freeze were to apply, to move forward, the rule must be reviewed and approved by a department or agency head appointed by President Trump. |
Uncertain. As of February 1, 2025, President Trump removed Rohit Chopra, as Director of the CFPB. Treasury Secretary Scott Bessent has been designated as the Acting Director of the CFPB. On February 3, 2025, Secretary Bessent directed CFPB staff to stop all rulemaking and suspend the effective dates of rules not yet in effect. He also directed staff to stop any activity related to enforcement matters, litigation, and public communications. |
CFPB |
Required Rulemaking on Personal Financial Data Rights (Section 1033 of the Consumer Financial Protection Act Rule) |
Final Rule: issued October 22, 2025 Effective date: January 17, 2025 Compliance dates: beginning April, 2026 |
Yes: November 18, 2024. |
Since the final rule is published in the Federal Register and has gone into effect, the regulatory freeze memorandum does not impact the rule. |
Uncertain. It is unclear whether CFPB leadership appointed by President Trump will seek to revise or rescind this rule. The issuance of a rule of some kind is required by statute. There is speculation that the CFPB may decide to keep the rule in place given the length of time it took to develop and its issuance under the statutory mandate. Alternatively, new leadership could elect to engage in notice and comment rulemaking either to reconsider certain aspects of the rule or to rescind it and issue a new rule. There is also some reporting that this rule may be a target for congressional review under the Congressional Review Act.[2] However, if Congress were to enact a joint resolution of disapproval, the CFPB could not reissue a rule “in substantially the same form” as the current rule.[3] Treasury Secretary Scott Bessent has been designated as the Acting Director of the CFPB. On February 3, 2025, Secretary Bessent directed CFPB staff to stop all rulemaking and suspend the effective dates of rules not yet in effect. He also directed staff to stop any activity related to enforcement matters, litigation, and public communications. |
[1] See, e.g., City of Arlington, Tex. v. F.C.C., 668 F.3d 229, 241 & n.44 (5th Cir. 2012), aff’d, 569 U.S. 290 (2013); see also Emily S. Bremer, Declaratory Orders, Final Report to the Administrative Conference of the United States at 15 (Oct. 30, 2015).
[2] Katherine Hapgood, CFPB in Senate Banking Republican crosshairs for Congressional Review Act, PoliticoPro (Jan. 31, 2025), https://subscriber.politicopro.com/article/2025/01/cfpb-in-senate-banking-republican-crosshairs-for-congressional-review-act-00201742l.
[3] 5 U.S.C. § 801(b)(2).
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Artificial Intelligence or Privacy, Cybersecurity & Data Innovation practice groups:
Artificial Intelligence:
Keith Enright – Palo Alto (+1 650.849.5386, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Robert Spano – London/Paris (+33 1 56 43 13 00, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, [email protected])
Frances A. Waldmann – Los Angeles (+1 213.229.7914,[email protected])
Privacy, Cybersecurity, and Data Innovation:
United States:
Ashlie Beringer – Co-Chair, Palo Alto (+1 650.849.5327, [email protected])
Ryan T. Bergsieker – Denver (+1 303.298.5774, [email protected])
Gustav W. Eyler – Washington, D.C. (+1 202.955.8610, [email protected])
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, [email protected])
Svetlana S. Gans – Washington, D.C. (+1 202.955.8657, [email protected])
Lauren R. Goldman – New York (+1 212.351.2375, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Natalie J. Hausknecht – Denver (+1 303.298.5783, [email protected])
Jane C. Horvath – Co-Chair, Washington, D.C. (+1 202.955.8505, [email protected])
Martie Kutscher Clark – Palo Alto (+1 650.849.5348, [email protected])
Kristin A. Linsley – San Francisco (+1 415.393.8395, [email protected])
Timothy W. Loose – Los Angeles (+1 213.229.7746, [email protected])
Vivek Mohan – Palo Alto (+1 650.849.5345, [email protected])
Rosemarie T. Ring – Co-Chair, San Francisco (+1 415.393.8247, [email protected])
Ashley Rogers – Dallas (+1 214.698.3316, [email protected])
Sophie C. Rohnke – Dallas (+1 214.698.3344, [email protected])
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, [email protected])
Benjamin B. Wagner – Palo Alto (+1 650.849.5395, [email protected])
Debra Wong Yang – Los Angeles (+1 213.229.7472, [email protected])
Europe:
Ahmed Baladi – Co-Chair, Paris (+33 (0) 1 56 43 13 00, [email protected])
Kai Gesing – Munich (+49 89 189 33-180, [email protected])
Joel Harrison – Co-Chair, London (+44 20 7071 4289, [email protected])
Lore Leitner – London (+44 20 7071 4987, [email protected])
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, [email protected])
Lars Petersen – Frankfurt/Riyadh (+49 69 247 411 525, [email protected])
Robert Spano – London/Paris (+44 20 7071 4000, [email protected])
Asia:
Connell O’Neill – Hong Kong (+852 2214 3812, [email protected])
Jai S. Pathak – Singapore (+65 6507 3683, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
This update provides an overview of key FCPA and other international anti-corruption enforcement, litigation, and policy developments from 2024, as well as our observations and analysis regarding the trends we are seeing from this activity.
There is substantial change afoot in Washington, and these are still early days, but whether enforcement of the Foreign Corrupt Practices Act (FCPA) will decline in a second Trump Administration remains to be seen. It is notable that predictions of FCPA underenforcement proved unfounded during the President’s first term. From what we encounter in our daily work on behalf of our clients, the statute’s dual enforcement groups at the U.S. Department of Justice (DOJ) and Securities and Exchange Commission (SEC) remain committed and are riding the wave of a busy 2024, with dozens of prosecutions, numerous important policy announcements, and a record four-for-four showing in criminal trials. Moreover, international partners continue to enforce their foreign corruption statutes with increasing vigor. As the size of our annual update portends, there continues to be much to discuss regarding the FCPA and related international anti-corruption developments.
Gibson Dunn has maintained its industry-leading expertise in this space by virtue of the complex, cutting-edge anti-corruption challenges we have had the privilege of helping our clients navigate day in and day out for the past several decades. We were honored to continue our streak in 2024 of being ranked Number 1 in the Global Investigations Review “GIR 30” ranking of the world’s top investigations practices for the seventh consecutive year and the ninth time in the last ten years.
For additional analysis on anti-corruption enforcement and related developments from 2024, we invite you to register here and join us for our upcoming complementary webcast presentation on February 27, 2025: “2024 Year-End FCPA Update.” As usual, CLE credit will be offered.
OVERVIEW OF THE FCPA & OTHER U.S. LAWS TARGETING FOREIGN CORRUPTION
The FCPA’s anti-bribery provisions make it illegal to offer or provide money or anything else of value to officials of foreign governments, foreign political parties, or public international organizations with corrupt intent, for the purpose of obtaining or retaining business. These provisions apply to “issuers,” “domestic concerns,” and those acting on behalf of issuers and domestic concerns, as well as to “any person” who acts while in the territory of the United States. The term “issuer” covers any business entity that is registered under 15 U.S.C. § 78l or that is required to file reports under 15 U.S.C. § 78o(d) (typically referring to companies whose shares are listed on a national exchange). In this context, foreign issuers whose American Depositary Receipts (ADRs) or American Depositary Shares (ADSs) are listed on a U.S. exchange are “issuers” for purposes of the FCPA. The term “domestic concern” is even broader and includes any U.S. citizen, national, or resident, as well as any business entity that is organized under the laws of a U.S. state or that has its principal place of business in the United States.
In addition to the anti-bribery provisions, the FCPA also has “accounting provisions” that apply to issuers and in some cases those acting on their behalf, and that are comprised of two core components. First, the books-and-records provision requires issuers to make and keep accurate books, records, and accounts that, in reasonable detail, accurately and fairly reflect the issuer’s transactions and disposition of assets. Second, the FCPA’s internal accounting controls provision requires that issuers devise and maintain reasonable internal accounting controls aimed at preventing and detecting FCPA violations. Prosecutors and regulators frequently invoke these latter two sections when they cannot establish the elements for an anti-bribery prosecution or as a mechanism for compromise in resolution negotiations. Because there is no requirement that a false record or deficient control be linked to an improper payment, even a transaction that does not constitute a violation of the anti-bribery provisions can lead to prosecution under the accounting provisions if inaccurately recorded or attributable to an internal accounting controls deficiency.
Further, as discussed in our 2023 Year-End FCPA Update, in December 2023 the United States enacted the Foreign Extortion Prevention Act (FEPA). FEPA explicitly criminalizes the “demand side” of foreign bribery by prohibiting the receipt of corrupt payments by foreign officials, which the FCPA does not do. However, the practical impact of FEPA remains to be seen given that DOJ has long been prosecuting foreign officials for their receipt of bribes under the money laundering statute, as noted immediately below.
Finally, prosecutors from the FCPA Unit of DOJ (and, to a lesser extent, enforcers from the SEC’s FCPA Unit as to violations of the securities laws) frequently charge non-FCPA offenses such as money laundering, mail and wire fraud, Travel Act violations, securities fraud, tax violations, and even false statements, in addition to or instead of FCPA charges. The most prevalent among these “FCPA-related” charges, in the criminal context, is money laundering—a generic term used as shorthand for statutory provisions, including 18 U.S.C. § 1956, that generally criminalize conducting or attempting to conduct a transaction involving proceeds of “specified unlawful activity” or transferring funds to or from the United States, in either case to promote the carrying on of specified unlawful activity; to conceal or disguise the nature, location, source, ownership or control of the proceeds; or to avoid a transaction reporting requirement. “Specified unlawful activity” includes over 200 enumerated U.S. crimes and certain foreign crimes, including the FCPA, fraud, and corruption offenses under the laws of foreign nations. Although this has not always been the case, in recent history DOJ has frequently deployed the money laundering statutes to charge “foreign officials” who are not themselves subject to the FCPA. It is not unusual for DOJ to charge the alleged provider of a corrupt payment under the FCPA and the alleged recipient with money laundering, particularly if the recipient is employed by a state-owned enterprise. As noted above, at least for activity post-dating the passage of FEPA in December 2023, DOJ now has another prosecutorial tool to wield in its international anti-corruption enforcement efforts.
FCPA AND FCPA-RELATED ENFORCEMENT STATISTICS
The below table and graph detail the number of FCPA enforcement actions initiated by DOJ and the SEC, the statute’s dual enforcers, in each of the past 10 years.
Of course, as regular readers of these pages know, and as mentioned above, a substantial proportion of U.S. anti-corruption enforcement actions are predicated on “FCPA-related” charges arising from the same corruption investigations by the same prosecutors but not charged under the FCPA itself. Examples of “FCPA-related” charges include wire and mail fraud, securities fraud, tax offenses, and most significantly money laundering. Although this is predominantly a criminal phenomenon, 2024 saw two rare “FCPA-related” charges filed by the SEC in the Adani case discussed below. The below table and graph illustrate the past 10 years of FCPA plus FCPA-related enforcement activity.
KEY 2024 FCPA-RELATED ENFORCEMENT DEVELOPMENTS
As our longtime readers know, we endeavor in these pages not only to describe the year’s individual FCPA and related enforcement actions, but also to discern patterns, themes, and trends in this enforcement activity. With respect to 2024, we have identified seven developments of note:
- DOJ reaches subsidiary-only resolutions with parent compliance guarantees;
- DOJ further defines the poles in Corporate Enforcement Policy credit;
- DOJ FCPA “declinations with disgorgement” continue as a trickle;
- Rounding out the SEC FCPA enforcement docket;
- Individual FCPA enforcement actions come in bunches;
- Not quite “FCPA-related,” but still worthy of mention; and
- DOJ’s FCPA Unit runs the table, going four-for-four at trial.
1. DOJ Reaches Subsidiary-Only Resolutions with Parent Compliance Guarantees
FCPA practitioners well understand that a key term in any criminal resolution negotiation is the defendant corporate entity or entities. Although there are many variations, one common approach that developed over the years was for the subsidiary(ies) most involved in the conduct to plead guilty, and for the parent company to enter into a deferred or non-prosecution agreement, at least where there was some alleged involvement by the parent. This approach allowed DOJ to secure the most serious form of resolution as to the most culpable corporate entity, while allowing the company (as a whole) to avoid the potentially dire collateral impacts that can accompany a guilty plea at the parent level.
Historically, DOJ has frequently insisted in FCPA cases upon at least some form of criminal resolution with the parent entity, even where the misconduct was principally concentrated in subsidiary businesses. There are certainly exceptions to this rule, notably including a three-subsidiary combination resolution Gibson Dunn negotiated to spare parent company Hewlett-Packard Company from criminal enforcement as described in our 2014 Mid-Year FCPA Update. But the exception crept ever closer to the rule in 2024, as fully one-third of FCPA corporate criminal prosecutions did not involve a parent-level defendant. Still, as described below, the parent companies were required to sign on to the subsidiary resolutions to guarantee the compliance and reporting obligations that typically accompany FCPA resolutions would be applied across the corporate enterprise and not only the subsidiary.
McKinsey and Company Africa (Pty) Ltd.
The most recent example of this phenomenon is DOJ’s resolution with the South African subsidiary of the multinational business consultant McKinsey & Company. On December 5, 2024, DOJ announced a deferred prosecution agreement with McKinsey and Company Africa arising from allegations that, between 2012 and 2016, the entity conspired to violate the FCPA’s anti-bribery provisions by agreeing to make corrupt payments to officials of two state-owned companies in South Africa. The South African McKinsey entity allegedly partnered with local South African consulting firms qualified under the Broad-based Black Economic Empowerment Act while knowing that those firms would use a portion of their fees to pay the purported bribes in exchange for confidential information about competitors and for steering contracts toward sole source awards to McKinsey rather than competitive tenders. In a related matter announced the same day, DOJ unsealed a December 2022 plea agreement with Vikas Sagar, the McKinsey partner allegedly at the center of the corruption scheme, pursuant to which Sagar agreed to plead guilty to one count of conspiracy to violate the FCPA’s anti-bribery provisions.
To resolve the corporate matter, the McKinsey South Africa entity entered into a three-year deferred prosecution agreement and agreed to pay a criminal fine of approximately $123 million, which reflects a 35% discount applied from the fifth percentile of the U.S. Sentencing Guidelines range for the company’s cooperation and remediation. Although it is now DOJ policy to impose forfeiture in addition to a criminal fine in non-issuer cases such as this, as discussed in our 2023 Year-End FCPA Update, DOJ did not do so here as McKinsey had already disgorged all revenues from the affected contracts to South African authorities. DOJ also agreed to credit up to half of the criminal fine against penalties McKinsey paid to South African authorities in a forthcoming resolution, providing the penalty is paid within 12 months. Finally, although not a party to the criminal case, parent McKinsey & Company co-signed the subsidiary resolution, agreeing to fulfill the cooperation, compliance program enhancement, self-reporting, and other compliance-related obligations across the whole of McKinsey’s global operations for the three-year term of the subsidiary’s deferred prosecution agreement. McKinsey’s FCPA resolution was followed less than 10 days later with a separate, larger criminal resolution arising from McKinsey’s consulting work in the opioids industry, announced on December 13, 2024.
Telefónica Venezolana C.A.
Working backward through the year, the second example of a subsidiary-only criminal resolution in 2024 was announced on November 8, when Telefónica Venezolana, the Venezuelan subsidiary of the Spain-based international telecommunications company Telefónica S.A., entered into a deferred prosecution agreement with DOJ to resolve allegations of bribery associated with a 2014 currency auction. According to DOJ, Telefónica Venezolana used a consultant to receive preferential access to the auction to exchange U.S. dollars for Venezuelan bolivars, knowing that the consultant would bribe Venezuelan government officials controlling access to the currency exchange. Telefónica Venezolana allegedly concealed its payments to the consultant by purchasing equipment at inflated prices from suppliers that entered into the consulting agreements on Telefónica’s behalf.
To resolve the matter, Telefónica Venezolana agreed to enter into a three-year deferred prosecution agreement alleging a conspiracy to violate the FCPA’s anti-bribery provisions and to pay a criminal fine of $85.26 million. Although not named as a defendant, parent Telefónica S.A. agreed to extend the subsidiary’s cooperation and compliance enhancement obligations for the three-year term to the full Telefónica enterprise. Notably, although parent Telefónica S.A. is a U.S. ADR issuer whose Brazilian subsidiary (also an ADR issuer) entered into a separate SEC FCPA resolution in 2019 as described in our 2019 Year-End FCPA Update, there was no parallel SEC resolution associated with the 2024 Venezuelan matter. Although it is not unusual for a listed company to resolve civil FCPA charges with the SEC and not criminal FCPA charges with DOJ, given the lower burden of proof and broader accounting theories available to the SEC, we are not familiar with any example of an issuer or its affiliate resolving with DOJ and not the SEC in an FCPA matter. It is presently unclear if Telefónica S.A. will enter into an SEC resolution associated with the Venezuela matter.
Raytheon Company
The third and final example of a subsidiary-only criminal FCPA resolution from 2024 was that with global defense contractor Raytheon. On October 16, 2024, DOJ and SEC announced parallel resolutions relating to allegations that, between 2012 and 2016, Raytheon authorized nearly $2 million in corrupt payments to a high-level official of the Qatari Air Force to secure air defense contracts through an alleged “sham subcontractor,” and failed to disclose these subcontractor payments as required by the Arms Export Control Act (AECA) and International Traffic in Arms Regulations (ITAR). The SEC additionally alleged that over a longer period Raytheon paid more than $30 million to a Qatari-based agent, who was a relative of the Qatari Emir, under circumstances that presented elevated corruption risk.
To resolve the criminal FCPA, AECA, and ITAR allegations, Raytheon entered into a three-year deferred prosecution agreement and agreed to pay a $230.4 million criminal fine plus approximately $36.7 million in forfeiture, though up to $7.4 million of the forfeiture amount was credited against the SEC resolution. In the SEC matter, parent company RTX Corporation consented to a cease-and-desist proceeding alleging FCPA anti-bribery, books-and-records, and internal controls violations, and agreed to pay $49.1 million in disgorgement and prejudgment interest plus a civil penalty of $75 million, though $22.5 million of that penalty is offset against the criminal fine. And in a separate but coordinated matter, Raytheon resolved allegations of major fraud against the United States in a second deferred prosecution agreement and civil False Claims Act settlement alleging that the company provided inaccurate pricing data to the U.S. Department of Defense associated with foreign defense contracts. In total, and coupled with an earlier consent decree reached with the State Department, Raytheon and RTX agreed to pay nearly $1 billion to resolve the FCPA and non-FCPA charges, and also agreed to retain a compliance monitor jointly focused on anti-corruption and government contracts pricing compliance. But in contrast to the SEC resolution, parent RTX is not a defendant in either of the criminal resolutions and agreed only to adhere to the compliance- and disclosure-related obligations of its subsidiary Raytheon.
2. DOJ Further Defines the Poles in Corporate Enforcement Policy Credit
2024 marks the second year of FCPA resolutions since the January 2023 release of the DOJ Criminal Division’s updated Corporate Enforcement and Voluntary Self-Disclosure Policy (Corporate Enforcement Policy), first covered in our 2022 Year-End FCPA Update and further tracked in our 2023 Year-End FCPA Update. Under the current Corporate Enforcement Policy, DOJ may grant up to a 50% discount from the criminal fine for cooperation and remediation in a case that was not self-disclosed by the defendant company, and up to a 75% discount if the matter does qualify as a voluntary disclosure but nonetheless warrants criminal prosecution as opposed to a “declination with disgorgement.” These discount percentages are up from 25% and 50%, respectively, available under prior DOJ guidance. Further, the January 2023 Corporate Enforcement Policy provides enhanced guidance as to whether the cooperation and remediation discount is applied from the bottom of the U.S. Sentencing Guidelines range as was typical pre-Corporate Enforcement Policy, or a higher point-of-departure if the corporate defendant has a relevant history of “prior misconduct.”
In announcing the Corporate Enforcement Policy, DOJ made clear that the maximum-available discount is not the default, and that companies will start from zero and have to build the case for a discount based on their cooperation and remediation. The first two years of application have borne this out, as the “perfect score” of 50% / 75% remains elusive and the range of discounts in FCPA matters have varied from as low as 10% to as high as 45%. Moreover, the “other half” of the equation—whether the discount is taken from the bottom of the Guidelines range or from a higher point of departure—has varied significantly as well, with five companies receiving a discount from the bottom of the range and six companies receiving the discount from a higher point, ranging from the 5th to the 30th percentile.
Focusing on 2024, there were eight corporate criminal resolutions, outside of the “declination with disgorgement” with Boston Consulting Group described below. As shown in the below chart, the Corporate Enforcement Policy “discounts” ranged from 10% to 45% and the point of departure ranged from the bottom of the Guidelines range to the 30th percentile. The average “effective Corporate Enforcement Policy discount,” adjusting for both the discount percentage and point of departure, was 19%, resulting in an average effective savings of $23,262,861.
A table summarizing the Corporate Enforcement Policy discount details across the eight non-declination DOJ corporate FCPA resolutions of 2024 is below, followed by an analysis of four resolutions that illustrate the poles of cooperation and remediation credit offered by DOJ: AAR Corp. (45%) and SAP SE (40%) at the high-end, and Trafigura (10%) and BIT Mining (10%) at the low-end. We also analyze a fifth resolution that illustrates the impact of the point of departure, as Gunvor’s 25% cooperation and remediation discount was effectively reduced to 2.5% by virtue of the discount being taken from the 30th percentile of the Guidelines range.
Company |
Date |
Resolution Type |
Criminal Fine |
Discount % |
Guidelines Point of Departure |
Effective CEP Discount |
SAP SE |
01/10/24 |
DPA |
$118,800,000 |
40% |
10th percentile |
34% |
Gunvor S.A. |
03/01/24 |
Guilty Plea |
$374,560,071 |
25% |
30th percentile |
2.5% |
Trafigura Beheer B.V. |
03/29/24 |
Guilty Plea |
$80,488,040 |
10% |
5th percentile |
5.5% |
Raytheon Co. |
10/16/24 |
DPA |
$230,400,000 |
20% |
20th percentile |
4% |
Telefónica Venezolana C.A. |
11/08/24 |
DPA |
$85,260,000 |
20% |
5th percentile |
16% |
BIT Mining Ltd.* |
11/18/24 |
DPA |
$54,000,000 |
10% |
Bottom |
10% |
McKinsey & Co. Africa (Pty) Ltd |
12/05/24 |
DPA |
$122,850,000 |
35% |
5th percentile |
32% |
AAR CORP. |
12/19/24 |
NPA |
$26,393,029 |
45% |
Bottom |
45% |
* BIT Mining’s criminal fine was reduced to $10 million based on a demonstrated inability to pay the fine amount.
AAR CORP.
The highest cooperation and remediation discount of 2024, tied for the highest in the two-year history of the current Corporate Enforcement Policy, goes to Illinois-based aviation services company AAR. On December 19, 2024, DOJ and the SEC announced joint FCPA enforcement actions alleging that, between 2015 and 2020, AAR made nearly $8 million in payments to agents while knowing that a portion of those fees would be provided to government officials in Nepal and South Africa to obtain confidential bidding information, preferential payment terms, and otherwise to influence the contract award processes for state-owned airlines in each country.
To resolve the SEC charges, AAR consented to a cease-and-desist order finding that the company violated the FCPA’s anti-bribery, books-and-records, and internal controls provisions and agreed to pay $29.2 million in disgorgement plus prejudgment interest. No penalty was imposed due to the criminal resolution. To resolve DOJ’s allegations, AAR entered a non-prosecution agreement with an 18-month term and agreed to pay a $26.4 million criminal fine plus forfeiture, although the forfeiture amount was offset by the SEC’s disgorgement order. The criminal fine reflected a 45% Corporate Enforcement Policy discount taken from the bottom of the applicable Guidelines range, based on AAR’s cooperation, remediation, lack of criminal history, and, most notably as discussed below, the company’s self-reporting of the conduct in question.
AAR reported the alleged conduct in question to DOJ and the SEC promptly after becoming aware of press reports of a local corruption investigation concerning the Nepalese conduct and before being contacted by either agency. Still, DOJ did not credit the self-report as a “voluntary disclosure” for Corporate Enforcement Policy purposes because of the press reports and because, unbeknownst to AAR, “an independent source” already had reported the Nepalese conduct to the government. Thus, the report did not occur “prior to an imminent threat of disclosure or government investigation” as required by the Corporate Enforcement Policy and Section 8C2.5(g)(1) of the Sentencing Guidelines. Still, DOJ stated that it “gave significant weight” to the self-reporting in its determination of the form of resolution (i.e., non-prosecution agreement), cooperation and remediation credit awarded (i.e., 45%), and term of post-resolution reporting (i.e., 18 months). Notably, the only other 45% Corporate Enforcement Policy discount awarded by DOJ in an FCPA case to date likewise involves an “imperfect voluntary disclosure,” as covered in our discussion of the Albemarle case in our 2023 Year-End FCPA Update.
Separate from the company, two individuals were prosecuted in 2024 for their alleged involvement in the AAR corruption scheme. Related to Nepal, Deepak Sharma, a former executive of a U.S.-based AAR subsidiary, pleaded guilty on August 1, 2024 to a one-count information charging conspiracy to violate the FCPA’s anti-bribery provisions and also settled related SEC charges on December 19, 2024. Sharma agreed to disgorge nearly $131,000 in compensation allegedly tied to the corrupt conduct, plus nearly $54,000 in prejudgment interest thereon, in connection with the SEC resolution and sentencing in the criminal case has yet to be scheduled. Separately, a third-party agent of AAR’s allegedly involved in the South African corruption, Julian Aires, pleaded guilty to a one-count information charging conspiracy to violate the FCPA’s anti-bribery provisions on July 15, 2024, and like Sharma there is currently no sentencing date set.
SAP SE
The other high-flier in 2024 FCPA Corporate Enforcement Policy discounts was German software company and U.S. ADS issuer SAP, which on January 10, 2024 reached joint FCPA resolutions with DOJ and the SEC arising from an alleged bribery scheme covering multiple countries. According to the criminal charging documents, between 2013 and 2018, SAP made payments to agents in South Africa and Indonesia while knowing that portions of those payments would be passed on to officials associated with multiple different governmental bodies in each country, as well as knowingly falsified certain records relating to additional third-party payments in South Africa with no identified business purpose. The SEC charging document additionally alleges public corruption in Ghana, Kenya, Malawi, and Tanzania, as well as an improper gift provided to a government official in Azerbaijan in 2022.
To resolve the criminal matter, SAP entered into a deferred prosecution agreement alleging conspiracy to violate both the FCPA’s anti-bribery and books-and-records provisions and agreed to pay a $118.8 million criminal fine, though $55.1 million of the fine was offset by payments made in connection with coordinated anti-corruption resolution with South African authorities as discussed below. The criminal fine reflects (i) a 40% discount applied from (ii) the 10th percentile of the applicable Guidelines fine range to reflect SAP’s cooperation and remediation, as well as its prior criminal and regulatory history. Regarding the first point, DOJ praised SAP for its prompt and thorough cooperation, as well as remediation that included withholding compensation from certain potentially culpable employees and managers, which additionally netted SAP a $109,000 fine reduction pursuant to DOJ’s Compensation Incentives and Clawbacks Pilot Program. Regarding the second point, DOJ contended the enhanced Guidelines departure point was warranted based on SAP’s prior FCPA resolution with the SEC in 2016 covered in our 2016 Mid-Year FCPA Update, as well as an export controls-related non-prosecution agreement with DOJ’s National Security Division in 2021. To resolve the SEC matter, SAP consented to the entry of a cease-and-desist order alleging violations of the FCPA’s anti-bribery, books-and-records, and internal controls provisions and agreed to pay approximately $98.5 million in disgorgement plus prejudgment interest, with an offset of about $59.5 million against the civil resolution with South African authorities.
Trafigura Beheer B.V.
At the low-end of the Corporate Enforcement Policy discount scale, DOJ announced an FCPA resolution with Swiss commodities trader Trafigura on March 28, 2024. According to DOJ, between 2003 and 2014, Trafigura participated in a conspiracy to make nearly $20 million in corrupt payments to officials of Petróleo Brasileiro S.A. – Petrobras (Petrobras) to obtain contracts and improper business advantages from the Brazilian state-owned oil company. This resolution represents yet another in a long string of FCPA prosecutions arising from the long-running “Operation Car Wash” (Lava Jato) investigation in Brazil, which we have been following in these updates for years. Specific to Trafigura, we covered a guilty plea to money laundering conspiracy charges by former Petrobras oil trader Rodrigo Berkowitz, a recipient of the alleged bribes, in our 2020 Year-End FCPA Update.
To resolve the instant corporate criminal matter, Trafigura pleaded guilty to one count of conspiracy to violate the FCPA’s anti-bribery provisions and agreed to pay a total of approximately $127 million, consisting of an $80.5 million criminal fine and $46.5 million in forfeiture. The company will receive an offsetting credit for up to one-third of the criminal fine, or about $26.8 million, for amounts paid to Brazilian authorities to resolve allegations related to the same conduct. The criminal fine reflects a 10% discount from the 5th percentile of the Guidelines range, for an effective discount of 5.5%. The slightly enhanced point of departure was based on a 2006 guilty plea to false statements in connection with the importation of oil to the United States and a 2010 conviction in the Netherlands relating to export and environmental law violations in Côte d’Ivoire. The relatively low 10% cooperation credit appears to be based on DOJ’s assertions that early in the investigation Trafigura “failed to preserve and produce certain documents and evidence in a timely manner,” and then later “was slow to exercise disciplinary and remedial measures” and took positions in resolution negotiations that “caused significant delays and required [DOJ] to expend substantial efforts and resources to develop additional admissible evidence.” Notably, Trafigura changed counsel during resolution negotiations.
Trafigura also was convicted of charges arising from a separate alleged corruption scheme in Angola following a criminal trial in Switzerland as described in our international section below.
BIT Mining Ltd.
The other low-end, 10% cooperation and remediation score awarded in 2024 comes from a joint DOJ / SEC FCPA resolution with Chinese cryptocurrency mining firm BIT Mining, announced on November 18. According to the charging documents, during a prior incarnation when it was known as 500.com and focused on the gaming industry, the company made between $2 and $2.5 million in corrupt payments to Japanese parliamentary members in an ultimately-unsuccessful effort to open an integrated resort with gambling and other entertainment options in Japan. Separately, on the same day DOJ unsealed an indictment charging the company’s former CEO, Zhengming Pan, with FCPA bribery and books-and-records violations associated with the conduct.
To resolve the corporate criminal charges, BIT Mining entered into a three-year deferred prosecution agreement with DOJ and agreed to pay a $10 million criminal fine, which was substantially reduced from the Guidelines-calculated fine of $54 million based on the company’s demonstrated inability to pay. Although less relevant given the inability-to-pay reduction, the $54 million calculation included only a 10% cooperation and remediation discount, with DOJ stating that although BIT Mining engaged in some cooperation and remediation, it was “reactive and limited in degree and impact.” To resolve the SEC’s parallel investigation, the company consented to the issuance of a cease-and-desist order alleging violations of the FCPA’s anti-bribery, books-and-records, and internal controls provisions and assessing a $4 million civil penalty. DOJ agreed to credit the SEC civil penalty against the $10 million criminal fine, such that BIT Mining will only pay $10 million in total.
For his part, Pan has not appeared before the Court to answer the indictment and may be in China.
Gunvor S.A.
The largest FCPA resolution of 2024 was announced by DOJ on March 1, 2024, with Swiss commodities trader Gunvor. According to DOJ, between 2012 and 2020, Gunvor representatives authorized nearly $100 million in corrupt payments through third-party agents for the benefit of high-ranking officials of Ecuadorian state-owned oil company Petroecuador in exchange for lucrative sole-source oil contracts. The corporate resolution followed guilty pleas to FCPA and FCPA-related charges entered by former Petroecuador official Nilsen Arias Sandoval, former Gunvor consultants Antonio Pere Ycaza and Enrique Pere Ycaza, and former Gunvor employee Raymond Kohut, as discussed in our 2021 and 2022 Year-End FCPA Updates.
To resolve the corporate matter, Gunvor agreed to plead guilty to one count of conspiracy to violate the FCPA’s anti-bribery provisions and to pay a criminal fine of more than $374.5 million plus forfeiture of more than $287.1 million. The $661 million resolution amount is not entirely for DOJ, however, as up to one quarter of the criminal fine (about $93.6 million) may be credited against related anti-corruption resolutions with each of Swiss and Ecuadorian authorities, for a total offset of up to $187.3 million, provided these payments are made within a year of the DOJ resolution. The criminal fine reflects a 25% discount for cooperation and remediation, but that discount was applied from the 30th percentile of the Guidelines range based on Gunvor’s “history of misconduct,” thus reducing the “effective discount” to 2.5%. Gunvor’s “prior misconduct” included an international corruption-related resolution with Swiss authorities concerning a scheme to bribe officials in the Republic of Congo and Cote d’Ivoire (discussed in our 2019 Year-End FCPA Update). This is illustrative of a developing trend where corporations’ prior non-U.S. legal resolutions are negatively impacting DOJ’s Sentencing Guidelines calculations. Gunvor’s is the highest Guidelines point-of-departure imposed in an FCPA matter since publication of the updated Corporate Enforcement Policy in January 2023, although not nearly as high as the 75th percentile applied against ABB in its third FCPA resolution discussed in our 2022 Year-End FCPA Update.
3. DOJ FCPA “Declinations with Disgorgement” Continue as a Trickle
In April 2016, DOJ rolled out an “FCPA Pilot Program” (the FCPA-specific predecessor to the current, Criminal Division-wide Corporate Enforcement Program) that provided significantly greater transparency regarding the Division’s expectations for voluntary self-disclosures, cooperation, and remediation in FCPA investigations to receive mitigation credit. Under these programs, a company that timely and voluntarily self-discloses FCPA-related misconduct before DOJ becomes aware of it, fully cooperates in the ensuing investigation, and appropriately remediates the misconduct may be eligible for a declination of criminal prosecution. However, a condition of such a “declination” is that the company disgorge illicit profits from the misconduct and admit to a public recitation of facts, leading us to coin the term “declination with disgorgement” to distinguish these from “true declinations” where the company persuades DOJ to take no enforcement action.
DOJ came out of the gate strong with five “declinations with disgorgement” in the first year of the then-FCPA Pilot Program, as discussed in our 2016 Year-End FCPA Update. But over the years, this favorable prosecutorial resolution tool has been deployed rather infrequently, which is all the more notable considering that DOJ has rejected several candidates that did voluntarily self-disclose FCPA-related conduct because the company reportedly (i) did not specify the conduct in sufficient detail during the initial disclosure call (ABB, discussed in our 2022 Year-End FCPA Update), (ii) delayed the self-report such that it was no longer “prompt” (Albemarle, discussed in our 2023 Year-End FCPA Update), or (iii) disclosed the conduct only after DOJ was already aware of it through other means (AAR, discussed above). In the first nine years of these DOJ disclosure programs, there have been only 19 “declinations with disgorgement” issued in FCPA matters as set forth in the below bar chart, as well as two in the past two years by the Fraud Section on charges unrelated to the FCPA.
The only FCPA-related “declination with disgorgement” of 2024 was reached with global consulting firm Boston Consulting Group, Inc. on August 27, 2024. According to the letter agreement, between 2011 and 2017, BCG paid approximately $4.3 million in commissions to a consultant to help the firm obtain contracts with two agencies of the Angolan government, allegedly while knowing that portions of those commissions would be used to improperly influence officials of these government agencies. BCG was required to disgorge $14.4 million in profits from the relevant contracts, but due to its prompt voluntary disclosure, cooperation in the ensuing investigation, and effective remediation (including clawing back equity and withholding bonuses and other compensation from culpable partners), the company was not criminally prosecuted.
4. Rounding Out the SEC FCPA Enforcement Docket
We always caution against overreliance on one-year statistical snapshots, as the ebbs and flows of FCPA enforcement are better measured across an arc of years rather than any arbitrarily defined 365-day period. Nonetheless, it is notable that when the SEC released its Enforcement Results for FY 2024, they showed the lowest number of FCPA enforcement matters in recent history: two. Those figures reflect the SEC’s fiscal year (October 1, 2023 to September 30, 2024), and thus differ from our calendar-year reporting, and already the SEC has brought three times as many actions (six) in the first quarter of their FY 2025 (still calendar year 2024 for us). Nonetheless, the pace of SEC FCPA enforcement is something to monitor, especially as the Agency resets its enforcement priorities with the new Administration.
In addition to the eight FCPA and FCPA-related enforcement actions brought by the SEC in conjunction with DOJ as reported elsewhere in this update, the SEC brought two SEC-only FCPA enforcement actions in 2024: Deere & Company and Moog Inc.
Deere & Company
On September 10, 2024, the SEC announced a settled FCPA enforcement action with Illinois-based agricultural equipment manufacturer Deere & Company, which may be more familiar to our readership by its trade name “John Deere.” According to the SEC, between 2017 and 2020, representatives of Deere’s then-newly acquired Thai subsidiary authorized corrupt payments to government officials in the Royal Thai Air Force and various agencies within the Ministry of Transport to secure government contracts. The SEC further alleged improper payments to representatives of a private customer in Thailand, charged as part of the FCPA enforcement action based on their purportedly inaccurate recording in Deere’s books and records. And in addition to corrupt payments, the SEC included allegations of inappropriately extravagant international trips disguised as “factory visits,” long a favorite theory of the SEC’s in FCPA enforcement actions.
Without admitting or denying the SEC’s allegations of books-and-records and internal controls violations, Deere consented to issuance of a cease-and-desist order and agreed to pay a $4.5 million civil penalty, plus approximately $5.4 million in disgorgement and prejudgment interest. The SEC noted the company’s significant cooperation and remediation efforts in response to the investigation. The SEC did cite Deere’s alleged failure to timely integrate the Thai subsidiary into the company’s then-existing compliance and controls environment after acquiring the subsidiary in 2017 as a major factor that allowed the scheme to go unchecked for several years, thus highlighting the compliance risks associated with integrating foreign companies into a U.S. issuer’s compliance program post-acquisition.
Moog Inc.
On October 11, 2024, the SEC announced a settled FCPA enforcement action with New York-based motion control systems manufacturer Moog. The SEC alleged that, between 2020 and 2022, representatives of one of the company’s Indian subsidiaries made payments to employees of government entities to influence them to exclude competitors from or otherwise skew competitive tenders in Moog’s favor.
Without admitting or denying the SEC’s allegations of books-and-records and internal controls violations, Moog consented to the issuance of a cease-and-desist order and agreed to pay disgorgement and prejudgment interest totaling nearly $600,000, plus a civil penalty of $1.1 million. The SEC’s order noted the company’s cooperation and remediation efforts in response to the investigation, which included voluntarily disclosing the misconduct. Gibson Dunn was co-counsel representing Moog in this matter.
5. Individual FCPA Enforcement Actions Come in Bunches
Individual accountability has long been a focus of senior leadership at both DOJ and the SEC, with respect to the FCPA and enforcement more broadly. DOJ has for years made good on this refrain, bringing far more FCPA and FCPA-related prosecutions against individuals than corporations in recent years. This trend was no different in 2024, with 70% (21 of 30) of FCPA or related enforcement actions brought by DOJ filed against individuals. By contrast, entering 2024 the SEC had not brought a single FCPA or related enforcement action against an individual in more than three years. But this year the SEC stepped up individual enforcement and brought four such actions. Across both agencies, another takeaway from 2024 FCPA enforcement is that the individual prosecutions tended to come in groups.
Adani Group Eight
The most prominent and prolific example of DOJ and SEC individual FCPA enforcement from 2024 came on November 20, 2024, when the dual enforcers announced parallel charges arising from an alleged $250 million bribery scheme involving one of the world’s largest solar energy projects and one of the world’s richest men. The defendants include Indian billionaire Gautam Adani, his nephew Sagar Adani, and Vneet Jaain, all executives at Indian renewable energy company Adani Green Energy, as well as Ranjit Gupta and Rupesh Agarwal, former executives of U.S. issuer Azure Power, and Cyril Cabanes, Saurabh Agarwal, and Deepak Malhotra, former employees of Canadian pension fund CDPQ (as well as in Cabanes’s case, a former board member of Azure Power). According to the charging documents, the defendants initiated a scheme in 2021 to allegedly pay $265 million in bribes to officials of the Solar Energy Corporation of India to cause local Indian municipalities to purchase power from a multi-billion dollar, 12 GW solar energy project operated by the defendants’ companies. DOJ and the SEC further allege that certain of the defendants obstructed justice by lying to investigators and destroying documents, as well as made false statements to U.S. investors in connection with capital raising efforts occurring after news of the investigation became public.
Gautam Adani, Sagar Adani, and Jaain are charged criminally with securities fraud and obstruction of justice, and the two Adanis are also charged by the SEC with civil securities fraud. Gupta and Rupesh Agarwal, Saurabh Agarwal, Cabanes, and Malhotra are all charged with conspiracy to violate the FCPA’s anti-bribery provisions, and all but Gupta are charged with obstruction of justice. Finally, the SEC charged Cabanes with FCPA bribery, in the first SEC FCPA enforcement action against an individual since 2020. None of the defendants are yet before the Eastern District of New York, where the criminal and civil charges have been filed, though the case has created a political storm as to whether India will agree to extradite these prominent businessmen. Given that the post-election indictment has now been followed by a change in DOJ administrations, it is possible that there will be political considerations on the U.S. side as well.
Smartmatic Four
On August 8, 2024, a grand jury in the Southern District of Florida returned an indictment charging three executives of election voting machine company Smartmatic—Roger Alejandro Pinate Martinez, Jorge Miguel Vasquez, and Elie Moreno—and former Chairman of the Commission on Elections of the Republic of the Philippines (COMELEC), Juan Andres Donato Bautista, for their role in an alleged corruption scheme involving the sale of voting machines used in the 2016 Philippine elections. According to the indictment, between 2015 and 2018, Pinate and Vasquez (with the assistance of Moreno) allegedly paid approximately $1 million in bribes to Donato from 2015 to 2018, who caused COMELEC to purchase voting machines from Smartmatic at inflated prices.
Pinate and Vasquez are each charged with FCPA bribery, and all four defendants are charged with money laundering. Pinate and Donato are before the court and presently facing an October 2025 trial date. Vasquez and Moreno have yet to enter an appearance, and DOJ is reportedly seeking their extradition.
Stericycle Two
In our 2022 Mid-Year FCPA Update, we covered a joint DOJ / SEC FCPA resolution with Illinois waste management company Stericycle, Inc. In 2024, two former Stericycle employees were charged arising out of the same alleged scheme to pay more than $10 million in bribes to government officials in Argentina, Brazil, and Mexico between 2011 and 2016. On February 9, 2024, Stericycle’s former Latin American Division Senior Vice President Mauricio Gomez Baez agreed to plead guilty to one count of conspiracy to violate the FCPA’s anti-bribery provisions. Six weeks later, on March 19, a grand jury sitting in the Southern District of Florida returned an indictment charging former Latin American Division Finance Director Abraham Cigarroa Cervantes with one count of conspiracy to violate the FCPA’s anti-bribery provisions and one count of conspiracy to violate the FCPA’s internal controls and books-and-records provisions.
Gomez was promptly sentenced to seven months in prison, at a June 21, 2024 sentencing hearing. Cigarroa has yet to appear before the court.
Single-Defendant Additions to Prior-Year Groupings
We frequently make the point that the full scope of FCPA enforcement is difficult to decipher, given that charges often remain under seal for years as defendants continue to cooperate or DOJ awaits their transit into the United States or an extradition-friendly nation. The former appears to have been the case when, on December 30, 2024, the U.S. District Court for the Southern District of Florida unsealed a criminal proceeding initiated by DOJ in October 2023 against Juan Ramon Molina Rodriguez, the former Titular Director of a Honduran governmental entity known as “TASA” that procured goods for, among other Honduran government entities, the National Police. On July 10, 2024, Molina pleaded guilty to a single-count criminal information charging him with conspiracy to commit money laundering, which alleges that, between 2015 and 2019, he and fellow TASA official Francisco Roberto Cosenza Centeno were corruptly influenced in the award of more than $10 million in TASA contracts by payments received from Carl A. Zaglin, Bryan Berkman, and Luis Berkman, executives of a Georgia-based manufacturer of law enforcement uniforms and equipment, made through companies owned by Florida resident Aldo N. Marchena. As reported in our 2021 and 2023 FCPA Year-End Updates, Zaglin, the Berkmans, Cosenza, and Marchena, as well as others involved in the alleged Honduran corruption scheme, have previously been charged with FCPA and FCPA-related money laundering offenses.
Molina’s sentencing is currently set for February 2025. Of the remaining defendants listed above, Bryan and Luis Berkman have each pleaded guilty and been sentenced, initially to 28 months and 38 months, respectively, although both had their sentences reduced to 14 and 29 months, respectively, based on substantial assistance in the ongoing DOJ investigations. Zaglin, Cosenza, and Marchena all are currently set for trial in the Southern District of Florida in April 2025.
On November 12, 2024, Miami-based investment advisor John Christopher Polit pleaded guilty to a one-count information charging him with conspiracy to commit money laundering. If that name sounds familiar, it is because he is the son of former Ecuadorian Comptroller General Carlos Ramon Polit Faggioni, whose indictment arising out of the Odebrecht bribery scandal was covered in our 2022 Mid-Year FCPA Update, and whose 2024 trial conviction is discussed in the following section. Polit the son admitted that, between 2010 and 2018, he laundered more than $16.5 million of his father’s bribery proceeds, causing them to “disappear” (though apparently unsuccessfully) through layered transactions beginning in Panama and continuing through Florida.
The younger Polit is currently scheduled to be sentenced before the Southern District of Florida in April 2025. Notably, he was convicted of related charges in Ecuador in 2018, but that conviction was subsequently reversed in 2021.
Finally, in another blast from the FCPA past, on October 23, 2024, a federal grand jury in the Southern District of Florida indicted Venezuelan television news network owner Raul Gorrin Belisario on money laundering charges—again. Our readers may recall that Gorrin was indicted in November 2018, along with numerous other defendants, on FCPA and money laundering associated with an alleged scheme to bribe two successive National Treasurers of Venezuela to obtain currency exchanges at favorable rates, as discussed in our 2018 Year-End FCPA Update and with the latest coverage in our 2022 Year-End FCPA Update. The 2024 indictment alleges a separate money laundering conspiracy associated with Venezuela’s state-owned energy company, Petróleos de Venezuela S.A. (PDVSA), but still involving currency exchange transactions and also involving numerous other defendants discussed in our FCPA updates dating back to 2018.
Even after the second indictment, Gorrin remains a fugitive, reportedly living in Venezuela.
As these individual enforcement actions reflect, Central and Latin America remain fertile grounds for international anti-corruption prosecutions. Of the 21 individual FCPA and FCPA-related prosecutions in 2024, 9 of the individual defendants were from or have ties to this region.
6. Not Quite “FCPA-Related,” But Still Worthy of Mention
Periodically, we break down the fourth wall and let our readers into the debates amongst our editorial team as to what qualifies as an FCPA / FCPA-related enforcement action. Given the breadth of the FCPA’s accounting provisions, which can and often do reach non-corruption-related conduct (particularly in SEC enforcement), as well as the panoply of non-FCPA, ancillary statutes that may be used to charge international corruption (particularly in DOJ enforcement), we wrestle each year with “shades of gray.”
One recurring source of controversy concerns international corruption prosecutions initiated without the clear involvement of DOJ’s FCPA Unit. Section 9-47.110 of DOJ’s Justice Manual provides that all FCPA (now including FEPA too) prosecutions require coordination with the Fraud Section of the Criminal Division, which houses DOJ’s FCPA Unit. Even investigations that could lead to FCPA charges are supposed to be coordinated with the FCPA Unit, though with 94 U.S. Attorneys’ Offices and numerous other components of Main Justice whose authority includes, for example, international money laundering and wire fraud charges, this requirement can be difficult to police. We are also familiar with examples of prosecutions coordinated with DOJ’s FCPA Unit in the background that, for a variety of reasons, never see an FCPA Unit attorney enter an appearance on the public docket.
Balancing all of these considerations, our statistical methodology is only to count non-FCPA charges related to international corruption as “FCPA-related” if there is public involvement by the FCPA Unit. Two international corruption cases from 2024 that we do not count in our statistics, but note to illustrate the point, follow.
On January 11, 2024, a grand jury sitting in the Central District of California returned an indictment charging Paulinus Iheanacho Okoronkwo, a Los Angeles-based attorney and dual U.S.-Nigerian citizen, with money laundering, tax evasion, and obstruction of justice. The underlying conduct alleged centers on a $2.1 million bribe Okoronkwo purportedly received while serving as an officer of Nigeria’s state-owned oil company, the Nigerian National Petroleum Corporation, to secure favorable drilling rights for Addax Petroleum, a Swiss-based subsidiary of China’s state-owned oil company Sinopec. Although this may walk, talk, and quack like an FCPA-related case, it is being prosecuted by the L.A. U.S. Attorney’s Office. Okoronkwo’s trial is currently scheduled to begin in April 2025.
On March 4, 2024, the U.S. Attorney’s Office for the Southern District of Florida announced a guilty plea by another former foreign official, this time former Venezuela National Guard Major Nepmar Jesus Escalona Enriquez. Escalona pleaded guilty to one count of money laundering conspiracy arising from allegations that, between 2010 and 2017, he falsified customs documents to deceive the Central Bank of Venezuela into releasing $1.7 million to the co-conspirators rather than going to finance food imports, and also paid bribes to other Venezuelan government officials to prevent detection of the scheme. Again, this is typically fodder for FCPA prosecutors, but in this instance was handled by the Miami U.S. Attorney’s Office and the Criminal Division’s Money Laundering and Asset Recovery Section. On May 23, 2024, Escalona was sentenced to one year and one day in prison as well as forfeiture of more than $840,000.
7. DOJ’s FCPA Unit Runs the Table, Going Four-for-Four at Trial
There was a time not so long ago when FCPA-related trials were a rarity. But as we have noted before, within roughly the last decade DOJ has enhanced its focus on individual prosecutions in international corruption. Individuals as a group are far more likely than corporations to take criminal charges to a jury of 12, thus leading over time to more FCPA-related trials in criminal matters. (The SEC still has yet to try an FCPA case in the more than 40 years the statute has been on the books, though Gibson Dunn client James J. Ruehlen and co-defendant Mark A. Jackson came within a week of trial before receiving no-admit, no-deny, injunction-only resolutions, as covered in our 2014 Mid-Year FCPA Update.)
2024 saw four FCPA-related trials, equaling the record set five years ago as we covered in our 2019 Year-End FCPA Update. DOJ FCPA Unit prosecutors, teaming up with colleagues from several U.S. Attorneys’ Offices, ran the table and obtained convictions in all four.
Oil Trader Javier Alejandro Aguilar Morales Convicted of Petroecuador and PEMEX-Related Corruption
We have been covering the criminal case against former Vitol Group oil trader Javier Alejandro Aguilar Morales since our 2020 Year-End FCPA Update. Aguilar was charged with FCPA bribery and money laundering-related offenses arising out of the payment of more than $1 million in alleged corrupt payments to officials of the state-owned oil companies of Ecuador and Mexico, Petroecuador and PEMEX.
On February 23, 2024, after an eight-week trial in the Eastern District of New York, the jury returned a unanimous verdict of guilty on all three counts. Aguilar subsequently moved for a judgment of acquittal and a new trial, but the Honorable Eric N. Vitaliano rejected that bid in a 32-page ruling issued on July 26, 2024. In addition to turning away various evidentiary arguments, including that the evidence of Aguilar’s knowledge of the corruption was more than sufficient to support a guilty verdict even though no one testified to using the word “bribe” with him, the Court addressed several issues of FCPA interest. First, although Judge Vitaliano found in a mid-trial ruling that two of the alleged “foreign official” bribe recipients—who worked for a U.S. procurement subsidiary of PEMEX—would not qualify as “public servants” under Mexican law, he nonetheless found that the jury could find as a mixed matter of law and fact that they were officials of an “instrumentality” of a foreign government for purpose of the FCPA. Second, and relatedly, Judge Vitaliano affirmed his prior ruling that Aguilar did not create a “lawful under foreign law” affirmative defense worthy of submission to the jury based on the argument that the PEMEX-affiliated officials were not “public servants” covered by Mexico’s anti-corruption law, because arguing that one specific Mexican law was not violated is not sufficient to establish that the payments were lawful in Mexico.
On August 21, 2024, Aguilar pleaded guilty to related, parallel FCPA charges arising from the PEMEX scheme that, as discussed in our 2023 Year-End FCPA Update, were severed and moved to the Southern District of Texas after Aguilar raised venue objections. After the trial conviction, Aguilar consented to have the case transferred back to Brooklyn and consolidated for sentencing before Judge Vitaliano. In announcing the Aguilar trial verdict, DOJ trumpeted the success of its wide-ranging investigation of corruption in the Latin American oil trading industry, which just pulling on this strand resulted in a deferred prosecution agreement with Vitol, plus the guilty pleas of seven individual co-conspirators in addition to Aguilar.
Former Ecuadorian Comptroller Carlos Ramon Polit Faggioni Convicted of Receiving Odebrecht-Related Bribes
We have been covering an ongoing stream of FCPA-related prosecutions arising from the blockbuster resolution with Brazilian construction conglomerate Odebrecht S.A. since our 2016 Year-End FCPA Update. This includes the 2022 indictment of former Ecuadorian Comptroller General Carlos Ramon Polit Faggioni on allegations that he received more than $10 million in bribes from Odebrecht and then laundered them through the U.S. financial system with the assistance of his son, John Christopher Polit, whose 2024 guilty plea is discussed above.
On April 23, 2024, following a two-week trial in the U.S. District Court for the Southern District of Florida, a jury found the senior Polit guilty of all six counts of money laundering. On October 1, 2024, he was sentenced to 10 years in prison and ordered to forfeit $16.5 million in proceeds. Polit has noted an appeal to the Eleventh Circuit Court of Appeals.
Former Mozambican Finance Minister Manuel Chang Convicted in “Tuna Bonds” Scandal
On August 8, 2024, after a four-week trial, a federal jury in the Eastern District of New York found Mozambique’s former Minister of Finance, Manuel Chang, guilty of FCPA-related wire fraud and money-laundering conspiracy charges. As we covered in prior updates, most recently in our 2023 Year-End FCPA Update, Chang was indicted in 2018 for allegedly receiving $7 million in bribes in exchange for guaranteeing on behalf of the Mozambican government that it was financially solvent, which induced banks to issue loans to state-owned companies for maritime projects that ultimately failed and resulted in significant losses. Chang was promptly arrested in South Africa, but underwent years of extradition litigation before he was finally extradited to the United States in July 2023.
The Honorable Nicholas G. Garaufis denied Chang’s post-trial motions for judgment of acquittal and new trial in a 45-page memorandum opinion issued on November 13, 2024. With respect to wire fraud, the Court found that DOJ proved a viable scheme to deprive the investors of money siphoned off from the loan proceeds through undisclosed kickbacks and false representations, including that there was no corruption involved in the deal, and that it was not just a scheme to deprive victims of “valuable economic information” such that it would be susceptible to challenge under the Supreme Court’s decision in Ciminelli v. United States, 598 U.S. 306 (2023). With respect to money laundering, Judge Garaufis found that the evidence presented to the jury concerning the circuitous payment flow through accounts not in Chang’s name was sufficient to support concealment, and the specified unlawful activities of wire fraud and bribery under Mozambican law. On January 17, 2025, the Court sentenced Chang to 102 months in prison and ordered Chang to forfeit $7 million.
Oil Trader Glenn Oztemel Convicted of Petrobras-Related Corruption
We reported in our 2023 Year-End FCPA Update on criminal charges against Freepoint Commodities trader Glenn Oztemel, his brother and fellow oil trader Gary Oztemel, and third-party agent Eduardo Innecco, all associated with an alleged corruption scheme relating to Brazilian state-owned oil company Petrobras. Glenn Oztemel proceeded promptly to trial and, on September 26, 2024, a federal jury in the District of Connecticut found him guilty on all seven counts of FCPA bribery and money laundering.
In June 2024, Gary Oztemel pleaded guilty to one count of conspiracy to pay Petrobras officials more than $1 million, and was sentenced to two years of probation (due, in part, to medical considerations), 100 hours of community service, and $310,000 in fines and forfeiture. Innecco has reportedly been arrested in France but is fighting extradition and is not yet before the Court.
2024 FCPA-RELATED ENFORCEMENT LITIGATION
As our readership knows, following the filing of FCPA or FCPA-related charges, criminal and civil enforcement proceedings can take years to wind their way through the courts. The substantial number of enforcement cases from prior years has led to an active year in enforcement litigation beyond the cases initiated in 2024 and trials covered above. We discuss below a selection of prior-year matters, beyond the four trials, that saw material enforcement litigation developments.
DOJ Voluntarily Dismisses FCPA-Related Prosecution of Maryland Attorney Jeremy Schulman
On August 30, 2024, the U.S. District Court for the District of Maryland granted DOJ’s request to dismiss with prejudice an 11-count indictment against Maryland attorney Jeremy Schulman. As we first reported in our 2020 Year-End FCPA Update, Schulman was charged with wire fraud, mail fraud, and money laundering offenses associated with his efforts to gain access to over $12.5 million in assets belonging to the Central Bank of Somalia that had been frozen in U.S. banks following the turmoil arising from the country’s civil war in 1991. DOJ alleged that Schulman, working with former Somali Central Bank Governor Ali Abdi Amalow, presented fraudulent banking documents to financial institutions that showed Schulman had the authority to recover the frozen assets on behalf of the Somali government, whereas Schulman maintained that he was acting with actual authorization from the Somali government.
Years of protracted and contentious litigation followed, with Schulman diligently pursuing access to exculpatory evidence. This tenacity paid off, when the Honorable Paula Xinis imposed evidentiary sanctions for DOJ’s handling of its main witness. This then set the stage for DOJ’s motion to dismiss the case, citing its “assessment of pre-trial evidentiary rulings.” The Schulman case clearly reflects dogged determination and superb advocacy on the part of defense counsel.
Cognizant Defendants’ Trial Continued for Foreign Witness Issues (Again)
We have long been reporting on the 2019 FCPA charges against former Cognizant Technology Solutions President Gordon Coburn and Chief Legal Officer Steven Schwartz, including most recently in our 2023 Year-End FCPA Update. The trial date has shifted numerous times due to evidentiary disputes, reassignment of the case following the retirement of the presiding judge, and foreign witness availability issues. It was scheduled to go to trial in the District of New Jersey in September 2024, but was delayed again based on the pace of the Indian government’s response to a Mutual Legal Assistance Treaty request for witness testimony sought by the defense. The current, and ninth, trial date is scheduled for March 3, 2025. This case has long been a treasure trove of pretrial motions practice, and we expect that the trial will similarly showcase many legal arguments pertinent to FCPA and white-collar practice generally.
Former Banker Asante Kwaku Berko Extradited to Stand Trial on 2020 Indictment
As we last covered in our 2022 Year-End FCPA Update, dual U.S. and Ghanian citizen and banker Asante Kwaku Berko was arrested in November 2022 at the request of U.S. authorities as he landed at Heathrow Airport and DOJ unsealed a six-count indictment from 2020 charging Berko with FCPA, money laundering, and failure to report a foreign bank account. The substantive allegations are that, between December 2014 and March 2017, Berko paid more than $700,000 to Ghanaian government officials to assist a Turkish energy company client of Berko’s secure approvals to build an electric power plant in Ghana. Years of extradition litigation ensued.
On June 7, 2024, the Hight Court of England and Wales agreed with Berko that there was no “duality” (i.e., analogous UK crime) for the bank account reporting offense, but allowed the extradition to go forward as to the FCPA and money laundering charges. The UK court rejected Berko’s argument that the United States lacked jurisdiction over the international corruption scheme.
Shortly thereafter, in July 2024, Berko was extradited to the Eastern District of New York and pleaded not guilty to the FCPA and money laundering offenses. No trial date has yet been set.
Select Post-Indictment Guilty Pleas
It is a fact of the U.S. litigation process that the vast majority of criminal cases resolve prior to trial, even as to those who push their case to indictment in the first instance. But even within this paradigm, the case of former Maxwell Technologies General Manager Alain Riedo stands out.
More than a decade ago, and as we discussed in our 2013 Year-End FCPA Update, Riedo was indicted on nine counts of violating the FCPA associated with his alleged participation in a scheme to make corrupt payments to employees of state-owned companies in China. But as a Swiss citizen residing in Switzerland, Riedo was never extradited to face the charges. For years the case was dormant, until March 7, 2024 when Riedo appeared in the U.S. District Court for the Southern District of California to plead guilty to a superseding information charging one count of violating the FCPA’s books-and-records provision. The court sentenced Riedo to two years of probation, with 300 hours of community service to be served in Switzerland, and imposed a $55,000 fine.
Although Riedo’s reasoning for answering the FCPA charges 11 years later is not stated on the record, it is generally true that outstanding arrest warrants and the accompanying Interpol “Red Notices” can be extremely limiting as to a defendant’s ability to travel internationally. Some defendants have been known to resolve outstanding criminal cases simply to be able to visit family members in the United States or other countries with extradition treaties.
Another 2024 post-indictment guilty plea worthy of mention is that of Paulo Jorge Da Costa Casqueiro Murta. As we last checked in our 2023 Year-End FCPA Update, this PDVSA corruption-related case has bounced back and forth between Judge Hoyt’s chambers in Houston and the Fifth Circuit several times since Casqueiro Murta was extradited in 2021, with the latest development heading into 2024 being a remand to the district court for an evidentiary hearing on a Speedy Trial Act violation before a different trial court judge.
But that evidentiary hearing never occurred, as the parties informed the Court that they had reached a resolution and, on May 21, 2024, Casqueiro Murta pleaded guilty to a superseding information charging one count of FCPA conspiracy. He was sentenced by the Honorable Gray Miller to time served—amounting to nine months in custody and four months in home confinement—an additional one year of supervised release, and a $105,000 fine.
2024 KLEPTOCRACY FORFEITURE ACTIONS
As we periodically report in these updates, the Money Laundering and Asset Recovery Section (MLARS) of DOJ’s Criminal Division has a Kleptocracy Asset Recovery Initiative that uses civil forfeiture actions to freeze, recover, and in some cases repatriate the proceeds of foreign corruption. 2024 was an active year for MLARS kleptocracy actions, including the following:
- Over the course of 2024, DOJ continued to file additional civil forfeiture actions seeking the seizure of proceeds from the 1Malaysia Development Berhad (1MDB) corruption scandal we have been covering for years. These latest actions, which resolved claims against the assets of fugitive Low Taek Jho (Jho Low) and 1MDB’s former general counsel, “Jasmine” Loo Ai Swan, totaled a collective value of more than $200 million. To date, the U.S. government has reportedly seized and repatriated to Malaysia over $1.4 billion in assets associated with the scheme. As impressive as that figure is, the total alleged losses associated with the scheme exceed $4.5 billion.
- On January 9, 2024, DOJ reached a civil forfeiture agreement with Olympia De Castro, ex-wife of Gustavo Adolfo Hernandez Frieri, who pleaded guilty in 2019 to participating in the PDVSA-related “Operation Money Flight” currency conversion exchange scheme, described in our 2018 Year-End FCPA Update. Hernandez was ordered to forfeit $12.3 million as part of his plea agreement, which DOJ sought through his properties. De Castro filed ownership claims over certain properties, leading to years of negotiations with DOJ that were finally resolved with a $2.95 million settlement allowing De Castro to keep one of the properties and consenting for forfeiture of the remaining properties.
- On March 29, 2024, DOJ filed a civil complaint in the U.S. District Court for the Southern District of New York seeking to seize a $7.1 million condominium in Manhattan’s Trump International Hotel and Tower, alleging that the apartment was purchased with funds embezzled by sitting Republic of the Congo President Denis Sassou Nguesso. On May 14, Ecree LLC, a company managed by António José de Silva Veiga (reportedly a “fixer” for President Nguesso), filed a claim of interest to the apartment, and he subsequently moved to dismiss the complaint on grounds that DOJ failed to trace the apartment’s purchase to Nguesso or any illegal scheme. As of this writing, the motion to dismiss has been fully briefed, and a decision remains pending.
- On July 8, 2024, DOJ announced a settled civil forfeiture action involving a Los Angeles mansion allegedly purchased using the proceeds of a corruption scheme involving former Armenian Finance Minister Gagik Khachatryan. According to a 2022 complaint filed in the U.S. District Court for the Central District of California, the home was purchased in 2011 by a trust benefiting Khachatryan’s sons using the funds of Sedrak Arustamyan, a prominent Armenian businessman who allegedly paid Khachatryan more than $20 million in bribes in exchange for favorable tax treatment for Arustamyan’s company. Pursuant to the settlement agreement, the mansion will be forfeited to the United States, which will then sell the property and retain 85% of the net proceeds, delivering the remainder to Khachatryan’s sons. In addition to the U.S. forfeiture action, the alleged bribe payments are the subject of a pending criminal action in Armenia, as we discuss below.
- In our 2021 Year-End FCPA Update, we covered the indictment of Nouracham Bechir Niam and three other defendants, including Niam’s husband former Chadian Ambassador to the United States and Canada Mahamoud Adam Bechir, on FCPA and related charges stemming from an alleged bribery scheme related to the award of oil rights in the Republic of Chad. Separate from the criminal case, in 2015 DOJ moved to seize £22 million (~ $34.6 million) in funds allegedly linked to the scheme, and Niam filed a claim of interest. The forfeiture case was stayed in 2016, pending the criminal investigation leading to the indictment. But in October 2023, the Honorable Richard J. Leon of the U.S. District Court for the District of Columbia lifted the stay, and DOJ moved to dismiss Niam’s claim, alleging that as a continuing fugitive who has failed to appear to answer the criminal charges she should be barred from participating in the civil forfeiture case. On September 27, 2024, Judge Leon granted DOJ’s motion to dismiss, finding that Niam met the definition of “fugitive” under 18 U.S.C. § 2466 (a “fugitive disentitlement” statute specific to forfeiture actions) because she was “deliberately avoid[ing] prosecution in the United States while using United States courts to retrieve the proceeds of her crime.”
- On November 12, 2024, DOJ filed a civil forfeiture complaint in the U.S. District Court for the Southern District of New York to recover millions of dollars in crypto assets linked to the FCPA charges against FTX and Alameda Research founder and CEO Samuel Bankman-Fried, who was convicted on non-FCPA charges in late 2023. As described in our 2023 Year-End FCPA Update, Bankman-Fried was indicted on FCPA charges associated with bribes allegedly paid to Chinese officials to unfreeze certain crypto assets, but the charges were severed and not part of the late 2023 trial because the initial extradition request did not include them. On March 29, 2024, following sentencing on the non-FCPA counts, DOJ moved to dismiss the FCPA count. This forfeiture action is against a crypto account, worth $18.5 million at the time of the complaint, allegedly used to launder $40 million in bribes paid to the Chinese government officials. According to a stipulation filed with and then entered by the Court on November 14, 2024, DOJ and other interest holders in the account reached an agreement to split the proceeds of the account 50/50.
2024 FCPA-RELATED POLICY DEVELOPMENTS
In addition to the many enforcement developments covered above, 2024 saw several important developments in FCPA-related policy areas. Examples discussed below include the creation of DOJ’s-own corporate whistleblower rewards pilot program, a separate pilot program holding out the prospect of non-prosecution for individuals who self-disclose their own criminal conduct, and new updates to DOJ’s Evaluation of Corporate Compliance Programs guidance.
DOJ’s Corporate Whistleblower Rewards Program
On August 1, 2024, DOJ launched a Corporate Whistleblower Awards Pilot Program, which allows so-called whistleblowers to submit information about certain corporate crimes to DOJ’s Criminal Division, and if that information leads to a forfeiture action, the reporter may be entitled to a cut of the proceeds. Our readers will immediately recognize this framework from well-established whistleblower bounty programs managed by the SEC, the Commodity Futures Trading Commission, and other civil enforcement agencies, but DOJ’s program is designed to fill in “important gaps in [these] existing federal whistleblower programs.” Specifically, this program targets information relating to crimes involving: (1) financial institutions; (2) international corruption involving non-issuers; (3) domestic corruption; and (4) health care fraud involving private insurers. The second category is of greatest interest to FCPA practitioners, as it supplements the SEC’s Dodd-Frank Whistleblower Program described in our 2010 Year-End FCPA Update, which applies only to “issuers,” and expands the universe of potential whistleblowers to those with information of corruption involving non-publicly traded domestic companies and foreign companies where there is a U.S. nexus.
The DOJ pilot program applies to forfeiture actions where the collection is greater than $1 million. A reporter with “original information” may receive up to 30% of the “net proceeds” (minus costs and victim distributions) up to the first $100 million collected, and 5% between $100 and $500 million. “Original information” must be “derived from the individual’s independent knowledge or analysis,” “non-public and previously not known to the Department,” provided “voluntarily” (e.g., not in response to governmental inquiry), and a “material” addition to the information DOJ already possesses. Certain information can never be “original,” including information obtained by virtue of an individual’s status as a corporate officer or director at a company, and confidential communications subject to the attorney-client privilege. Finally, individuals “who meaningfully participated in the criminal activity they report” are excluded from awards, as are those eligible under other award programs, DOJ employees and family members, and government officials.
The DOJ pilot program asserts that it encourages internal reporting by allowing a reporter to retain their eligibility if they report the information first internally through a company’s internal systems, provided they subsequently report to DOJ within 120 days of the first internal report. In a corresponding amendment to the Corporate Enforcement Policy, DOJ now will credit a company’s voluntary disclosure to DOJ even if DOJ was already aware of the matter through a jointly-reporting whistleblower, provided the company discloses the matter to DOJ within 120 days of receiving the whistleblower report through its internal system.
According to DOJ officials, the pilot program is off to a fast start. At the annual ACI Conference on the FCPA, DOJ MLARS Chief Molly Moeser (MLARS manages the DOJ whistleblower program) stated that DOJ received close to 300 tips in the first four months of the pilot program. The pilot program is effective for three years, unless extended. For more information on the Corporate Whistleblower Awards Pilot Program, please see our separate client alert, “Mind the Gap – The New DOJ Whistleblower Program.”
DOJ Pilot Programs on Individual Self-Disclosures
In a complementary development, on April 15, 2024, DOJ’s Criminal Division established a new Pilot Program on Voluntary Self-Disclosures for Individuals. Whereas the whistleblower rewards program described above holds out the carrot of monetary awards for (generally) non-culpable individuals, the individual self-disclosure pilot program holds out the carrot of non-prosecution for individuals who do bear greater individual culpability. As with the whistleblower rewards program, individuals are only eligible if they voluntarily provide original, non-public information not previously known to DOJ. Although this program is specific to the Criminal Division, numerous U.S. Attorney’s Offices have published their own programs as discussed below.
The focus of the individual self-disclosure pilot program is on criminal violations involving:
(1) financial institutions; (2) foreign corruption; (3) domestic corruption; (4) health care fraud; and (5) fraud against the United States. Individuals must submit a request for coverage to a specific DOJ email address before there is a request for information or governmental investigation. The program is not available for persons serving in roles equivalent to a CEO or CFO, government officials, those with prior disqualifying convictions, and generally anyone who organized or led the scheme in question. Further, an individual must agree to cooperate in the investigation and forfeit any illicit proceeds from the scheme.
As noted above, a number of U.S. Attorney’s Offices around the country with significant white collar criminal enforcement units have issued their own versions of individual self-disclosure pilot programs. These include the Eastern and Southern Districts of New York, the Central and Northern Districts of California, the District of Columbia, the District of New Jersey, the Northern District of Illinois, the Southern District of Texas, and the Southern District of Florida, among others. Although generally consistent, there is variation across these policies, and counsel is well advised to analyze the policies of the various offices with potential jurisdiction over a matter before selecting the office(s) to which to make any report.
DOJ Updates its Evaluation of Corporate Compliance Programs Guidance
As we first discussed in our 2017 Mid-Year FCPA Update, and then again most recently in our 2023 Year-End FCPA Update, from time to time DOJ’s Criminal Division updates its Evaluation of Corporate Compliance Programs (ECCP) guidance to provide transparency around how DOJ evaluates corporate compliance programs. The most recent revisions were posted on September 23, 2024, with three main changes: (1) evaluation and management of risks related to emerging technologies, such as artificial intelligence; (2) further emphasis on the role of data analytics; and (3) whistleblower protection and anti-retaliation. We summarize these updates below, but refer readers to our separate client alert, “DOJ Updates Its Evaluation of Corporate Compliance Programs Guidance Focused on AI and Emerging Technologies,” for additional analysis.
With respect to emerging technologies such as artificial intelligence, DOJ’s focus remains on the misuse of these technologies in criminal conduct, given their ability to “supercharge” corporate crime. The revised ECCP details DOJ’s expectations that companies tailor their compliance programs both to identify and manage the risks posed by artificial intelligence through, for example, protocols that document their use and assess the risk level posed by using this technology.
As it relates to data analytics, the ECCP revisions signal the continued importance of companies ensuring that compliance personnel have access to data sufficient to assess the effectiveness of their compliance program. Prosecutors are to assess whether a company is “appropriately leveraging data analytics tools” at its disposal, focusing on whether compliance personnel have the same access to emerging technologies as do business teams in the same company.
Finally, the ECCP counsels prosecutors to consider whether the company has an anti-retaliation policy, whether and how an entity “incentivize[s] reporting,” how employees who report misconduct are disciplined in comparison to others involved in the misconduct, and whether the company informs its employees of applicable whistleblower and anti-retaliation protections. The last aspect is by far the most controversial, as DOJ seems to suggest in the ECCP that companies should affirmatively train their employees on the availability of external whistleblower reward programs, which as a practical matter may have the effect of frustrating internal reporting.
In total, the ECCP addresses more than 300 compliance considerations, echoing almost as SEC regulations. But it has been DOJ championing and leading the way in this detailed anti-corruption compliance guidance.
2024 FCPA-RELATED LEGISLATIVE DEVELOPMENTS
As covered in our 2023 Year-End FCPA Update, in December 2023 Congress passed FEPA, which for the first time directly criminalizes the demand side of bribery by prohibiting the receipt of corrupt payments by foreign officials (although, as noted above, this has long been accomplished through ancillary statutes). On July 20, 2024, “technical” amendments to FEPA went into effect to, as Congressman Darrell Issa (R-CA) stated, remove “inconsistencies between the language of the FCPA and the FEPA.”
The first notable change is that the amendment moves FEPA from an oddly-placed subsection of the domestic bribery statute, 18 U.S.C. § 201, to its own standalone provision of Title 18, 18 U.S.C. § 1352. The amendments also serve to harmonize prior inconsistencies between FEPA and the FCPA as to extraterritorial application, the definition of “foreign officials,” and what type of conduct must be influenced to qualify as an “official act.”
There still has yet to be a (public) enforcement action under FEPA, but given the statute’s newness, that criminal statutes apply only prospectively to conduct occurring after their implementation, and that international corruption investigations generally take years to develop, the lack of early enforcement is not surprising. It will take years to assess the impact (or lack of impact) of FEPA.
2024 FCPA-RELATED PRIVATE CIVIL LITIGATION
As we report in each of these client updates, although the FCPA does not provide for a private right of action, civil litigants nonetheless frequently employ various causes of action arising out of FCPA-related conduct. As illustrated below, these civil lawsuits can stretch on for years after a company resolves enforcement liability. A selection of such matters with material developments in 2024 follows.
Select Civil Fraud/RICO Actions
- Keppel Offshore & Marine – For years, we have been reporting on an assortment of civil lawsuits initiated by EIG Global Energy Partners against Keppel Offshore & Marine arising out of the latter’s involvement in the “Operation Car Wash” scandal in Brazil, resulting in a 2017 deferred prosecution agreement with DOJ as reported in our 2017 Year-End FCPA Update. EIG alleges that it lost its $220 million investment in a Petrobras-related offshore drilling venture after news of the corruption investigation broke. One fraud-related lawsuit filed against Keppel and Petrobras in the U.S. District Court for the District of Columbia was dismissed for lack of personal jurisdiction, which ruling was upheld by the D.C. Circuit, as last reported in our 2018 Mid-Year FCPA Update. In a separate fraud action against Keppel filed in the U.S. District Court for the Southern District of New York, on March 20, 2024, the Honorable Paul G. Gardephe granted Keppel’s motion for summary judgment, finding that Keppel had no actual knowledge of fraudulent representations Petrobras made to EIG and that Keppel did not otherwise aid or abet this fraud. EIG has noted an appeal to the Second Circuit.
Select Shareholder Lawsuits
- Tenaris S.A. – As we initially reported in our 2020 Year-End FCPA Update, shareholders brought a securities class action against Luxembourg-based steel pipe producer Tenaris that alleged that the company’s public filings and employee codes of conduct were materially misleading in light of bribery allegations in connection with what became known as Argentina’s “Notebooks” scandal. The lawsuit followed charges against Tenaris’s CEO in Argentina for alleged bribes to Argentinian officials in return for their lobbying the Venezuelan government to prevent the nationalization of an asset of Tenaris’s Venezuelan subsidiary. The civil shareholder action survived the all-important motion to dismiss, at least in part, and on April 22, 2024, the Honorable Kiyo Matsumoto of the U.S. District Court for the Eastern District of New York approved a settlement pursuant to which Tenaris will pay $9.5 million, with 24,344 claimants eligible to receive what will amount to an average of $242 in compensation after attorneys’ fees.
- Cognizant Technology Solutions Corp. – On May 3, 2024, the U.S. Court of Appeals for the Third Circuit, sitting en banc, upheld the 2022 dismissal of a shareholder derivative action brought against Cognizant and its board of directors predicated on alleged control lapses and corporate misstatements associated with the company’s resolution of an FCPA matter with DOJ and the SEC reported in our 2019 Year-End FCPA Update. The Third Circuit initiated en banc review sua sponte to consider the standard for reviewing dismissals of shareholder derivative actions for failure to establish demand futility in light of a growing trend in the federal circuit courts of appeal to review such dismissals de novo, as opposed to the abuse of discretion standard that had been the law of the Third Circuit. The en banc court decided to join the other circuits in applying de novo review to shareholder derivative actions dismissed for failure to establish demand futility, but even under this more exacting standard found that the Honorable Kevin McNulty of the District of New Jersey correctly dismissed the action.
- Telefonaktiebolaget LM Ericsson – On September 3, 2024, the U.S. Court of Appeals for the Second Circuit affirmed the dismissal of a securities class action brought against Swedish telecommunications company Ericsson for alleged false statements concerning the strength of its anti-corruption compliance program and its compliance with a 2019 deferred prosecution agreement, which DOJ determined had been breached, leading to a guilty plea to FCPA charges in 2023 as reported in our 2023 Year-End FCPA Update. The U.S. District Court for the Eastern District of New York granted Ericsson’s motion to dismiss, reasoning that Ericsson’s generalized statements about its ethics and compliance program were legal puffery and did not contain sufficient specificity to be actionable. As to Ericsson’s statements about compliance with the deferred prosecution agreement, the court found that the statements were limited in scope to the FCPA investigations by the government, conveyed nothing about any internal investigations by the company, and in several instances were inactionable puffery warning investors about the possibility of future investigations and compliance failures. The Second Circuit agreed with these findings and affirmed the dismissal.
Other Civil Claims
- Associated Energy Group LLC – An unusual variant in FCPA-adjacent litigation developed in July 2024, when defense contractor Associated Energy Group initiated bid protest litigation in the U.S. Court of Federal Claims seeking to block the Defense Logistics Agency’s award of a $500 million fuel supply contract for two U.S. military bases in Djibouti. The protestor’s theory is that the bid’s technical requirement that bidders hold a Petroleum Activities License issued by Djibouti’s Ministry of Energy effectively requires bribery and unfairly disadvantages those constrained by U.S. law because this license cannot be obtained without bribery, as the protestor allegedly found through its prior efforts to execute on this project. The United States moved to dismiss the bid protest, arguing that the lack of a license rendered Associated Energy Group ineligible to fulfill the contract under Djibouti law. On September 10, 2024, the Honorable Armando O. Bonilla denied the motion to dismiss, allowing the bid protest to proceed. Associated Energy Group filed an amended complaint in November, which remains under seal.
2024 YEAR-END INTERNATIONAL ANTI-CORRUPTION DEVELOPMENTS
World Bank
Multilateral development banks (MDBs), and in particular the World Bank, continued to engage in significant enforcement activity in 2024. As we have noted in past updates, while the sanctionable practices addressed by these debarments reflect the Bank’s emphasis on preserving the integrity of the contracting process for Bank-funded projects, the ramifications of Bank-led investigations and sanctions go far beyond those projects, including cross-debarments with other MDBs and, in some cases, referrals to state law enforcement authorities.
Continuing a trend we observed last year, the World Bank’s 2024 sanctionable practices enforcement emphasized corporate compliance enhancements as a condition of release from debarment. In three corruption-related corporate debarments, the Bank required that the companies develop an integrity compliance program consistent with Bank guidelines, though in other debarments the Bank imposed more discrete requirements, for example developing certain policies and instituting ethics training.
- Bribery, Corruption, and Obstructive Practices. The May 14, 2024 debarment of Marseille for Engineering & Trading S.A.L. Offshore, a Jordanian company that provides engineering and consulting services, resulted in a 30-month debarment for alleged bribes offered to influence the bid evaluation process for an Iraqi reconstruction project. The debarment requires the company to develop an integrity compliance program consistent with Bank guidelines. The Bank also imposed such an obligation in the July 10, 2024 65-month debarment of Indonesian consulting firm LPPSLH Konsultan—for allegedly overbilling an Indonesian early childhood development project, improperly hiring a project official’s family member, and withholding documents material to the Bank’s investigation. Finally, demonstrating individual accountability in World Bank enforcement, on March 12, 2024 the Bank announced the two-year debarment of consultant Victor Uneojo Akuboh for his alleged participation in improper payments to Nigerian officials to influence their actions in connection with a Bank-funded social safety net project.
- Undisclosed Agents. On June 26, 2024, the World Bank announced a 30-month debarment of the Kenyan member firm of a global Big Four accounting network for allegedly failing to disclose a conflict of interest relating to the involvement of an agent during the selection and implementation of four contracts in Somalia, as well as for allegedly paying an allowance to project officials. Similar to other debarments, the Bank imposed an obligation to develop an integrity compliance program consistent with Bank guidelines.
United Kingdom
Anti-corruption enforcement and policy developments out of the UK continued apace in 2024.
Petrofac Executives Charged with UAE Corruption
On February 15, 2024, the SFO charged Marwan Chedid and George Salibi, two former senior executives of UK-based energy services conglomerate Petrofac, with allegedly offering and paying over $30 million in bribes to agents in the United Arab Emirates between 2012 and 2018, to influence the awarding of oil facility contracts worth approximately $3.3 billion. The men have denied all charges and are scheduled to stand trial in October 2026.
Trial Acquittals in Airbus Bribery Scheme
On March 6, 2024, the SFO’s oldest active case was closed with a dull thud. Following a 12-year investigation, a London jury acquitted Jeffrey Cook and John Mason, respectively a former managing director and accountant of Airbus-owned defense company GPT Special Project Management, of charges that they passed almost £10 million in bribes to military officials in Saudi Arabia in connection with contracts to build a telecommunications network for the Saudi National Guard. GPT itself was fined £30 million after pleading guilty to one count of corruption in the matter, as reported in our 2021 Year-End FCPA Update. As for Cook and Mason, they defended themselves to the jury by arguing that the bribery scheme was known to the UK government and authorized by the Ministry of Defence. Cook was convicted, however, of a separate charge of receiving bribes during his time as a UK Ministry of Defence official prior to his work for GPT.
Conviction of Madagascar’s Former Presidential Chief of Staff
On May 10, 2024, following a two-week trial, a London court sentenced former top aide to Madagascar’s President Romy Andrianarisoa to three-and-a-half years in prison. Andrianarisoa was convicted of corruptly seeking £250,000 in bribes and an ownership stake in a local venture with Gemfields, a UK gemstones company. French businessman Philippe Tabuteau was also sentenced to two years and three months arising from the scheme after pleading guilty in September 2023. The pair allegedly requested the bribes in exchange for lucrative contracts that would allow Gemfields to operate in Madagascar, but rather than pay, Gemfields proactively notified the UK National Crime Agency (NCA), which placed an undercover agent posing as a consultant to negotiate with Andrianarisoa and Tabuteau on Gemfields’s behalf. The NCA commended Gemfields for swiftly bringing the matter to the NCA’s attention.
PV Energy Charges
On May 23, 2024, UK renewable energy company PV Energy Ltd and its director Peter Virdee were charged with UK Bribery Act violations associated with alleged bribes to a Member of Parliament in Antigua and Barbuda, to obtain a commercial benefit for PV Energy between January 2015 and June 2017. Virdee is charged with making the bribes and PV Energy with failure to prevent them. Reports are that Virdee has pleaded not guilty, and no plea was entered for PV Energy. The trial for both PV Energy and Virdee has been set for January 2027.
Glencore Individual Corruption Charges
On August 1, 2024, the former head of Glencore’s oil division, Alex Beard, was charged with two conspiracies to make corrupt payments to officials of government agencies and state-owned oil companies in Nigeria and Cameroon. The same day, former traders Paul Hopkirk and Ramon Labiaga were charged with conspiring to bribe public officials in Nigeria, and former trader Martin Wakefield and former operations manager Andrew Gibson with conspiring to bribe officials in Cameroon, Côte d’Ivoire, and Nigeria. Eight days later, on August 9, former executive David Perez was charged with conspiring to bribe officials in Cameroon and Côte d’Ivoire. One further defendant, who has not been named and remains outside the UK, was charged simultaneously with Perez. All those who have entered pleas have pleaded not guilty, and the estimated four-to-six-month trial is scheduled for 2027.
SFO Agrees to Civil Settlement to Resolve ENRC Claims
On October 8, 2024, the long running saga between Kazakh mining company Eurasian Natural Resources Corporation (ENRC) and the UK Serious Fraud Office (SFO) over the alleged leaking of information about a bribery investigation finally concluded when the parties reached a last-minute, pre-trial settlement. The SFO opened its investigation into ENRC in 2013 over suspected bribery and corruption, but closed the matter in 2023 after concluding that there was “insufficient admissible evidence to prosecute.” In a stunning move, ENRC sued the SFO and two individuals for allegedly leaking details about the investigation to various journalists between 2016 and 2020. The details of the settlement are largely confidential, but in related proceedings the SFO set aside £231 million, more than twice the agency’s annual budget, to cover potential damages.
London Court Awards Mozambique $2 billion Related to “Tuna Bonds” Deal
On July 29, 2024, the UK High Court ruled in favor of the Republic of Mozambique in its civil claim against shipbuilding company Privinvest and its chairman, Iskander Safa, for allegedly bribing former Mozambican Finance Minister Manuel Chang, whose U.S. trial conviction we discuss above, to secure government-guaranteed loans to build marine infrastructure. The default on the “Tuna Bonds” loans in 2016 led the International Monetary Fund to cut funding to Mozambique, an action that helped push the country into economic crisis. Privinvest was ordered to pay more than $2 billion to Mozambique, plus £20 million in litigation costs accumulated over the five-year dispute. On December 10, 2024, the High Court refused permission to appeal and Privinvest’s lawyers announced their intent to appeal directly to the Court of Appeal.
SFO Announces New Five-Year Strategy
On April 18, 2024, SFO Director Nick Ephgrave announced a five-year strategy in which he outlined his aspirations for the SFO “to be the pre-eminent specialist, innovative and collaborative agency which leads the fight against serious and complex fraud, bribery and corruption.” His vision includes leveraging new powers granted the SFO, including the new failure to prevent fraud offense as well as Criminal Overseas Production Orders. Director Ephgrave’s strategy also aligns with comments made by Director Ephgrave in his inaugural speech as Director of the SFO on February 13, in which he expressed a desire to reduce the time between investigation and prosecution, to avoid “decade-long investigations,” and plans to conduct dawn raids more frequently to “provide momentum” to investigations.
UK Home Office Issues ECCTA Guidance
On November 6, 2024, the UK Home Office issued guidance on the Economic Crime and Corporate Transparency Act 2023 (ECCTA), which will come into force on September 1, 2025. As reported in our 2023 Year-End FCPA Update, the ECCTA creates a new offense for “failure to prevent fraud” that imposes criminal liability on large organizations if a member of staff commits fraud intended to benefit the organization. The Home Office guidance clarifies certain aspects of the offense, provides examples of hypothetical scenarios in which the offense applies, and makes recommendations as to how companies should prepare for the new offense coming into force, including: (1) demonstrating top-level commitment to fraud prevention from senior management; (2) conducting regular risk assessments; (3) implementing proportionate, risk-based prevention procedures; (4) carrying out due diligence on associated persons and in relation to mergers or acquisitions; (5) ensuring adequate communication and training at all levels of the organization; and (6) conducting regular compliance reviews and monitoring. For more comprehensive analysis of this guidance, we refer readers to our separate client alert, “Publication of UK Government Guidance on Failure to Prevent Fraud Offence.”
Europe
European Union
On April 25, 2024, in response to the so-called “Qatargate” scandal we have discussed in recent updates, the European Parliament approved the creation of a new EU body for ethical standards to develop, update, and interpret common minimum standards for ethical conduct for all EU institutions. The “Qatargate” scandal concerned allegations of Qatar and Morocco corruptly seeking to influence votes and other official proceedings. The new body will also have the power to examine individual cases and issue recommendations.
On June 14, 2024, the Council of the European Union also agreed on a revised version of a proposal for a new directive targeted at addressing corruption at the EU level. As reported in our 2023 Year-End FCPA Update, the intent of the directive is to harmonize corruption offenses, sanctions, prevention, and enforcement across EU member states. Key changes to the proposed directive in 2024 include adjustments to the definitions of corruption offenses, such as narrowing the “abuse of functions” offense to apply only to the public sector, and clarifying the concept of “enrichment from corruption offenses.” The Council also emphasized the importance of respecting member states’ institutional autonomy and national constitutions, particularly in relation to privileges and immunities. These revisions are now set to be discussed in negotiations with the European Parliament to align on a definitive version of the directive. If adopted, member states will need to transpose the directive into national law, aligning their legal frameworks with EU standards on corruption prevention, enforcement, and whistleblower protection.
France
On December 9, 2024, a French court approved a judicial public interest agreement (CJIP) between the Parquet National Financier (PNF) and French nuclear power companies and former affiliates Areva SA and Orano Mining SAS to resolve allegations of bribery of public officials in Mongolia. Areva will pay approximately €4.8 million (~ $5.1 million) and the Orano Group will cooperate with audits by the Agence Française Anticorruption (AFA), paying for the cost up to a maximum of €1.5 million (~ $1.6 million).
Germany
In March 2024, ABB AG reached a settlement with Germany’s Mannheim Regional Court to resolve allegations that it paid bribes to win contracts in South Africa. This appears to be the final step to resolve investigations into ABB’s conduct in South Africa, which as we reported in our 2022 Year-End Update resulted in coordinated resolutions with DOJ and the SEC in the United States and criminal authorities in South Africa and Switzerland arising from bribes to a high-ranking official of a state-owned energy company in South Africa. In this latest resolution, ABB AG reportedly agreed to the confiscation of profits from the alleged bribes in the amount of €9.4 million (~ $10.2 million), however no separate fine was imposed on the company. ABB’s deferred prosecution agreement with DOJ credited the amount of an anticipated German resolution up to $11 million if agreed within one year, but in December 2023 DOJ reportedly agreed to extend that one-year limit such that ABB likely received credit for the German resolution payment.
Italy
On October 8, 2024, Italian prosecutors Fabio De Pasquale and Sergio Spadaro were each sentenced to eight months in prison for failing to disclose exculpatory evidence in a high-profile corruption trial involving Shell and Eni that centered on the $1.3 billion acquisition of a Nigerian oil field. The prosecutors alleged that much of the money was used to bribe Nigerian politicians and officials, but all defendants were acquitted by an Italian court, as covered in our 2021 Year-End FCPA Update. The defendants were convicted of withholding evidence that could have undermined the credibility of a cooperating defendant, but their sentences have been suspended pending appeal in what has become a very controversial case.
Poland
In January 2024, Poland’s Anti-Corruption Agency reported that nine people, including a former Deputy Minister, had been indicted in the Cash-for-Visa scandal, which we initially discussed in our 2023 Year-End FCPA Update. In a parallel ongoing parliamentary committee investigation, former prime minister Mateusz Morawiecki denied any wrongdoing. On June 5, 2024, legislators asked a court to force the former CEO of oil refiner Orlen, Daniel Obajtek, to testify after he failed to appear before a parliamentary committee. On November 26, 2024, the parliamentary committee announced that it will send evidence of alleged breaches of law by the former prime minister and other senior members of his government to prosecutors.
Spain
On May 23, 2024, the Spanish Tax Administration Agency announced charges against eight unnamed individual defendants in connection with an alleged scheme to launder over €10 million
(~ $1 million) in proceeds of corruption from Equatorial Guinea. Some reports have connected the conduct to Gabriel Mbaga Obiang Lima, who was the Minister of Mines at the time of the alleged conduct and is also a son of Equatorial Guinea’s President Teodoro Nguema Obiang Mangue. President Obiang was previously convicted of corruption in France in 2017, as reported in our 2017 Year-End FCPA Update, and reached an agreement with MLARS in 2014 to forfeit $30 million in assets purchased with the alleged proceeds of corruption as reported in our 2014 Year-End FCPA Update.
Switzerland
On April 4, 2024, the Swiss Office of the Attorney General (OAG) issued a summary penalty order against PKB Privatbank for allegedly failing to prevent the laundering of funds stemming from corruption at Brazilian state-owned oil company Petrobras. The bank initially came under scrutiny as a result of the Operation Car Wash scandal and is the third lender convicted of violating the Swiss criminal code’s requirement for businesses to take all reasonable organizational measures to prevent certain offenses including money laundering and bribery. The order requires the bank to pay a penalty of $830,000, which is in addition to a prior Swiss Financial Market Supervisory Authority (FINMA) order to disgorge $1.4 million in profits associated with funds linked to Operation Car Wash.
On August 28, 2024, PetroSaudi executives Tarek Obaid and Patrick Mahony were convicted in the Federal Criminal Court in Bellinzona of fraud, criminal mismanagement, and money laundering. As reported in our 2023 Year-End FCPA Update, the two men were charged with embezzling $1.8 billion from the Malaysian state fund 1MDB. Obaid received a seven-year sentence, and Mahony received a six-year sentence, and the former executives were further ordered to pay $2 billion plus interest to 1MDB. Both individuals have declared they will appeal.
On November 29, 2024, the OAG announced the indictment of Swiss bank Lombard Odier, as well as an unnamed former employee, on charges that it failed to prevent a criminal organization allegedly run by Gulnara Karimova from laundering illicit proceeds between 2008 and 2012. The OAG previously indicted Karimova, daughter of Uzbekistan’s former president, in September 2023, as reported in our 2023 Year-End FCPA Update. The indictment accused her of participating in a criminal organization known as “The Office,” from which she allegedly engaged in money laundering, acceptance of bribes as foreign public official, and forgery of documents between 2001 and 2013. Lombard Odier has denied the allegations in the indictment, and stated that the bank has cooperated with the OAG’s investigation, which was opened following a disclosure from the bank.
Finally, in December 2024 Trafigura AG, its former Chief Operating Officer Mike Wainwright, former Angolan official Paulo Gouveia Junior, and an unnamed intermediary went on trial before the Federal Criminal Court in Bellinzona associated with allegations that, between 2009 and 2011, Trafigura caused the payment of $5 million in bribes to Angolan officials in exchange for ship chartering and oil bunkering contracts. We reported on the original charges in our 2023 Year-End FCPA Update. The three-week trial concluded in December and, on January 31, 2025, the Court convicted all four defendants: Trafigura of not having the required internal controls (between 2009 and 2011) to prevent the alleged bribery, and Wainright, Gouveia, and the intermediary of collectively facilitating and receiving the alleged bribes. Trafigura was sentenced to forfeit $145 million in profits and pay a $3.29 million fine; Wainright was sentenced to 22 months in prison (10 suspended), pending appeal; Gouveia was sentenced to pay a $1.2 million penalty and $5.2 million in confiscation; and the unnamed intermediary was sentenced to 24 months in prison (12 suspended), pending appeal.
Eastern Europe and Central Asia
Armenia
As noted in our Kleptocracy Initiative discussion above, in 2024 DOJ announced a settled civil forfeiture action involving a Los Angeles mansion belonging to the family of Gagik Khachatryan, the former Finance Minister of Armenia. But criminal charges against Khachatryan and Armenian businessman Sedrak Arustamyan have been proceeding in Armenia since 2019, when both were charged with money laundering, and Khachatryan also charged with abuse of office and embezzlement, with a total alleged damage to the state of $41 million. These proceedings stalled in 2024, however, as Khachatryan has asked for permission to travel abroad for medical treatment, and the European Court of Human Rights has directed the Armenian government to explain why they would not allow him to travel for medical care.
Georgia
Georgia had been focused on improving its anti-corruption enforcement regime as part of its EU accession process, but it is not clear whether these efforts will continue after the Georgian government announced in November that it was suspending the accession process. The European Commission Staff’s Georgia 2024 Report, released before Georgia announced suspension of the accession process, suggested that Georgia had regressed in meeting membership requirements, including as it relates to combatting corruption. That said, in May 2024, the Georgian parliament adopted amendments to the Law on the Fight Against Corruption that aimed to strengthen Georgia’s Anti-Corruption Bureau and the protection of whistleblowers.
Kazakhstan
In 2024, the Anti-Corruption Service of Kazakhstan recovered approximately 195 billion tenge
(~ $405.8 million) from defendants in completed criminal cases. A significant portion of this amount, $98.5 million, was recovered from Kairat Satybaldyuly, a Kazakh businessman and relative of former President Nazarbayev, in what is viewed as the biggest anti-corruption case since the resignation of former President Nazarbayev. The Anti-Corruption Service stated that the funds were returned as part of the criminal case against Satybaldyuly, who was convicted for abuse of power and embezzlement in September 2022. Satybaldyuly’s ex-wife, Gulmira Satybaldyuly, faces extortion and other charges related to the same investigation.
Moldova
Like Georgia above, Moldova’s EU accession negotiations have also involved a significant anti-corruption component. But unlike Georgia, the European Commission Staff’s 2024 Report for Moldova praises the country’s recent progress, including steps to strengthen the independence of, and clarify the division of responsibilities between, its principal anti-corruption enforcement agencies. Moldova also created panels of specialized judges focusing on corruption cases in the Chisinau Court while working to implement a specialized anti-corruption court. Moldova also adopted several measures to enhance the system of mandatory declaration of assets, including a new methodology for verifying assets and personal interests, and to strengthen the role and functionality of Moldova’s National Integrity Authority, the agency responsible for monitoring wealth and conflict of interest compliance of public officials.
Russia
The main anti-corruption news to come out of Russia this year was the untimely death of anti-corruption activist and outspoken Kremlin critic Aleksei Navalny in February 2024. Navalny died while serving a nine-year sentence in Russian prison on contempt and embezzlement charges that were widely believed to have been politically motivated.
Meanwhile, the Russian government continues to assert that it is robustly combatting corruption. In December 2024, Russia’s top prosecutor Igor Krasnov reported that corruption in Russia is getting worse, with an estimated 30% more bribes paid in 2024 than in 2023 and more than 30,000 officials disciplined for bribery. To facilitate enforcement, two months earlier, the Constitutional Court of Russia removed statute of limitations restrictions for corruption-related asset seizures.
Finally, in what has become known as the “Defense Ministry Purge,” numerous military officials have been arrested on bribery charges since April 2024. These include Russia’s Deputy Defense Minister Timur Ivanov, former Defense Minister Sergei Shoigu, Chief of the Defense Ministry’s Main Personnel Directorate Lieutenant General Yury Kuznetsov, former Deputy Defense Minister Dmitry Bulgakov, Deputy Chief of the Russian Military General Staff Lieutenant General Vadim Shamarin, and former Deputy Defense Minister Pavel Popov.
Ukraine
Ukraine has continued to focus its wartime anti-corruption activities on weeding out corrupt government officials and implementing reforms to meet the requirements for accession to international organizations. Despite these efforts, corruption was mentioned as a reason for NATO’s rejection of Ukraine’s request to begin the accession process in the summer of 2024. According to the European Commission Staff’s Ukraine 2024 Report, although Ukraine’s key anti-corruption institutions have strengthened their expertise in tackling complex crime schemes and systemic corruption, case prioritization and confiscation of assets are areas for improvement. The report also highlighted several legislative actions and key milestones, including the Law on Lobbying creating a comprehensive framework for regulating lobbying with penalties and oversight administered by the National Agency on Corruption Prevention, and the first two anti-corruption whistleblower awards in October 2024.
Headlining Ukraine’s latest anti-corruption enforcement efforts is the dismissal of Deputy Energy Minister Oleksandr Kheylo. Kheylo is accused of demanding a $500,000 bribe in exchange for allowing several state-owned mining companies to evacuate equipment from the war zone coal mines in the Donetsk region. Additionally, on November 14, 2024, Ukraine’s High Anti-Corruption Court sentenced a member of the Ukrainian parliament in absentia for attempting to bribe the Head of the State Agency for Reconstruction and Development of Infrastructure with bitcoin in exchange for allocating reconstruction funds to a university headed by the defendant.
The Americas
Brazil
On February 26, 2024, Singaporean oil and gas rig builder Seatrium announced that it reached a provisional agreement with three Brazilian enforcement agencies to settle allegations of corrupt payments made by its predecessor company, Sembcorp Marine, arising from the long-running “Operation Car Wash” scandal. The company has agreed to pay BRL 670.7 million (~ $134.2 million) and abide by compliance obligations to resolve the claims of Petrobras-related corruption. Two employees have been criminally charged in Singapore as discussed below.
On March 11, 2024, Canadian chemicals producer Chemtrade announced that its Brazilian subsidiary has agreed to pay BRL 2 million (~ $400,000) to settle allegations that it breached Brazil’s anti-corruption law. The settlement stems from an investigation by Brazil’s Ministry of Development, Industry and Foreign Trade into Chemtrade Brasil’s purchase of 16 monthly import reports between 2015 and 2017, which contained information allegedly obtained through improper payments to government officials. Now more than 10 companies have been penalized in connection with “Operation Spy,” an investigation by Brazil’s Federal Police, tax agency, and Federal Prosecutor’s office into purchases of confidential trade information through bribes to Brazil’s Federal Revenue Service.
Ecuador
As noted above, in March 2024 Gunvor reached an FCPA resolution with DOJ arising from alleged bribes to officials of Ecuadorian state-owned oil company Petroecuador, with the prospect of a credit to the criminal fine for up to $93.6 million paid to Ecuadorian authorities associated with the same conduct, provided the penalty was paid within 12 months. Sure enough, three months later, on June 11, 2024, Ecuador’s State Attorney General’s Office announced that Gunvor had paid $93.6 million to resolve its claims associated with the bribery allegations.
Peru
On October 21, 2024, former Peruvian President Alejandro Toledo Manrique was sentenced to 20-and-one-half years in prison in connection with bribes received from Brazilian construction company Odebrecht S.A. The conviction is part of a string of cases stemming from Odebrecht’s extensive corruption scheme, covered since our 2016 Year-End FCPA Update. Former president Toledo’s sentence concludes a long-running legal battle that led to his extradition from the United States on April 19, 2023. A Peruvian court convicted Toledo on collusion and money laundering charges in connection with accepting $35 million in bribes from Odebrecht in exchange for a contract to build a major highway in the South American nation.
Middle East & Africa
South Africa
On January 11, 2024, South Africa’s National Prosecuting Authority announced that it had resolved bribery allegations with SAP for ZAR 2.2 billion (~ $118 million) in disgorgement and “punitive reparation payments,” which, after crediting part of the payments to U.S. authorities as discussed above, resulted in a total payment of approximately $114 million.
On April 3, 2024, South Africa passed the Judicial Matters Amendment Act, which among other things amended the Prevention and Combatting of Corrupt Activities Act of 2004 to create a new failure to prevent corruption offense. Similar to the UK’s failure to prevent corruption law, there is an affirmative defense if the company had “adequate procedures” to prevent corruption.
On April 19, 2024, the National Prosecuting Authority published guidance on a new corporate alternative dispute resolution mechanism that will be available to companies charged with corruption and corruption-related offenses. This non-trial resolution mechanism is similar to non-prosecution agreements utilized in the United States and certain other jurisdictions, and will not require court approval. According to the guidance, the National Prosecuting Authority will consider a number of criteria when determining whether matter is appropriate for pre-trial resolution, such as timely and voluntary disclosure of the alleged unlawful activity, cooperation in the ensuing investigation, willingness to pay restitution, the nature of the unlawful activities, the company’s prior history of any misconduct, the effectiveness of the company’s compliance program, the likelihood of significant negative collateral effect from conviction on the company, and the interests of any victims.
Saudi Arabia
On July 23, 2024, Saudi Arabia’s Council of Ministers approved the Saudi Oversight and Anti-Corruption Authority (Nazaha) Law, which requires immediate dismissal of any government employee convicted of corruption. The law establishes a rebuttable presumption that a government employee is guilty of corruption if the employee amasses wealth disproportionate to his or her income and that increase is linked to corruption. In those circumstances, the employee bears the burden of proving the legitimacy of the acquired assets. This burden shifting dynamic is also applied to close family members of the employee.
Asia and Australia
China
China’s financial sector continued to face an extensive anti-corruption purge in 2024, with numerous high-profile arrests and indictments. In January 2024, former chairman of China Everbright Group Shuangning Tang was arrested for alleged embezzlement and receiving bribes. In April 2024, the former chairman of a major financial institution, Liange Liu, pleaded guilty to soliciting and accepting improper payments totaling RMB 121 million (~ $16 million). In May 2024, two former senior executives of a different significant financial institution, Liyan An and Hongli Zhang, were expelled from the Communist Party over influence-peddling allegations. In the cryptocurrency space, Qian Yao, the People’s Bank of China’s inaugural Director of Digital Currency Research and Director of the Technology Supervision Department of the China Securities Regulatory Commission, has been accused of taking large bribe payments from technology companies seeking his support.
China’s energy sector also found itself in the spotlight amid high-profile corruption scandals. In April 2024, former Deputy General Manager of China National Petroleum Corporation Wenrong Xu was charged with accepting bribes. In May 2024, the Central Commission for Discipline Inspection announced that it has begun an investigation into Meisheng Qi, former chairman of the China National Offshore Oil Company for suspected “serious disciplinary violations,” a phrase commonly used to refer to bribery allegations.
On the legislative front, on March 1, 2024 the Chinese government introduced anti-corruption-related amendments to its Criminal Law. The revisions increase penalties for bribe-giving, bringing them in line with those for bribe-taking, and impose liability on private-sector employees for corruption-related offenses that were previously only applicable to employees of state-owned enterprises. The revised legislation also introduces seven corruption-related “aggravating factors” that the judiciary must consider at sentencing, including whether there were multiple bribe payments, whether the bribes were paid within certain industries (for example, the healthcare sector), and whether the bribes were made from the proceeds of other crimes.
In May 2024, the Chinese government introduced amendments to the State Secrets Law and published the implementing regulations of the International Criminal Judicial Assistance Law, both of which will impact companies’ efforts to manage internal investigations, cross-border data transfers, and responses to enforcement agencies. In particular, the implementation regulations of the International Criminal Judicial Assistance Law provide clarity on the government approval process Chinese parties must follow if they wish to cooperate with a foreign government in connection with a criminal proceeding.
India
A landmark ruling in 2024 by the Supreme Court of India invalidated a controversial political funding scheme operated by the government-run State Bank of India. Under the scheme, companies and individuals could purchase bonds and redeem them anonymously in an account held by a designated political party, a practice that was widely viewed as posing elevated risks of corruption. As part of the Supreme Court’s ruling, information regarding the buyers and sellers of these bonds was released, resulting in investigations of dozens of companies associated with a total of INR 24.71 billion (~ $292 million) in donations to political parties.
The now-former Chief Minister of the State of Delhi (and prominent anti-corruption crusader) Arvind Kejriwal was arrested by the Enforcement Directorate in March on corruption and money laundering charges relating to a policy introduced by the Delhi Government to end the existing state liquor monopoly and allow private-sector vendors. Federal enforcement authorities allege that Kejriwal’s political party accepted bribes of INR 1 billion (~ $12 million) in return for granting liquor licenses to private vendors following passage of the law in 2021.
Singapore
On March 28, 2024, Singaporean authorities announced charges against Wong Weng Sun and Lee Fook Kang, two former executives of Sembcorp Marine (now known as Seatrium), for allegedly making $44 million in improper payments to further the company’s business interests with Petrobras in Brazil. As noted above, the company reached a provisional agreement with Brazilian authorities in February 2024.
In October 2024, courts in Singapore sentenced former cabinet minister Subramaniam Iswaran to 12 months’ imprisonment after he was found guilty of corruption and obstruction of justice. The court found that Iswaran received improper gifts worth SGD 403,300 (~ $313,200) from two businessmen (Kok Seng Lum and Beng Seng Ong) over a seven-year period. Subramanian, who oversaw Singapore’s tourism industry until his resignation following the charges, received gifts from Ong, a Malaysian property developer who owned the rights to the Formula One race that Iswaran brought to Singapore. On October 4, 2024, the Singapore Attorney-General declined to file charges against Lum.
South Korea
Korea’s Anti-Corruption and Civil Rights Commission announced amendments to the Whistleblower Protection Act that took effect on August 7, 2024. The amendments require organizations to provide guidance to potential whistleblowers, abolish limits on monetary rewards provided to “internal whistleblowers” (defined as any employee or contracting party of a public institution, corporation, entity, or organization), and mandate discipline of anyone who breaches whistleblower confidentiality or otherwise takes retaliatory action against a whistleblower.
Thailand
In May 2024, Thailand’s National Anti-Corruption Commission recommended charges against four former executives of Thai state-owned oil and gas company PTT Exploration and Production Public Co. Ltd. for their alleged involvement in receiving bribes from Rolls-Royce Motor Cars Ltd. Thai authorities initiated their investigation following Rolls-Royce’s January 2017 FCPA resolution with DOJ, as we reported in our 2017 Mid-Year FCPA Update.
Vietnam
In April 2024, a court in Vietnam sentenced My Lan Truong, the chairwoman of real estate developer Van Thinh Phat Holdings Group, to death after finding her guilty of embezzling 304 trillion dong (~ $12.4 billion) from Saigon Commercial Bank over a period of 11 years. The court accused Lan of utilizing shell companies and individual proxies to exert effective control over the bank and approve hundreds of loans for herself, as well as paying bribes to ensure her loans were not scrutinized. Lan was separately convicted in October 2024 on financial fraud charges including obtaining property by fraud, money laundering, and illegal cross-border money transfers. In December 2024, a court ruled that Lan may be spared the death penalty and instead receive a life prison sentence if she repays three-fourths of the embezzled funds.
Australia
In March 2024, the Australian parliament passed the Crimes Legislation Amendment (Combatting Foreign Bribery) Bill 2023, criminalizing the corporate failure to prevent bribery of foreign officials. The new law came into effect in September 2024 and imposes criminal liability on Australian companies where an “associate” of the company bribes a foreign official to obtain profit or gain in favor of the company. The term “associate” is broadly defined to include an employee, contractor, agent, subsidiary or other controlled entity, or a person who otherwise performs services on behalf of the company. Under the law, companies can be held strictly liable for the conduct of their associates; for example, the prosecution need not prove that the associate acted within their scope of their authority or that the company authorized or intended a bribe payment to be made. Similar to the UK “failure to prevent bribery” offense on which this law is modeled, however, the Australian law also introduces an affirmative “adequate procedures” defense.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. We have more than 110 attorneys with FCPA experience, including a number of former federal prosecutors and SEC officials, spread throughout the firm’s domestic and international offices. Please contact the Gibson Dunn attorney with whom you work, or any of the following leaders and members of the firm’s Anti-Corruption & FCPA practice group:
Washington, D.C.
F. Joseph Warin (+1 202.887.3609, [email protected])
David P. Burns (+1 202.887.3786, [email protected])
Stephanie Brooker (+1 202.887.3502, [email protected])
Courtney M. Brown (+1 202.955.8685, [email protected])
John W.F. Chesley (+1 202.887.3788, [email protected])
Daniel P. Chung (+1 202.887.3729, [email protected])
M. Kendall Day (+1 202.955.8220, [email protected])
Michael S. Diamant (+1 202.887.3604, [email protected])
Melissa L. Farrar (+1 202.887.3579, [email protected])
Adam M. Smith (+1 202.887.3547, [email protected])
Patrick F. Stokes (+1 202.955.8504, [email protected])
Oleh Vretsona (+1 202.887.3779, [email protected])
Ella Alves Capone (+1 202.887.3511, [email protected])
Nicole Lee (+1 202.887.3717, [email protected])
Lora Elizabeth MacDonald (+1 202.887.3738, [email protected])
Bryan Parr (+1 202.777.9560, [email protected])
Pedro G. Soto (+1 202.955.8661, [email protected])
Alexander “Sandy” Moss (+ 1 202.887.3615, [email protected])
Allison Lewis (+ 1 202.887.3693, [email protected])
New York
Zainab N. Ahmad (+1 212.351.2609, [email protected])
Lisa A. Alfaro (+55 11 3521 7160, [email protected])
Barry Berke (+1 212.351.3860, [email protected])
Reed Brodsky (+1 212.351.5334, [email protected])
Jordan Estes (+1 212.351.3906, [email protected])
Dani James (+1 212.351.3880, [email protected])
Darren LaVerne (+1 212.351.3936, [email protected])
Michael Martinez (+1 212.351.4076, [email protected])
Karin Portlock (+1 212.351.2666, [email protected])
Jaclyn Neely (+1 212.351.2692, [email protected])
M. Jonathan Seibald (+1 212.351.6216, [email protected])
Denver
Ryan T. Bergsieker (+1 303.298.5774, [email protected])
Robert C. Blume (+1 303.298.5758, [email protected])
John D.W. Partridge (+1 303.298.5931, [email protected])
Laura M. Sturges (+1 303.298.5929, [email protected])
Los Angeles
Michael M. Farhang (+1 213.229.7005, [email protected])
Douglas Fuchs (+1 213.229.7605, [email protected])
Nicola T. Hanna (+1 213.229.7269, [email protected])
Poonam G. Kumar (+1 213.229.7554, [email protected])
Marcellus McRae (+1 213.229.7675, [email protected])
Debra Wong Yang (+1 213.229.7472, [email protected])
Rommy L. Conklin (+1 213.229.7966, [email protected])
San Francisco
Winston Y. Chan (+1 415.393.8362, [email protected])
Thad A. Davis (+1 415.393.8251, [email protected])
Charles J. Stevens (+1 415.393.8391, [email protected])
Zachariah J. Lloyd (+1 415.393.8319, [email protected])
Palo Alto
Benjamin Wagner (+1 650.849.5395, [email protected])
London
Patrick Doris (+44 20 7071 4276, [email protected])
Charlie Falconer (+44 20 7071 4270, [email protected])
Sacha Harber-Kelly (+44 20 7071 4205, [email protected])
Michelle Kirschner (+44 20 7071 4212, [email protected])
Allan Neil (+44 20 7071 4296, [email protected])
Philip Rocher (+44 20 7071 4202, [email protected])
Paris
Benoît Fleury (+33 1 56 43 13 00, [email protected])
Bernard Grinspan (+33 1 56 43 13 00, [email protected]
Munich
Katharina Humphrey (+49 89 189 33 155, [email protected])
Benno Schwarz (+49 89 189 33 110, [email protected])
Mariam Pathan (+49 89 189 33 228, [email protected])
Hong Kong
Oliver D. Welch (+852 2214 3716, [email protected])
Becky Chung (+ +852 2214 3837, [email protected])
Ning Ning (+852 2214 3763, [email protected])
Singapore
Oliver D. Welch (+852 2214 3716, [email protected])
Karthik Ashwin Thiagarajan (+65 6507 3636, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
From the Derivatives Practice Group: This week, the CFTC and SEC extended the Form PF amendments compliance date from March 12, 2025 to June 12, 2025.
New Developments
- CFTC and SEC Extend Form PF Amendments Compliance Date. The Commodity Futures Trading Commission, together with the Securities and Exchange Commission, extended the compliance date for the amendments to Form PF that were adopted Feb. 8, 2024. The compliance date for these amendments, which was originally March 12, 2025, has been extended to June 12, 2025. Form PF is the confidential reporting form for certain SEC-registered investment advisers to private funds, including those that also are registered with the CFTC as commodity pool operators or commodity trading advisers. This extension will mitigate certain administrative and technological burdens and costs associated with the prior compliance date. This extension will also provide more time for filers to program and test for compliance with these amendments. [NEW]
- Acting Chairman Pham Launches Public Roundtables on Innovation and Market Structure. On January 27, Acting Chairman Pham announced the launch of a series of public roundtables on evolving trends and innovation in market structure, including issues such as affiliated entities and conflicts of interest, prediction markets, and digital assets. Pham renewed calls for open public engagement and increased transparency by the CFTC on its policy approach to changes in derivatives markets last year. [NEW]
- Acting Chairman Pham Announces CFTC Leadership Changes. On January 22, Acting Chairman Pham announced the following CFTC leadership changes: Acting Chief of Staff: Harry Jung; Acting General Counsel: Meghan Tente; Acting Director of the Office of Public Affairs: Taylor Foy; Acting Director of the Office of Legislative and Intergovernmental Affairs: Nicholas Elliot; Acting Director of the Division of Market Oversight: Amanda Olear; Acting Director of the Division of Clearing and Risk: Richard Haynes; Acting Director of the Market Participants Division: Tom Smith; Acting Director of the Division of Enforcement: Brian Young; Acting Director of the Office of International Affairs: Mauricio Melara.
- SEC Acting Chairman Uyeda Announces Formation of New Crypto Task Force. On January 21, SEC Acting Chairman Uyeda launched a crypto task force that, according to the SEC, is dedicated to developing a comprehensive and clear regulatory framework for crypto assets. Commissioner Hester Peirce will lead the task force. Richard Gabbert, Senior Advisor to the Acting Chairman, and Taylor Asher, Senior Policy Advisor to the Acting Chairman, will serve as the task force’s Chief of Staff and Chief Policy Advisor, respectively. The SEC said that the task force will collaborate with SEC staff and the public to set the SEC on a sensible regulatory path that respects the bounds of the law and that the task force’s focus will be to help the SEC draw clear regulatory lines, provide realistic paths to registration, craft sensible disclosure frameworks, and deploy enforcement resources judiciously. The Sec indicated that the task force will operate within the statutory framework provided by Congress, coordinate the provision of technical assistance to Congress as it makes changes to that framework, and coordinate with federal departments and agencies, including the CFTC, and state and international counterparts.
- CFTC Names Caroline D. Pham Acting Chairman. On January 20, the CFTC announced the members of the Commission have unanimously elected Commissioner Caroline D. Pham as Acting Chairman, effective January 20, 2025. Acting Chairman Pham was nominated to be a CFTC Commissioner on January 12, 2022 and unanimously confirmed by the U.S. Senate on March 28, 2022, for a term beginning on April 14, 2022 and expiring on April 13, 2027. She succeeds Rostin Behnam, who served as Chairman since January 4, 2022 and will remain a Commissioner until his departure on February 7, 2025. On January 21, Acting Chairman Pham made the following statement: “I’m humbled and grateful to be entrusted by President Trump to lead the CFTC as we approach a significant milestone in our history with tremendous opportunities ahead. For the past half century, the CFTC has proudly served our mission to promote market integrity and liquidity in the commodity derivatives markets that are critical to the real economy and global trade—ensuring American growers, producers, merchants and other commercial end-users can mitigate risks to their business and support strong U.S. economic growth. As the CFTC celebrates our 50th anniversary, we must also refocus and change direction with new leadership to fulfill our statutory mandate to promote responsible innovation and fair competition in our markets that have continually evolved over the decades. It’s time for the CFTC to get back to the basics. I’m honored to work alongside our dedicated CFTC staff, and I thank former Chairman Behnam and my fellow Commissioners for their service.”
- CFTC and the Bank of England Comment on Report on Initial Margin Transparency and Responsiveness in Centrally Cleared Markets. On January 15, the Basel Committee on Banking Supervision (“BCBS”), the Bank for International Settlements’ Committee on Payments and Market Infrastructures (“CPMI”) and the International Organization of Securities Commissions (“IOSCO”) published the final report Transparency and responsiveness of initial margin in centrally cleared markets – review and policy proposals and the accompanying cover note Consultation feedback and updated proposals. This report is the culmination of work undertaken by BCBS, CPMI, and IOSCO, co-chaired by the Bank of England and the Commodity Futures Trading Commission.
- CFTC Announces Review of Nadex Sports Contract Submissions. On January 14, the CFTC notified the North American Derivatives Exchange, Inc. (“Nadex”) d/b/a Crypto.com it will initiate a review of the two sports contracts that were self-certified and submitted to the CFTC on Dec. 19, 2024. As described in the submissions, the contracts are cash-settled, binary contracts. The CFTC determined the contracts may involve an activity enumerated in CFTC Regulation 40.11(a) and section 5c(c)(5)(C) of the Commodity Exchange Act. As required under CFTC Regulation 40.11(c)(1), the CFTC has requested that Nadex suspend any listing and trading of the two sports contracts during the review period.
- CFTC Announces Departure of Clearing and Risk Director Clark Hutchison. On January 15, the CFTC announced Division of Clearing and Risk Director Clark Hutchison will depart the agency Jan. 15. Mr. Hutchison has served as director since July 2019.
New Developments Outside the U.S.
- ESMA Provides Guidance on MiCA Best Practices. On January 31, ESMA published a new supervisory briefing aiming to align practices across the EU member states. The briefing, developed in close cooperation with National Competent Authorities (“NCAs”), promotes convergence and prevents regulatory arbitrage, providing concrete guidance about the expectations on applicant Crypto Asset Service Providers, and on NCAs when they are processing the authorization requests. [NEW]
- ESMA Publishes Data for Quarterly Bond Liquidity Assessment. On January 31, ESMA published the new quarterly liquidity assessment of bonds. ESMA’s liquidity assessment for bonds is based on a quarterly assessment of quantitative liquidity criteria, which includes the daily average trading activity (trades and notional amount) and the percentage of days traded per quarter. [NEW]
- Equivalence of UK CCPs Extended to June 30, 2028. On January 30, the European Commission determined that the regulatory framework applicable to central counterparties (“CCPs”) in the United Kingdom of Great Britian and Northern Ireland is equivalent, in accordance with Regulation No 648/2012 of the European Parliament and of the Council. [NEW]
- Euribor Panel to include Finland’s OP Corporate Bank and the National Bank of Greece. OP Corporate Bank and the National Bank of Greece join the group of credit institutions that contribute to Euribor under its revised methodology, which is a substitute for the panel banks’ expert judgement. The methodology was adopted in a phased approach by all members across the Euribor panel between May and October 2024. [NEW]
- New Governance Structure for Transition to T+1 Settlement Cycle Kicks Off. On January 22, ESMA, the European Commission (“EC”) and the European Central bank (“ECB”) launched a new governance structure to support the transition to the T+1 settlement cycle in the European Union. Following ESMA’s report with recommendations on the shortening of the settlement cycle, the new governance structure has been designed to oversee and manage the operational, regulatory and technological aspects of this transition. Given the high level of interconnectedness within the EU capital market, a coordinated approach across the EU, involving authorities, market participants, financial market infrastructures and investors, is desirable. ESMA said that the key elements of the new governance model include an Industry Committee, composed of senior leaders and representatives from market players, several technical workstreams, operating under the Industry Committee, focusing on the technological operational adaptations needed in the areas concerned by the transition to T+1 (i.e. trading, matching, clearing, settlement, securities financing, funding and FX, asset management, corporate events, settlement efficiency), and two more general workstreams that will review the scope and the legal and regulatory aspects of these adaptations, and a Coordination Committee, chaired by ESMA and with representation from the EC, the ECB, ESMA and the chair of the Industry Committee, intended to ensure coordination between the authorities and the industry, advising on challenges that may arise during the transition. Additionally, ESMA said that the Commission is currently considering the merits of a legislative change mandating a potential transition to a shorter settlement cycle.
- ESMA and the EC Publish Guidance on Non-MiCA Compliant ARTs and EMTs (Stablecoins). On January 17, ESMA published a statement reinforcing the position related to the offer of ARTs and EMTs (also known as stablecoins) in the EU under Market in Crypto Assets regulation (MiCA). The statement provides guidance on how and under which timeline CASPs are expected to comply with the requirements of Titles III and IV of MiCA, as clarified in the EC Q&A. In particular, National Competent Authorities are expected to ensure compliance by crypto assets services providers (“CASPs”) regarding non-compliant ARTs or EMTs as soon as possible, and no later than the end of Q1 2025. ESMA indicated that the statement is intended to facilitate coordinated actions at the national level and avoid potential disruptions. The EC has also delivered a Q&A, intended to provide guidance on the obligations contained in titles III and IV of MiCA and how these obligations should apply to CASPs. The Q&A clarifies that certain crypto-asset services may constitute an offer to the public or an admission to trading in the EU and should therefore comply with titles III and IV of MiCA.
- The EBA and ESMA Analyze Recent Developments in Crypto-Assets. On January 16, ESMA and the European Banking Authority (“EBA”) published a Joint Report on recent developments in crypto-assets, analyzing decentralized finance (“DeFi”) and crypto lending, borrowing and staking. This publication is the EBA and ESMA’s contribution to the European Commission’s report to the European Parliament and Council under Article 142 of the Markets in Crypto-Assets Regulation. EBA and ESMA find that DeFi remains a niche phenomenon, with value locked in DeFi protocols representing 4% of all crypto-asset market value at the global level. The report also sets out that EU adoption of DeFi, while above the global average, is lower than other developed economies (e.g. the US, South Korea).
- BCBS, CPMI and IOSCO Publish Reports on Margin in Cleared and Non-cleared Markets. On January 15, BCBS, CPMI and IOSCO published three final reports on initial and variation margin in centrally cleared and non-centrally cleared markets. The three reports reflect feedback received further to the publication of consultation reports last year. BCBS, CPMI and IOSCO published the final report on transparency and responsiveness of initial margin in centrally cleared markets, setting out 10 final policy proposals relevant to central counterparties (“CCPs”) and clearing members. ISDA and the Institute of International Finance (IIF) submitted a joint response during the consultation. CPMI and IOSCO published the final report on streamlining variation margin in centrally cleared markets, setting out eight examples of effective practices for CCPs’ variation margin processes. ISDA and the IIF submitted a joint response during the consultation. BCBS and IOSCO published the final report on streamlining variation margin processes and initial margin responsiveness of margin models in non-centrally cleared markets, setting out eight recommendations. ISDA and the IIF submitted a joint response during the consultation. In relation to the BCBS, CPMI and IOSCO report on initial margin transparency and responsiveness in centrally cleared markets, the Bank of England and the CFTC have also published a joint statement expressing support for the findings and policy proposals.
- EU Funds Continue to Reduce Costs. On January 14, ESMA published its seventh market report on the costs and performance of EU retail investment products, showing a decline in the costs of investing in key financial products. This report aims at facilitating increased participation of retail investors in capital markets by providing consistent EU-wide information on cost and performance of retail investment products.
New Industry-Led Developments
- ISDA Publishes Joint Trade Association letter to SEC on US Treasury Clearing. On January 24, ISDA, the Alternative Investment Management Association, the Futures Industry Association (“FIA”), the FIA Principal Traders Group, the Institute of International Bankers, the Managed Funds Association and the Securities Industry and Financial Markets Association and its asset management group sent a letter to Mark Uyeda, acting chair at the US Securities and Exchange Commission (SEC) requesting an extension to the implementation dates for the Treasury clearing mandate by a minimum of 12 months. The associations believe this would give the SEC time to consider and address several critical issues and for the industry to implement clearing. In the letter, the associations highlight their concern that, without an extension, the success of the transition to central clearing will be compromised and may lead to disruptions in the cash Treasury securities and repo markets. [NEW]
- ISDA and AFME Publish Joint Response to ECB Consultation on Options and Discretions under EU Law. On January 24, ISDA and the Association for Financial Markets in Europe (“AFME”) responded to the European Central Bank’s (“ECB”) consultation on its approach to options and discretions under EU law. In the response, the associations highlight the efforts of the ECB to establish consistent options and discretions that would harmonize rules and foster a level playing field in the euro area. The response also mentions that further actions are necessary, specifically on trading book boundary classifications and exemptions. [NEW]
- ISDA Publishes Equity Definitions VE, Version 2.0. On January 21, ISDA published version 2.0 of the ISDA Equity Derivatives Definitions (Versionable Edition) on the MyLibrary platform. This publication includes, among other updates, provisions that can be used for documenting transactions with time-weighted average price or volume-weighted average price features, futures price valuation in respect of share transactions and benchmark provisions in respect of an index.
The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Marc Aaron Takagaki, Hayden McGovern, and Karin Thrasher.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:
Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])
Michael D. Bopp, Washington, D.C. (202.955.8256, [email protected])
Michelle M. Kirschner, London (+44 (0)20 7071.4212, [email protected])
Darius Mehraban, New York (212.351.2428, [email protected])
Jason J. Cabral, New York (212.351.6267, [email protected])
Adam Lapidus – New York (212.351.3869, [email protected] )
Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])
William R. Hallatt , Hong Kong (+852 2214 3836, [email protected] )
David P. Burns, Washington, D.C. (202.887.3786, [email protected])
Marc Aaron Takagaki , New York (212.351.4028, [email protected] )
Hayden K. McGovern, Dallas (214.698.3142, [email protected])
Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
On January 17, 2025, the Treasury Department issued new guidance on the Outbound Investment Security Program, which—for the first time—prohibits or requires notifications for certain U.S. investments in Chinese companies. And, across the Atlantic, the European Commission recently issued a recommendation to Member States to conduct their own outbound investment reviews.
I. Introduction
On January 2, 2025, the Outbound Investment Security Program (the umbrella term for the program under which the Rules are administered, herein, the Program) came into effect. The Program, administered by the U.S. Department of the Treasury (Treasury) pursuant to final regulations issued on October 28, 2024 (Rules), targets certain investments by U.S. persons into Chinese companies engaged in certain activities in the semiconductors and microelectronics, quantum information technology, and artificial intelligence (AI) sectors. The Rules specifically prohibit certain investments outright, and require post-closing notification to Treasury for others. Notably, the Rules also include a range of exemptions and exceptions. Please refer to our prior client alert for a detailed primer on the Rules.
In addition to the Rules, Treasury has provided informal guidance on the Program website. As part of the Rules’ rollout, Treasury released Frequently Asked Questions (FAQs) on December 13, 2024 and again on January 17, 2025. Through over 40 FAQs, Treasury attempts to clarify the scope and applicability of the Rules. Treasury includes, among other topics, guidance on the contours of “covered transactions” (i.e., transactions that are now prohibited or subject to notification under the Rules), assessing whether an individual or entity is a “covered foreign person” (i.e., a person of the type the Rules intend to target), and Treasury’s due diligence expectations for U.S. persons.
In this alert, we provide an update on treatment of the Program under the Trump Administration and a brief update on steps taken by Treasury to implement and administer the Rules. Next, we discuss select key takeaways from the FAQs and suggest some preliminary practices that can assist U.S. investors in complying with the Rules. Finally, we provide an overview of the development of outbound investment screening and restrictions in the EU.
II. What to Expect Under the New Trump Administration
On January 20, 2025, President Trump issued an order for a “Regulatory Freeze Pending Review.” While this order directed agencies to consider postponing the effective date for any rules that have been issued which have not taken effect, it will not impact the Program, which was already effective prior to President Trump taking office. However, the “America First Trade Policy“ memorandum (the Memorandum) calls for a review of Executive Order 14105, which provided the basis for the Program and the Rules, and may impact the Program. The Memorandum directs Treasury to assess whether the current controls in the Program are sufficient to address national security interests and make recommendations for any further modification by April 1, 2025. Some members of Congress have also called for additional or stronger restrictions on outbound flows of U.S. capital to China in sensitive industries. A failed amendment to the Senate draft of the FY 2025 National Defense Authorization Act proposed to expand the Rules’ “covered sectors” to also include hypersonics, satellite-based communications, and networked laser scanning systems with dual-use applications, suggesting that Treasury’s review could result in an eventual broadening of the Program.
Effective for only a few weeks, the Rules have already created meaningful compliance challenges as companies and financial institutions grapple with ways to implement and adjust policies, procedures, and corporate agreements to comply, and account for shifting legal and commercial risk profiles and appetites. While it is difficult to anticipate future actions by the new Trump Administration, there has been a steady consensus from the first Trump Administration through the Biden Administration – and with AI developments increasingly top of mind for national security and technological competitiveness reasons – there is a reasonable chance that the Program becomes more muscular after April 2025 following the aforementioned regulatory review.
III. Treasury Website and Outbound Notification System
The Program website provides the following information and features about the Rules:
- Treasury published over 40 FAQs, described further below.
- In addition to the FAQs, Treasury provided further detail on the process for requesting a national interest exemption—an exemption from the Rules for transactions that the U.S. government determines are in the national interest.[1] Treasury notes that these exemptions, which will be determined by the Secretary of the Treasury in consultation with the Secretaries of Commerce and State and heads of other relevant agencies, will be made “only in exceptional circumstances,” and will be assessed based on the totality of relevant facts and circumstances.[2]
- Treasury launched the Outbound Notification System portal for reportable transactions, which functions very similarly to the portal used by the Committee on Foreign Investment in the United States (CFIUS). Templates for each type of notification are available on the Treasury website here.
- An Enforcement Overview and Guidance document for the Program, enumerating aggravating and mitigating factors to be used in enforcement actions, and an update to the civil monetary penalty amounts.
- Treasury provides several ways to contact the Office of Investment Security, including to ask questions about the Rules, report a transaction, or request a national interest exemption.
IV. Key Takeaways from the FAQs
The FAQs are organized along eight categories: general, defined terms, covered transactions, notifiable and prohibited transactions, U.S. person due diligence, the knowledge standard and “knowingly directing,” excepted transactions, and operational considerations.
- The FAQs expand upon due diligence expectations for U.S. persons, including what efforts constitute a “reasonable and diligent inquiry.”
The Rules place compliance requirements on U.S. persons including diligence, recordkeeping, and notification requirements, and Treasury “anticipates that U.S. persons should be able to comply with the Rules through a reasonable and diligent transactional due diligence and compliance process.”[3] The FAQs provide some insight into what a reasonable and diligent approach may entail, but Treasury declines to provide discrete instructions to U.S. persons, in part because “each transaction is different.”[4]
In the FAQs, Treasury acknowledges that relevant information about the ownership and activities of transaction counterparties may, in some cases, be difficult to obtain through due diligence. However, Treasury nevertheless expects U.S. persons to make concerted efforts to gain, verify, and consider relevant information from an investment target to ascertain the applicability of the Rules including through publicly available information, public and commercial databases, and available non-public information. Where information is difficult to ascertain and/or verify, Treasury recommends efforts to obtain representations or warranties from the target regarding its ownership, investments, and activities as part of a “reasonable and diligent” compliance process. It is important to note that, while contractual representations and warranties from an investment target do not necessarily create a safe harbor for a U.S. person in the event of a violation of the Rules, they can provide an indication—absent other red flags—that a U.S. person lacked a “reason to know” that it was undertaking a covered transaction.[5]
- The FAQs provide relevant indicators for how Treasury will assess a U.S. person’s “plans” when evaluating a greenfield or brownfield transaction.
In a departure to the so-called “greenfield exception” under the CFIUS regulations, under the Rules, a covered transaction includes a U.S. person’s direct or indirect acquisition, leasing, or other development of land, property, or other assets in a country of concern that the U.S. person “plans” to result in the establishment of a covered foreign person or the engagement of a person of a country of concern in a covered activity.[6] In the FAQs, Treasury explains that it will assess a U.S. person’s “plans” by considering, among other things: correspondence with the investment target or relevant government counterparty, written business plans, board presentations, and presentations to potential investors.[7] Examples of activities that demonstrate a U.S. person’s plans to establish a covered foreign person include researching the feasibility of undertaking covered activities and securing financing for covered activities.[8]
- The FAQs address how a U.S. person can assess whether an investment target “intends” to use its AI system for certain end uses.
For covered transactions involving the development of an AI system, the covered foreign person’s “intended” end use of the system can inform whether a transaction is prohibited. The development of AI systems intended by the covered foreign person to be used for cybersecurity applications, digital forensic tools, penetration testing tools, or the control of robotic systems may be notifiable on that basis.[9] The development of AI systems that the covered foreign person intends to be used for a military end use, government intelligence use, or mass surveillance may be prohibited on that basis.[10] In the FAQs, Treasury suggests that “pre-transaction discussions and meetings with counterparties” will inform the U.S. person’s understanding of the covered foreign person’s intent.[11] In practice, U.S. person diligence will likely include directly asking a counterparty about their plans for the technology they are developing, as well as considering other sources of available information that could demonstrate intent.
- The FAQs clarify that underwriting services alone do not give rise to a covered transaction.
Underwriting services provided by a U.S. person to a covered foreign person that do not involve an acquisition of equity interest in the covered foreign person by the U.S. person would not be a covered transaction – i.e., such services are not prohibited, nor do they trigger the notification requirements under the Rules.[12]
- The FAQs elaborate on what the phrase “engages in” means with respect to a “covered activity,” which excludes the mere purchase of goods or services.
For the Rules to apply to a transaction, the person of a country of concern must be someone who “engages in” a covered activity.[13] Treasury notes that the term “engages in” should be understood as capturing activities like “designs, fabricates, packages, develops, [and] produces, among others.”[14] The FAQs clarify that the mere purchase of a good or service, absent other facts, is not considered “engaging in” a covered activity.[15]
- The FAQs address U.S. persons’ responsibilities to prevent their controlled foreign entities from engaging in transactions that would be prohibited for a U.S. person.
A U.S. person must take “all” reasonable steps to prohibit and prevent any transaction by its controlled foreign entity that would be prohibited if engaged in by a U.S. person.[16] If a controlled foreign entity engages in a transaction that would be prohibited if conducted by a U.S. person, Treasury will consider, among other factors, the following in order to assess whether the U.S. person took all reasonable steps to prohibit and prevent such transaction:
- Agreements with respect to compliance between the U.S. person and its controlled foreign entity;
- Governance or shareholder rights of the U.S. person with respect to the controlled foreign entity;
- Periodic training and internal reporting requirements on compliance by the U.S. person and its controlled foreign entity;
- Internal controls, including internal policies, procedures, or guidelines that are periodically reviewed internally, by the U.S. person and its controlled foreign entity; and
- A documented testing and/or auditing process of internal policies, procedures, or guidelines.[17]
- The FAQs provide guidance on how to evaluate an entity that has multiple covered foreign person subsidiaries or minority investments.
An entity can be classified under the Rules as a “covered foreign person” based on (i) being headquartered, based, or incorporated in China and (ii) engaging in a covered activity. Alternatively, an entity can be classified as a “covered foreign person” based on the equity it holds in another entity that is a covered foreign person. For example, Entity X would be a covered foreign person if Entity X (a) owns an equity interest in a “covered foreign person,” say Entity Y, and (b) either (i) derives over 50% of its revenue and/or net income from Entity Y or (ii) over 50% of its capital expenditures and/or operating expenses are attributable to Entity Y.[18] If Entity X has equity ownership in multiple covered foreign persons, then each of the four financial metrics noted above would be aggregated across the covered foreign persons for the 50% test. In effect, an investment target’s existing ownership of equity in other companies presents additional, and potentially significant, risk considerations for U.S. investors.
The fact that a higher-tier entity can be a covered foreign person based on characteristics of its subsidiaries tends to increase the burden on U.S. parties who must reasonably conduct diligence not only of a counterparty, but also of its subsidiaries. Treasury has clarified that, when conducting due diligence on downstream entities of an investment target to determine whether they are covered foreign persons, there is not necessarily an expectation of an individualized inquiry for every single entity in which an investment target has or may have an interest.[19] That said, Treasury has provided clarification on the expected standards for conducting due diligence, which we discuss in more detail below.
- The FAQs reiterate Treasury’s expansive view of who can be a “person of a country of concern.”
Being a “person of a country of concern” is one of two required prongs for a person to be deemed a covered foreign person (the other requirement is engaging in a covered activity).[20] The FAQs make clear Treasury intends for U.S. persons to pierce the corporate veil and assess an investment target’s ownership and control structure, including the nationalities of its directors (or equivalent individuals) to make this assessment. The FAQs clarify that an entity could be a “person of a country of concern” even if it does not have its principal place of business, headquarters, or place of formation in a country of concern.[21] For U.S. persons, this imposes added due diligence burdens as, technically, an investment target in any jurisdiction could ultimately fall within these broad parameters, and therefore assessments would need to be conducted on a global basis.
- The FAQs address post-closing transaction due diligence expectations, including when a target or fund investment pivots to conducting a covered activity after closing.
The Rules and FAQs provide multiple examples of transactions that are covered transactions based on the knowledge the U.S. person investor has at the time of the transaction. For example, an investment by a U.S. person limited partner into a fund which, in turn, later acquires equity interests in a covered foreign person is a covered transaction if, at the time of the investment into the fund, the U.S. person has a reason to know that the fund was likely to invest in a covered foreign person.[22]
Separately, Treasury acknowledges situations may arise where certain changes occur after a transaction closes or where a U.S. person becomes aware of information that was not known at the time of the transaction that may result in a U.S. person owning equity interests in a covered foreign person. In these situations, Treasury outlines post-closing due diligence expectations in the FAQs, stating that the Rules are “not intended to create an ongoing obligation for a U.S. person to monitor or prevent post-closing transaction changes to an investment target’s activities.”[23] However, if an investment target pivots to a covered activity post-closing, and the U.S. person later acquires actual knowledge of a fact or circumstance that, if known to the U.S. person at the time of the transaction would have resulted in a notifiable or prohibited transaction, the U.S. person must submit a notification under the Rules within 30 days of acquiring such actual knowledge.[24]
- The FAQs provide examples of how a U.S. person “knowingly directs” a transaction, including through participation on a committee, and how to properly recuse oneself.
The Rules prohibit U.S. persons from “knowingly directing” a transaction by a non-U.S. person when that transaction would be prohibited if conducted by a U.S. person.[25] Mere employment by or engagement as a consultant or service provider to a non-U.S. person is insufficient to rise to the U.S. person “directing” the transaction. The FAQs provide the example of an accountant conducting standard financial due diligence as an example of an individual providing support to a transaction that does not rise to the level of “directing” the transaction.[26] In order to “knowingly direct” a transaction, the U.S. person must (i) have the authority to make or substantially participate in decisions to approve a transaction and (ii) exercise such authority.[27] Under the Rules, a U.S. person may have authority to “direct, order, decide upon, or approve a transaction” when that U.S. person is “an officer, director, or otherwise possesses executive responsibilities at a non-U.S. person.”[28] In the example of the accountant, the accountant does not have that role-based authority.
The FAQs also elaborate on the scope of authority necessary to “knowingly direct” a transaction in the context of an advisory board or committee of an investment fund. If the board or committee has the authority to approve or disapprove certain transactions, then a member of the board or committee has the authority to “substantially participate in the decisions” of the fund.[29] Thus, a U.S. person on that advisory board or committee who participates in certain aspects of decision-making regarding a covered transaction—even if that person does not hold a majority vote on the relevant committee—is responsible for “knowingly directing” such a transaction.[30]
The Rules provide the option for a U.S. person to recuse themselves from specific activities to negate their authority to direct a transaction. The U.S. person would do so by recusing themselves from all of the following: participating in deliberations and making recommendations; reviewing, editing, commenting on, approving or signing relevant transaction documents; and engaging in negotiations with the investment target or other transaction counterparty.[31]
- The FAQs provide clarity on who can be considered a “U.S. Person” under the Rules.
The FAQs clarify that, while foreign located branch offices of U.S.-incorporated companies are considered “U.S. persons” under the rules,[32] foreign subsidiaries of U.S. companies are not considered “U.S. persons” as a definitional matter,[33] although, as discussed above, the Rules impose responsibilities on a U.S. parent to take all reasonable steps to ensure its foreign subsidiary does not engage in transactions that would be prohibited for a U.S. person. A foreign company is not rendered a “U.S. person” merely by employing U.S. persons[34] (although the U.S. person employees themselves would be subject to the Rules), nor does the presence of a U.S. subsidiary render the foreign parent a “U.S. person”[35] (although, again, the U.S. subsidiary itself would be a U.S. person subject to the rules). Thus, it is essential to carefully review the defined terms in the Rules when evaluating individual parties to a transaction to determine if a potential transaction is prohibited or subject to a notification requirement.
V. Looking Ahead: Compliance Considerations for U.S. Persons
U.S. person investors contemplating potential acquisitions of equity (including contingent equity) of covered foreign persons should consider the following list of preliminary steps to facilitate compliance with the Rules. As a reminder, engaging in prohibited transactions and failing to submit required notifications can subject U.S. persons to civil and criminal penalties, up to and including divestment of completed acquisitions or fines of up to twice the value of a transaction. U.S. person investors should:
- Implement comprehensive Rules-related compliance policies and procedures, including due diligence procedures tailored to assess potential covered foreign person counterparties and recusal policies for U.S. persons employed by foreign subsidiaries;
- Set clear standards for pre-transactional due diligence and ensure that such standards satisfy Treasury’s “reasonable and diligent inquiry” expectations;
- Include Rules-related representations, warranties, and covenants in contracts with relevant counterparties;
- Train relevant employees on the types of factors that could subject potential transactions to the Rules and provide them with pre-transaction questionnaires and guidance designed to apprise them of Rules-related risks;
- Given the broad definition of a “person of a country of concern,” implement Rules-related compliance measures on a global basis, and not just within China- or Asia-focused divisions/teams; and
- Comprehensively review current investments and operations to determine whether any add-on investments or other corporate activity could be captured as a covered transaction. Some ambiguity remains as to what specific activities constitute an excepted “ongoing operation” of a company versus a new activity covered by the Rules. Note that Treasury has clarified that the following types of transactions completed after January 2nd are not subject to the Rules based on activities occurring prior to January 2, 2025:
- Transactions made pursuant to a binding, uncalled capital commitment to a fund or similar investment entity made prior to the effective date, even if the capital is called after the effective date.
- Certain intracompany transfers between a U.S. person and its controlled foreign entity that occur after the Rules are in effect, if the transfer supports either (i) ongoing operations with respect to covered activities or (ii) ongoing or new activities that are not covered activities.
- The conversion of a contingent equity interest that was acquired by the U.S. person before January 2, 2025.
VI. European Union Initiatives to Regulate Outbound Investment
A year after a European Commission (Commission) White Paper found that European Union (EU) Member States do not systematically review and assess outbound investments for national security purposes, apprehension relating to possible strategic technology leaks continued to brew in Brussels. Driven by these concerns, the Commission has now published a Recommendation calling on Member States to conduct outbound investment reviews relating to semiconductors, artificial intelligence and quantum technologies—technology areas identified as being of strategic importance and posing the highest national security risk. The Recommendation forms part of the EU’s Economic Security Strategy, and was prepared in tandem with the Commission’s ongoing work on inbound foreign direct investment screening.
Despite neither identifying particular countries nor actors driving the concerns which led to the issuance of the Recommendation, the Recommendation was published just weeks after the Rules went into effect. Indeed, as with the Rules, the Commission’s press release makes explicit its intention to coordinate with allies. The EU has historically refrained from explicitly referencing China in policy papers and legislative proposals but, in recent years, steps have been taken to prepare for a more antagonistic relationship with Beijing and equip the EU with tools to protect its economic security.
As the Recommendation is not legally binding, its main purpose is to nudge Member States to assess risks to economic security potentially arising from outbound investments made by EU investors in the three key technologies in third countries, with a view of enabling the Commission to propose further action. The review by Member States is set to cover both ongoing and past transactions, going back to January 1, 2021. Member States are asked to submit to the Commission a comprehensive report on their implementation of the Recommendation and any risks identified by June 30, 2026. Further developments are expected before such date.
[1] See 31 C.F.R. § 850.502.
[2] See U.S. Department of the Treasury, National Interest Exemption Submission Instructions, https://home.treasury.gov/policy-issues/international/outbound-investment-program/national-interest-exemption-submission-instructions.
[3] See U.S. Department of the Treasury, Frequently Asked Questions (“FAQs”) [hereinafter Rules FAQs], (last updated January 17, 2025) https://home.treasury.gov/policy-issues/international/outbound-investment-program/frequently-asked-questions, Section I, FAQ No. 7.
[4] See id.
[5] See id., Section VI, FAQ No. 2.
[6] See 31 C.F.R. § 850.210(a)(4).
[7] See Rules FAQs, Section III, FAQ No. 2.
[8] See id. Section III, FAQ No. 1.
[9] See 31 C.F.R. § 850.217.
[10] See id. § 850.224.
[11] Rules FAQs, Section IV, FAQ No. 2.
[12] Rules FAQs, Section III, FAQ No. 1, Example 1.3.
[13] 31 C.F.R. § 850.209.
[14] Rules FAQs, Section II, FAQ No. 3.
[15] See id.
[16] See 31 C.F.R. § 850.302(a).
[17] See Rules FAQs, Section V, FAQ No. 1.
[18] See 31 C.F.R. § 850.209.
[19] See Rules FAQs, Section V, FAQ No. 4.
[20] See 31 C.F.R. § 850.209.
[21] See Rules FAQs, Section II, FAQ No. 2.
[22] See id. Section III, FAQ No. 49, Example 4.3.
[23] Id. Section III, FAQ No. 31.
[24] See id.
[25] See 31 C.F.R. § 850.303(a).
[26] See Rules FAQs, Section II, FAQ No. 2, Example 2.9.
[27] Id.
[28] 31 C.F.R. § 850.303(a).
[29] See Rules FAQs, Section VI, FAQ No. 1.
[30] See id. Section II, FAQ No. 2, Example 2.8.
[31] 31 C.F.R. 850.303(b).
[32] See Rules FAQs, Section II, FAQ No. 2, Example 2.4.
[33] See id. Example 2.5.
[34] See id. Example 2.6.
[35] See id. Example 2.7.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or the following leaders and members of the firm’s International Trade practice group:
United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, [email protected])
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Donald Harrison – Washington, D.C. (+1 202.955.8560, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, [email protected])
David P. Burns – Washington, D.C. (+1 202.887.3786, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, [email protected])
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, [email protected])
Samantha Sewall – Washington, D.C. (+1 202.887.3509, [email protected])
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, [email protected])
Karsten Ball – Washington, D.C. (+1 202.777.9341, [email protected])
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, [email protected])
Mason Gauch – Houston (+1 346.718.6723, [email protected])
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, [email protected])
Sarah L. Pongrace – New York (+1 212.351.3972, [email protected])
Anna Searcey – Washington, D.C. (+1 202.887.3655, [email protected])
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, [email protected])
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, [email protected])
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, [email protected])
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, [email protected])
Asia:
Kelly Austin – Denver/Hong Kong (+1 303.298.5980, [email protected])
David A. Wolber – Hong Kong (+852 2214 3764, [email protected])
Fang Xue – Beijing (+86 10 6502 8687, [email protected])
Qi Yue – Beijing (+86 10 6502 8534, [email protected])
Dharak Bhavsar – Hong Kong (+852 2214 3755, [email protected])
Arnold Pun – Hong Kong (+852 2214 3838, [email protected])
Europe:
Attila Borsos – Brussels (+32 2 554 72 10, [email protected])
Patrick Doris – London (+44 207 071 4276, [email protected])
Michelle M. Kirschner – London (+44 20 7071 4212, [email protected])
Penny Madden KC – London (+44 20 7071 4226, [email protected])
Irene Polieri – London (+44 20 7071 4199, [email protected])
Benno Schwarz – Munich (+49 89 189 33 110, [email protected])
Nikita Malevanny – Munich (+49 89 189 33 224, [email protected])
Melina Kronester – Munich (+49 89 189 33 225, [email protected])
Vanessa Ludwig – Frankfurt (+49 69 247 411 531, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
We are pleased to provide you with the January edition of Gibson Dunn’s monthly U.S. bank regulatory update. Please feel free to reach out to us to discuss any of the below topics further.
KEY TAKEAWAYS
- The financial services regulatory agencies’ leadership, agendas and regulatory priorities under the new administration have started to take shape.
- The Senate confirmed Scott Bessent as Secretary of the Treasury in a 68-29 vote, with 16 Democrats supporting the nomination.
- Travis Hill was named Acting Chairman of the Federal Deposit Insurance Corporation (FDIC). Acting Chairman Hill announced the FDIC’s upcoming regulatory agenda, including a “wholesale review” of regulations and guidance, withdrawal of “problematic” proposals, including the brokered deposits and corporate governance proposals, improving the bank merger approval process and encouraging de novo activity.
- Kyle Hauptman was designated as Chairman of the National Credit Union Administration (NCUA) board and announced his priorities as Chairman of the NCUA.
- Mark Uyeda was named Acting Chairman of the Securities and Exchange Commission (SEC). Acting Chairman Uyeda quickly announced the formation of a new crypto task force to be led by Commissioner Hester Peirce and the SEC rescinded SAB 121.
- Caroline Pham was named Acting Chairman of the Commodity Futures Trading Commission.
- The Federal Reserve Board announced that Vice Chair for Supervision Michael Barr will step down from his position effective February 28, 2025 (or earlier if a successor is confirmed); Barr will continue to serve as a member of the Federal Reserve Board for his unexpired term ending January 31, 2032 (Barr’s four-year term as Vice Chair for Supervision was to end July 13, 2026). In its press release announcing his resignation as Vice Chair for Supervision, the Federal Reserve Board indicated it “does not intend to take up any major rulemakings until a vice chair for supervision successor is confirmed.”
- Chairman Tim Scott (R-S.C.) remained consistent in his criticisms of the Consumer Financial Protection Bureau (CFPB) and announced the Senate Banking Committee’s priorities which include working “to build a regulatory framework that establishes a tailored pathway for the trading and custody of digital assets” and promoting national security “through advancing sanctions and export control policies.”
- The House Financial Services Committee published its authorization agenda previewing areas in which the Committee intends to conduct oversight, which includes areas such as supervision and regulation, regulatory efficiency, capital and liquidity, debanking, access to financial services, digital assets, artificial intelligence and “examining proposals affecting the operations” of Fannie and Freddie and their ongoing conservatorships.
- The New York State Department of Financial Services (NYDFS) proposed new regulations limiting overdraft and non-sufficient funds fees charged by state-chartered banks.
- The CFPB (i) issued a report offering the states several recommendations for strengthening state-level consumer protection laws and (ii) issued a proposed interpretive rule governing emerging payment mechanisms under the Electronic Fund Transfer Act and Regulation E.
DEEPER DIVES
Financial Services Leadership and Regulatory Agenda in the New Administration Have Started to Take Shape. While there has been a flurry of executive orders and other announcements from the White House during President Trump’s first days in office, many executive orders have not implicated the financial services sector directly, with the exceptions of the executive orders on artificial intelligence, digital assets, blockchain technology and related technologies and the freeze or postponement of rulemakings pending review. (For up-to-date information on executive orders and other significant announcements made by the new administration, please visit our Executive Order Tracker. For additional insights, please visit our resource center, Presidential Transition: Legal Perspectives and Industry Trends.)
Nonetheless, messaging from leadership of the Senate Banking and House Financial Services Committees and the financial services regulatory agencies generally has aligned and clear areas of regulatory and supervisory priorities in the new administration have emerged. Further, with the confirmation of Secretary Bessent, attention in the coming weeks should turn to confirmation of nominees (i.e., SEC), identifying personnel for key leadership roles (i.e., Vice Chair for Supervision) and filling those leadership positions still held by agency heads appointed by President Biden (i.e., OCC and CFPB).
- Insights. In general, areas of regulatory and supervisory priorities across the regulatory agencies and oversight committees include: regulatory efficiency; supervision; tailoring regulatory proposals; capital and liquidity requirements; bank M&A; encouraging de novo activity; issues surrounding debanking and access to financial services; fintech partnerships, innovation and faster payments; developing a digital assets framework; tokenization; artificial intelligence; regulatory and supervisory transparency; right-sizing obligations under the Bank Secrecy Act; sanctions and export controls; Treasury market resilience; and proposals related to Fannie and Freddie.
Specifically worth noting, Acting Chairman Hill’s regulatory agenda for the FDIC included a clear intent to withdraw “problematic proposals from the last three years,” including the FDIC’s brokered deposits and corporate governance proposals and replace the FDIC’s 2024 policy statement on bank mergers. Acting Chairman Hill’s agenda also includes “enhancements” to the FDIC’s resolution activities and processes, which both Hill and Director Jonathan McKernan have been critical of. Meanwhile, Governor Michelle Bowman, who has emerged as a likely candidate for the Vice Chair for Supervision role, remained consistent discussing pragmatism in regulatory and supervisory reform efforts, a “renewed commitment to tailoring” and the need for increased transparency in the supervisory process in her January 9, 2025 remarks before the California Bankers Association.
Vice Chair for Supervision Barr to Resign as Vice Chair for Supervision; Will Remain Federal Reserve Board Governor. On January 6, 2025, Vice Chair for Supervision Michael Barr submitted his letter of resignation to President Biden resigning his position as Vice Chair for Supervision effective as of February 28, 2025 (or earlier if his successor is confirmed). Barr’s four-year term as Vice Chair for Supervision would have expired July 13, 2026. According to his letter of resignation, Barr intends to continue to serve as a member of the Federal Reserve Board. Barr’s term as a Governor of the Federal Reserve Board ends January 31, 2032.
- Insights. Since the election, media reports have indicated President Trump’s team has weighed removing or demoting Barr from his role as Vice Chair for Supervision—the authority for which is unclear and could have resulted in litigation. Barr’s statement in the Federal Reserve Board’s press release announcing his resignation as Vice Chair for Supervision alludes to that, citing the “risk of a dispute over the position could be a distraction from our mission.” Because the Federal Reserve Board indicated in its announcement it “does not intend to take up any major rulemakings until a vice chair for supervision successor is confirmed,” the administration will now have greater influence over the Federal Reserve Board’s supervisory and regulatory agenda by either promoting one of the remaining Republican members of the Federal Reserve Board (Governors Bowman or Waller (both President Trump appointees)) to the role of Vice Chair for Supervision or waiting for a vacancy to arise. Barring removals, retirements or resignations, the administration’s first meaningful chance at a new nominee to the Federal Reserve Board comes upon the expiration of Governor Kugler’s term January 31, 2026; Chair Powell’s term as Chair (appointed as Chair by President Trump) ends May 15, 2026 (though his term as Governor ends January 31, 2028 were he to stay on).
NYDFS Proposes Overdraft Regulations. On January 22, 2025, the NYDFS proposed regulations limiting overdraft, non-sufficient funds (NSF) and return deposit item fees charged by state-chartered banking institutions. The proposed rule would prohibit institutions from, among other things: (i) charging overdraft fees on overdrafts of less than $20; (ii) charging overdraft fees that exceed the overdrawn amount or NSF fees that exceed the amount of the NSF transaction; (iii) charging more than three overdraft or NSF fees per consumer account per day; (iv) charging an overdraft fee for an electronic transaction when the consumer’s account indicates sufficient funds at the time the transaction was initiated; (v) processing electronic debit transactions in a manner intended to maximize the number of overdraft and NSF fees; or (vi) setting an amount of NSF fees that is greater than the amount of overdraft fees.
- Insights. As we highlighted in our last Monthly Bank Regulatory Report, we expect certain states will be more aggressive in their regulatory, supervisory and enforcement efforts in the areas of consumer protection and consumer compliance, particularly in the case of a weakened CFPB. The NYDFS’ proposal is timely in that regard. It also closely follows on the heels of the CFPB’s December 2024 final rule on overdraft fees applicable to banks and credit unions with more than $10 billion in assets. Under the CFPB’s final rule, covered institutions would have to choose one of the following three options when charging for overdrafts: (i) capping overdraft fees at $5; (ii) capping fees at an amount that covers costs and losses; or (iii) disclosing the terms of overdraft loans like any other loans subject to Regulation Z. The CFPB’s final rule is already the subject of litigation in the U.S. District Court for the Southern District of Mississippi and could be subject to rescission under the Congressional Review Act.
CFPB Issues Report/Recommendations to States to Strengthen Consumer Protection Framework. On January 14, 2025, the CFPB issued a report titled “Strengthening State-Level Consumer Protections.” The report includes seven recommendations to states to strengthen state-level consumer protection: (i) incorporating “abusive” into their consumer protection laws to fill in gaps under existing prohibitions on unfair or deceptive practices; (ii) strengthening investigative tools and enforcement powers; (iii) eliminating requirements to prove monetary loss or “reliance” on a deceptive statement; (iv) extending consumer protections to businesses; (v) supplementing public enforcement resources with private enforcement; (vi) strengthening consumer data and privacy protections, including by “remov[ing] exemptions in state consumer data privacy laws for financial institutions or data covered by the Gramm-Leach-Bliley Act;” and (vii) creating “bright-line” prohibitions on junk fees.
- Insights. The report in title alone reinforces the notion that certain states will be more aggressive in their enforcement efforts in the areas of consumer protection and consumer compliance and seemingly encourages those states to do so. Note that Section 1042 of the Consumer Financial Protection Act of 2010 (CFPA) (Title X of the Dodd-Frank Act) generally authorizes states to enforce the CFPA’s provisions. Finally, states that historically have taken an active role in the areas of consumer protection and consumer compliance enforcement will have enforcement tools at their disposal, but the recommendations are a reminder that stakeholders should be prepared to engage with those states that seek to implement changes to their enforcement framework in these areas.
CFPB Issues Proposed Interpretive Rule Governing Emerging Payment Mechanisms Under Reg E and EFTA. On January 10, 2025, the CFPB issued a proposed interpretive rule related to requirements that apply to emerging payment mechanisms, such as stablecoins and other digital assets that operate as a medium of exchange or as a means of paying for goods and services, under the Electronic Fund Transfer Act (EFTA) and Regulation E (Reg E). Among other interpretive issues raised by the proposal, the proposed interpretive rule broadly interprets key EFTA/Reg E terms such as “funds” to mean “stablecoins, as well as any other similarly-situated fungible assets that either operate as a medium of exchange or as a means of paying for goods or services” and, quoting a pre-EFTA 1960 decision, to “include not only currency but also other types of pecuniary resources which are readily converted into cash;” and “account” or “other consumer asset account” to broadly include “video game accounts used to purchase virtual items from multiple game developers or players; virtual currency wallets that can be used to buy goods and services or make person-to-person transfers; and credit card rewards points accounts that allow consumers to buy points that can be used to purchase goods from multiple merchants.”
- Insights. Although the proposed interpretive rule is not likely to be finalized under the new administration, it demonstrates how the CFPB interprets the EFTA and Reg E. The proposal also highlights that “the application of Federal consumer financial protection laws, such as EFTA, to new methods of payments is often developed through case-by-case adjudications by courts,” a reminder that both state regulators and attorneys general, as well as plaintiffs’ lawyers, may leverage the CFPB’s expanded interpretations in the proposed interpretive rule in their own arguments that traditional or digitally-native financial services providers are subject to and/or have violated the EFTA, Reg E or state law equivalents.
OTHER NOTABLE ITEMS
SEC Rescinds Staff Accounting Bulletin 121. On January 23, 2025, the SEC published Staff Accounting Bulletin (SAB) 122, which rescinds SAB 121. SAB 121 provided that an entity should recognize a liability and corresponding asset on its balance sheet to reflect its obligation to safeguard crypto-assets held for its users. Previously, the Senate and House voted to repeal SAB 121, though the votes did not garner the required two-thirds majority from both houses of Congress to survive a veto. And, on May 31, 2024, President Biden vetoed the resolution that would repeal SAB 121.
Agencies Announce Public Outreach Meeting on Review of Regulations. On January 31, 2025, the federal banking agencies announced they will hold a virtual public outreach meeting on March 6, 2025 as part of the agencies’ required review of regulations. The outreach meeting is an opportunity for interested stakeholders to present their views on the six categories of regulations: applications and reporting; powers and activities; international operations; consumer protection; directors, officers and employees; and money laundering. Those interested in providing oral comments must register by February 14, 2025.
Federal Reserve, FDIC Announce Withdrawals from Global Regulatory Climate Change Group. On January 17, 2025, the Board of Governors of the Federal Reserve System (Federal Reserve) announced its withdrawal from the Network of Central Banks and Supervisors for Greening the Financial System (NGFS), citing the wider range of issues covered by the NGFS as “outside of the [Federal Reserve’s] statutory mandate.” On January 21, 2025, the FDIC also announced its withdrawal, citing the work of the NGFS as “not within the FDIC’s authorities and mandate.”
Vice Chairman Hill Outlines Policy and Supervisory Priorities. On January 10, 2025, then-FDIC Vice Chairman Travis Hill gave a speech titled “Charting a New Course: Preliminary Thoughts on FDIC Policy Issues” at the ABA Banking Law Committee Meeting. Hill’s speech focused on five issues he anticipated “the agency to begin addressing in the coming weeks and months”: supervision; innovation and technology; debanking; climate; and capital. On January 20, 2025, Hill was named Acting Chairman of the FDIC (see above).
Speech by Former Chairman Gruenberg on Bank Failures. On January 14, 2025, former Chairman of the FDIC, Martin Gruenberg, gave a speech titled “Three Financial Crises and Lessons for the Future.” In his speech, Mr. Gruenberg spoke about the common causes of and lessons learned from three banking crises: the thrift and banking crisis of the late 1980s and early 1990s; the global financial crisis; and the spring 2023 regional bank failures. In his speech, Mr. Gruenberg offered that “while innovation can greatly enhance the operation of the financial system, experience suggests it be tempered by careful and prudent management and appropriate regulation and supervision.”
FDIC Announces Retirement of Doreen Eberley, Director of Division of Risk Management Supervision. On January 17, 2025, the FDIC announced that Doreen Eberley, Director of Division of Risk Management Supervision, would retire following a 38-year career with the FDIC. Ms. Eberley will retire March 29, 2025.
Speech by Governor Cook on Financial Stability. On January 6, 2025, Federal Reserve Board Governor Cook gave a speech titled “An Assessment of the Economy and Financial Stability.” In her speech, Governor Cook highlighted her four areas of focus in monitoring financial stability: private credit, stablecoins, cyber attacks and artificial intelligence.
The following Gibson Dunn lawyers contributed to this issue: Jason Cabral and Ro Spaziani.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. Please contact the Gibson Dunn lawyer with whom you usually work or any of the member of the Financial Institutions practice group:
Jason J. Cabral, New York (212.351.6267, [email protected])
Ro Spaziani, New York (212.351.6255, [email protected])
Stephanie L. Brooker, Washington, D.C. (202.887.3502, [email protected])
M. Kendall Day, Washington, D.C. (202.955.8220, [email protected])
Jeffrey L. Steiner, Washington, D.C. (202.887.3632, [email protected])
Sara K. Weed, Washington, D.C. (202.955.8507, [email protected])
Ella Capone, Washington, D.C. (202.887.3511, [email protected])
Sam Raymond, New York (212.351.2499, [email protected])
Rachel Jackson, New York (212.351.6260, [email protected])
Zack Silvers, Washington, D.C. (202.887.3774, [email protected])
Karin Thrasher, Washington, D.C. (202.887.3712, [email protected])
Nathan Marak, Washington, D.C. (202.777.9428, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Jeremy Smith and Daniel Rubin are the authors of “Wildfire housing crisis tests California price-gouging law” [PDF] published by the Daily Journal on January 30, 2025.
Expect sweeping changes ahead. But when looking back, an aggressive enforcement agenda continued as the SEC reported record high financial remedies, although—like all numbers that high—the SEC’s enforcement measures in 2024 require context and came alongside a drop in new actions.
I. Introduction
The dichotomy of an aggressive enforcement agenda tempered by litigation setbacks set forth in our mid-year 2024 SEC Enforcement update persisted through the end of the SEC’s 2024 fiscal year. The SEC filed a flurry of enforcement actions up until the very end of the previous administration. Now that the Gensler-led SEC has ended and the incoming administration has nominated Paul Atkins as its new Chairman and appointed Commissioner Mark Uyeda as Acting Chairman, change is coming. To be clear, the Commission’s three-part mission and the critical role that enforcement plays in that mission will remain the same. But, from those who have worked with Atkins—and as covered in a Gibson Dunn webcast—shifts are coming at the agency.
A. 2024 Enforcement Results: The Ups and Downs
While measuring success goes beyond numbers, the reported drop in new actions piqued interest given the Commission’s aggressive enforcement posture.
As reported by the SEC on November 22, the enforcement statistics for the fiscal year ending September 30, 2024 reflect that the Commission filed a total of 583 actions, compared to 784 actions the prior year, a drop of 26 percent.[1] Of those 583 actions, the agency reported 431 stand-alone enforcement actions—the most significant measure of activity, involving cases independently charged and not linked to a prior finding of violation—as compared to 501 stand-alone enforcement actions filed the prior year, a 14 percent drop.
![]() |
While the Commission obtained orders for an all-time aggregate high of $8.2 billion— consisting of $6.1 billion in disgorgement and prejudgment interest, the highest amount on record, and $2.1 billion in civil penalties, the second-highest amount on record—the 2024 financial remedies stem in large part from the continued off-channel communications settlements ($600 million) and a single crypto judgment ($4.5 billion in disgorgement, interest, and penalty), that received unanimous Commission support but appears uncollectible.[2] Consistent with its general pattern over the last several years, in 2024, the SEC again recovered over twice as much in disgorgement as compared to penalties.
Another important metric to highlight includes $345 million in money distributed to harmed investors in fiscal year 2024, a drop from $930 million distributed to harmed investors in fiscal year 2023. And the agency also reported fiscal year 2024 orders barring 124 individuals from serving as officers and directors of public companies, the second-highest number of such bars following the prior year’s 133 such orders.
![]() |
The distribution of actions across subject matter remained generally consistent with prior years. The SEC brought 97 stand-alone actions against investment advisers and investment companies (23 percent of actions in 2024) reflecting a continued focus on investment adviser and company regulation and enforcement, and an increase from the prior year (86 cases, 17 percent of actions in 2023). The 94 stand-alone enforcement actions relating to securities offerings reflected a decrease from the prior year (22 percent of actions in 2024, compared to 164 cases and 33 percent of actions in 2023), while broker-dealer enforcement remained relatively steady (61 cases and 14 percent of actions in 2024, compared to 60 cases and 12 percent of actions in 2023). There were also decreases year-over-year in the areas of issuer reporting (49 cases and 11 percent of actions in 2024, compared to 86 cases and 17 percent of actions in 2023) and—as conveyed in more detail within Gibson Dunn’s forthcoming 2024 FCPA Year-End Update—FCPA matters (two cases and zero percent in 2024, compared to 11 cases and two percent of actions in 2023). In fact, the combined number of issuer reporting and FCPA matters is the lowest since at least 1998. Finally, there was a slight increase in the percentage of stand-alone actions relating to insider trading in 2024 (34 cases and eight percent of actions in 2024, compared to 32 cases and six percent of actions in 2023).
![]() |
B. Explaining the Numbers: Jarkesy
Impacts of recent court cases remain important to watch for the SEC and all agencies.
In a November podcast, the SEC’s former enforcement director remarked that the numbers show the impacts of, among other things, the U.S. Supreme Court decisions from last year including SEC v. Jarkesy (June 2024). The director, who announced his departure in October,[3] stated after the decisions, “we [enforcement] basically needed to hit pause” and “assess the impact of Jarkesy” on resolved, pending, and pipeline matters, which took “several months between June, July and even creeping into August.” The former director continued that “if we want to see how the last fiscal year [ending September 30] was, you should look at October and November [cases filed] because those are the two months or more that we lost as a result of Jarkesy ….” The agency filed 200 enforcement actions in the first fiscal quarter of 2025 (October to December 2024), with 75 actions in October 2024 alone. Of note, the agency sent out a press release on the last business day of the Gensler administration, touting the record number of enforcement actions in fiscal Q1 2025 (October through December 2024), and the 40 actions filed in the first two business weeks of January 2025.[4]
The CFTC similarly reported decreased enforcement numbers for its recent fiscal year, 58 new actions as compared to 96 the prior year, although the impacts of any litigation setbacks on the CFTC’s pipeline may not have been as pronounced (it filed three actions in October 2024 and no actions in December 2024).[5] At the same time, a similar trend surfaced concerning financial remedies: like the SEC, the CFTC reported record-breaking monetary results for its fiscal year, though there, too, a single crypto case played a leading role in the monetary relief.
While explaining the SEC numbers further may involve other factors such as a review of resource allocation and case priorities, former acting enforcement director Sanjay Wadhwa (who stepped down effective on January 31) stated that “[w]hat our numbers do not reflect, however, are countless investigations that may not have resulted in an enforcement action for evidentiary or other reasons, or where we declined to pursue an enforcement action, but that shined a spotlight on potentially problematic conduct and caused responsible market participants to cease engaging in it.”
Finally, other litigation setbacks remain on radar, including SEC v. Govil. That Second Circuit case, covered in detail in a prior client alert, held the SEC is not entitled to disgorgement unless it can show the allegedly defrauded investors suffered pecuniary harm. This important holding emerged in the past year in a litigated SEC case where the Southern District of New York denied the agency’s request for roughly $1 billion in disgorgement and interest based on Govil.[6] Another notable setback was in Coinbase v. SEC where the Third Circuit recently faulted the Commission for failing to provide “meaningful guidance on which crypto assets it views as securities.” In light of the Coinbase decision and the SEC’s new leadership, we expect to see significant change in the Commission’s approach to crypto assets in the coming year. Indeed, within a day of the inauguration, Acting Chairman Mark Uyeda launched a new crypto task force, led by Commissioner Hester Peirce, with the stated mission of “developing a comprehensive and clear regulatory framework for crypto assets.”[7]
C. What the Past Might Tell Us: Looking Back to the Future
Past Republican Commissioner statements note that the “vast majority of SEC enforcement actions are straightforward.”
Although steady commentary suggests a pullback on crypto and off-channel communication cases, sweeps for technical violations, and the overuse of internal controls and certain other provisions of the securities laws, other areas highlighted in the 2024 results will most likely remain in focus. Those “straightforward” areas include major fraud, individual accountability, gatekeeper accountability, and certain public company cases, among others. Moreover, investigations typically take time to complete even under the best of circumstances, with the average of all investigations taking slightly over two years. And while case outcomes might look different, the past administration’s matters (including on subject matter similar to cases filed in 2024) will most likely remain active for some time. Notwithstanding new priorities, those legacy matters may mature into actions filed in the future and shape early trends for the new administration.
Whistleblowers
The topic of whistleblowers remains an important one. Although the potential for decreased penalties in the new administration may impact the analysis for some whistleblowers, given that any bounty paid to the whistleblower derives from monetary relief, expect continued tips to the SEC and others. Credible allegations of misconduct will always be investigated vigorously under any administration.
Highlights from 2024 regarding whistleblowers:
- The SEC reported receipt of 24,000 whistleblower tips and announced awards of more than $255 million to 47 individuals, a decline from the prior year, and reportedly more than 14,000 of the 24,000 tips came from two individual whistleblowers.[8]
- The SEC also continued to aggressively enforce whistleblower protections. In an enforcement sweep announced in September 2024, the SEC ordered over $3 million in penalties against seven companies for allegedly violating whistleblower protection rules by, for example, requiring employees to waive their right to receive whistleblower awards, asking customers to agree to not contact the SEC, and requiring signees to certify that they had not provided information to the government in the past.[9]
- In one case, as reported in our mid-year update, and which received unanimous Commission support for action, a broker-dealer paid an $18 million penalty for allegedly impeding “hundreds of advisory clients and brokerage customers from reporting potential securities law violations to the SEC” by having them sign an agreement prohibiting them from “affirmatively reporting” information to the Commission staff.[10]
Artificial Intelligence
Another important area from 2024 includes cases involving emerging technologies and emerging risks. This same subject area appears in the SEC’s 2025 examination priorities. While internal agency referrals (from other SEC divisions including Exams) might change in the years ahead, they will not cease—and thus examination priorities are likely to continue to shape and become enforcement priorities.
Highlights from 2024 regarding emerging technologies and emerging risks:
- Like many other agencies, the SEC messaged a strong focus on artificial intelligence.
- The SEC’s enforcement results highlighted this particular area, and numerous speeches and other statements touched upon this significant technology. As covered in our mid-year 2024 update, the SEC announced two enforcement actions in March 2024 against investment advisers for “AI-washing” and violations of the Marketing Rule (another area of focus during the last administration) for marketing the use of AI in certain ways that were not accurate.
- The types of AI matters the Commission has brought so far are uncontroversial fraud cases. Although the new administration will have its own priorities, a focus on straightforward material misstatements by any market participant to investors will remain of significant interest to the agency.
Individual Accountability
When looking at SEC enforcement reports for years during the previous Trump administration, this topic received rightful attention given that charging culpable individuals, where appropriate, hits at the core of accountability and deterrence and also because corporate entities act through individuals. That leads to dynamic charging considerations, which as we look ahead might tip the balance of Commission thoughts towards the side of pursuing even more individual cases. In any event, while the SEC’s 2024 report reviewed multiple cases involving individual accountability, a rough through-line indeed involved allegations of fraud.
Market Abuse and MNPI
The SEC’s report further highlighted a mix of actions related to market abuse and insider trading, an area that for the most part proves less controversial for the SEC (save for certain recent cases, including one litigated in 2024). In 2024, the SEC brought or settled charges against investment adviser representatives for a “cherry-picking” scheme that allegedly “defrauded their clients out of millions,” against a hacker for illegally obtaining and trading on a public company’s MNPI, and against several investment advisers for failing to implement and enforce policies and procedures to prevent MNPI misuse. Notably, after the fiscal year end, the SEC filed a litigated matter against an investment adviser for such compliance failures.[11]
Other Notes
With respect to the largest area of enforcement cases in 2024, investment advisers and companies, and notwithstanding the strike-down of the private funds rule, these important market participants will remain in focus for egregious cases and continued examinations. With respect to new(er) rules that survived or did not receive challenges, while some added grace period may be more likely in the coming years, those areas will ripen to enforcement risk.
A note on off-channel communication cases: numerous takes foresee fewer, if any, such stand-alone technical matters. However, the communications might resurface as more and more investigations uncover the substance of any unreviewed communications where indeed the reasons for going off-channel extended beyond the mundane.
On balance, there are at present more questions than answers on what the future holds, as we all await priority pronouncements, personnel appointments of directors, what’s to come from the Department of Government Efficiency, and how litigation setbacks like Jarkesy and Govil, among others, impact the way in which the SEC and others litigate, which might be particularly important as the SEC likely pursues even more individual accountability. Nevertheless, when issues arise and bad actors reveal themselves, the SEC will come calling.
D. Senior Staffing Update
Beyond the more covered staffing changes—such as the nomination of Paul Atkins as Chairman, former Chair Gary Gensler’s announced retirement along with Mark Uyeda’s naming as Acting Chairman, and Gurbir Grewal’s announced departure from the Enforcement Director position along with Sanjay Wadha’s appointment as Acting Enforcement Director—there were further changes at the senior staff level and in regional leadership. Many of these changes accompanied, or immediately preceded, the change in administration.
- In July, Keith E. Cassidy was named Interim Acting Director of the Division of Examinations while Director Richard Best took a leave of absence to focus on his health. Cassidy concurrently serves as the National Associate Director of the Division’s Technology Controls Program, where he oversees the SEC’s CyberWatch program and the Cybersecurity Program Office.[12]
- In September, the SEC announced that Richard R. Best would transition to the role of Senior Advisor to the Director of the Division of Examinations from his role as Director of the Division of Examinations. Before becoming the Director of the Division of Examinations in 2022, Mr. Best served as the Director of the SEC’s New York Regional Office and also previously served as the Director of the SEC’s Atlanta Regional Office and the SEC’s Salt Lake Regional Office.
- In December, the SEC announced the departure of Trading and Markets Division Director Haoxiang Zhu. During Mr. Zhu’s tenure, the SEC shortened the settlement cycle for equities, corporate bonds, and municipal bonds to one day, expanded central clearing for Treasury repurchase and cash transactions, and updated execution rules under Regulation National Market System (NMS). David Saltiel, formerly a deputy director in the Office of Analytics and Research, assumed the role of Acting Director upon Mr. Zhu’s departure.[13]
- In December, Erik Gerding left his position as Director of the Division of Corporate Finance.[14] Gerding joined the SEC as Deputy Director of the Division of Corporate Finance in October 2021 and became the Division’s Director in February 2023. For the time being, Cicely LaMothe—who was serving as Deputy Director for Disclosure Operations within the division—will serve as Acting Director.
More staffing changes occurred at the turn of the year, in relatively quick succession, before the change in administration.
- Chief Accountant Paul Munter retired after serving in his role for two years.[15] Munter joined the Commission in 2019, was named as Acting Chief Accountant in 2021, and was appointed to Chief Accountant in early 2023. Ryan Wolfe currently serves as Acting Chief Accountant.[16]
- Chief Economist and Director of the Division of Economic and Risk Analysis (DERA) Jessica Wachter departed the Commission around the same time, announcing that she would return to the Wharton School at the University of Pennsylvania to serve as the Dr. Bruce I. Jacobs Chair of Quantitative Economics.[17] Robert Fisher currently serves as the Acting Director of DERA.[18]
- General Counsel Megan Barbero also departed the Commission. She had served as General Counsel since February 2023 and joined the SEC in July 2021 to serve as the Principal Deputy General Counsel.[19] Jeffrey Finnel currently serves as Acting General Counsel.[20]
- The Director of the Office of International Affairs, YJ Fisher, also left the Commission after serving in her position since August 2021.[21] Kathleen Hutchinson currently serves as Acting Director of the Office of International Affairs.[22]
- The Commission’s Chief of Staff, Amanda Fisher, similarly announced her departure from the Commission.[23] She first joined the Commission in June 2021 as Senior Counselor, then served as Chief of Staff from January 2023 until her departure.
- The SEC Policy Director, Corey Klemmer, also announced that she would step down from her role, which she held since May 2024.[24] Klemmer joined the Commission in July 2021 to serve as Corporate Finance Counsel.
- Director of the Office of Public Affairs, Scott Schneider, also left the SEC.[25] Schneider had served in this role since April 2021 and had also served as a counselor to Chair Gensler.
- Finally, Sanjay Wadha—who has been serving as Acting Director of the Division of Enforcement—announced that he would depart the Commission as of January 31, 2025. Wadha first joined the SEC as a staff attorney in 2003.[26] Between then and his being named Acting Enforcement Director in October 2024, Mr. Wadha served in many roles at the Commission, including Senior Associate Director of the Division of Enforcement in the New York Regional Office (NYRO), Deputy Chief of the Market Abuse Unit, and Assistant Director in the NYRO. Samuel Waldon, the previous Acting Deputy Director, currently serves as the Acting Director; and Antonia Apps as the Acting Deputy Director.[27]
E. Whistleblower Actions
As noted above, 2024 trends demonstrated that the Commission continued to make whistleblowers an important aspect of its enforcement agenda throughout the year. In three separate enforcement actions in September, the SEC announced settled charges against over 10 entities in total for alleged violations of Rule 21-F, the SEC’s whistleblower protection rule. These actions notably demonstrated that the Commission continued to interpret Rule 21-F’s scope to be broad. For example, in the first action described below, the SEC found that the whistleblower protection rule pertained to agreements made with clients, and not with employees. This action marks the second time—the first being the Commission’s settled charges against a large broker-dealer, as noted in our mid-year update—that were brought with respect to agreements made outside of the employment context. These actions further show that the Commission has interpreted the rule from asking signees to certify that they, retrospectively, had not provided information to the government in the past, before signing the agreement at issue. The Commission has taken the position that such clauses violate the whistleblower protection rules, even where other aspects of the agreement allow signees to provide information to the government prospectively, and to reap related whistleblower awards.
- The first action announced settled charges against a broker-dealer and two affiliated investment advisors for entering into confidentiality agreements with retail clients containing provisions that allegedly limited clients’ ability to provide information to the SEC by permitting communications only where the SEC first initiated an inquiry.[28] Without admitting or denying the allegations, the broker-dealer agreed to pay a civil penalty of $240,000 to settle the charges.
- The second action announced settled charges against seven entities for allegedly using employment and other agreements that either limited the signees’ ability to willingly and voluntarily provide information to the SEC, required signees to affirm that they had not provided information to the government in the past, or prevented signees from receiving whistleblower awards in return for providing information.[29] Without admitting or denying the SEC’s allegations, the entities agreed to pay civil penalties of over $3 million in the agreement, with individual penalties ranging from $19,500 to $1.4 million.
- The third action announced settled charges against a Florida-based investment advisor for allegedly entering into agreements with candidates for employment that, though allowing the candidates to provide information to the government in response to inquiries, prevented the candidates from making such disclosures voluntarily.[30] Without admitting or denying the allegations, the investment adviser agreed to pay a civil penalty of $500,000 to settle the charges.
The Commission relatedly continued to provide sizable awards to individuals that provided useful information through the whistleblower program.
- In July, the SEC announced two separate whistleblower awards, each coincidentally for approximately $37 million, to two different whistleblowers that provided information that purportedly facilitated successful enforcement actions. In one of the matters, the whistleblower purportedly provided information directly to the Commission and further conserved the Staff’s time and resources by identifying potential witnesses and documents.[31] In the other matter, the respective whistleblower initially reported their concerns internally, which led their employer to conduct an internal investigation and also eventually helped prompt the SEC to open up its own investigation. The whistleblower then purportedly facilitated the Staff’s investigation by providing ongoing, extensive, and timely assistance.[32]
- In August, the SEC announced two whistleblower awards totaling more than $98 million for information and assistance that led to an SEC enforcement action and an action brought by another agency. The first whistleblower received an award of $82 million for making the tip that prompted the opening of the investigations and for providing critical ongoing assistance to the investigations. The second whistleblower received an award of $16 million for, at a later stage of the investigations, providing information that significantly contributed to one aspect of the actions.[33]
- Also in August, the SEC awarded $24 million to two whistleblowers who, after reporting conduct internally, provided information that prompted an SEC enforcement action and an action by another agency. Although the first whistleblower’s information prompted the SEC investigation, the second whistleblower received a higher award, purportedly because their “information played a more significant role in the investigation.” The second whistleblower provided, among other things, “important information about key witnesses and their roles in the schemes,” which purportedly was “heavily” relied on by the SEC during the investigation. The $24 million award was based on the entire amount ordered by the Commission, including disgorgement and prejudgment interest, as well as on the amount collected by the other agency in its separate action.[34]
- In October, the SEC announced a $12 million award to three whistleblowers who provided critical assistance to an SEC enforcement action. In determining the amount of the award, the SEC considered, among other things, the significance of the information provided to the commission, the assistance provided, the law enforcement interest in deterring violations, and participation in internal compliance systems.[35]
II. Public Company Accounting, Financial Reporting, and Disclosure
A. Purported Fraudulent Schemes
In June 2024, the SEC announced settled charges against an advanced materials and nanotechnology company, and filed related charges against its former CEOs, for alleged violations of fraud, reporting, internal accounting controls, and books and records provisions.[36] The alleged scheme involved the two former CEOs issuing a special dividend—the value of which was allegedly overstated by the former CEOs—and effecting a merger between their former companies. When the company’s stock price did indeed rise, the company sold over 16 million shares, raising $137.5 million. The SEC alleges the true purpose of the merger and dividend were to create a short squeeze, which was allegedly never communicated publicly. The company neither admitted nor denied the findings and agreed to pay a $1,000,000 penalty. The charges against the former CEOs are pending in the U.S. District Court for the Southern District of New York, and the SEC is seeking permanent officer-and-director bars, disgorgement of ill-gotten gains, and civil penalties from them.
In August, the SEC announced that an Alabama-based shipbuilder and its Austrian parent company had agreed to settle charges brought by the SEC in the U.S. District Court for the Southern District of Alabama.[37] The SEC’s complaint alleged that the companies conducted a purportedly fraudulent revenue recognition scheme from January 2013 to July 2016 to artificially reduce the estimated cost of completion of projects for the U.S. Navy by tens of millions of dollars. As a result, the companies allegedly prematurely recognized revenue. To settle the charges, both companies consented to permanent injunctions, and the Alabama-based shipbuilder agreed to pay a $24 million civil penalty. The Department of Justice also announced settled charges against the Alabama-based shipbuilder.
B. Financial Reporting
In August, the SEC announced settled charges against an electric vehicle company, its current CEO, former Chairman and CEO, and former CFO for allegedly reporting misleading information about the company’s financial performance from 2017 to 2019.[38] Specifically, the SEC alleged that the company and the former Chairman and CEO reported 2017 revenue guidance of $300 million despite known issues that would negatively impact revenue, and misled the company’s auditor by allegedly providing a fraudulent letter of intent from a buyer in order to avoid writing down certain assets. The SEC also alleged that the company and all three individuals improperly accounted for a cryptocurrency deal in 2019, resulting in an overstatement of revenues by more than $40 million, and made false representations in the company’s financial statements. Finally, the SEC alleged that the former Chairman and CEO hid from the auditor his personal interest in two companies that received millions of dollars in cash and stock in deals with the company. Without admitting or denying the SEC’s findings, the company agreed to pay a $1.4 million penalty and retain an independent compliance consultant; the current CEO and former CFO each agreed to pay a $75,000 penalty, and the former CFO further accepted a two-year accounting suspension; in addition, the former Chairman and CEO agreed to a $200,000 civil penalty, more than $3.3 million in disgorgement, and a 10-year officer-and-director bar.
In September, the SEC charged the former CFO; former audit committee chair; and former Chair, CEO, and President of a software company in connection with the company’s alleged overstated revenue as part of two public stock offerings.[39] The complaint, filed in the U.S. District Court for the Southern District of New York, alleged that the former Chair, CEO, and President fabricated reports of successful testing of a software program, which resulted in the company’s recognizing $1.3 million in revenue—nearly all of its revenue leading up to its IPO. The SEC also alleged that the former CFO and former audit committee Chair learned that these reports were false during the company’s secondary stock offering, but continued to make false statements about revenue, and, along with the third defendant, made related misrepresentations to the company’s auditor. The former Chair, CEO, and President has agreed to a partial settlement of a permanent injunction, but continues to litigate the appropriate remedies. The SEC is seeking injunctions and civil penalties against the other two defendants, as well as disgorgement and prejudgment interest and reimbursement from the former CFO. The U.S. Attorney’s Office for the Southern District of New York also announced charges against the former Chair, CEO, and President.
In November 2024, the SEC announced settled charges against a major logistics company for allegedly misrepresenting its earnings by failing to follow generally accepted accounting principles (GAAP) in valuing one of its business units.[40] Though the company had booked a goodwill impairment with respect to the business unit at issue, the SEC alleged that the company should have booked the impairment earlier than it had, and that its late recognition of the impairment was due to purported overreliance on an allegedly inadequate analysis by a third-party consultant showing no loss in value. Without admitting or denying the findings, the company agreed to pay a $45 million civil penalty and committed to certain undertakings, including the adoption of training requirements for certain officers and employees, as well as retention of an independent compliance consultant to review and make recommendations about its fair value estimates and disclosure obligations.
C. Public Statements and Disclosures
In mid-August, the SEC announced settled charges against a publicly traded Florida-based company and its founder for allegedly failing to disclose information related to pledges of company securities.[41] In its order, the SEC alleged that the company’s founder had pledged approximately 51 to 82 percent of the company’s securities as collateral to secure personal loans and had allegedly failed to disclose such beneficial ownership to the SEC. Further, the SEC alleged that the company had also failed to disclose the founder’s pledges of securities in its filings to the Commission and its investors. In agreeing to settle the charges, the Commission considered the cooperation of the company and the founder, including providing to the Commission compilations of relevant documents, information, and data. Without admitting or denying the charges, the company and the founder agreed to pay civil penalties of $1.5 million and $500,000, respectively.
In early September, the SEC announced settled charges against a publicly traded Massachusetts- and Texas-based company for allegedly making inaccurate statements to the SEC and its investors regarding the recyclability of its product.[42] The SEC alleged that in the company’s 2019 and 2020 annual filings, the company indicated that its product was recyclable despite allegedly having some potential knowledge to the contrary. Without admitting or denying the charges, the company agreed to pay a civil penalty of $1.5 million.
Later in September, the SEC announced settled charges against a biotechnology company related to alleged misrepresentations and omissions made during and after the company’s IPO.[43] According to the SEC, the company misled investors regarding a large market opportunity, revenue prospects, and a customer pipeline for its products. Despite allegedly receiving contradictory analysis from its sales team which valued the company’s total market opportunity at five to 10 percent of the initial published projection, the company allegedly failed to reassess the market opportunity it touted to investors. Similarly, in the leadup to its IPO, the company allegedly shared revenue projections with research analysts that lacked a reasonable basis and were materially higher than the projections prepared by the company’s own sales team. Lastly, the company allegedly misled investors about the strength of its customer pipeline, omitting key adverse facts known to the company’s sales team, including delays, dropouts, and growing concerns about potential purchases. The company settled the charges without admitting or denying the SEC’s findings, agreeing to continue cooperating with the SEC’s investigation and to pay a $30 million civil penalty. The settlement is subject to bankruptcy court approval because of the company’s pending bankruptcy proceeding.
Also in September, the SEC announced settled charges against the former CEO and independent director of a publicly traded consumer goods company, alleging violations of the proxy disclosure provisions of the federal securities laws.[44] The SEC filed a complaint in the U.S. District Court for the Southern District of New York alleging that the former CEO—who was elected an independent director in 2020—failed to disclose that he maintained a close personal friendship with an executive at the company. The former CEO also allegedly asked the executive to hide the fact of their relationship to avoid the appearance of bias, so that the former CEO could, as part of his independent director role, participate in the CEO succession process, in which the executive was being evaluated for appointment as the next CEO. The former CEO settled the charges without admitting or denying the SEC’s allegations, agreeing to a five-year officer-and-director bar, permanent injunction, and civil penalty of $175,000.
In October, the SEC announced settled charges against four current and former publicly traded technology companies for allegedly making materially misleading disclosures to the Commission and investors regarding significant cybersecurity incidents that the companies had experienced in 2020.[45] The SEC alleged that, despite investigating and disclosing the cybersecurity incidents in their public filings, the companies inaccurately disclosed the incidents by minimizing their significance and not providing detailed information related thereto. The SEC further alleged that one company failed to maintain proper disclosure controls and procedures surrounding cybersecurity incidents, leading to materially misleading disclosures to the SEC and investors. In agreeing to settle the charges, the SEC considered the cooperation and remedial measures taken by the companies, including, among others, providing Commission staff with detailed explanations, analysis, and summaries of multiple specific factual issues, promptly following up on the staff’s requests for additional documents and information, and conducting internal investigations regarding the incidents. Without admitting or denying the SEC’s findings, the four companies agreed to pay civil penalties of $990,000, $995,000, $1 million, and $4 million.
In December, the SEC announced settled charges against a publicly traded Texas-based biotherapeutics company, its former CEO, and its former CFO for allegedly failing to disclose material information about two of the company’s drug candidates.[46] The Commission alleged that the company failed to disclose to the SEC and its investors that two of the company’s drug candidates had been placed on an FDA clinical hold—an order to delay proposed clinical investigations—before, during, and after a 2021 public offering. The company neither admitted nor denied the charges, and was not ordered to pay civil penalties, purportedly because of its self-reporting, cooperation, and remediation. The individual defendants, however, agreed to pay civil penalties of $125,000 and $20,000, respectively, and the company’s former CEO further agreed to a three-year officer-and-director bar.
Also in December, the SEC announced settled charges against a New Jersey-based medical device manufacturer for allegedly misleading investors between 2016 and 2020 regarding risks associated with one of its medical devices, and for allegedly overstating the company’s income and understating its costs.[47] The Commission alleged that the company knew that it could not obtain FDA clearance for the device, failed to make the necessary changes to the device to obtain FDA clearance, and failed to inform investors of the risk that the FDA would block sales of the device. Further, the SEC alleged that the company misled investors regarding its profitability in 2019 by failing to follow GAAP and not accounting for costs associated with potentially recalling the device. Without admitting or denying the charges, the company agreed to retain an independent compliance consultant to review and make recommendations concerning its disclosure controls and procedures, and to pay a civil penalty of $175 million.
Later in December, the SEC announced settled charges against a fashion retailer for allegedly failing to disclose nearly $1 million in perks to its former CEO.[48] The SEC order alleged that the company failed to disclose the perks, mostly associated with company-authorized expensing of personal travel on privately chartered aircraft in 2019, 2020, and 2021. In April 2023, the company released its fiscal year 2022 proxy statement, which included updated disclosures about perks in 2020 and 2021, and disclosed that the CEO voluntarily reimbursed the company around $454,000 for personal expenses. The SEC noted the company’s self-reporting, cooperation, and remedial efforts, and therefore did not impose a civil penalty.
D. External Accountants and Internal Accounting Controls
In early September, the SEC charged the former finance director of a technology manufacturer for allegedly manipulating the company’s internal accounting records to falsify financial results ahead of inclusion in the company’s financial statements, and that he further fabricated documents to conceal his misconduct.[49] Through its complaint filed in the U.S. District Court for the District of Massachusetts, the SEC is seeking a permanent injunction, civil penalty, and disgorgement and prejudgment interest. The SEC also announced settled charges against the technology manufacturer for allegedly failing to maintain sufficient internal accounting controls that could have prevented the alleged fraud and the company’s overstatement of its financial performance for 2019, 2020, and through Q3 2021, but did not charge the company with fraud. The company was not charged a civil penalty, purportedly because the company self-reported the violations to the SEC following an internal investigation, provided substantial cooperation to Commission staff, and implemented remedial measures. Without admitting or denying the SEC’s findings, the company agreed to cease and desist from further violations.
In mid-September, the SEC announced that two related accounting firms had agreed to settle charges in two separate cases filed by the SEC.[50] In the first case, filed in the U.S. District Court for the Southern District of Florida, the SEC alleged that the firms improperly included indemnification provisions in engagement letters for more than 200 audits, reviews, and exams in violation of auditor independence requirements. The SEC sought a permanent injunction, civil penalty, and disgorgement and prejudgment interest, and the firms agreed to permanent injunctions and to pay a combined $1.2 million in civil penalties and disgorgement. In the second case, filed in the U.S. District Court for the Southern District of New York, the SEC alleged that the firms misrepresented that they complied with Generally Accepted Auditing Standards (GAAS) in two audits of FTX, including by failing to understand the risk associated with the relationship between FTX and a hedge fund controlled by FTX’s CEO. Without admitting or denying the charges, the firms agreed to permanent injunctions and a $745,000 civil penalty—both of which the SEC sought in its complaint—and to retain an independent consultant.
In December, the SEC announced settled charges against a Louisiana-based utility company for alleged failure to maintain internal accounting controls.[51] The SEC alleged that, starting in mid-2018, the utility company included materials and supplies at their average cost as an asset on its balance sheets despite allegedly having been warned by employees and management consultants that this asset included a substantial amount of surplus. The SEC alleged that the utility company failed to follow GAAP by not establishing a process to identify surplus, remeasure it, and record as an expense the differences between the remeasured cost and the average cost. Without admitting or denying the allegations in the SEC’s complaint, which was filed in the U.S. District Court for the District of Columbia, the utility company agreed to a permanent injunction, to adopt recommendations from an independent consultant, and to pay a $12 million civil penalty.
III. Private Companies
In July, the SEC charged the founder and former CEO of a defunct social media startup for allegedly defrauding investors by making false and misleading statements about the startup’s growth and operating expenses.[52] According to the SEC, the individual misleadingly ascribed the startup’s rising userbase to viral popularity and organic growth when, in reality, the CEO allegedly paid millions of dollars through third parties for “incent” advertisements, which offered users incentives to download the app. The SEC also alleged that the founder and former CEO and his wife hid from investors hundreds of thousands of dollars in personal expenses related to clothing, home furnishings, travel, and everyday living expenses charged to the startup’s business credit cards. The SEC’s complaint, filed in the U.S. District Court for the Northern District of California, seeks a permanent injunction, an officer-and-director bar, disgorgement, and civil monetary penalties.
In September, the SEC announced settled charges against a large, privately held family company and its founder, Chairman, and former CEO in connection with the public announcement of a tender offer that the company allegedly did not have the cash to purchase.[53] The SEC alleged that the company, at the direction and approval of the founder, made a public tender offer to purchase a large, public industrial manufacturing company at $35 per share, which would have required $7.8 billion in cash to complete. The day after the public offer was made, the founder allegedly appeared on a large national news program and stated that the company had over $10 billion in cash committed to the deal, and would not put up any company assets as collateral. The SEC further alleged that the company had only one percent of the required $7.8 billion in cash, and that neither the company nor founder had a reasonable belief that the company had the financial means to complete the tender offer. The tender offer was allegedly withdrawn nine days after it was first announced. The SEC alleged violations of Section 14(e) of the Securities Exchange Act of 1934 and Rule 14e-8 thereunder. Without admitting or denying the SEC’s findings, the founder and company agreed to cease and desist from further violations and agreed to pay civil penalties of $100,000 and $500,000 respectively.
In September, the SEC filed charges in U.S. District Court for the Northern District of California against the former CEO of a technology startup, alleging that he defrauded investors by overstating revenue and forging bank statements.[54] The SEC’s complaint details that the CEO allegedly raised over $30 million from investors by falsely inflating the company’s annual recurring revenue in the millions of dollars, despite the actual recurring revenue never exceeding $170,000. The complaint further alleges that the CEO misappropriated at least $270,000 of investor funds for personal expenses such as mortgage payments and home renovations. The SEC seeks permanent injunctions, including a conduct-based injunction, disgorgement, civil penalties, and an officer-and-director bar. The U.S. Attorney’s Office for the Northern District of California also announced criminal charges against the former CEO.
Later in September 2024, the SEC charged three former executives of a digital pharmacy startup, alleging that they defrauded investors by overstating revenue with fake prescriptions while raising over $170 million.[55] The complaint filed in the U.S. District Court for the Eastern District of New York alleges the company used a subsidiary in India for accounting and financial analysis while barring U.S.-based employees from accessing financial systems in an alleged effort to conceal the fraud. The SEC seeks permanent injunctions, civil money penalties, disgorgement, and officer-and-director bars against all three defendants.
In December, the SEC announced settled charges against two private companies and one registered investment adviser for failing to file Forms D on time for multiple unregistered securities offerings.[56] The SEC alleged that over the last several years, the two private companies and the registered investment adviser independently engaged in unregistered securities offerings, soliciting hundreds of potential investors and raising close to $300 million. In reaching a settlement, the SEC credited the parties’ remedial acts and cooperation during the investigation. Without admitting or denying the allegations, the two private companies and the registered investment adviser agreed to pay a total of $430,000 in civil penalties.
IV. Investment Advisers
A. Purportedly Fraudulent Schemes
In July, the SEC charged an activist short seller and his firm for violating antifraud provisions of the federal securities laws by allegedly engaging in a $20 million scheme from March 2018 through December 2020 to defraud followers by publishing false and misleading statements regarding stock trading recommendations.[57] According to the complaint, the short seller allegedly used his website and related social media platforms to publicly recommend taking long or short positions in various companies and held out the positions as consistent with his own and his firm’s positions. The complaint goes on to allege that following the short seller’s recommendations, the price of the target stocks moved more than 12 percent on average, and that once the recommendations were issued and the stocks moved, the short seller and his firm allegedly reversed their positions to capitalize on the stock price movements. Additionally, the SEC alleged that the short seller and his firm made several false and misleading statements in connection with the scheme and that they falsely represented that the short seller’s website had never received compensation from third parties to publish information about target companies when, in fact, it had. The complaint seeks disgorgement and civil penalties against both the short seller and his firm and an officer-and-director bar, a penny stock bar and permanent injunctions against the short seller. The Fraud Section of the Department of Justice and the U.S. Attorney’s Office for the Central District of California announced charges against the short seller as well.
In September, the SEC announced settled charges against a registered investment adviser and subsidiary of a global financial services company for alleged violations of antifraud and compliance provisions of the federal securities laws.[58] The SEC’s order alleged that the adviser overvalued collateralized mortgage obligations and overstated the performance of client accounts holding those positions. The order separately alleged that the adviser executed unlawful cross trades to limit certain investor losses, favoring some investors over others. Without admitting or denying the SEC’s findings, the adviser agreed to pay a penalty and disgorgement totaling almost $80 million and to retain a compliance consultant to review its policies and procedures.
In November, the SEC charged an investment advisory firm and its owner for defrauding nearly two dozen investors out of approximately $2.1 million.[59] The SEC alleged that the firm and owner raised $10.5 million from investors to be invested in short-term loans to professional athletes and sports agents. However, the owner and his firm allegedly made misrepresentations to investors on undisclosed fees and took hundreds of thousands of dollars from these investments for themselves. The owner and his firm also allegedly misappropriated $1.5 million that was supposed to be returned to investors, allegedly using the misappropriated funds for personal expenses, such as cars, rental homes, country club dues, and college tuition. The SEC seeks a permanent injunction, disgorgement, civil monetary penalties, and a conduct-based injunction and officer-and-director bar against the firm’s owner.
In December, the SEC announced settled charges against an investment advisory firm for allegedly failing to reasonably supervise four investment advisers and registered representatives who allegedly stole millions of dollars from advisory clients and brokerage customers.[60] The SEC alleged that the firm failed to adopt policies that could have detected and prevented the alleged theft. Specifically, the SEC’s order alleged that the firm failed to prevent the advisers from using authorized third-party disbursements, which allowed hundreds of unauthorized transfers from customer and client accounts to adviser accounts. Without admitting or denying the SEC’s findings, the firm consented to undertakings, including engaging a compliance consultant to review all forms of third-party cash disbursements from customer and client accounts, and to pay a $15 million penalty.
B. Misleading Statements and Disclosures
In August, the SEC charged a China-based investment adviser, its U.S.-based holding company, and the company’s CEO with fraud violations involving the marketing of AI-based investments.[61] The SEC’s complaint alleges that the companies and the CEO misled clients about the safety of their investments, made false claims about relationships with reputable financial and legal firms, and misled investors to believe the company would soon be listed on the NASDAQ. The SEC further alleges that the company collected over $6 million from individual investors before cutting off client communication and taking down access to client accounts through their website. The SEC’s complaint in the U.S. District Court for the District of South Dakota seeks a permanent injunction, disgorgement, civil penalties, and an officer-and-director bar.
In September, the SEC announced settled fraud charges against an Idaho-based investment adviser for allegedly misleading investors and failing to comply with its own investment strategy.[62] The adviser positioned itself as having a “biblically responsible” investment strategy by utilizing a data-driven methodology to evaluate companies and exclude any companies that did not align with biblical values. Instead, according to the SEC, from at least 2019 to March 2024, the adviser allegedly used a manual research process that did not always evaluate companies based on eligibility under the investment adviser’s own investing criteria. The SEC also alleged that the adviser lacked written policies or procedures setting forth a process for evaluating companies’ activities as part of its investment process, which caused inconsistent application of criteria and led to investments in companies that failed to align with the adviser’s own stated criteria. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $300,000 civil penalty and to retain a compliance consultant.
In October, the SEC announced settled charges against an investment adviser for violating antifraud provisions of the federal securities laws by allegedly misrepresenting that certain environmental, social, and governance factors (ESG) exchange-traded funds would not be used to invest in companies that were involved in fossil fuel or tobacco.[63] Between 2020 and 2022, the investment adviser allegedly used data from third-party vendors that did not screen out these company types. This practice allegedly led to fund investments in fossil fuel and tobacco-related companies, including in coal mining and transportation, natural gas extraction and distribution, and retail sales of tobacco products. The SEC also alleged that the adviser did not have any policies and procedures over the screening process that would exclude those company types. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $4 million civil penalty.
In November, the SEC announced settled charges against an investment advisory firm for allegedly making misleading statements about the percentage of its parent company’s assets that were ESG integrated.[64] The SEC order alleged that though the marketing materials claimed that between 70 and 94 percent of its parent company’s assets were ESG integrated, the firm did not have a policy defining ESG integration and a substantial number of assets were allegedly held in passive ETFs that did not consider ESG factors in investment decisions. Without admitting or denying the SEC’s findings, the firm agreed to pay a $17.5 million penalty.
C. Safeguards and Policies
In August, the SEC announced settled charges against a New York-based registered transfer agent for allegedly failing to assure that client securities and funds were protected against theft or misuse.[65] The SEC claimed that the alleged failures led to the loss of more than $6.6 million of client funds as a result of two separate cyber intrusions in 2022 and 2023. Without admitting or denying the SEC’s findings, the registered agent agreed to pay an $850,000 civil penalty. The SEC’s order made note of the registered agent’s cooperation and remedial efforts, including the full reimbursement of all clients and accounts for losses resulting from the cyber incidents.
Also in August, the SEC announced settled charges against a New York-based registered investment adviser for failing to establish, maintain, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information concerning its trading of collateralized loan obligations.[66] According to the SEC’s order, the adviser maintained a credit business through which it obtained material nonpublic information (MNPI) about companies whose loans were held in collateralized loan obligations that the adviser traded, but did not establish, maintain, or enforce any written policies or procedures concerning the potential impact of the MNPI for over five years. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $1.8 million civil penalty. The SEC’s order made note of the adviser’s prompt remedial acts and cooperation.
In September, the SEC announced settled charges against 11 institutional investment managers for allegedly failing to file Forms 13F, which report quarterly holdings and are required for institutional investment managers that have discretion over $100 million in certain types of securities (Section 13(f) securities).[67] Two of the managers were also charged with allegedly failing to file Forms 13H, a form required for large traders with a substantial number of transactions of securities listed on national securities exchanges. All 11 managers settled without admitting or denying the SEC’s findings. Nine of the managers agreed to pay an aggregate of more than $3.4 million in civil penalties, with individual penalties ranging from $175,000 to $725,000. Two of the managers were not ordered to pay any civil penalties, however, purportedly because they self-reported the alleged violations.
D. Recordkeeping
The Commission continues to bring heavy fines against a multitude of broker-dealers, investment advisors, and dual registrants for failing to preserve electronic communications. As demonstrated below, this trend persisted through the second half of 2024, and the SEC has already announced settled charges related thereto so far in 2025 with Gensler as the Chair.[68]
In September, the SEC resolved three separate enforcement actions involving recordkeeping violations. In the first action, the SEC announced settled charges against six nationally recognized statistical rating organizations for failing to maintain and preserve electronic communications.[69] All six firms admitted to the SEC’s findings and agreed to pay an aggregate of more than $49 million in civil penalties, with firms agreeing to pay between $100,000 and $20 million individually. Five of the firms further agreed to retain a compliance consultant. In the second action, the SEC announced settled charges against 12 municipal advisors for failing to preserve electronic communications sent or received by personnel related to their activities as municipal advisors.[70] Because the failures included personnel at the supervisory level, the advisors were also charged with supervision failures. All 12 advisors admitted to the SEC’s findings and agreed to pay an aggregate of more than $1.3 million in civil penalties, with individual penalties ranging from $40,000 to over $300,000. In the third action, the SEC announced settled charges against an investment advisory firm for allegedly failing to keep records, including off-channel communications, related to recommendations and advice to purchase and sell securities.[71] Without admitting or denying the SEC’s findings, the firm agreed to a cease and desist and a censure. The SEC did not impose a penalty because the firm self-reported the conduct, promptly remediated the violations, and cooperated on the third-party investigation.
E. Custody Rule
In September, the SEC announced settled charges against a registered investment adviser for allegedly failing to comply with requirements related to the safekeeping of client assets from at least 2018 through 2022 and for its use of allegedly impermissible liability disclaimers in advisory and private fund agreements beginning in 2019.[72] According to the SEC’s order, the adviser allegedly violated the “custody rule” under the Advisors Act—which requires advisers to implement various safeguarding measures unless the adviser instead distributes audited financials prepared in accordance with GAAP—because it failed to implement the enumerated safeguards or timely distribute annual audited financial statements to investors in certain private funds that it advised. In addition, the SEC alleged that the adviser included liability disclaimers in its advisory agreements and certain private fund partnership and operating agreements that could have led a client to incorrectly believe that the client had waived non-waivable causes of action against the adviser. The order further alleged that certain of the liability disclaimers also contained misleading statements regarding the adviser’s otherwise unwaivable fiduciary duty. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $65,000 civil penalty. According to the order, the SEC considered the adviser’s remedial acts—which included revising its procedures regarding compliance with the custody rule, and removing problematic clauses from its advisory and private fund agreements—when deciding upon settlement.
Also in September, the SEC announced settled charges against a privately held Florida-based advisory firm for allegedly violating the custody rule by purportedly failing to ensure that certain crypto assets held by its client were maintained with a qualified custodian.[73] The SEC further alleged that the firm misled certain investors by representing to them that redemptions required at least five business days’ notice before month-end while allowing other investors to redeem with fewer days’ notice. The firm agreed, without admitting or denying the allegations, to a civil penalty of $225,000.
F. Marketing Rule
In September, the SEC announced settled charges against nine registered investment advisers for violating the new Marketing Rule by allegedly disseminating advertisements that included untrue or unsubstantiated statements of material facts, testimonials, endorsements, or third-party ratings without required disclosures.[74] All nine advisers settled without admitting or denying the SEC’s findings and agreed to pay an aggregate of $1.24 million in civil penalties, with individual penalties ranging from $60,000 to $325,000, and to review their advertisements and certify compliance with the Marketing Rule.
V. Broker-Dealers
A. Regulation Best Interest and Pricing
In September, the SEC announced settled charges against a Tennessee-based broker-dealer for failing to maintain and enforce policies and procedures reasonably designed to achieve compliance with Regulation Best Interest (Reg BI).[75] The SEC alleged that, in 2021, the company merged with another broker-dealer, but due to incompatibilities between the two parties’ systems, the company lacked accurate customer information for more than 5,000 customer brokerage accounts that migrated to its platform. Additionally, the SEC alleged the new registered representatives that joined the company post-merger did not have access to the site the company used to review structured notes transactions flagged as non-compliant and that, as a result, the company approved such note recommendations without all the documentation required by its own Reg BI policies and procedures. Without admitting or denying the allegations, the broker-dealer agreed to a civil penalty of $325,000.
In October, the SEC announced settled charges against two affiliates of a large multinational financial services firm in five separate enforcement actions for allegedly misleading disclosures to investors, breach of fiduciary duty, prohibited joint transactions and principal trades, and failure to make recommendations in the best interest of customers.[76] Without admitting or denying the SEC’s findings, the affiliates agreed to pay more than $151 million in combined civil penalties and voluntary payments to investors.
The first three enforcement actions pertained to one affiliate. The first of these orders alleged that the affiliate made misleading disclosures to investors about the extent to which it had discretion over when to sell and the number of shares to be sold, subjecting customers to market risk and failing to sell certain shares for months, which resulted in a decline in value. The second order alleged that the affiliate failed to fully and fairly disclose the financial incentive that it and its advisers had when recommending their own portfolio management programs over third-party programs between July 2017 and October 2024. The third SEC order alleged that, in violation of Reg BI, the affiliate recommended certain mutual fund products to its retail brokerage customers despite the fact that materially less expensive ETF products already existed, and offered the same portfolio as being available between June 2020 and July 2022. No civil penalty was imposed in this third order, as the affiliate promptly self-reported, conducted an internal investigation, provided substantial cooperation, and voluntarily repaid impacted customers approximately $15.2 million.
The other two enforcement actions pertained to the second affiliate. The first of these orders alleged that the affiliate caused $4.3 billion in prohibited joint transactions that advantaged an affiliated foreign money market fund. The second SEC order alleged that this same affiliate engaged in or caused 65 prohibited principal trades with a combined notional value of approximately $8.2 billion between July 2019 and March 2021. The order alleged that the affiliate directed an unaffiliated broker-dealer to buy commercial paper or short-term fixed income securities from the affiliate, which the affiliate then purchased back on behalf of its clients.
B. Market Manipulation
In September, the SEC announced settled charges against a registered broker-dealer for allegedly manipulating the U.S. Treasury cash securities market through an illicit trading strategy known as spoofing.[77] The SEC order alleged that between April 2018 and May 2019, a trader employed by the broker-dealer entered orders on one side of the market that they had no intention of executing in order to obtain more favorable execution prices on bona fide orders on the other side of the market. Allegedly, once the bona fide orders were filled, the spoofed orders were then canceled. The broker-dealer allegedly lacked adequate controls and failed to take reasonable steps to scrutinize the trader after receiving warnings of his potentially irregular trading activity. The broker-dealer settled the charges and agreed to pay a penalty and disgorgement totaling more than $6.9 million, which will be credited from a monetary sanction of more than $15 million from a deferred prosecution agreement the broker-dealer entered into with the DOJ. The broker-dealer separately agreed to pay a $6 million fine to FINRA to resolve related charges.
C. Safeguards and Policies
In July, the SEC announced settled charges against a California-based parent company of a cryptocurrency bank, its former CEO, and former Chief Risk Officer for allegedly misleading investors.[78] The Commission alleged that from 2022 to 2023, the company and its officers misled investors about the strength of its Bank Secrecy Act/Anti-Money Laundering compliance program and falsely stated in its SEC filings that it conducted ongoing monitoring of its high-risk crypto customers. The SEC further alleged that following the collapse of one of its customers, the company misrepresented its financial condition. Without admitting or denying the charges, the company agreed to pay a civil penalty of $50 million, and its officers agreed to pay civil penalties of $1 million and $250,000, respectively, in addition to five-year officer-and-director bars. In parallel actions, the company also settled charges with the Federal Reserve System (FRB) and the California Department of Financial Protection and Innovation (DFPI).
In August, the SEC announced settled charges against a New York-based broker-dealer for allegedly failing to adopt or implement reasonably designed anti-money laundering policies and procedures between March 2020 to May 2023.[79] As a result, the broker-dealer allegedly did not surveil certain types of purportedly risky transactions for red flags of potentially suspicious conduct, nor did it allocate sufficient resources to review alerts generated from its automated surveillance of other types of transactions. Without admitting or denying the alleged facts, the broker-dealer agreed to a censure and a cease-and-desist order, in addition to paying a $1.19 million penalty.
In September, the SEC announced settled charges against two investment adviser firms for allegedly exceeding clients’ designated investment limits over a two-year period beginning in March 2016.[80] The SEC order alleged that one of the firms was the primary investment adviser and portfolio manager for a trading strategy in which options were traded in a volatility index with the aim of generating incremental returns. The firm allegedly allowed many accounts to exceed the exposure levels that investors had set, including dozens of accounts that exceeded the limit by 50 percent or more. The other firm allegedly introduced its clients to the trading strategy despite knowing that investors’ exposure levels were being exceeded, and purportedly failed to adequately inform affected investors. Both firms allegedly received management and incentive fees, as well as trading commissions from the trading strategy. The SEC also alleged that both firms neglected to adopt and implement policies and procedures reasonably designed to ensure that they kept their clients abreast of material facts and excessive exposure. Without admitting or denying the findings, both firms agreed to civil penalties and disgorgement totaling $5.5 million and $3.8 million, respectively.
In November, the SEC announced settled charges against three broker-dealers related to suspicious activity reports (SARs) filed by the broker-dealers that allegedly lacked certain important, required information.[81] Over a four-year period beginning in 2018, the three broker-dealers filed multiple allegedly deficient SARs in violation of Section 17(a) of the Exchange Act, as well as Rule 17a-8 promulgated thereunder. Without admitting or denying the charges, the firms agreed to civil penalties of $125,000, $75,000, and $75,000, respectively, and two of the broker-dealers further agreed to have their anti-money laundering programs reviewed by compliance consultants.
In December, the SEC filed charges against a registered investment adviser for allegedly failing to establish, implement, and enforce written policies and procedures reasonably designed to prevent the misuse of material nonpublic information (MNPI) relating to its participation on ad hoc creditors’ committees.[82] The SEC’s complaint focused on one of the investment adviser’s attorney-consultants, who sat on the private side of the investment adviser’s information barrier, which was the subject of extensive policies and procedures. The SEC alleged that this attorney-consultant sat on an ad hoc creditors’ committee in connection with certain distressed municipal bonds and received MNPI pursuant to a customary confidentiality agreement. According to the complaint, the attorney-consultant then allegedly had unspecified communications with the investment adviser’s public trading desk when he had MNPI and while the firm continued to buy the distressed issuer’s bonds. The SEC did not allege, and presumably had no evidence, that any MNPI was communicated by the attorney-consultant to the public-side investment team; nor did the SEC allege any improper trading violation of any kind nor any harm to investors. The investment adviser is charged with allegedly violating provisions of the Investment Advisers Act of 1940 related to establishing and enforcing reasonably designed compliance policies and procedures. The SEC is seeking a civil penalty and permanent injunctive relief. The investment adviser has stated that it fully cooperated with the SEC in its years-long investigation and would not agree to settle a dispute in which there was no wrongdoing nor any deficiency in its detailed information barrier policies or its compliance program.
D. Recordkeeping
In August, the SEC announced settled charges against 26 broker-dealers and investment advisers for alleged widespread and longstanding failures by the firms and their personnel to maintain and preserve electronic communications.[83] The firms admitted to the facts alleged against them and agreed to pay civil penalties of $392.75 million in the aggregate, ranging between $400,000 and $50 million each. Three of the firms self-reported their violations and resultingly incurred lower civil penalties. The CFTC also announced settlements for related conduct with three of the entities.
In September, the SEC announced settled charges against 12 broker-dealers and investment advisers for failures to maintain and preserve electronic communications.[84] The firms admitted to the facts alleged against them and agreed to pay civil penalties of over $88 million in the aggregate, ranging between $35 million and $325,000. One firm will not pay a penalty because it self-reported, self-policed, and demonstrated substantial efforts at compliance. Two other firms similarly self-reported and incurred lower civil penalties as a result. The CFTC announced a settlement for related conduct with an additional entity on the same day.
E. Failure to Register
In September, the SEC announced settled charges against three sales agents from a Delaware investment advisor for unregistered broker activity, including selling membership interests in LLCs that purported to invest in shares of pre-IPO companies.[85] The SEC alleged that the sales agents engaged in broker activities—including providing investors with marketing materials, advising investors on the merits of investments, and receiving transaction-based compensation—despite not being registered as brokers. Without admitting or denying the findings, each sales agent agreed to industry and penny stock bars, and to pay disgorgement ranging from $431,287 to $1,392,367, along with a civil penalty ranging from $90,000 to $300,000. One of the sales agents also settled related fraud charges that the SEC had previously announced in March 2023.
F. Technical Violations
In December, the SEC announced settled charges against two broker-dealer firms for failing to provide complete and accurate securities trading information to the SEC, known as blue sheet data.[86] The SEC orders found that, over a period of several years, due to a number of errors, one broker-dealer made approximately 11,195 blue sheet submissions to the SEC with missing or inaccurate data, while the other firm made approximately 3,679 submissions with misreported or missing data. The SEC orders did find that both broker-dealers engaged in remedial efforts to correct and improve their blue sheet reporting systems and controls, and that one of the broker-dealers self-identified and self-reported all but one of the errors affecting its blue sheet submissions. The broker-dealers admitted the findings, agreed to be censured, and to each pay a $900,000 penalty. The broker-dealers separately settled with FINRA for related conduct.
Also in December, the SEC announced settled charges against a registered broker-dealer for failing to file certain Suspicious Activity Reports (SARs) in a timely manner.[87] According to the order, in certain instances between April 2019 and March 2024, the broker-dealer received requests in connection with law enforcement or regulatory investigations/litigation but allegedly failed to conduct or complete SARs investigations within a reasonable period of time. The broker-dealer settled the charges and agreed, without denying or admitting the allegations, to pay a $4 million civil penalty, to a censure, and to cease and desist.
VI. Cryptocurrency
A. Purported Fraud
In July, the SEC filed fraud charges against a high-profile software engineer and social media platform founder.[88] The SEC accused the individual of raising more than $257 million from unregistered offers and sales of crypto assets, while falsely telling investors that proceeds would not be used to compensate him or other employees. The SEC alleged that the individual nonetheless spent more than $7 million of investor funds on personal expenditures, and further misled investors by portraying his company as a decentralized project. The individual was charged with violating the registration and anti-fraud provisions of the Securities Act of 1933 and the anti-fraud provisions of the Securities Exchange Act of 1934.
In August, the SEC announced partially settled fraud charges against a privately held entity, the entity’s co-owner and CEO, its co-owner and COO, and its promoters.[89] The SEC alleged that, from 2019 through 2023, the entity was operated as a multi-level marketing and crypto asset investment program. The SEC further alleged that the entity and individuals misled investors by claiming they would invest their funds on crypto assets and foreign exchange markets despite using the majority of investor funds to make payments to existing investors and to pay commissions to promoters. The co-owners further allegedly siphoned millions of dollars of investor assets for themselves, allegedly raising more than $650 million in crypto assets from more than 200,000 investors worldwide. The SEC charged most parties involved with violations of the registration regulations and antifraud provisions of the federal securities laws, and seeks permanent injunctive relief, disgorgement of ill-gotten gains, and civil penalties. The case is still ongoing against the entity and co-owners, but one of the parties involved agreed, without admitting or denying the allegations, to a $100,000 civil penalty and an injunction.
B. Unregistered Offerings
In August, the SEC charged a privately held Georgia-based crypto asset lender for allegedly operating as an unregistered investment company and for offering unregistered securities.[90] The SEC Complaint alleged that, in and around 2020, the company used their crypto lending program to offer and sell a product, which the SEC alleged qualified as a security, that allowed U.S. investors to tender their crypto assets in exchange for the company’s promise to pay a variable interest rate. The SEC further alleged that the company operated for at least two years as an unregistered investment company because it issued securities and held more than 40 percent of its total assets, excluding cash, in investment securities, including its loans of crypto assets to institutional borrowers. The company agreed, without admitting or denying the allegations, to an injunction and to pay a civil penalty of $1,650,000.
In September, the SEC announced settled charges against a privately held New Jersey-based investment platform.[91] The SEC alleged that since at least 2020, the company operated as a broker and clearing agency by providing U.S. customers the ability, through the company’s online trading platform, to trade crypto assets allegedly being offered and sold as securities without complying with the registration provisions of the federal securities laws. The company agreed, without admitting or denying the allegations, to the entry of a cease-and-desist order, to pay a penalty of $1.5 million, and to liquidate any crypto assets being offered and sold as securities that the company is unable to transfer to its customers, and return the proceeds to the respective customers. The company publicly announced that the only crypto assets that will continue to be traded on their platform will be Bitcoin, Bitcoin Cash, and Ether.
Also in September, the SEC announced settled charges against a decentralized finance protocol and its three co-founders for allegedly misleading investors and engaging in unregistered broker activity.[92] The SEC order alleged that the protocol conducted unregistered offers and sales of securities by offering investors crypto asset investment funds using tokens that earned returns as well as offering certain investors governance tokens. The SEC also alleged that the protocol and its co-founders misled investors by touting high annual percentage yields without accounting for the various fees charged and by telling investors their assets would be rebalanced automatically, when in actuality the rebalancing mechanism often required manual input, which was, in some cases, not initiated. The protocol and its co-founders, without admitting or denying the SEC’s allegations, agreed to various forms of relief to settle the SEC’s charges, including permanent injunctions, conduct-based injunctions, civil penalties, disgorgement, and equitable officer-and-director bars against the co-founders for a period of five years.
Later in September, the SEC announced settled charges against an issuer of a purported stablecoin and the developer and operator of a lending protocol.[93] The SEC alleged that the companies, from November 2020 until April 2023, engaged in the unregistered offer and sale of investment contracts, which the SEC alleged qualified as securities, in the form of the stablecoin. The SEC further alleged that the companies falsely marketed the investment contracts as safe and trustworthy by claiming that the stablecoin was fully backed by U.S. dollars or their equivalent, despite investing a substantial portion of the assets purportedly backing the stablecoin in a speculative and risky offshore investment fund to earn additional returns for the companies. The companies agreed, without admitting or denying the allegations, to the entry of final judgments enjoining them from violating applicable provisions of the federal securities laws and to pay civil penalties of $163,766 each. The issuer of the stablecoin also agreed to pay a disgorgement of $340,930.
At the end of September, the SEC announced settled charges against two affiliated entities, one a purported decentralized autonomous organization, and the other a Panamanian entity.[94] The SEC alleged that the entities engaged in the unregistered offer and sale of certain crypto assets, which the SEC alleged qualified as securities, since August 2021, raising more than $70 million. According to the SEC Order, the entities engaged in unregistered broker activity related to the allegedly unregistered securities by actively soliciting and recruiting users to trade securities, providing advice and valuations as to the merits of an investment in securities, and helping to facilitate securities transactions on their platform by assisting customers in opening accounts and regularly handling customer funds and securities. The entities settled the charges and agreed, without admitting or denying the allegations, to injunctions and orders to collectively pay nearly $700,000 in civil penalties. The entities further agreed to destroy certain crypto tokens, to request the removal of those tokens from trading platforms, and to refrain from soliciting any trading platform to allow trading in, offering, or selling those tokens.
In October, the SEC filed charges against a privately held Chicago-based crypto market-maker.[95] The SEC alleged that the company operated as an unregistered dealer in more than $2 billion of crypto assets offered and sold as securities from at least March 2018 through the present. According to the SEC’s Complaint, public statements made by the issuers and promoters of the crypto assets, and retransmitted by the company, would have led investors to reasonably believe that the crypto assets were being offered as investment contracts that, according to the SEC, qualified as securities. Therefore, the SEC alleged that, because the company did not register its offering of the crypto assets, it failed to comply with the Securities Exchange Act of 1934’s registration requirements for dealers of securities. The SEC is seeking permanent injunctive relief, disgorgement of ill-gotten gains, prejudgment interest, and civil penalties.
VII. Insider Trading
Insider Trading proved yet again to be a consistent area of enforcement for the Commission in 2024. Indeed, the Commission has already announced settled insider trading charges in 2025 under Gensler,[96] and nothing suggests that this area will receive any less attention under the new administration.
In September, the SEC filed insider trading charges against a former employee of a national consulting firm, his father, and his two friends.[97] In the complaint, the SEC alleged that the employee obtained material nonpublic information (MNPI) indicating that his firm’s client was interested in purchasing an infrastructure business, and that the employee tipped that information to his father and friend, who then shared the information with another mutual friend. The employee’s father and friends then traded on this MNPI and collectively realized approximately $1.1 million in ill-gotten profits. The defendants agreed to a to-be-determined civil penalty and the father and two friends agreed to disgorgement of the ill-gotten gains. The U.S. Attorney’s Office for the Southern District of Florida also filed parallel criminal charges against all four individuals.[98] Three of the defendants entered guilty pleas and one entered a joint motion with the government for pretrial diversion.
Also in September, the SEC filed charges against a U.K. citizen, alleging that he had violated the antifraud provisions of the federal securities laws by engaging in a “hack to trade” scheme.[99] As part of that scheme, the individual allegedly hacked into computer systems of five U.S. public companies—by allegedly resetting several senior-level executives’ email passwords—to obtain MNPI about the companies’ corporate earnings, including draft earnings releases, press releases, and scripts. The SEC alleges that the individual used such information to earn $3.75 million in illicit profits by establishing large and risky option positions in the companies and then later selling his positions after the companies made impactful public earnings announcements. The Commission seeks injunctive relief, disgorgement, and civil penalties. In a parallel action, the U.S. Attorney’s Office for the District of New Jersey announced criminal charges against the individual.[100]
Also in September, the SEC announced settled charges against 23 entities and individuals for alleged failures to timely report information about their holdings and transactions in public company stock.[101] The charges came as a result of the SEC’s enforcement initiatives on (1) Schedules 13D and 13G reports, which provide information about the holdings and intentions of investors who own more than five percent of the registered voting shares of a public company stock, and (2) Forms 3, 4, and 5, which are required to be filed by certain corporate insiders who own more than 10 percent of their company’s stock. The SEC alleged that the charged entities and individuals filed the required reports late. Without admitting or denying the SEC’s findings, all of the entities and individuals agreed to cease and desist from further violations and have agreed to pay an aggregate of more than $3.8 million in civil penalties; the entities have agreed to pay between $40,000 and $750,000, while the individuals have agreed to pay between $10,000 and $200,000. Two of the entities are public companies that the SEC alleged contributed to the filing failures, and each has agreed to pay $200,000 in civil penalties.
In December, the SEC and DOJ filed insider trading charges against the former CEO of a publicly traded telecommunications company.[102] The SEC’s complaint alleges that the CEO received a confidential presentation regarding the company’s upcoming earnings results, and that several days later, the CEO learned he would be terminated for cause. Shortly after being terminated, and while being subject to two trading blackout periods, the CEO allegedly sold shares of the company and directed his financial advisor to sell shares held in a joint account. A week later, the company announced negative quarterly earnings, which caused its stock price to fall more than 25 percent. The SEC alleges that, because the SEC sold shares in advance of the negatively impactful earnings release, the CEO avoided losses of over $12,400. Moreover, according to the SEC’s complaint, although the CEO’s financial advisor was unable to trade the shares within the CEO’s joint account due to a blackout period, the CEO would have avoided an additional $110,000 of losses had the financial advisor proceeded with the trades. The complaint seeks permanent injunctions, disgorgement, civil penalties, and an officer or director bar.
[1] SEC Press Release, SEC Announces Enforcement Results for Fiscal Year 2024 (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-186.
[2] See Dave Michaels, SEC Writes Off $10 Billion in Fines it Can’t Collect, The Wall Street Journal (Dec. 31, 2024), available at https://www.wsj.com/finance/regulation/sec-fines-penalties-collection-write-off-071cb768.
[3] SEC Press Release, SEC Announces Departure of Enforcement Director Gurbir S. Grewal (Oct. 2. 2024), available at https://www.sec.gov/newsroom/press-releases/2024-162.
[4] SEC Press Release, SEC Announces Record Enforcement Actions Brought in First Quarter of Fiscal Year 2025 (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-26.
[5] CFTC Press Release, CFTC Releases FY 2024 Enforcement Results (Dec. 4, 2024), available at https://www.cftc.gov/PressRoom/PressReleases/9011-24; CFTC Press Release, CFTC Releases FY 2023 Enforcement Results (Nov. 7, 2023), available at https://www.cftc.gov/PressRoom/PressReleases/8822-23.
[6] See SEC v. Ripple Labs, Inc. 2024 WL 3730403 (S.D.N.Y. Aug. 7, 2024).
[7] SEC Press Release, SEC Crypto 2.0: Acting Chairman Uyeda Announces Formation of New Crypto Task Force (Jan. 21, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-30.
[8] SEC Press Release, SEC Announces Enforcement Results for Fiscal Year 2024 (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-186.
[9] SEC Press Release, SEC Charges Seven Public Companies with Violations of Whistleblower Protection Rule (Sept. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-118.
[10] SEC Press Release, J.P. Morgan to Pay $18 Million for Violating Whistleblower Protection Rule (Jan. 16, 2024), available at https://www.sec.gov/news/press-release/2024-7.
[11] In the Matter of Marathon Asset Management, L.P., Inv. Advisers Act Rel. No. 6737 (Sept. 30, 2024), available at https://www.sec.gov/files/litigation/admin/2024/ia-6737.pdf.
[12] SEC Press Release, Keith E. Cassidy Named Interim Acting Director of the Division of Examinations (July 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-87.
[13] SEC Press Release, SEC Announces Departure of Trading and Markets Division Director Haoxiang Zhu (Dec. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-191.
[14] SEC Press Release, SEC Announces Departure of Corporation Finance Division Director Erik Gerding (Dec. 13, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-200.
[15] SEC Press Release, SEC Announces Chief Accountant Paul Munter to Retire From Federal Service This Month (Jan. 14, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-9.
[16] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.
[17] SEC Press Release, SEC Announces Departure of Chief Economist Jessica Wachter (Jan. 15, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-11.
[18] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.
[19] SEC Press Release, SEC Announces Departure of General Counsel Megan Barbero (Jan. 16, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-13.
[20] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.
[21] SEC Press Release, SEC Announces Departure of Director of International Affairs YJ Fischer (Jan. 16, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-14.
[22] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.
[23] SEC Press Release, SEC Announces Departure of Chief of Staff Amanda Fischer (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-23.
[24] SEC Press Release, SEC Policy Director Corey Klemmer to Step Down (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-24.
[25] SEC Press Release, SEC Announces Departure of Public Affairs Head Scott Schneider (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-25.
[26] SEC Press Release, SEC Announces Departure of Acting Enforcement Director Sanjay Wadhwa (Jan. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-28.
[27] SEC Press Release, Acting Chairman Mark T. Uyeda Names Acting Senior Staff (Jan. 24, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-31.
[28] SEC Press Release, SEC Charges Broker-Dealer Nationwide Planning and Two Affiliated Investment Advisers with Violating Whistleblower Protection Rule (Sept. 4, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-115.
[29] SEC Press Release, SEC Charges Seven Public Companies with Violations of Whistleblower Protection Rule (Sept. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-118.
[30] SEC Press Release, EC Charges Advisory Firm GQG Partners With Violating Whistleblower Protection Rule (Sept. 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-150.
[31] SEC Press Release, SEC Awards More Than $37 Million to a Whistleblower (July 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-85.
[32] SEC Press Release, SEC Awards Whistleblower More Than $37 Million (July 29, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-90.
[33] SEC Press Release, SEC Issues Awards Totaling $98 Million to Two Whistleblowers (Aug. 23, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-103.
[34] SEC Press Release, SEC Issues $24 Million Awards to Two Whistleblowers (Aug. 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-104.
[35] SEC Press Release, SEC Issues $12 Million Award to Joint Whistleblowers (Oct. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-168.
[36] SEC Press Release, SEC Charges Meta Materials and Former CEOs With Market Manipulation, Fraud and Other Violations (June 25, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-77.
[37] SEC Press Release, SEC Charges U.S. Navy Shipbuilder Austal USA with Accounting Fraud (Aug. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-108.
[38] SEC Press Release, SEC Charges Ideanomics and Three Senior Executives with Accounting and Disclosure Fraud (Aug. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-94.
[39] SEC Press Release, SEC Charges Former Chairman and CEO of Tech Co. Kubient with Fraud and Lying to Auditors (Sep. 16, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-131.
[40] SEC Press Release, UPS to Pay $45 Million Penalty for Improperly Valuing Business Unit (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-184.
[41] SEC Press Release, SEC Charges Carl Icahn and Icahn Enterprises L.P. for Failing to Disclose Pledges of Company’s Securities as Collateral for Billions in Personal Loans (Aug. 19, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-99.
[42] SEC Press Release, SEC Charges Keurig with Making Inaccurate Statements Regarding Recyclability of K-Cup Beverage Pod (Sept. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-122.
[43] SEC Press Release, SEC Charges Zymergen Inc. With Misleading IPO Investors About Company’s Market Potential and Sales Prospects (Sept. 13, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-129.
[44] SEC Press Release, SEC Charges Independent Director and Ex-CEO of Church & Dwight With Concealing Close Friendship with Company Executive (Sept. 30, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-161.
[45] SEC Press Release, SEC Charges Four Companies With Misleading Cyber Disclosures (Oct. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-174.
[46] SEC Press Release, SEC Charges Kiromic BioPharma and Two Former C-Suite Executives with Misleading Investors about Status of FDA Reviews (Dec. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-189.
[47] SEC Press Release, Becton Dickinson to Pay $175 Million for Misleading Investors About Alaris Infusion Pump (Dec. 16, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-201.
[48] SEC Press Release, SEC Charges Express, Inc. with Failing to Disclose Nearly $1 Million in Perks Provided to Former CEO (Dec. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-203.
[49] SEC Press Release, SEC Charges Former Finance Director at CIRCOR International with Accounting Fraud (Sep. 5, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-116.
[50] SEC Press Release, Audit Firm Prager Metis Settles SEC Charges for Negligence in FTX Audits and for Violating Auditor Independence Requirements (Sep. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-133.
[51] SEC Press Release, SEC Charges Utility Company Entergy Corp. with Internal Accounting Controls Violations (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-206.
[52] SEC Press Release, SEC Charges Founder of Social Media Company “IRL” with $170 Million Fraud (July 31, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-92.
[53] SEC Press Release, SEC Charges Esmark Inc. and Chairman James Bouchard with Announcing False Tender Offer to Purchase U.S. Steel Corp. (Sept. 6, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-117.
[54] SEC Press Release, SEC Charges Former CEO of Tech Startup SKAEL with $30 Million Fraud (Sept. 24, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-146.
[55] SEC Press Release, SEC Charges Three Former Executives of Pharmacy Startup Medly Health Inc. with Defrauding Investors (Sept. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-128.
[56] SEC Press Release, SEC Files Settled Charges Against Multiple Entities for Failing to Timely File Forms D in Connection With Securities Offerings (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-210.
[57] SEC Press Release, SEC Charges Andrew Left and Citron Capital for $20 Million Fraud Scheme (July 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-89.
[58] SEC Press Release, SEC Charges Advisory Firm Macquarie Investment Management Business Trust with Fraud (Sept. 19, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-140.
[59] SEC Press Release, SEC Charges Advisory Firm La Mancha and its Owner David Kushner with Fraud (Nov. 21, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-183.
[60] SEC Press Release, SEC Charges Morgan Stanley Smith Barney for Policy Deficiencies that Resulted in Failure to Prevent and Detect its Financial Advisors’ Theft of Investor Funds (Dec. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-193.
[61] SEC Press Release, SEC Charges China-based QZ Asset Management Ltd. and its CEO in Pre-IPO Fraud Scheme (Aug. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-109.
[62] SEC Press Release, SEC Charges Advisory Firm Inspire Investing With Misleading Investors Regarding Its Investment Strategy (Sept. 19, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-139
[63] SEC Press Release, SEC Charges Advisory Firm WisdomTree with Failing to Adhere to Its Own Investment Criteria For ESG-Marketed Funds (Oct. 21, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-173.
[64] SEC Press Release, SEC Charges Invesco Advisers for Making Misleading Statements About Supposed Investment Considerations (Nov. 8, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-179.
[65] SEC Press Release, SEC Charges Transfer Agent Equiniti Trust Co. with Failing to Protect Client Funds Against Cyber Intrusions (Aug. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-101.
[66] SEC Press Release, SEC Charges Sound Point Capital Management for Compliance Failures in Handling of Nonpublic Information (Aug. 26. 2024), available at https://www.sec.gov/newsroom/press-releases/2024-106.
[67] SEC Press Release, SEC Charges 11 Institutional Investment Managers with Failing to Report Certain Securities Holdings (Sept. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-135.
[68] SEC Press Release, Twelve Firms to Pay More Than $63 Million Combined to Settle SEC’s Charges for Recordkeeping Failures (Jan. 13, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-6.
[69] SEC Press Release, SEC Charges Six Credit Rating Agencies with Significant Recordkeeping Failures (Sept. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-114.
[70] SEC Press Release, SEC Charges 12 Municipal Advisors With Recordkeeping Violations (Sept. 17, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-132.
[71] SEC Press Release, Advisory Firm Atom Investors, Charged with Recordkeeping Violations, Avoids Civil Penalty Because of Self-Reporting, Substantial Cooperation, and Prompt Remediation (Sept. 23, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-143.
[72] SEC Press Release, SEC Charges Advisory Firm ClearPath with Custody Rule and Liability Disclaimer Violations (Sept. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-113.
[73] SEC Press Release, SEC Charges Crypto-Focused Advisory Firm Galois Capital for Custody Failures (Sept. 3, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-111.
[74] SEC Press Release, SEC Charges Nine Investment Advisers in Ongoing Sweep into Marketing Rule Violations (Sept. 9, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-121.
[75] SEC Press Release, SEC Charges Broker-Dealer First Horizon With Regulation Best Interest Violations (Sept. 18, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-136.
[76] SEC Press Release, JP Morgan Affiliates to Pay $151 Million to Resolve SEC Enforcement Actions (Oct. 31, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-178.
[77] SEC Press Release, TD Securities Charged in Spoofing Scheme (Sept. 30, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-160.
[78] SEC Press Release, SEC Charges Silvergate Capital, Former CEO for Misleading Investors about Compliance Program (July 2, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-82.
[79] SEC Press Release, SEC Charges OTC Link LLC with Failing to File Suspicious Activity Reports (Aug. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-96.
[80] SEC Press Release, SEC Charges Merrill Lynch and Harvest Volatility Management for Ignoring Client Instructions (Sept. 25, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-147.
[81] SEC Press Release, SEC Charges Three Broker-Dealers with Filing Deficient Suspicious Activity Reports (Nov. 22, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-185.
[82] SEC Press Release, available at https://www.sec.gov/newsroom/press-releases/2024-209.
[83] SEC Press Release, Twenty-Six Firms to Pay More Than $390 Million Combined to Settle SEC’s Charges for Widespread Recordkeeping Failures (Aug. 14, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-98.
[84] SEC Press Release, Eleven Firms to Pay More Than $88 Million Combined to Settle SEC’s Charges for Widespread Recordkeeping Failures (Sept. 24, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-144.
[85] SEC Press Release, SEC Files Settled Charges Against Three StraightPath Sales Agents for Unregistered Broker Activity (Sept. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-127.
[86] SEC Press Release, Wells Fargo and LPL Financial Charged for Submitting Deficient Trading Data to SEC (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-207.
[87] SEC Press Release, Deutsche Bank Subsidiary to Pay $4 Million for Untimely Filing Certain Suspicious Activity Reports (Dec. 20, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-208.
[88] SEC Press Release, SEC Charges Nader Al-Naji with Fraud and Unregistered Offering of Crypto Asset Securities (Jul. 30, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-91.
[89] SEC Press Release, SEC Charges Alleged Crypto Company NovaTech and its Principals and Promoters with $650 Million Fraud (Aug. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-95.
[90] SEC Press Release, SEC Charges Abra with Unregistered Offers and Sales of Crypto Asset Securities (Aug. 26, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-105; Order Granting Parties’ Consent Motion for Final Judgment, SEC v. Plutus Lending, LLC, 1:24-cv-02457-BAH (D.D.C. 2025).
[91] SEC Press Release, eToro Reaches Settlement with SEC and Will Cease Trading Activity in Nearly All Crypto Assets (Sept. 12, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-125.
[92] SEC Press Release, SEC Charges DeFi Platform Rari Capital and its Founders With Misleading Investors and Acting as Unregistered Brokers (Sept. 18, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-138.
[93] SEC Press Release, SEC Charges Crypto Companies TrustToken and TrueCoin With Defrauding Investors Regarding Stablecoin Investment Program (Sept. 24, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-145.
[94] SEC Press Release, SEC Charges Entities Operating Crypto Asset Trading Platform Mango Markets for Unregistered Offers and Sales of the Platform’s “MNGO” Governance Tokens (Sept. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-154.
[95] SEC Press Release, SEC Charges Cumberland DRW for Operating as an Unregistered Dealer in the Crypto Asset Markets (Oct. 10, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-169.
[96] SEC Press Release, SEC Charges Former Public Company Officer and His Sister-In-Law with Insider Trading (Jan. 13, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-4.
[97] SEC Press Release, SEC Charges Former Financial Consultant for Providing Father and Friends Inside Information Regarding Firm’s Client (Sept. 13, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-130.
[98] U.S. Attorney’s Office Press Release, Four Miami Residents Charged with Reaping Over $1 Million From Friends and Family Insider Trading Scheme (Sept. 13, 2024), available at https://www.justice.gov/usao-sdfl/pr/four-miami-residents-charged-reaping-over-1-million-friends-and-family-insider-trading.
[99] SEC Press Release, SEC Charges U.K. Citizen in Hacking and Trading Scheme Involving Five U.S. Public Companies (Sept. 27, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-153.
[100] U.S. Attorney’s Office Press Release, U.K. National Charged with Multimillion-Dollar Hack-to-Trade Fraud Scheme (Sept. 27, 2024), available at https://www.justice.gov/usao-nj/pr/uk-national-charged-multimillion-dollar-hack-trade-fraud-scheme.
[101] SEC Press Release, SEC Levies More Than $3.8 Million in Penalties in Sweep of Late Beneficial Ownership and Insider Transaction Reports (Sept. 25, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-148.
[102] SEC Press Release, SEC Charges Ken Peterman, Former Comtech CEO, with Insider Trading in Advance of Negative Earnings Announcement (Dec. 11, 2024), available at https://www.sec.gov/newsroom/press-releases/2024-195.
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Securities Enforcement practice group, or the following authors:
Mark K. Schonfeld – Co-Chair, New York (+1 212.351.2433, [email protected])
David Woodcock – Co-Chair, Dallas (+1 214.698.3211, [email protected])
Osman Nawaz – New York (+1 212.351.3940, [email protected])
Tina Samanta – New York (+1 212.351.2469, [email protected])
Lauren Cook Jackson – Washington, D.C. (+1 202.955.8293, [email protected])
Timothy M. Zimmerman – Denver (+1 303.298.5721, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
While the new regulations were issued during the closing days of the Biden Administration, they are the product of a broad interagency process and of policy drivers that will continue to motivate Trump Administration officials. Companies should take steps now to evaluate the impact of the regulations on their plans for AI model training and deployment, and to develop and implement the procedures that will be required to win export licenses or to qualify for licensing exceptions.
On January 13, 2025, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) issued an interim final rule titled “Framework for Artificial Intelligence Diffusion” (the Framework)[1] that lays the groundwork for expansive new controls targeting frontier Artificial Intelligence (AI) models themselves and the computing power to create them. The Framework, taken together with recent U.S. Government actions targeting AI, seeks to use the current leading role played by companies based in the U.S. and a select group of allied countries in the design and production of computing power as a point of leverage to force companies, research institutes and other organizations develop AI models inside an ecosystem closely monitored by the United States and the handful of other countries that have agreed to impose similar controls. In several ways, the Framework bookends a multiyear effort by Commerce officials and their interagency peers to control access to, and impede the indigenous development of, computing power by China, and other countries perceived to pose a threat to U.S. national security and foreign policy interests.
To this end, the Framework, through a multi-part control structure, aims to reduce the risk that “countries of concern” (i.e., countries listed in Country Group D:5, which includes Hong Kong now treated by export regulations as part of China, and Macau) obtain advanced U.S. and allied closed-weight AI models by broadly (i) expanding licensing requirements for the export of advanced integrated circuits (ICs) (ii) imposing controls on frontier AI models, and (iii) closing a significant loophole that previously allowed persons in countries of concern rent access to computing power outside their countries. At the same time, the Framework creates a three-tiered licensing policy with a more permissive structure allowing exports to and among countries whose export controls are aligned with the U.S., imposing an effective embargo against countries the U.S. perceives as threats, and detailing a conditional policy for countries yet to adopt certain safeguards against the unchecked development of frontier AI models. Thus, the Framework seeks to strike a balance between the goal of keeping advanced AI capabilities out of the hands of strategic competitors while facilitating the diffusion of AI technology and its benefits within a U.S.-structured AI ecosystem.
BIS uses several familiar tools to fashion the new Framework, including a new foreign direct product rule that could reach AI frontier models globally and a powerful new nationality-based license exception that conditions the powerful authorization it provides on building certain amounts of computing power within the countries whose companies are eligible to use it. While the Trump Administration has issued an executive order[2] that authorizes the Department of Commerce to postpone the implementation of the Framework, the Framework’s export controls may meet the criteria set in President Trump’s America First Trade Policy memoranda of deploying export controls that help the United States to “maintain, obtain, and enhance” the United States’s “technological edge” and to “identify and eliminate loopholes.” Because of this, and because the Framework is the product of a broad and sustained interagency efforts focused addressing geopolitical threats that have not changed with the new Administration, we expect that enough of the Framework will be implemented that companies in the AI model development, advanced IC manufacturing and distribution, and data center sectors should plan now for its implementation.
I. Background (Prior Actions)
The Framework in many ways bookends a series of measures aimed at targeting AI development capabilities of China and others. In 2022, the Biden Administration’s National Security Strategy identified China as “the only competitor with both the intent to reshape the international order and increasingly, the economic, diplomatic, military, and technological power to advance that objective” and specifically identified export controls as a key tool to “ensure strategic competitors cannot exploit foundational American and allied technologies, know-how, or data to undermine American and allied security.” In October 2022, BIS put in play a “chokepoint” strategy to target indigenous Chinese semiconductor development. It identified, broadly, within the semiconductor ecosystem, four chokepoints where the U.S. and its allies maintained significant technological advantage and crafted export controls around them: (i) ICs, (ii) semiconductor manufacturing equipment (SME), (iii) SME parts and components, and (iv) design and other software for ICs and SME. A leading rationale for imposing these controls was to address China’s use of AI for military modernization as well as surveillance. In October 2023, BIS updated the October 2022 controls, again specifically noting China’s use of “advanced computing ICs and supercomputing capacity in the development and deployment of [] AI models to further its goal of surpassing the military capabilities of the United States and its allies.” Over the course of 2024, BIS clarified the scope of AI and SME controls and, expanded Authorization Validated End User (VEU) to enable data centers to receive VEU authorizations in order to facilitate the responsible diffusion of advanced AI technology. In November 2024, the Biden Administration issued a National Security Memorandum on AI that called for, among other, ensuring the “safety, security, and trustworthiness of American AI innovation writ large.” And, as BIS notes in the Supplemental Information to the Framework, the Department of Commerce has engaged in an extensive and ongoing policy process with partners across the U.S. Government to consider strategic, tailored, and effective controls on the diffusion of advanced AI technology to entities and destinations around the world.
II. The Framework: New Controls and Jurisdiction-Based Rules
a. “Chokepoint” Strategy for AI Development
The Framework attempts to control access to three elements critical for AI model training:
-
- Advanced ICs: Training advanced AI models requires large clusters of advanced computing ICs capable of handling large quantities of data and models containing large numbers of parameters. The Framework expands current restrictions and imposes a global export licensing requirement for advanced ICs.
- Compute Power: These advanced IC clusters are housed within data centers, which provide processing power to run AI applications, including training and inference applications. The Framework creates multi-year quotas that meter access to computing power in most countries. It also creates a revamped validated end user (VEU) authorization system for data centers which is premised on nationality of those seeking to procure computing power and data center country location and which conditions VEU authorization both on ensuring that the computing power required to train frontier AI models remains in installed in only a handful of countries and on the adoption of significant physical and cyber security controls.
- Model Weights: Model weights are numerical parameters that define the internal logic of an AI model and which are the product of model design and training. The Framework creates a new Export Control Classification Number (ECCN) 4E091 for certain advanced closed-weight AI models and imposes a global licensing requirement for such model weights (subject to license exceptions discussed below). At present, the controls apply to model weights trained with 10^26 computational operations or more, a threshold which BIS will likely increase through amendments of the regulations over time.
b. Three-Tiered Destination-Based System
The Framework established a three-tier destination-based system that will trigger different controls based on the end user:
Tier 1:
- Tier 1 is comprised of entities located in the United States and allied jurisdictions identified in paragraph (a) of supplement no. 5 of Part 740 (currently, Australia, Belgium, Canada, Denmark, Finland, France, Germany, Ireland, Italy, Japan, the Netherlands, New Zealand, Norway, Republic of Korea, Spain, Sweden, Taiwan, and the United Kingdom). BIS and interagency drafters of the Framework deem these governments to have “implemented measures to prevent the diversion of advanced technologies” and to have created “ecosystems that will enable and encourage firms to use advanced AI models to advance the common national security and foreign policy interests of the United States and its allies and partners.”[3]
- However, an entity headquartered outside these jurisdictions or whose ultimate parent is headquartered outside these jurisdictions would not be deemed to fall within Tier 1.
- These countries continue to retain almost unrestricted access to controlled ICs and will generally have no restrictions on their access to model weights and compute power.
Tier 3:
- Tier 3 is comprised of entities headquartered in, or whose ultimate parent company is headquartered in, Macau or destinations specified in Country Group D:5 (currently, China (including Hong Kong), Afghanistan, Belarus, Burma, Cambodia, Central African Republic, Democratic Republic of the Congo, Cuba, Cyprus, Eritrea, Haiti, Iran, Iraq, North Korea, Libya, Lebanon, Russia, Somalia, Republic of South Sudan, Republic of the Sudan, Syria, Venezuela, and Zimbabwe).
- The Framework maintains the current restrictions on the supply of advanced ICs to these countries continue to remain in place and adds additional restrictions. For example, model weights cannot be supplied to Tier 3 countries and data centers in Tier 3 countries are not eligible for VEU Authorization (discussed below).
- Security requirements for Tier 2 entities incentivizes Tier 2 countries to not only adopt a posture similar to the U.S. toward Tier 3 countries, but also, in the long run, to align themselves technologically with the U.S. In addition to de facto export controls, this would mean adoption of other elements of the U.S. technological landscape such as security controls, computing and other standards and integration with existing U.S.-origin technologies.
Tier 2:
- Tier 2 encompasses entities not specified in Tier 1 or Tier 3 and includes entities located in most countries in the world.
- The Framework permits the export of AI chips and associated compute power without a license up to a capped amount of Total Processing Performance (TPP). Data center companies in these jurisdictions can apply for a BIS license to access more compute power, subject to satisfying certain security and other requirements.
- Tier 1 entities may export their model weights to Tier 2 destinations, provided that the end user has instituted specified security measures that will reduce the risk of diversion.
- Notably, Tier 2 includes both countries that are otherwise considered close allies of the United States (including countries in NATO and the European Union, Israel and Singapore) and countries that are often treated by U.S. export controls and licensing decisions as posing higher evasion risks. The common thread among Tier 2 countries is the U.S. Government’s belief that their governments have not yet adopted the kinds of export controls on advanced AI chips and access to computing power that the U.S. and other Tier 1 countries have put in place in recent years.
III. The Framework Addresses Certain Evasion Activities to Limit Access to Advanced ICs and Model Weights.
a. Worldwide Licensing Requirements
According to BIS, Chinese companies have circumvented existing restrictions by using “foreign subsidiaries in a range of uncontrolled destinations to buy ICs subject to [Export Administration Regulations (“EAR”)] controls.” BIS views the risk of evasion through the use of subsidiaries in uncontrolled jurisdictions to be even greater for AI model weights as they can be sent anywhere in the world instantaneously once copied.
The Framework consequently imposes a license requirement to supply (i.e., export, reexport, or transfer (in-country)) controlled ICs and model weights to any end user in any destination. However, the Framework also provides license exceptions and other mechanisms to enable access to advanced IC to certain end users and designations which pose a comparatively low risk of diversion. The licensing requirements are thus based on the tier system described above, with permissive conditions for Tier 1 countries.
Critically, the Framework conditions access to computing power on the closing of a loophole that has troubled BIS drafters for the last several years—how to control access by Tier 3 country governments and entities to AI Infrastructure-as-a-Service (IaaS) offered by data centers outside of Tier 3 countries. Through the imposition of this worldwide licensing requirement, and the Framework’s conditioning of parallel licensing exceptions for those procuring computing power in Tier 1 and Tier 2 countries on not providing AI IaaS to Tier 3 country users, BIS is hoping to close this loophole.[4]
b. The AI Model Weights Foreign Direct Product Rule
Tier 3 entities have increasingly turned to data centers outside the United States and cloud services to remotely access computing power as a result of regulations on advanced ICs introduced in October 2022 and October 2023, along with the financial and logistical challenges of obtaining large clusters of ICs through subsidiaries and other third parties.
Another way in which BIS attempts to limit Tier 3 access to AI IaaS is through its creation of a new foreign direct product (FDP) rule with breathtaking scope. BIS attempts to address this evasion, through an FDP rule that claims jurisdiction over closed-weight AI models trained anywhere in the world with the use of controlled ICs. Given that most advanced ICs manufactured globally remain dependent on at least some U.S. software, technology, and on items produced by U.S. software and technology, and that BIS has claimed jurisdiction over these advanced ICs through prior FDP rules, there will be few closed-weight AI models that would not be subject to the new licensing requirements imposed by this FDP rule.
BIS’s use of FDP rules in recent years arguably has far outpaced its ability to enforce its FDP rules outside of the United States, however, and it is unclear whether and how non-U.S. developers of new AI models will become aware of this new jurisdiction claim and whether they will submit to U.S. licensing authority.
IV. The Frameworks Offers Multiple Pathways for Exporting Advanced ICs
Despite BIS’s imposition of global licensing requirements on advanced ICs or closed weight AI models, the Framework offers several exclusions, exceptions, and favorable licensing policies that it argues will facilitate more responsible diffusion of advanced AI technology and benefits to certain end users and jurisdictions.
a. Exclusion for Open Weight Models
BIS “determined that a reasonable proxy for the performance of an AI model is the amount of compute—i.e., the number of computational operations—used to train the model.” Accordingly, the Framework places restrictions on the export of the model weights of the most advanced AI models.
The Framework’s new restrictions on the export of model weights only applies to closed-weight models trained with 10^26 computational operations or more. The Framework explicitly excludes “open” model weights of any AI model that have been “published” as defined in 15 C.F.R. § 734.7(a) and any closed models that are less powerful than the most powerful open-weight model.
b. License Exceptions
Existing License Exceptions (NAC/ACA)
The Export Administration Regulations (EAR) existing license exceptions for Notified Advanced Computing (NAC) and Advanced Computing Authorized (ACA) will apply to authorize the export of advanced ICs classified under ECCNs 3A090, 4A090, and corresponding .z items (except for 3A090.a items designed or marketed for use in a datacenter).
License Exception Low Processing Performance (LPP)
The Framework creates License Exception LPP to permit exports of advanced computing ICs and corresponding computing power up to a per-entity allocation of 26,900,000 TPP per-calendar year to any individual Tier 2 entity. This annual TPP limit applies to shipments to any individual Tier 2 entity even if the shipments are made by multiple exporters or reexporters or through more than one intermediate consignee.
License Exception Artificial Intelligence Authorization (AIA)
The Framework created License Exception AIA to permit exports of advanced computing ICs and corresponding computing power to Tier 1 countries.
The license exception also permits exports of otherwise controlled closed AI model weights, without an authorization, by companies headquartered in the United States and allies listed in paragraph (a) of supplement no. 5 and (i) the entities obtaining the items are located outside Macau or destinations specified in Country Group D:5; and (ii) the items will be stored in a facility that complies with the certain security standards that are set forth in supplement no. 10 to part 748.
License Exception Advanced Compute Manufacturing (ACM)
The Framework created License Exception ACM to permit exports of advanced computing ICs to “private sector end users” for the purposes of “development,” “production,” and storage (in a warehouse or other similar facility) of such ICs. However, the license exception does not cover exports for the purpose of training an AI model or exports to Tier 3 countries.
“Private sector end user” defined as either (1) an individual who is not acting on behalf of any government (other than the U.S. Government), or (2) a commercial firm (including its subsidiary and parent firms, and other subsidiaries of the same parent) that is not wholly owned by, or otherwise controlled by any government (other than the U.S. Government).
Summary of New Licensing Requirements, License Exceptions and Exclusions and Licensing Policy
ECCN | Tier | License Exceptions and Exclusions | License Application Review Policy |
Advanced ICs
(ECCNs 3A090.a, 4A090.a, and corresponding .z items) |
Tier 1 | ACA* / AIA / ACM / LPP | Presumption of Approval |
Tier 2 | ACA* / ACM / LPP | Presumption of Approval up to TPP cap
Presumption of Denial in excess of TPP cap |
|
Tier 3 | NAC* | Presumption of Denial | |
Advanced ICs
(ECCNs 3A090.b, 4A090.b, and corresponding .z items) |
Tier 1 | N/A (not restricted) | N/A (not restricted) |
Tier 2
D:1 and D:4 countries, excluding destinations also specified in A:5 or A:6 |
ACA* | Presumption of Approval | |
Tier 3
D:5 countries, excluding destinations also specified in A:5 or A:6 |
NAC* | Presumption of Denial | |
Closed-Weight AI Models
(ECCN 4E091) |
Tier 1 | AIA / Open-weight AI models | Presumption of Approval |
Tier 2 | Open-weight AI models | Presumption of Denial | |
Tier 3 | Open-weight AI models | Presumption of Denial |
* Except for 3A090.a items designed or marketed for use in a datacenter.
c. License Review Policy (Tier 1 Presumption of Approval; Tier 2 Per-Country Allocation)
The Framework creates a presumption of approval for exports of advanced ICs and closed-weight AI models to Tier 1 countries.
The Framework provides a favorable license review policy for exports of advanced ICs and corresponding computing power up to a per-country allocation of 790,000,000 TPP for Tier 2 countries for the period from 2025 to 2027. BIS will review applications for the supply of advanced ICs to Tier 2 countries under a presumption of approval, up to this amount.
d. Revamped VEU Authorizations
In October 2024, BIS introduced a Data Center VEU Authorization to facilitate the supply of advanced ICs to end users in destinations that do not raise national security or foreign policy concerns. The Framework bifurcates the Data Center VEU Authorization into a Universal VEU (UVEU) Authorization and National VEU (NVEU) Authorization.
The UVEU Authorization is available only to Tier 1 entities, and, subject to certain geographic allocation limits, enables UVEU to deploy data center in Tier 2 destinations. Specifically, a UVEU cannot transfer or install more than 25% of its total AI computing power—i.e., the AI computing power owned by the entity all its subsidiary and parent entities—to or in locations outside of Tier 1 countries. U.S. UVEUs are required to maintain at least 50% of their total AI computing power in the United States. Moreover, UVEUs cannot transfer or install more than 7% of its total AI computing power to or in any single Tier 2 country. This kind of AI computing power location requirement has no precedent within the EAR, but more broadly tracks policy efforts by the Department of Commerce and interagency partners to induce the world’s leading advanced IC manufacturers to locate more of their production capacity in the United States.
The NVEU Authorization, on the other hand, is available to Tier 2 entities on a per-company, per-country basis (i.e., separate authorizations required for each Tier 2 country, even if undertaken by the same company), subject to quarterly caps. BIS explains that these allocation caps represent computing power clusters that are approximately 12 months, or one generation, behind the cluster size it believes will be needed to train the most advanced dual-use AI models. Importantly, the total amount of computing power authorized for exports to NVEUs will not count towards the amount of computing power allocated to a Tier 2 country.
In order to receive NVEU Authorization, a data center operator that owns its advanced computing capacity must apply to BIS and go through an intensive application process that will be subject to interagency review. The criteria for NVEU approval are extensive and span over two pages of the Federal Register (published at least initially in a smaller font size) and include requirements on data center ownership, physical security, supply chain security, personnel security, and acceptable use criteria that are subject to documentation, auditing and reporting requirements. Approved applicants for the NVEU Authorization will be listed in the EAR.
V. Conclusion
The Framework is a sweeping and unprecedented attempt to regulate the global diffusion of AI technology, especially to countries that pose national security and foreign policy challenges to the United States. It reflects the U.S. Government’s recognition of the strategic importance of AI as a transformative and disruptive technology that can have profound implications for military, economic, and social domains. It also reflects the U.S. Government’s determination to maintain its leadership and competitive edge in AI innovation, while preventing the misuse and exploitation of AI by adversaries and competitors.
The Framework drafters have acknowledged the heavy lifts that stakeholders impacted by these new regulations will be required to make by staggering its implementation dates. The new worldwide licensing requirements on computing power and on closed-weight AI models, and associated license exceptions will not be implemented until May 15, 2025, and the significant security and other requirements associated with the VEU license exceptions will not be required to be in place until January 15, 2026. Even if new Commerce officials opt to postpone the implementation of these new regulations by two months under authority of President Trump’s Regulatory Freeze Pending Review Executive Order, the sweeping nature of these new regulations will require many companies and other industry stakeholders to begin taking steps now to reflect new controls and to be in a position to take advantage of the different authorizations the Framework makes available.
The Framework, however, is not without its challenges and uncertainties. It is likely to face significant critique by at least some types of AI sector stakeholder during the public comment period, which is currently scheduled to close on May 15, 2025. It is also likely to face technical, and political hurdles, as well as potential backlash and countermeasures from affected countries and entities, as it is implemented. On a technical level, its efficacy is premised in part on widespread awareness of the new export controls it puts in place, especially by stakeholders located outside of the United States, and it is unclear whether the Trump Administration will expend the resources required to publicize and educate non-U.S. persons on how the regulations will work, including convincing those training AI models outside the United States that their closed-weight AI models may be subject to U.S. licensing controls based on the computing power and infrastructure required to train them. There are also data center business model and associated contract-related changes that some Tier 2 country stakeholders would be required to make to take advantage of the NVEU and LPP authorizations that will take many months to implement.
The perceived efficacy of the Framework is also challenged by the release of the Chinese company DeepSeek’s r1 open-weight AI model, which DeepSeek released after BIS published the interim final rule establishing the Framework. In allowing exports of open-weight models without a license, BIS “assess[ed] that the most advanced open-weight models are currently less powerful than the most advanced closed-weight Models.” However, the availability of powerful open-weight AI models like DeepSeek that approximate the capabilities of the most advanced closed-weight, and the possibility that powerful AI models could be trained with lower levels of compute power, both challenge key assumptions underlying the Framework..
Moreover, implementation of the regulations will also require extensive coordination and cooperation among U.S. allies. On the intergovernmental level, the BIS and U.S. Government agency partners such as the Department of State will need to act and think multilaterally to continue to enjoy the cooperation of Tier 1 countries and to attract support for a U.S.-lead AI ecosystem in Tier 2 countries, which may be more difficult to do amidst threats and other actions that the Trump Administration may take unilaterally to advance the America First Trade Policy.
[1] Framework for Artificial Intelligence Diffusion, 90 Fed. Reg. 4544 (Jan. 13, 2025) (hereinafter the Framework).
[2] President Donald, J. Trump, Regulatory Freeze Pending Review Executive Order, Jan. 20, 2025 (available at https://www.whitehouse.gov/presidential-actions/2025/01/regulatory-freeze-pending-review/).
[3] Framework at 4548.
[4] For example, the Framework requires Tier 2 compute providers to institute exacting security measures, including new security measures in supplement no. 10 to part 748, to prevent the use of their compute power by Tier 3 entities.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or the following leaders and members of the firm’s International Trade practice group:
United States:
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, [email protected])
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, [email protected])
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, [email protected])
Donald Harrison – Washington, D.C. (+1 202.955.8560, [email protected])
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, [email protected])
David P. Burns – Washington, D.C. (+1 202.887.3786, [email protected])
Nicola T. Hanna – Los Angeles (+1 213.229.7269, [email protected])
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, [email protected])
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, [email protected])
Samantha Sewall – Washington, D.C. (+1 202.887.3509, [email protected])
Michelle A. Weinbaum – Washington, D.C. (+1 202.955.8274, [email protected])
Karsten Ball – Washington, D.C. (+1 202.777.9341, [email protected])
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, [email protected])
Mason Gauch – Houston (+1 346.718.6723, [email protected])
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, [email protected])
Sarah L. Pongrace – New York (+1 212.351.3972, [email protected])
Anna Searcey – Washington, D.C. (+1 202.887.3655, [email protected])
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, [email protected])
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, [email protected])
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, [email protected])
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, [email protected])
Asia:
Kelly Austin – Denver/Hong Kong (+1 303.298.5980, [email protected])
David A. Wolber – Hong Kong (+852 2214 3764, [email protected])
Fang Xue – Beijing (+86 10 6502 8687, [email protected])
Qi Yue – Beijing (+86 10 6502 8534, [email protected])
Dharak Bhavsar – Hong Kong (+852 2214 3755, [email protected])
Arnold Pun – Hong Kong (+852 2214 3838, [email protected])
Europe:
Attila Borsos – Brussels (+32 2 554 72 10, [email protected])
Patrick Doris – London (+44 207 071 4276, [email protected])
Michelle M. Kirschner – London (+44 20 7071 4212, [email protected])
Penny Madden KC – London (+44 20 7071 4226, [email protected])
Irene Polieri – London (+44 20 7071 4199, [email protected])
Benno Schwarz – Munich (+49 89 189 33 110, [email protected])
Nikita Malevanny – Munich (+49 89 189 33 224, [email protected])
Melina Kronester – Munich (+49 89 189 33 225, [email protected])
Vanessa Ludwig – Frankfurt (+49 69 247 411 531, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
We are pleased to provide you with Gibson Dunn’s Accounting Firm Quarterly Update for Q4 2024. The Update is available in .pdf format at the below link, and addresses news on the following topics that we hope are of interest to you:
- Presidential and SEC Transitions Begin
- PCAOB Adopts Firm Reporting and Firm and Engagement Metrics Requirements
- Corporate Transparency Act Subject to Multiple Legal Battles
- PCAOB Adopts Rule to Address Filing and Fee Deficiencies
- One of Three Pending PCAOB Constitutional Challenges Dismissed
- U.K. Publishes Guidance on New Failure to Prevent Fraud Offense
- Other Recent PCAOB Regulatory and Enforcement Developments
Please let us know if there are topics that you would be interested in seeing covered in future editions of the Update.
Warmest regards,
Jim Farrell
Monica Loseman
Michael Scanlon
Chairs, Accounting Firm Advisory and Defense Practice Group, Gibson, Dunn & Crutcher LLP
In addition to the practice group chairs, this update was prepared by David Ware, Timothy Zimmerman, Monica Limeng Woolley, Bryan Clegg, Douglas Colby, Hayden McGovern, John Harrison, Nicholas Whetstone, and Ty Shockley.
Accounting Firm Advisory and Defense Group Chairs:
Jim Farrell – Co-Chair, New York (+1 212-351-5326, [email protected])
Monica K. Loseman – Co-Chair, Denver (+1 303-298-5784, [email protected])
Michael Scanlon – Co-Chair, Washington, D.C.(+1 202-887-3668, [email protected])
This guidebook offers an overview of the numerous decision points, procedures and vital considerations a company should contemplate before, during and after the IPO process.
Completing an Initial Public Offering (IPO) is a significant milestone for many business owners, executives, directors and stockholders. However, the journey towards going public can be fraught with complexities and unexpected challenges. For companies seeking to raise capital, whether through an IPO or other alternatives, it is critical to understand the road ahead.
The insights in this guidebook are derived from Gibson Dunn’s vast experience representing clients across various sectors in many IPOs over the years. We capitalize on our representation of large and seasoned public companies to implement leading-edge corporate governance and public reporting practices.
The involvement in the IPO process of our unmatched Securities Regulation and Corporate Governance team is core to the IPO process. This enables our IPO teams to anticipate potential problems in drafting the registration statement and to reach key decision-makers at the Securities and Exchange Commission on an expedited basis to seek tailored guidance, waivers, or resolution of challenging comments.
You can download a PDF of Gibson Dunn’s IPO Guidebook (2025 Edition) at the link below.
Gibson Dunn’s lawyers are available to assist with any questions you may have regarding the guidebook or how we may assist in navigating your journey to going public. To learn more, please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Capital Markets practice group, or the following practice leaders:
Andrew L. Fabens – New York (+1 212.351.4034, [email protected])
Hillary H. Holmes – Houston (+1 346.718.6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415.393.8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213.229.7242, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.
Our update provides key takeaways from President Trump’s Executive Order and its potential impact on various energy initiatives as well as the M&A and capital markets outlook for energy companies.
On January 20, 2025, President Donald Trump signed executive order “Unleashing American Energy“ (the Executive Order). This update discusses key takeaways from the Executive Order and the potential impact of the Executive Order on various energy initiatives as well as the M&A and capital markets outlook for energy companies. For a broader discussion of the twenty-six executive orders President Trump signed on January 20, 2025 and the major regulatory and policy issues energy industry experts will be monitoring in the coming days, please refer to Trump 2.0 on Energy: Ten Items to Watch.
1. Overview of the Executive Order
The Executive Order is intended to reverse years of what the new administration characterizes as “burdensome and ideologically motivated regulations” which have impeded the development of America’s abundant energy and natural resources. By implementing new policies and revoking several executive orders from prior administrations, the Executive Order seeks to promote and encourage energy exploration and development by revising the permitting process, revoking or revising regulations, and promoting domestic mining, amongst other changes.
2. Impact on Oil & Gas Leasing and Permitting
The Executive Order lays out policies of the United States which include (a) encouraging energy exploration and production of Federal lands and waters, including on the Outer Continental Shelf, in order to meet the needs of US citizens and solidify the United States as a global energy leader and (b) establishing the United States’ position as the leading producer and processor of non-fuel minerals, thus creating jobs and prosperity at home.
The heads of all federal agencies are ordered to review, revise, or rescind all existing regulations, orders, guidance documents, policies, or other agency actions, that impose an undue burden on the identification, development or use of domestic energy resources, particularly “oil, natural gas, coal, hydropower, biofuels, critical mineral, and nuclear energy resources.” Agency heads are instructed to develop and begin implementing action plans to suspend, revise or rescind any such unduly burdensome agency actions within 30 days of the Executive Order (Feb. 19, 2025).
The chair of the Council of Environmental Quality (CEQ) is ordered to provide guidance on implementing the National Environmental Policy Act (NEPA) and propose rescinding burdensome NEPA regulations in order to expedite and simplify permitting. Further, the Executive Order directs various federal agencies to eliminate delays within their permitting process. In doing so, the Executive Order intends to streamline the NEPA judicial review process and promote the permitting and construction of critical infrastructure whilst providing greater certainty in the Federal permitting process.
These changes are expected to streamline and promote domestic exploration and production on both onshore and offshore federal oil and gas leases. While challenges from environmental groups are likely, we expect significantly more federal lease sales to be conducted, including in federal lands that had never previously been considered for sale. Environmental review of well and pipeline permit applications will still occur, but the process will likely be overhauled and permit approvals will likely be granted significantly faster in an effort to promote resource development.
3. Pause on Inflation Reduction Act Funding on Various Energy Projects
Pursuant to the Executive Order, all agencies are to immediately pause the disbursement of funds appropriated through the Inflation Reduction Act (Public Law 117-169, IRA) or the Infrastructure Investment and Jobs Act (Public Law 117-58, IIJA). On January 21, 2025, the acting director of the Office of Management and Budget (OMB) issued guidance clarifying that the pause only applies to funds supporting programs, projects or activities that contravene the policies of the Executive Order and that agency heads may disburse funds as they deem necessary after consulting with OMB. Given that the Executive Order indicates a lack of support for solar and wind, while remaining silent on geothermal or carbon capture, utilization, and storage (CCUS), IRA and IIJA funding for geothermal and CCUS projects may not be suspended for long, if at all. However the future of federal funding for solar and wind-related projects is more uncertain.
It is important to note that a pause on federal funding under the IRA is not tantamount to a revocation of tax credits under the IRA. For further discussion on the impact to IRA Tax Credits, please refer to Trump 2.0 on Energy: Ten Items to Watch.
4. Changes to Environmental Analyses and Carbon Monitoring
The Executive Order aims to streamline the permitting process, reduce regulatory burdens, and shift the focus away from certain climate-related metrics. As touched on in Section 2 above, it does so in part by revoking prior Executive Orders related to Environmental regulations under NEPA and directing agencies to make changes related to consideration and calculation of greenhouse gas emissions.
- Revocation of Executive Order 11991: Revokes Executive Order 11991 (Carter, May 24, 1977), which amended Executive Order 11514 (Nixon, March 5, 1970). Executive Order 11991 tasked CEQ with issuing regulations to federal agencies for implementing the procedural provisions of NEPA, and directed that federal agencies comply with those regulations unless such compliance would be inconsistent with statutory requirements.
- NEPA Implementation: Tasks the Chairman of CEQ with providing guidance to expedite and simplify the permitting process under the NEPA. Agencies are required to prioritize efficiency and certainty in the permitting process, minimizing delays and ambiguity.
- Adherence to Legislated Requirements: Agencies must adhere strictly to legislated requirements for environmental considerations, using robust methodologies and avoiding arbitrary or ideologically motivated methods.
- Disbanding the Interagency Working Group on the Social Cost of Greenhouse Gases (IWG): The IWG is disbanded, and all its guidance, instructions, and documents are withdrawn. This includes the withdrawal of the Technical Support Document on the social cost of carbon, methane, and nitrous oxide.
- Elimination of the Social Cost of Carbon Calculation: The calculation of the social cost of carbon is deemed arbitrary and potentially harmful to the U.S. economy. The EPA Administrator is directed to issue guidance to address these issues, including the potential elimination of the social cost of carbon calculation from federal permitting or regulatory decisions.
- Review of EPA’s Endangerment Findings: The EPA Administrator, in collaboration with other agencies, is to review the legality and applicability of the EPA’s findings on greenhouse gases under the Clean Air Act.
- Review of Agency Actions: Agency heads must review existing regulations and actions to identify those that burden domestic energy development, and create and implement plans to suspend, revise, or rescind identified burdensome actions, in collaboration with OMB and the National Economic Council (NEC).
- Revocation of Executive Orders: Revokes a dozen of President Biden’s Executive Orders related to environmental justice, climate change, and the environment.
There are various agency deadlines related to the above NEPA and carbon monitoring changes which will need to be achieved as part of the Executive Order.
- Within 30 days:
- Agency heads must develop and begin implementing action plans to suspend, revise, or rescind burdensome actions.
- The Chairman of CEQ must provide guidance on implementing NEPA.
- Agencies must submit reports identifying instances where enforcement discretion can advance policy goals.
- Within 60 days:
- The EPA Administrator must issue guidance addressing the inadequacies of the social cost of carbon calculation.
The Executive Order mandates a review and revision of regulations that are seen to burden domestic energy development, which could lead to faster permitting processes and reduced compliance costs for energy companies. CEQ is expected to be stripped of its power to issue binding NEPA regulations for federal agencies. Because most agencies have their own regulations to implement NEPA, this change will not eliminate NEPA reviews. The elimination of the social cost of carbon calculations is intended to lessen the importance of climate change analysis in permitting decisions. Industry should prepare for streamlined regulatory requirements and potential shifts in the rigor required to prepare environmental analyses and environmental impact statements, with agencies tasked with focusing on efficiency and adherence to strict legislative text and these new guidelines. We expect NEPA litigation to increase as environmental groups challenge these executive orders. Energy sector companies should stay informed about changes to ensure compliance and leverage opportunities for expedited project approvals over the coming months as these agencies undergo a potentially major overhaul of NEPA and carbon reporting.
5. Impact on LNG Export Projects
The Executive Order directs the Secretary of Energy to “restart reviews of applications for approvals of liquified natural gas (LNG) export projects,” which, coupled with President Trump reversing the Biden administration’s pause on LNG permits on day one of his second term by rolling back President Biden’s executive order that paused granting LNG export authorizations, suggests an emphasis on increasing LNG exports by the current administration. LNG exports are a key driver for investment in natural gas assets, midstream projects, and CCUS, thus such a change should be positive for investment and dealmaking in these areas.
For further discussion on the future of LNG under the Trump administration, please refer to Trump 2.0 on Energy: Ten Items to Watch.
6. Impact on Mergers & Acquisitions and Antitrust in the Energy Industry
While the Executive Order promises to reduce administrative hurdles to traditional energy projects, we expect oil and gas companies to operate largely consistently with the approach they have taken in the post-pandemic era, with an emphasis on capital discipline, efficient returns, and consolidation. The Executive Order will likely enhance the value of companies with asset bases that include large portfolios of leases on federal lands or in the Outer Continental Shelf, but from a dealmaking perspective, the administration’s attitude shift toward traditional energy is likely to also be seen in the antitrust review process. With the change in political leadership and an emphasis on encouraging investment in natural resources in the name of energy security, the Federal Trade Commission (FTC) is unlikely to be as hostile to mergers and acquisitions in the energy industry as the previous administration. For example, the FTC conducted large-scale Second Request investigations into a range of industry transactions as part of its antitrust reviews under the Hart-Scott-Rodino (HSR) Act, following requests from Democratic leadership in the Senate for thorough investigations of industry transactions. With that said, the FTC cleared most industry transactions without challenge, despite the costs imposed through extensive investigations. Furthermore, the career FTC staff that has reviewed transactions in the industry for a number of years will likely remain in place, suggesting that changes in the substantive review of industry transactions are likely to be modest. Nonetheless, the potential for fewer Second Requests and quicker HSR approvals would be beneficial to an energy consolidation wave that industry experts suggest has not yet crested.
7. Impact on Energy Industry Capital Raising and Public Company Regulation
The reduction in environmental reporting and carbon monitoring under the Executive Order, in combination with the policy objectives stated in the Executive Order and other directives from the Trump administration, indicate that the outlook for energy capital markets and public company regulation under the second Trump administration is positive. Both going public and operating as a public company should be less time-consuming and costly than it was under the Biden administration. A majority of the U.S. Securities and Exchange Commission (SEC) commissioners (including the nominated chair, former Commissioner Atkins) will be appointed by President Trump and, judging from the first Trump administration, will set an agenda that is supportive of capital raising and focused on reducing the burden of being publicly traded. For example, the climate disclosure rules adopted by the Biden administration’s divided SEC (and stayed pending challenge in federal court) are likely to be repealed, saving energy companies a significant amount of G&A expense and reducing the risk of litigation. As another example, based on experience with the SEC review process under the first Trump administration, we expect the process and waiver requests to be faster and more commercial, further facilitating capital markets transactions. We also can expect rule proposals that are focused on making it easier for private companies to raise capital from a broader investor base. For capital intensive businesses in the energy industry, a relatively fast, predictable process with as little unnecessary expense as possible, is important. As such, we expect the backlog of private energy companies who have been waiting to IPO to seize the opportunity to access the capital markets while the process is easier, being a public company is less costly, and the broader business climate for the industry is supportive. In addition, we expect public energy companies to take advantage of this improved regulatory climate to access the capital markets more often than in recent years. Regardless, investor pressures to live within free cash flow, maintain low leverage and pay dividends to shareholders will continue to impact decision making with respect to equity and debt capital markets transactions.
Despite all this optimism, it remains true that capital markets for the energy industry are only as strong as the capital markets themselves. Other significant events, such as war, pandemic, inflation, labor shortages, or supply cost increases from tariffs, could have an adverse impact on the equity markets or the energy industry generally. Similarly, any increases in the deficit and inflation could cause interest rates to rise again, increasing the cost of accessing the debt capital markets. Even so, energy capital markets generally thrive on stability and low volatility and the regulatory environment under the second Trump administration appears to be conducive to this.
Gibson, Dunn & Crutcher’s lawyers are available to assist in addressing any questions you may have about these developments. To learn more, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Oil & Gas, Energy Regulation & Litigation, Environmental Litigation & Mass Tort, Power & Renewables, Cleantech, Antitrust & Competition, Capital Markets, or Mergers & Acquisitions practice groups:
Oil and Gas:
Michael P. Darden – Houston (+1 346.718.6789, [email protected])
Rahul D. Vashi – Houston (+1 346.718.6659, [email protected])
Graham Valenta – Houston (+1 346.718.6646, [email protected])
Energy Regulation and Litigation:
William R. Hollaway – Washington, D.C. (+1 202.955.8592, [email protected])
Tory Lauterbach – Washington, D.C. (+1 202.955.8519, [email protected])
Environmental Litigation and Mass Tort:
Stacie B. Fletcher – Washington, D.C. (+1 202.887.3627, [email protected])
David Fotouhi – Washington, D.C. (+1 202.955.8502, [email protected])
Rachel Levick – Washington, D.C. (+1 202.887.3574, [email protected])
Power and Renewables:
Peter J. Hanlon – New York (+1 212.351.2425, [email protected])
Nicholas H. Politan, Jr. – New York (+1 212.351.2616, [email protected])
Cleantech:
John T. Gaffney – New York (+1 212.351.2626, [email protected])
Daniel S. Alterbaum – New York (+1 212.351.4084, [email protected])
Adam Whitehouse – Houston (+1 346.718.6696, [email protected])
Antitrust and Competition:
Rachel S. Brass – San Francisco (+1 415.393.8293, [email protected])
Kristen C. Limarzi – Washington, D.C. (+1 202.887.3518, [email protected])
Cynthia Richman – Washington, D.C. (+1 202.955.8234, [email protected])
Capital Markets:
Andrew L. Fabens – New York (+1 212.351.4034, [email protected])
Hillary H. Holmes – Houston (+1 346.718.6602, [email protected])
Stewart L. McDowell – San Francisco (+1 415.393.8322, [email protected])
Peter W. Wardle – Los Angeles (+1 213.229.7242, [email protected])
Mergers and Acquisitions:
Robert B. Little – Dallas (+1 214.698.3260, [email protected])
Saee Muzumdar – New York (+1 212.351.3966, [email protected])
George Sampas – New York (+1 212.351.6300, [email protected])
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.