Gibson Dunn | Client Alert

Client Alert

January 18, 2019

Fourth Quarter 2018 Update on Class Actions

Click for PDF This update provides an overview and summary of key class action developments during the fourth quarter of 2018 (October through December). Part I summarizes amendments to Rule 23 that went into effect on December 1, 2018. Part II covers an important First Circuit decision in In re Asacol Antitrust Litigation, in which the court reversed a class certification order where a significant number of uninjured individuals were included in the certified class. Part III discusses a Second Circuit decision rejecting an attempt by defendants to moot putative class actions. Part IV addresses a Ninth Circuit decision considering what constitutes a "coupon" settlement subject to increased scrutiny under the Class Action Fairness Act. I.   December 2018 Amendments to Rule 23 First, new amendments to Rule 23 took effect on December 1, 2018.  These amendments focus on procedural issues relating to class settlement and notice to absent class members.  We have briefly summarized the changes below: Electronic Notice to Rule 23(b)(3) Classes:  Rule 23(c)(2)(B), which governs notice requirements for Rule 23(b)(3) classes, now expressly permits notice via electronic or other means, so long as the selected method is "the best notice practicable under the circumstances." Explicit Standards for Settlement Approval:  To provide courts with a standard set of substantive and procedural concerns to consider when determining whether a settlement is "fair, reasonable, and adequate," the amended Rule 23(e)(2) directs courts to consider:  (1) the adequacy of representation by class representatives and class counsel; (2) whether "the proposal was negotiated at arm's length"; (3) the adequacy of relief, taking into account various factors; and (4) whether "class members are treated equitably relative to each other." Many courts had already been relying on these factors, but there was not always uniformity among the federal circuits.  The advisory committee's comments also specifically note that the amended language was not intended to displace other factors courts have used to determine fairness, reasonableness, and adequacy. Addressing "Bad Faith" Objectors:  The amendments to Rule 23(e)(5) attempt to deter "bad faith" objections to class settlements in two ways.  First, Rule 23(e)(5)(A) requires objectors to state specific grounds for any objection and whether the objection applies to the entire class, a subset of the class, or just the objector.  Second, a new provision—Rule 23(e)(5)(B)—prohibits an objector from receiving consideration for withdrawing an objection or for abandoning an appeal from a judgment approving the proposal, unless approved by the court after a hearing.  These changes are designed to curb meritless objections that are asserted by objectors in order to obtain payoffs in return for withdrawing the objections—a disturbing trend that has increased in recent years. Standards for Approving Notice of Proposed Class Settlement:  In an effort to avoid scenarios in which the parties provide notice after preliminary approval of a class settlement, only to have the court deny final approval or order additional notice, the amendment to Rule 23(e)(1) now requires parties to provide the court "with information sufficient to enable [the court] to determine whether to give notice of the proposal to the class."  Based on the information provided by the parties, Rule 23(e)(1) also now mandates that a court determine, before sending notice to the class, that the proposed class will likely be certified and the proposed settlement is likely to earn final approval.  Before this change, many courts at the preliminary approval stage had merely been asking whether a settlement was within the "range of reasonableness," so it was not entirely unusual for courts to grant preliminary approval, direct costly notice to be issued to the class, but then deny final approval based on concerns that could have been spotted at the outset.  This amendment thus aims to prevent situations in which a court is asked to order notice based on insufficient information, and thereafter must order a second notice, which is both wasteful and confusing to class members. Clarification of Interlocutory Appeals Permitted under Rule 23(f):  The amendment to Rule 23(f) clarifies that an order to give notice of proposed settlement under Rule 23(e)(1) cannot be appealed under Rule 23(f).  As such, Rule 23(f) permits parties to seek permission to pursue an interlocutory appeal only of an order granting or denying class certification.  Rule 23(f) also extends the 14 day time limit to 45 days for cases where the U.S. government is a party. II.   First Circuit Reverses Class Certification Order Because at Least 10% of Class Members Suffered No Injury  As we have discussed in a past update, the federal courts of appeals have long been divided over whether it is permissible to certify a class that includes uninjured class members who lack standing under Article III.  Although the Supreme Court has never squarely addressed the issue, the Court noted in Tyson Foods, Inc. v. Bouaphakeo, 136 S. Ct. 1036 (2016), that "the question whether uninjured class members may recover is one of great importance."  Id. at 1050.  And Chief Justice Roberts in his Tyson Foods concurring opinion expressed his view that "Article III does not give federal courts the power to order relief to any uninjured plaintiff, class action or not."  Id. at 1053 (Roberts, C.J., concurring). This past quarter, the First Circuit addressed this issue in In re Asacol Antitrust Litigation, 907 F.3d 42 (1st Cir. 2018).  The court reversed an order certifying a class of indirect purchasers of the anti-inflammatory drug Asacol because "there are apparently thousands [of class members] who in fact suffered no injury" and the "need to identify those individuals will predominate and render a[ class] adjudication unmanageable."  Id. at 53–54. The plaintiffs sought to represent a class of buyers who purportedly bought Allergan medicines at artificially high prices because Allergan's predecessor allegedly pulled Asacol off the shelves just before its patent expired and replaced it with a newer version of the drug, which had a later patent expiration date.  Id. at 45–47.  According to the plaintiffs, this conduct injured them because it "allegedly precluded generic manufacturers from introducing a generic version of Asacol, which would have provided a lower-cost alternative."  Id. at 44. It was undisputed that at least 10% of the putative class members—"thousands" of individuals—had not suffered any injury attributable to the allegedly anticompetitive conduct because they were brand loyalists who would not have switched to a generic drug had one been available.  Id. at 53–54.  Nonetheless, the district court certified a class that included those uninjured persons, reasoning that the uninjured class members could be removed in a subsequent proceeding conducted by a claims administrator.  Id. at 47. The First Circuit reversed, holding that the plaintiffs could not satisfy the predominance requirement of Rule 23(b)(3) because individualized issues relating to the uninjured class members would predominate.  As the First Circuit noted, "determining whether any given individual was injured (and therefore has a claim) turns on an assessment of the individual facts concerning that person," and "the defendant must be offered the opportunity to challenge each class member's proof that the defendant is liable to that class member."  Id. at 55. The court rejected the plaintiffs' argument that class members could submit affidavits to a claims administrator who could distinguish injured class members from uninjured members, explaining that such a process could only work if the declarations would be "unrebutted."  Id. at 52–53.  But where the "defendants have expressly stated their intention to challenge any affidavits that might be gathered," the affidavits would not be sufficient, as a "claims administrator's review of contested forms completed by consumers concerning an element of their claims would fail to be protective of defendants' Seventh Amendment and due process rights."  Id. (internal quotation marks omitted).  The First Circuit emphasized that "[t]he fact that plaintiffs seek class certification provides no occasion for jettisoning the rules of evidence and procedure, the Seventh Amendment, or the dictate of the Rules Enabling Act."  Id. at 53. In reaching its decision, the First Circuit distinguished the Supreme Court's decision in Tyson Foods, where the underlying substantive law—the Fair Labor Standards Act—supported the admissibility of representative evidence, noting that the plaintiffs in Asacol had "point[ed] to no such substantive law that would make an opinion that ninety percent of class members were injured both admissible and sufficient to prove that any given individual class member was injured."  Id. at 54. The First Circuit also disagreed with the plaintiffs' assertion that the district court could proportionately reduce the aggregate damages award by the percentage of uninjured class members, concluding that this approach incorrectly assumed that the amount of damages did not depend on the number of class members harmed.  Id. at 55.  Rather, "proving that the defendant is not liable to a particular individual because that individual suffered no injury reduces the amount of the possible total damages."  Id.  Moreover, if the plaintiffs' approach were permissible, "there would be no logical reason to prevent a named plaintiff from bringing suit on behalf of a large class of people, forty-nine percent or even ninety-nine percent of whom were not injured, so long as aggregate damages on behalf of 'the class' were reduced proportionately."  Id. at 56.  The First Circuit concluded that "[s]uch a result would fly in the face of the core principle that class actions are the aggregation of individual claims, and do not create a class entity or re-apportion substantive claims."  Id. Asacol represents a significant victory for class action defendants, who often are faced with putative classes filled with uninjured persons who could never assert a viable claim on an individual basis.  The plaintiffs have filed a petition for rehearing en banc, which remains pending. III.   The Second Circuit Rejects Attempt to Moot Putative Class Actions As we have discussed previously, including in our 2016 year-end update, the Supreme Court decided in Campbell-Ewald Co. v. Gomez that an unaccepted settlement offer—even an offer of complete relief—does not necessarily moot a plaintiff's claim.  136 S. Ct. 663, 670–71 (2016).  However, the Court did not decide "whether the result would be different if a defendant deposits the full amount of the plaintiff's individual claim in an account payable to the plaintiff, and the court then enters judgment for the plaintiff in that amount."  Id. at 672.  Nonetheless, the trend has been to reject a distinction between an unaccepted offer of judgment and an unaccepted offer combined with the delivery of money to the plaintiff, as we reported in May 2017. That trend continued in the Second Circuit this past quarter.  In Geismann v. ZocDoc, Inc., 909 F.3d 534 (2d Cir. 2018), the court held that tendering payment to the named plaintiff does not moot putative class claims.  The plaintiff filed a putative class action alleging violations of the Telephone Consumer Protection Act.  Id. at 536–37.  The defendant made two attempts to moot the plaintiff's individual claims.  It first made a settlement offer under Rule 68, which the plaintiff rejected.  Id. at 537.  The district court then entered judgment in the amount of the offer, and dismissed the action as moot.  The plaintiff appealed, and the Second Circuit applied Campbell-Ewald to reverse, holding that the offer did not moot the claims.  Id.  On remand, the defendant tried again, this time tendering payment to the court under Rule 67.  Id.  The district court again entered judgment for the defendant, and the plaintiff again appealed.  Id. The Second Circuit followed the reasoning set forth by the Seventh Circuit in Fulton Dental, LLC v. Bisco, Inc., 860 F.3d 541 (7th Cir. 2017), and held that, under Campbell-Ewald, an unaccepted tender of payment under Rule 67 is the same as an unaccepted offer of payment—neither is binding under contract law until accepted, and neither moots a plaintiff's claims.  Geismann, 909 F.3d at 541.  The court explained that the Rule 67 procedure provides for safekeeping of disputed funds pending resolution of litigation, but it cannot alter the parties' contractual relationship and legal duties.  Id. at 541–42.  "[A] conclusion otherwise," the court reasoned, "would risk placing the defendant in control of a putative class action, effectively allowing the use of tactical procedural maneuvers to thwart class litigation at will."  Id. at 543. While courts continue to be skeptical of attempts to moot putative class actions through efforts to make a named plaintiff whole, it is important to note that the Supreme Court in Campbell-Ewald left open the possibility that actual delivery of money to the named plaintiff—as opposed to a mere settlement offer—might result in mootness.  Given that unanswered question, it is possible the Court may eventually weigh in on these issues again. IV.   The Ninth Circuit Provides Guidance on Identifying a "Coupon" Settlement The Class Action Fairness Act ("CAFA") imposes certain limitations and requirements in the event a class action settlement includes coupons.  Specifically, under CAFA, district courts must consider "the value to class members of the coupons that are redeemed," and not the aggregate value of all coupons that are simply offered, when assessing the amount of relief awarded to the class for purposes of awarding attorney's fees for class counsel.  28 U.S.C. § 1712(a) (emphasis added).  However, CAFA does not define what is a "coupon," leaving that term for the courts to interpret. The Ninth Circuit took up that issue in In re Easysaver Rewards Litigation, 906 F.3d 747 (9th Cir. 2018).  The plaintiffs in that case alleged that after they had purchased defendants' products online, the defendants had, without plaintiffs' knowledge or consent, enrolled the plaintiffs in a "rewards" program that charged them ongoing fees for no actual benefits.  The parties ultimately reached a proposed settlement that included a $20 credit that class members could use to purchase additional products from the defendants online.  The district court approved the settlement and awarded attorney's fees to class counsel based on the total value of the credits offered (not just those redeemed), reasoning that the credits did not count as "coupons" because "of how closely the relief matched class members' alleged injury."  Id. at 756. The Ninth Circuit reversed.  The court reiterated its three-factor inquiry for determining what constitutes a coupon under CAFA: "(1) whether class members have 'to hand over more of their own money before they can take advantage of' a credit, (2) whether the credit is valid only 'for select products or services,' and (3) how much flexibility the credit provides, including whether it expires or is freely transferrable."  Id. at 755 (quoting In re Online DVD, 779 F.3d 934, 951 (9th Cir. 2015)). Applying these factors to the credits in Easysaver, the Ninth Circuit concluded that the credits were coupons.  First, class members could use the credits to purchase only a very limited universe of online products—such as flowers, chocolates, and similar gifts—without spending any of their own money.  Id. at 757.  In fact, when asked at the fairness hearing whether a class member could purchase anything from the defendants' websites for the amount of the credits once shipping charges were included, counsel replied:  "If you include shipping, I'm not sure."  Id.  Second, the Ninth Circuit was troubled by the fact that in order to take advantage of the credit, class members "must hand over their billing information again to the very company that they believe mishandled that information in the first place," resulting in the same activity that they believe led to their injury.  Id.  Third, the credits also had a series of blackout periods—including Mother's Day, Valentine's Day, and other holidays on which consumers most often buy flowers and chocolates.  Id. The district court erred, according to the Ninth Circuit, by improperly relying on a fourth factor—i.e., "how closely the relief matched class members' alleged injury."  Id. at 756.  The court explained that while this equivalence "bore on the fairness of the settlement," it did not impact "whether the vouchers were coupons under CAFA."  Id.  This holding brings the Ninth Circuit in line with the Seventh Circuit, which has rejected a similar analysis.  See In re Sw. Airlines Voucher Litig., 799 F.3d 701, 706 (7th Cir. 2015). The proposed credits in Easysaver bore several key indicia of a coupon settlement, and the Ninth Circuit plainly was suspicious of the actual value, if any, to class members, particularly given the underlying nature of the defendants' alleged wrongdoing.  This opinion reinforces the incentives for plaintiffs' counsel to avoid artificial inflation of a settlement "without a concomitant increase in the actual value of relief for the class."  Easysaver, 906 F.3d at 755. The following Gibson Dunn lawyers prepared this client update: Christopher Chorba, Theane Evangelis, Kahn A. Scolnick, Bradley J. Hamburger, Jeremy Smith, Wesley Sze, Jennafer Tryck, Gatsby Miller and Andrenna Berggren. Gibson Dunn attorneys are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work in the firm's Class Actions or Appellate and Constitutional Law practice groups, or any of the following lawyers: Theodore J. Boutrous, Jr. - Co-Chair, Litigation Practice Group - Los Angeles (+1 213-229-7000, tboutrous@gibsondunn.com) Christopher Chorba - Co-Chair, Class Actions Practice Group - Los Angeles (+1 213-229-7396, cchorba@gibsondunn.com) Theane Evangelis - Co-Chair, Class Actions Practice Group - Los Angeles (+1 213-229-7726, tevangelis@gibsondunn.com) Kahn A. Scolnick - Los Angeles (+1 213-229-7656, kscolnick@gibsondunn.com) Bradley J. Hamburger - Los Angeles (+1 213-229-7658, bhamburger@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP, 333 South Grand Avenue, Los Angeles, CA 90071 Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Read More

January 18, 2019

Developments in the Defense of Financial Institutions – Calculating the Financial Exposure

Click for PDF Our financial institution clients frequently inquire about how best to address their regulatory and financial exposure in inquiries by the U.S. Department of Justice ("DOJ") and regulators in the United States.[1]  With corporate entities[2] being held criminally liable under the U.S. legal doctrine of respondeat superior for the actions of even non-executive relationship managers and other employees, it is essential for boards of directors and senior management to have a clear understanding of the ways in which U.S. enforcers determine penalties for organizations, particularly regulated financial institutions. This alert is part of a series of regular analyses of the unique impact of white collar issues on financial institutions.  In this edition, we examine the frameworks that DOJ and other U.S. enforcers have used in their corporate penalty calculations involving financial institutions.[3]  We begin in Section 1 by providing a general overview of the potential components of financial penalties imposed by DOJ and other U.S. enforcers.  Section 2 includes an analysis of DOJ resolutions involving financial institutions over a 10-year period and outliers within that same 10-year period.  Section 3 reviews the enforcement resolutions of certain other U.S. enforcers in order to highlight differences in the imposition of financial penalties (as discussed below) between those enforcers and DOJ.  Section 4 analyzes recent guidance and public statements for a preview of how corporate penalties may be calculated in the near future.  The alert concludes by presenting a series of key observations, which a financial institution should bear in mind if it finds itself forced to negotiate with DOJ or other U.S. enforcers in connection with a criminal or civil enforcement action. 1.      Potential Components of Financial Penalties Financial penalties generally consist of some combination of the following three potential components:  monetary fines; restitution; and disgorgement.[4]  In calculating financial exposure, it is useful to understand the policy objectives and legal underpinnings of each component.  This section discusses those objectives and legal underpinnings, and details how DOJ calculates the first component (i.e., monetary fines) as part of a criminal resolution. a.       Fines Many federal statutes contain their own fine provisions, including a maximum fine amount.  For example, the Bank Fraud statute provides for fines of up to $1 million per violation.[5]  Similarly, the mail and wire fraud statutes provide for a $1 million fine per occurrence.[6] It would be a mistake, however, to focus solely on the upper bounds contained in a specific federal statute in determining potential financial exposure, as those ranges often bear little resemblance to the penalty amount being sought in an enforcement action.  That is because federal law allows DOJ to calculate maximum fines as a multiple of the total amount of gross gain or loss attributable to an offense.[7]  Even relying on the statutory penalties, an aggressive U.S. enforcer may be able to augment a specific statutory range or cap by asserting that there are multiple discrete violations and aggregating those individual instances together to increase the potential penalty. The practical reality is that U.S. enforcers have broad discretion in assessing the ultimate fine amount.  That discretion is generally guided by a set of factors these enforcers consider when settling on a monetary penalty.  Each U.S. enforcer has its own set of factors, the application of which is sometimes difficult to discern in individual enforcement actions. DOJ's determination of an appropriate fine or monetary penalty in a federal criminal investigation is driven by the concepts and principles codified in the U.S. Sentencing Guidelines ("Guidelines"), the most recent edition of which took effect on November 1, 2018.[8]  Chapter 8 of the Guidelines describes the principles used in calculating appropriate criminal fines for organizational or corporate defendants, which may be imposed instead of, or in addition to, restitution and/or disgorgement.  As described in further detail below, Chapter 8 of the Guidelines includes a number of aggravating or mitigating factors that can have a significant impact on the final fine amount. A number of U.S. enforcers also publish policies applicable to violations of particular statutory provisions.  These policies often offer reductions in the amount of a penalty if and when a corporate entity fulfills certain specific criteria. One recently promulgated policy is DOJ's FCPA Corporate Enforcement Policy (the "FCPA Policy"), which was established as a pilot program in 2016 and formalized in DOJ's Justice Manual in November 2017.[9]  The FCPA Policy incentivizes organizations to voluntarily self-disclose FCPA violations to DOJ.[10]  Under the FCPA Policy's terms, a company's voluntary self-disclosure, full cooperation, and timely efforts to remediate alleged misconduct are factors considered when determining whether the company qualifies for a mitigated penalty, which can range from a declination (i.e., a decision not to impose a fine at all), to a flat 50-percent reduction off the low end of the potential fines imposed where "aggravating factors" are present (e.g., the involvement of executive management).[11]  Not all factors need be present for a company to qualify for mitigation of the ultimate penalty.  For example, a company that fails to self-disclose, but which otherwise cooperates fully and makes remediation efforts, may still qualify to receive a fine reduction of up to 25 percent.  The FCPA Policy includes a set of detailed standards that specifically set forth what constitutes voluntary self-disclosure and full cooperation, and describe the basic requirements for a company to receive full credit for timely and appropriate remediation.  We discussed voluntary self-disclosure by financial institutions in greater detail in our July 2018 Defense of Financial Institutions Client Alert. b.      Restitution Restitution is an equitable remedy in criminal actions brought by U.S. enforcers.  Restitution is intended to compensate alleged victims based on the amount of their loss.[12]  In civil and administrative actions, restitution is available when a defendant is alleged to have violated a statute that provides for equitable remedies.  In these types of actions, a court looks to the statutory system under which a remedy is sought and determines its authority to order equitable relief.  Many state and federal statutes—such as the 1933 Securities Act and the 1934 Exchange Act—expressly confer equity jurisdiction on the courts.  Even when a statute is unclear regarding the scope of the grant of authority to issue equitable relief, courts have taken an expansive view of their implied powers to provide equitable relief.[13] As discussed in greater detail below, in the criminal context, DOJ will use the Guidelines to calculate restitution amounts.  The Guidelines mandate restitution for all federal offenses, except under certain circumstances. c.       Disgorgement Disgorgement is also an equitable remedy, but, unlike restitution, disgorgement focuses on the defendant (not the alleged victim) in an enforcement action.[14]  Specifically, disgorgement is intended to deprive the defendant of its profits or other gain associated with the alleged conduct that is the subject of the enforcement action. As with restitution, in the criminal context, the Guidelines expressly address disgorgement as a component of the sentencing process.[15]  Generally, however, restitution takes precedence over disgorgement, such that disgorgement may appropriately be viewed as a supplemental penalty imposed if and when a defendant retains any gains after restitution has been imposed.[16] Although disgorgement has traditionally been secondary to restitution in criminal proceedings, DOJ recently has sought disgorgement through its FCPA Policy as a primary remedy in FCPA enforcement actions.  In particular, DOJ has taken this novel approach by issuing resolutions involving declinations with disgorgement.[17] DOJ appears poised to extend this new approach in seeking declination-with-disgorgement resolutions beyond the FCPA context, potentially increasing the number of DOJ resolutions seeking disgorgement as the sole remedy.  In September 2018, DOJ reached a declination-with-disgorgement resolution with Barclays Bank PLC after an investigation involving fraud and market manipulation allegations.  In publicly discussing this resolution, the Principal Deputy Assistant Attorney General of the DOJ's Criminal Division and the then Chief of DOJ's Securities and Financial Fraud Unit stated that DOJ would consider declination-with-disgorgement resolutions in cases involving federal laws other than the FCPA, including the False Claims Act, the Dodd-Frank Act, and the Sarbanes-Oxley Act.[18] d.      Calculating the Fine under the Guidelines The Guidelines contain aggravating and mitigating factors that are used to determine a fine range.  These factors present opportunities for principled advocacy to explain why a particular enhancement is not warranted or, conversely, why a mitigating factor should be applied that would decrease the fine. In advocating for how specific factors contribute to a given fine calculation, financial institutions can rely on a number of sources, including: the text of the Guidelines themselves and the interpretive guidance contained in their application notes; case law, which is fairly limited given how infrequently organizations choose to litigate criminal cases; and the precedent established by prior criminal resolutions. Of these, prior resolutions can be very significant.  For that reason, financial institutions should seek to demonstrate that the application of relevant factors within the Guidelines is consistent with how similarly-situated organizations have been treated by DOJ.  Alternatively, financial institutions should seek to demonstrate that the result sought by the U.S. enforcer is inconsistent with prior cases, particularly when negotiating with government attorneys responsible for a wider range of enforcement matters, such as with one of the U.S. Attorney's Offices most active in the corporate enforcement arena. We begin with an overview of the framework for calculating organizational fines under Chapter 8 of the Guidelines and then include a more detailed analysis of three of the most commonly used variables—prior history, the role of management, and placement within the resulting Guidelines range—that feed into the final fine calculation.  The overview and detailed analysis of each variable concludes with a discussion of potential advocacy points that financial institutions can utilize in negotiating DOJ resolutions.  i.      Overview of Criminal Fine Calculations under Chapter 8 of the Guidelines The determination of an appropriate criminal fine begins with the calculation of the base fine.  The base fine represents the greatest of: the amount correlating to the offense level calculated under the relevant section the Guidelines;[19] the pecuniary gain to the organization; or the pecuniary loss caused by the organization, to the extent it was caused intentionally, knowingly, or recklessly.[20] Section 8C2.4(d) contains a fine table with base fines ranging from $8,500 to $150,000,000 depending on the offense level calculated under the Chapter 2 of the Guidelines.  However, the pecuniary gain or loss involved in the alleged misconduct at hand often will exceed that number and will therefore serve as the base fine. To determine the applicable fine range, the base fine will be multiplied by a figure determined based on the "culpability score."  The culpability score begins at a base level of five,[21] and can be increased or decreased based on certain "aggravating" or "mitigating" factors.[22]  The resulting culpability score determines the multiplier applicable to the base fine in order to determine the fine range, which can vary from as low as a multiplier of 0.05 for a culpability score of zero or below, to as high as a multiplier of 4.0 for a culpability score of 10 or above.[23] As the broad range of available multipliers suggests, even a modest change in culpability score can drastically affect the resulting penalty amount.  For example, in a matter with a $100 million base fine, a single point culpability score increase from five to six raises the top-end fine by $40 million, from $200 million to $240 million.  This fine amount is independent of the restitution, disgorgement, and any other financial components of the contemplated resolution.  Given the significant effect of the culpability score on the resulting penalty, financial institutions should arm themselves with principled arguments to explain why a particular culpability score factor should (or should not) be applied. There are three aspects of the fine calculation that often are relevant to financial institutions:  the organization's prior history of allegedly similar misconduct; the extent to which a sentence can be enhanced or reduced based on the role of management; and the placement of the fine amount within the applicable fine range.     ii.      Prior History Enhancement Chapter 8 of the Guidelines provides a two-point enhancement in culpability score if "the organization (or a separately managed line of business) committed any part of the instant offense less than 5 years after (A) a criminal adjudication based on similar misconduct; or (B) civil or administrative adjudication(s) based on two or more separate instances of similar misconduct."[24]  An organization can be subject to a one-point enhancement if either of these conditions occurred within the last 10 years prior to the alleged misconduct.[25] As financial institutions—particularly large, diversified organizations with several different business lines—may be subject to a wide range of regulatory or enforcement actions, it is important to understand the nuances of this enhancement to make arguments against its imposition.  The most salient aspects of this enhancement and the advocacy points most relevant for each are as follows: Policy Justification:  The organizational Guidelines do not specify the rationale for the prior history enhancement, but the guidance underlying analogous sections of the individual Guidelines roots this enhancement in the principles that recidivists are more culpable than first offenders and that stronger enforcement for repeat offenses acts as a general deterrent.[26]  Based on this yardstick, financial institutions can argue that recidivism concerns are misplaced if the government is relying on prior regulatory actions or findings—those regulatory actions serve different purposes than enforcement actions and should not properly be considered prior criminal history. "Adjudication:"  The Guidelines do not define what types of regulatory actions qualify as a prior "civil or administrative adjudication."[27]  Other sources suggest the most salient characteristic of an adjudication is its adversarial nature.[28]  Based on this principle, financial institutions can potentially argue that administrative consent decrees (in which a party negotiates with the enforcer on how it will address a prior compliance deficiency or potential violation) and regulatory audits (which by their nature identify areas of improvement) should not serve as the basis of a sentencing enhancement, particularly where the organization has complied with the terms of the consent order or remediated the issues identified in the audit.  The specific and nuanced wording of individual consent decrees and audits can often aid with advancing this argument. Timing of Prior History:  Given the lengthy time span and multi-agency aspect of many enforcement inquiries involving financial institutions, any regulatory action involving similar misconduct must be issued prior to the instant alleged misconduct to justify the imposition of this enhancement.[29]  As such, the conduct underlying a prior regulatory adjudication should not both be part of the alleged misconduct forming the basis for the resolution and the basis for a prior history enhancement. Similar Misconduct:  For the prior history enhancement to be applied, the prior criminal, civil, and/or administrative adjudication(s) must be based on "similar misconduct" to the alleged misconduct in the instant case.[30]  The Guidelines define "similar misconduct" broadly to mean "prior conduct that is similar in nature to the conduct underlying the instant offense," giving the example of Medicare fraud and another type of fraud,[31] and case law supports this broad interpretation.[32]  Nonetheless, organizations should be prepared to substantively distinguish the alleged misconduct from the conduct forming the basis of the alleged "prior adjudication(s)." "Separately Managed Lines of Business:"  The prior history enhancement applies if "an organization (or separately managed line of business)" was subject to a prior adjudication based on similar misconduct.[33]  The Guidelines indicate that a "separately managed line of business" may include a corporate subsidiary or division,[34] and that in determining the prior history of a separately managed line of business, the enforcer should only consider the history of that separately managed line of business.[35]  Thus, financial institutions could seek to demonstrate that a prior action involved a different subsidiary or unit than the component(s) involved in the current matter. In addition to the specific terms of this provision of the Guidelines, organizations may advocate against the application of the prior history enhancement based on its infrequent historical application in prior corporate criminal resolutions.  According to aggregate annual statistics published by the U.S. Sentencing Commission, the prior history enhancement has been applied in a mere 1.39 percent (12 of 865) cases involving detailed organizational sentencing calculations between 2006 and 2017.[36]  To go beyond data available at sentencing, we have reviewed 119 major corporate resolutions (including guilty pleas, deferred prosecution agreements ("DPAs"), and non-prosecution agreements ("NPAs")) since the beginning of 2008,[37] and have identified only four resolutions in which a one- or two-point enhancement for prior history was applied.[38]  The circumstances of these resolutions suggest that DOJ will generally apply this enhancement only for cases involving clear instances of recidivism in breach of a prior resolution arising from the same type of misconduct. iii.      Sentencing Enhancements or Reductions Based on Management's Role In recent years, U.S. enforcers have emphasized the importance of "corporate culture," particularly as it relates to the "tone at the top" set by an organization's senior management.  In the compliance context, the theory is that if an organization's top management demonstrates a firm commitment to ensuring that the company complies with its legal and regulatory obligations—which must go beyond simply establishing written policies and procedures on paper—this emphasis will filter down to rank-and-file employees, ensuring a higher level of overall compliance.  Conversely, DOJ takes the view that if management fails to adequately invest in compliance and emphasizes profitability above all else, line employees throughout the organization will see compliance as an obstacle rather than as a point of emphasis. The alleged role of management is one of the largest drivers of an organization's culpability score.  Organizations may be subject to a culpability score enhancement of up to five points if either "(i) high-level personnel of the organization [or unit] participated in, condoned, or was willfully ignorant of the offense; or (ii) tolerance of the offense by substantial authority personnel was pervasive throughout the organization [or organizational unit]."[39]  According to the Guidelines, the magnitude of the enhancement is based on the total headcount of the culpable organization (or unit) because the larger the organization, the more significant the consequences of management's complicity or willful ignorance of misconduct, and the more substantial the risk that misconduct in one area will spread to the rest of the organization.[40]  Based on the significant impact that the role of management can play in the calculation of a monetary fine, financial institutions should consider the following advocacy points. Determining the Relevant Organization or Unit:  The biggest driver of the culpability score enhancement for management involvement is the size of the organization or unit implicated in the alleged misconduct.  Therefore, financial institutions should seek to precisely define what unit(s) or division(s) were implicated in the conduct at issue and which were not, and consequently should argue for an enhancement based on that more limited scope (if it is appropriate to impose one at all).  Recent corporate criminal resolutions involving only specific units or subsidiaries of large, multinational companies suggest that DOJ is receptive to these arguments and will resolve a matter with only the culpable unit(s) if doing so is warranted by the facts.[41] "Willful Ignorance:"  This enhancement may be applied if a high-level manager "participated in, condoned, or was willfully ignorant of the offense."[42]  The Guidelines definition indicates that an individual is willfully ignorant if "the individual did not investigate the possible occurrence of unlawful conduct despite knowledge of circumstances that would lead a reasonable person to investigate whether unlawful conduct had occurred."[43]  This fairly flexible definition—suggesting that mere failure to investigate the reasonable possibility of unlawful conduct will suffice—is in tension with recent Supreme Court precedent defining willful ignorance as characterized by employees' efforts to "deliberately shield[] themselves from clear evidence of critical facts that are strongly suggested by the circumstances."[44]  Given the non-mandatory nature of the Guidelines following the Supreme Court's decision in United States v. Booker,[45] organizations should advocate that the Supreme Court's more exacting standard be applied. Definition of an "Effective Compliance and Ethics Program:"  The Guidelines call for a three-point reduction in an organization's culpability score if the organization had an "effective compliance and ethics program" in place at the time the offense occurred.[46]  This is a credit that is generally unavailable to organizations subject to the enhancement for management involvement.[47]  The Guidelines define this program by reference to seven "minimal" features needed to show that the organization "exercise[s] due diligence to prevent and detect criminal conduct" and "promote[s] an organizational culture that encourages ethical conduct and a commitment to compliance with the law."[48]  The Guidelines further indicate that an ethics and compliance program must be "generally effective" at detecting and preventing criminal conduct, based on applicable industry and regulatory standards, the size and sophistication of the organization, and the organization's history of prior misconduct.[49] Precedential Application of the Compliance and Ethics Program Reduction:  A review of all corporate sentencings between 2006 and 2017 indicates that a mere 5 of 860 (0.58 percent) of corporate defendants received this three-point credit.[50]  Given the emphasis over the last twenty years on corporate compliance, the paucity of companies qualifying for an effective compliance program is discouraging.  The infrequency with which organizations receive this credit at sentencing should not, however, prevent financial institutions from advocating for this credit in a pre-charge resolution, particularly since arguments about the state of a company's compliance controls are relevant to placement in the fine range and may have implications for other civil or administrative proceedings.    iv.      Placement of the Penalty Within the Fine Range Even after DOJ calculates and establishes the key inputs of a financial penalty under the Guidelines (i.e., the base fine and culpability score), DOJ retains a potentially significant degree of discretion in situating a penalty within the resulting fine range. The Guidelines identify 11 factors that DOJ should consider in determining the appropriate placement of a penalty in the fine range.[51]  The Guidelines further indicate that DOJ may consider "the relative importance of any factor used to determine the range," including the amount of pecuniary loss or gain, specific offense characteristics, or the aggravating or mitigating factors used to calculate the culpability score.[52]  Thus, DOJ has significant latitude in advocating for the placement of the fine relative to the range. Despite the seeming flexibility DOJ has in setting an appropriate fine relative to the applicable range, in practice, most fines are situated at or in some cases substantially below the lower end of the fine range.[53]  In some cases, companies were fined at or below the low end of the range as part of an articulated enforcement program that leads to different results than those suggested by Guidelines § 8C2.8. For one example, the DPA for the DOJ Tax Division's recent Swiss Bank Program $98 million resolution with Zürcher Kantonalbank ("ZKB"), filed in August 2018, highlighted that the bank's cooperation credit was reduced because it discouraged two indicted, separately represented bankers from cooperating with U.S. authorities, contributing to the employees' decision to resist cooperating with the government's investigation for about two years.[54]  Notwithstanding this seemingly imperfect cooperation, ZKB's $35 million penalty represented a 50 percent discount below the bottom of the applicable fine range in recognition of its "substantial cooperation" with the investigation.[55]  For that reason, advocacy regarding the fine calculation should focus on the underlying basis for the base fine and the principles that feed into the culpability score, since those inputs will determine the range, and there will be ample precedent supporting a bottom-range or below-range fine. 2.      How DOJ Utilizes the Financial Penalty Components in Practice To understand how the three potential components—fine, restitution, and disgorgement—play out in practice, we analyzed 10-years' worth of DOJ resolutions involving financial institutions.  In addition, we make reference to DOJ's most notable resolutions in 2018 involving financial institutions.  Finally, to illuminate how DOJ can exercise complete discretion in calculating the penalties for a particular case in a manner that is either higher or lower than those penalties imposed in similar cases, we review DOJ resolutions where the financial penalties assessed were outliers in comparison to the majority of DOJ resolutions over the last 10 years. a.       10-Year Review of DOJ Resolutions Involving Financial Institutions We have identified 143 resolutions where DOJ assessed a penalty to a financial institution between 2008 to 2018.[56]  The findings below relate only to the penalties assessed by DOJ—not other U.S. enforcers.  It is not uncommon, however, particularly in larger resolutions, for financial institutions to enter into a global structure that includes resolutions with multiple U.S. agencies—both at the federal and state levels—and even foreign regulatory enforcement agencies.  The data and analysis in this subsection is limited to the penalty assessed by DOJ itself since that amount tends to be the largest single driver of financial exposure. Chart 1 below illustrates how frequently DOJ uses restitution, disgorgement/forfeiture, fines, or a mix of these penalties in resolutions with financial institutions. Chart 1 Chart 1 illustrates that approximately 68 percent of the resolutions that DOJ has entered into with financial institutions in the past decade have involved only a fine, without any disgorgement or restitution component.  Part of the explanation for this high percentage is that there were approximately 80 NPAs between DOJ and certain Swiss banks as part of a special DOJ program.  These resolutions only involved a fine.  However, fine-only resolutions are not limited to the Swiss bank context.  Resolutions between DOJ and financial institutions in matters resolving allegations of fraud or manipulation of the London Inter-bank Offered Rate ("LIBOR"), for instance, often involve only a fine component.  As such, resolutions involving only a fine are quite common. By contrast, resolutions involving only restitution are incredibly rare, occurring just 1.4 percent of the time.  Meanwhile, resolutions involving only disgorgement—which occur 14 percent of the time—are somewhat more common but still relatively rare.  The data also demonstrates that it is not uncommon for DOJ resolutions with financial institutions to involve multiple penalty components.  Approximately 16 percent of DOJ resolutions involve more than one penalty component.[57] If we analyze the amount of the penalties that DOJ assessed using each of these components, the importance of disgorgement and forfeiture as a penalty component becomes clearer.  Chart 2 illustrates the total amount of financial penalties DOJ has assessed to financial institutions using each penalty component between 2008 and 2018. Chart 2 As the data in Chart 2 shows, forfeiture and disgorgement account for nearly 61 percent of the dollars DOJ has assessed in penalties to financial institutions in the past decade, nearly twice as much as through fines alone.  A key factor that helps explain this data is that forfeiture has been the only, if not the predominant, penalty component in many of the largest resolutions between DOJ and financial institutions in the past decade.  Indeed, of the seven largest resolutions with DOJ in the past 10 years, disgorgement or forfeiture accounted for the majority of the financial penalty amounts.  For example, forfeiture comprised $8,833,600,000 of the $8,973,600,000 penalty in BNP Paribas' 2014 sanctions resolution, and the entire penalty in HSBC's $1.256 billion 2012 sanctions resolution, JP Morgan's 2014 $1.7 billion BSA resolution, and Société Générale S.A.'s 2018 $717 million sanctions resolution. b.      Notable 2018 Resolutions In 2018, there were 13 resolutions between DOJ and financial institutions in which the overall financial penalty was more than $5 million.[58]  Five of the 13 involved penalties over $100 million, including the second largest penalty ever imposed on a financial institution for alleged violations of U.S. economic sanctions.  Gibson  Dunn's 2018 Year-End NPA/DPA update offers a detailed analysis of these resolutions. c.       Outlier Resolutions When assessing how U.S. enforcers might assess penalties in a particular case, it is worth analyzing penalties that fall outside of the norm in order to understand whether the conduct at issue in a particular matter might carry significantly more or less financial exposure.  This subsection discusses two notable outliers, which illuminate how U.S. enforcers can exercise discretion in calculating the penalties for a particular case in a manner that is either higher or lower than those penalties imposed in similar cases.  At the high end, DOJ's $8.9 billion resolution with BNP Paribas remains the largest criminal penalty assessed to date against a financial institution.  This DOJ resolution was notable not only in terms of the overall size of the penalty, but also in the way that it was calculated.  At the low end, DOJ resolutions with "Category Two" banks as part of DOJ's Swiss Bank Program (as further discussed in the subsection below) were significantly less aggressive in terms of the way in which DOJ calculated financial penalties.     i.      On the High End – BNP Paribas In June 2014, BNP Paribas pled guilty to violating U.S. sanctions laws, agreeing to pay total financial penalties of $8.9 billion.[59]  This remains the largest criminal penalty that the United States has ever imposed on a financial institution or any other organization.  Of that $8.9 billion, BNP Paribas agreed to forfeit $8.8336 billion and pay a fine of $140 million.[60]  In addition to the sheer magnitude of the penalty, the way in which DOJ calculated the penalty was notable in two respects.  First, the forfeiture amount represented "the amount of proceeds traceable to the violations" set forth in the charging document.[61]  In other words, BNP Paribas was required to forfeit one dollar for every dollar that it cleared in a transaction violating U.S. sanctions laws, even though the bank only received a very small commission for clearing that dollar.  Second, the $140 million fine that DOJ assessed against BNP Paribas represented "twice the amount of pecuniary gain to [BNP Paribas] as a result of the offense conduct."[62]  Thus, BNP Paribas's fine was two times the amount of profits it received from this activity. It is quite rare for a penalty to include both a one-to-one forfeiture ratio (particularly in cases involving the violation of economic sanctions) and a two-to-one disgorgement ratio.  This extreme penalty may have reflected DOJ's perception of the egregiousness of BNP Paribas's alleged conduct and its level of cooperation.  Regarding its conduct, the bank cleared over $8.8 billion through the U.S. financial system that allegedly violated U.S. sanctions laws.[63]  It also continued to clear U.S. dollar transactions allegedly in violation of the Cuba embargo, according to DOJ, "long after it was clear that such business was illegal."[64]  Moreover, the bank continued clearing transactions allegedly in violation of U.S. sanctions on Iran "nearly two years after the bank had commenced an internal investigation into its sanctions compliance and pledged to cooperate with the [g]overnment."[65]  Ultimately, as the Assistant Attorney General for DOJ's Criminal Division explained, "BNP Paribas flouted U.S. sanctions laws to an unprecedented extreme, concealed its tracks, and then chose not to fully cooperate with U.S. law enforcement, leading to a criminal guilty plea and nearly $9 billion penalty."[66]     ii.      On the Low End – Swiss Bank Program In contrast to the BNP Paribas resolution, the total penalties that DOJ assessed in enforcement resolutions under its Swiss Bank Program with "Category Two" banks were on average less than five percent of the undeclared U.S. assets that these banks maintained. As noted above, DOJ's Swiss Bank Program allowed Swiss banks to resolve potential criminal liabilities in the United States by voluntarily disclosing undeclared U.S. accounts held at their banks.[67]  There were four categories of banks covered under the Swiss Bank Program.  Category One banks were under active criminal investigation and thus ineligible for the program.[68]  Category Two banks were those that had "reason to believe" that they may have committed tax-related offenses under U.S. law.[69] Since the program began, DOJ has entered into 81 NPAs with Swiss banks.[70]  The vast majority of these NPAs were with Category Two banks.  In NPAs with Category Two banks, DOJ agreed to significantly more modest penalty calculations.  The NPAs generally disclose in the statement of facts the aggregate value of the U.S.-related accounts that the bank maintained and did not disclose.  The average penalty assessed in NPAs with Category Two banks was approximately three percent of the aggregate value of the undisclosed accounts. 3.      Other U.S. Enforcers In addition to DOJ, other U.S. enforcers impose monetary fines against financial institutions and other organizations for violations of relevant federal laws and regulations.  These other U.S. enforcers' frameworks for calculating financial penalties, however, are not as well-defined as DOJ's framework under the Guidelines.  In the subsections below, we highlight 2018 resolutions imposed by the OCC and the FRB.  What becomes most apparent in analyzing these resolutions is that certain U.S. enforcers only impose fines (and not restitution or disgorgement penalties). a.       2018 OCC Resolutions In 2018, the OCC entered into seven resolutions with financial institutions where involving a settlement amount of $10 million or greater.  In addition to the penalties that the OCC assessed to U.S. Bank (discussed in the 2018 DPA/NPA mid-year alert) and Rabobank NA, it also assessed two other notable penalties over $50 million in 2018.  First, Wells Fargo, National Association, entered into an order with the OCC, which included a $500 million in civil money penalties to resolve matters regarding the bank's compliance risk management program and past practices.[71]  This penalty matched the largest penalty that the OCC has ever issued.  In addition, the bank submitted a plan for the management of remediation activities conducted by the bank.  Second, in October 2018, the OCC issued a consent order against Capital One Bank (U.S.A.), N.A., in which it assessed a $100 million civil penalty.[72]  This consent order was issued for BSA/AML violations, including violating a 2015 Consent Order.[73]  The fines in these OCC resolutions only included fines (i.e., the OCC did not include restitution or disgorgement). b.      2018 Federal Reserve Board Resolutions In 2018, the FRB issued five cease-and-desist orders, 12 civil monetary penalties, and three resolutions that included both a cease-and-desist order and a civil monetary penalty to financial institutions.  These three resolutions were the SocGen sanctions resolution, the U.S. Bank BSA/AML resolution (both referenced above), and a $54.75 million settlement with The Goldman Sachs Group, Inc. resolving allegations surrounding the bank's foreign exchange trading business.[74]  All of these financial penalties were composed entirely of fines. 4.      Forward-Looking Guidance from Enforcers Recent guidance by U.S. enforcers provides helpful clues as to how they will approach financial penalties for corporations.  In particular, enforcers have been focused on enhancing inter-agency coordination in order to avoid imposing duplicative penalties. a.       Recent Guidance One example of a written policy is DOJ's Justice Manual, which contains guidance with respect to the bringing of criminal actions against organizations and penalties associated with those actions.  The Justice Manual lists factors DOJ should consider in determining whether and how to charge a corporate entity, such as the nature of the offense, the "pervasiveness of the wrongdoing," the "history of similar misconduct," the "adequacy and effectiveness of the corporation's compliance program," among others.[75]  The Justice Manual also specifically outlines how voluntary self-disclosure and cooperation may affect the outcome of a criminal action against a legal entity, much like we discussed earlier in the context of the FCPA Policy.[76] In another example, the OCC issues written policies and guidance with respect to civil monetary penalties in its Policies and Procedures Manual ("PPM"), most recently updated on November 13, 2018.[77]  In the PPM, the OCC lays out the factors it considers in determining penalty amounts, including:  "(1) the size of financial resources and good faith of the institution . . .  charged; (2) the gravity of the violation; (3) the history of previous violations; and (4) such other matters as justice may require," as well as 13 additional factors set forth in an Interagency Policy issued by the Federal Financial Institutions Examination Council ("FFIEC") in 1998.[78]  The OCC includes matrices as appendices to the PPM, which apply "factor scores" to the different factors considered in determining an appropriate penalty.  Although these matrices "are only guidance" and "do not reduce the [penalty] process to a mathematical equation and are not a substitute for sound supervisory judgment," they provide guidance and may give financial institutions a sense of how the factors are weighed when the OCC considers a monetary penalty.[79] The FDIC publishes a similar matrix and issues guidance on the factors it considers when imposing penalties.  These factors are essentially the same as those considered by the OCC, which is unsurprising due to the coordination of the federal banking regulators through the FFIEC.[80] Further guidance—although nonbinding—regularly comes in the form of speeches at conferences and events by DOJ and other officials.  Given the flexibility and judgment calls involved in each decision, however, any review or estimate of financial exposure must include a review of the enforcement actions brought by these agencies in order to glean which factors will be applied and how they will be weighted. b.      Recent Guidance Focused on Inter-Agency Coordination Although many different U.S. enforcers have the authority to impose financial penalties, there have been efforts to coordinate resolutions between these agencies and, in some cases, to attempt to avoid duplicative fines.  For example, in May 2018, Deputy Attorney General Rod Rosenstein announced a new DOJ Policy on Coordination of Corporate Resolution Penalties, which was then incorporated into the Justice Manual.[81]  This policy—commonly referred to as the "Anti-Piling On Policy"—seeks to avoid the unnecessary "piling on" of duplicative criminal and civil penalties and to encourage cooperation among enforcement agencies both within DOJ as well as between DOJ and other domestic and foreign enforcers.  The new Anti-Piling On Policy encourages DOJ to coordinate with other enforcers when considering appropriate penalties, listing specific factors that may lead to the imposition of multiple penalties, including:  (1) "the egregiousness of a company's misconduct;" (2) "statutory mandates regarding penalties, fines, and/or forfeitures;" (3) "the risk of unwarranted delay in achieving a final resolution;" and (4) "the timeliness of a company's disclosures and its cooperation" with DOJ.[82] In Rosenstein's May 9, 2018 speech announcing the policy, he explicitly referred to coordination with the SEC, the CFTC, the FRB, the FDIC, the OCC, and OFAC, and stressed that "[b]y working with other agencies . . . our Department is better able to detect sophisticated financial fraud schemes and deploy adequate penalties and remedies to ensure market integrity."[83]  In practice, the Anti-Piling On Policy does not reflect a major shift in DOJ's approach, as DOJ had already been coordinating with other U.S. enforcers on many matters.  However, this new official policy does formalize and reduce to writing DOJ's commitment to coordination. We have seen DOJ's new Anti-Piling On Policy play out in a number of resolutions over the past year.  For example, in recent resolutions involving U.S. Bank and Rabobank NA (both referenced above), the various U.S. enforcers acknowledged and credited fines imposed by others.  While the Rabobank NA and U.S. Bank resolutions occurred before the official announcement of the Anti-Piling On Policy, they reflect the same coordination principles and appeared consistent with Rosenstein's November 2017 remarks indicating that DOJ had intended to apply those principles going forward.  More recently, in the June 2018 SocGen FCPA and LIBOR DPA discussed above, DOJ credited the penalty paid to a foreign regulator—the Parquet National Financier—reducing its imposed fine by 50 percent on that basis.[84] Other U.S. enforcers have not yet officially announced parallel policies but many have demonstrated the same crediting of fines imposed by other agencies.  For example, the SEC in recent speeches has addressed its desire to work with other enforcers and to take into consideration other enforcement actions.  On May 11, 2018, just two days after the announcement of DOJ's Anti-Piling On Policy, SEC Commissioner Hester Peirce remarked at a conference that "[a]nother way to conserve resources for matters most in need of our enforcement attention is to work with other regulators and the criminal authorities" and that "[i]n deciding whether to pursue a matter, the Enforcement Division . . . can take into consideration whether other regulatory or criminal authorities are looking at the same conduct."[85]  This plays out in the amount of penalties imposed in addition to the decision to bring an action in the first place.  For example, in a July 2018 FCPA resolution with CSHK (discussed above), the SEC imposed disgorgement and accrued interest amounts totaling approximately $30 million, but did not require a separate fine, crediting the $47 million criminal penalty paid to DOJ.[86] Along the same lines, in June 2018, the FFIEC rescinded a previous policy statement from 1997 and replaced it with a new inter-agency policy reflecting coordination in enforcement actions against financial institutions by the OCC, the FRB, and the FDIC.[87]  This new policy reflects the same goal of coordinating actions and resolutions in order to avoid the piling on of duplicative monetary fines. Despite the efforts of agencies to coordinate and credit penalties imposed by others, the SocGen sanctions-related enforcement action discussed above does not appear to have involved credits by the settling agencies for fines paid to others.  In reaching the global resolution of $1.4 billion, DOJ did not credit payments to other U.S. enforcers and in fact referred to "separate agreements" under which SocGen "shall pay additional penalties."[88]  Similarly, the OFAC Enforcement Information referred to the global settlement involving resolutions with DOJ, the FRB, the New York County District Attorney's Office, the U.S. Attorney's Office for the Southern District of New York, and the New York Department of Financial Services, but did not credit any of the other fines in assessing its penalty of nearly $54 million.[89]  OFAC has not publicly stated whether it is moving away from the crediting of payment to other enforcers or whether the SocGen resolution is an outlier.[90]  In any event, it is still too soon to know whether the trends toward cooperation and the avoiding of duplicative penalties will reduce the total penalty paid by an organization facing a multi-agency enforcement action. 5.      Conclusion Although most financial penalties in civil and criminal matters may contain the same potential components (i.e., fines, restitution, and/or disgorgement) as seen in the majority of DOJ corporate resolutions over a 10-year period, there can be significant variance in how these components are calculated. Additionally, although the determination of any base fine or penalty is driven by specific principles and elements for the sentencing of organizations in the Guidelines, these principles and elements will be informed by the facts that are the subject of any government investigation.  Often conduct can be viewed as implicating different statutes and violations.  For example, most alleged violations can be viewed according to the underlying problem (e.g., sanctions) as well as AML.  When negotiating with U.S. enforcers, financial institutions, and their counsel should consider how best to shape the narrative around the scope of the alleged misconduct and how those enforcers view different statutory violations.  By advocating effectively in this regard, a financial institution can position itself to reduce its potential financial penalty or even take advantage of a program designed to encourage cooperation (e.g., FCPA Policy). Financial institutions should also consider that fine calculations can be adjusted up or down based on culpability scores, prior history enhancements, and the role of management in the alleged misconduct.  Financial institutions should accordingly be prepared to make principled arguments rooted in the facts of the instant case and be familiar with the outcomes of other analogous cases in order to appeal to relevant organizational precedent.  Nonetheless, although the Guidelines' principles are helpful in determining an organization's exposure to a potential criminal penalty, financial institutions should be mindful of the significant discretion prosecutors wield in determining whether to apply a given enhancement or reduction and in situating the penalty amount within the applicable fine range. Finally, financial institutions should also keep in mind these criminal sentencing principles when negotiating civil or administrative resolutions.  For example, by negotiating for language explicitly disclaiming that a cease-and-desist order or consent decree should be regarded as a "civil or administrative adjudication," a financial institution may limit its exposure to the prior history aggravating factor in potential future criminal actions. We believe that it is essential for our financial institution clients to understand their potential financial exposure when assessing matters involving DOJ or other U.S. enforcers.  We hope this publication serves as a helpful primer on this issue, and look forward to addressing other topics that raise unique issues for financial institutions in this rapidly-evolving area in future editions. [1]      Throughout this alert, we generally use the term "U.S. enforcers" to refer to U.S. regulatory agencies and departments, which bring criminal or civil enforcement against persons for violations of federal law. [2]      We use the terms "corporate entity" and "organization" to refer to non-individual persons subject to investigation by enforcers, regardless of the specific legal structure of a given organization.  Throughout this client alert, we use the two terms interchangeably.  For example, in several places, we refer to a penalty imposed against a financial institution or other organization simply as a "corporate penalty" for ease of reference. [3]      This alert also discusses other U.S. enforcers and regulatory agencies, including the U.S. Department of Treasury's Office of Foreign Assets Control ("OFAC"), the U.S. Department of Treasury's Financial Crimes Enforcement Network ("FinCEN"), the Office of the Comptroller of the Currency ("OCC"), the U.S. Securities and Exchange Commission ("SEC"), the U.S. Commodity Futures Trading Commission ("CFTC"), and the Board of Governors of the Federal Reserve System ("FRB"). [4]      For the purposes of this client alert, forfeiture is considered as a form of disgorgement.  As noted below, forfeiture is a unique driver of financial institution liability, and the complexities it presents will be the focus of a future Developments in the Defense of Financial Institutions client alert. [5]      18 U.S.C. § 1344. [6]      18 U.S.C. §§ 1341, 1343. [7]      See, e.g., 18 U.S.C. § 3571(d), which provides that a defendant may be fined up to twice the gross gain or gross loss attributable to an offense. [8]      This citation to the Guidelines in this client alert is drawn from the 2018 edition of the U.S. Sentencing Guidelines Manual, a publication of the United States Sentencing Commission, available at https://www.ussc.gov/sites/default/files/pdf/guidelines-manual/2018/GLMFull.pdf. [9]      U.S. Dep't of Justice, Justice Manual §  9-47.120 (2017), available at https://www.justice.gov/jm/jm-9-47000-foreign-corrupt-practices-act-1977#9-47.120.  We discussed the FCPA Policy in greater detail in our 2017 Year-End FCPA Update. [10]    Id.; see also Rod J. Rosenstein, Deputy Att'y Gen., Deputy Attorney General Rosenstein Delivers Remarks at the 34th International Conference on the Foreign Corrupt Practices Act (Nov. 29, 2017), https://www.justice.gov/opa/speech/deputy-attorney-general-rosenstein-delivers-remarks-34th-international-conference-foreign/. [11]    U.S. Dep't of Justice, Justice Manual §  9-47.120. [12]    See, e.g., United States v. Boccagna, 450 F.3d 107, 115 (2d Cir. 2006) ("[T]he purpose of restitution is essentially compensatory:  to restore a victim, to the extent money can do so, to the position he occupied before sustaining injury."). [13]   See, e.g., FTC v. WV Universal Mgmt., LLC, 877 F.3d 1234, 1239 (11th Cir. 2017) (quoting FTC v. General Merch. Corp., 87 F.3d 466, 468 (11th Cir. 1996)) (noting that even though the Federal Trade Commission Act did not expressly provide for monetary equitable relief, Congress's "unqualified grant of statutory authority to issue an injunction . . . carries with it the full range of equitable remedies"). [14]    See, e.g.,  SEC v. Contorinis, 743 F.3d 296, 301 (2d Cir. 2014); see also SEC v. Tome, 833 F.2d 1086, 1096 (2d Cir. 1987) ("The paramount purpose of enforcing the prohibition against insider trading by ordering disgorgement is to make sure that wrongdoers will not profit from their wrongdoing."). [15]    See U.S. Sentencing Guidelines Manual [hereinafter, the "Guidelines"] §§  5E1.1, 8B1.1, 8C2.9. [16]    Guidelines § 8B1.1(c). [17]    DOJ's resolutions with NCH Corporation, HMT LLC, CDM Smith Inc., and Linde North America Inc. are examples of this approach.  See Letter to Paul E. Coggins & Kiprian Mendrygal, Locke Lord LLP, Counsel for NCH Corporation (Sept. 29, 2016), available at https://www.justice.gov/criminal-fraud/file/899121/download; Letter to Steven A. Tyrell, Weil, Gotshal & Manges LLP, Counsel for HMT LLC (Sept. 29, 2016), available at https://www.justice.gov/criminal-fraud/file/899116/download; Letter to Nathaniel B. Edmonds, Paul Hastings LLP, Counsel for CDM Smith Inc. (June 21, 2017), available at https://www.justice.gov/criminal-fraud/page/file/976976/download; Letter  to Lucina Low & Thomas Best, Steptoe & Johnson LLP, Counsel for Linde North America Inc. (June 16, 2017), available at https://www.justice.gov/criminal-fraud/file/974516/download. [18]   See Jody Godoy, DOJ Expands Leniency Beyond FCPA, Lets Barclays Off, Law360 (Mar. 1, 2018), https://www.law360.com/articles/1017798/doj-expands-leniency-beyond-fcpa-lets-barclays-off. [19]     Common chapters of the Guidelines potentially applicable to financial institutions include 2B (fraud and embezzlement), 2C (bribery and gratuities), 2S (money laundering), and 2T (tax violations). [20]    Guidelines § 8C2.4(a).  "Pecuniary gain" and "pecuniary loss" are defined with reference to the definitions at § 8A1.2 cmt. n.3(H), and (I), respectively.  "Pecuniary gain" refers to "the additional before-tax profit to the defendant resulting from the relevant conduct of the offense," and "pecuniary loss" refers to the greater of the reasonably foreseeable actual loss or intended loss from the offense conduct, as defined at § 2B1.1 cmt. n.3(A). [21]    Id. § 8C2.5(a). [22]     Aggravating factors, which increase the culpability score, include the size of the organization, involvement of high-level management, history of prior enforcement resolutions for similar misconduct, violations of an existing judicial or administrative order and conduct alleged to be indicative of obstruction of justice.  Id. § 8C2.5(b)-(e). Mitigating factors, which decrease the culpability score, include the existence of an effective compliance and ethics program at the time of the alleged misconduct, prompt, voluntary self-disclosure of the conduct, full cooperation in the government's investigation, and clearly demonstrated acceptance of responsibility for the conduct at issue.  Id. § 8C2.5(f)-(g). [23]    Id. § 8C2.6. [24]   Id. § 8C2.5(c)(2). [25]   Id. § 8C2.5(c)(1). [26]   See id. Ch. 4, pt. A, Introductory Commentary ("A defendant with a record of prior criminal behavior is more culpable than a first offender and thus deserving of greater punishment. General deterrence of criminal conduct dictates that a clear message be sent to society that repeated criminal behavior will aggravate the need for punishment with each recurrence."). [27]   Id. § 8A1.2 cmt. n.3(G) (defining "prior criminal adjudication" as "conviction by trial, plea of guilty . . . or plea of nolo contendere"). [28]   See, e.g., Black's Law Dictionary (10th ed. 2014) (defining "adjudication" as "[t]he legal process of resolving a dispute" or "the process of judicially deciding a case," and "administrative adjudication" as "[t]he process used by an administrative agency to issue regulations through an adversary proceeding").  In the context of administrative adjudications, the Administrative Procedures Act sets forth a series of basic requirements for so-called "formal" agency adjudications, including the presentation of evidence before a presiding official, the opportunity to present rebuttal evidence or cross-examine witnesses, and a written decision on the record.  See 5 U.S.C. § 554 et seq. [29]   Guidelines § 8C2.5(c) indicates that the prior adjudication(s) must occur within five to ten years before the organization committed any part of the "instant offense."  Chapter 8 of the Guidelines defines "instant," when applied to modify the term "offense," as used "to distinguish the violation for which the defendant is being sentenced from a prior or subsequent offense."  Guidelines § 8A1.2 cmt. n.3(A). [30]   § 8C2.5(c). [31]   § 8A1.2 cmt. n.3(F). [32]   See, e.g., United States v. Hernandez, 160 F.3d 661, 669–70 (11th Cir. 1998) (failure to pay employees minimum wage is similar to committing bankruptcy fraud); United States v. Starr, 971 F.2d 357, 361–62 (9th Cir. 1992) (possession of stolen property and embezzlement are similar to bank robbery); United States v. Cota-Guerrero, 907 F.2d 87, 89 (9th Cir. 1990) (illegal possession of firearm is similar to assault with a deadly weapon). [33]   Guidelines § 8C2.5(c) (emphasis added). [34]   Id. cmt. n.5 (defining "separately managed line of business" as "a subpart of a for-profit organization that has its own management, has a high degree of autonomy from higher managerial authority, and maintains its own separate books of account"). [35]   Id. [36]   This figure was calculated using the statistics contained in Table 54 of the U.S. Sentencing Commission's Annual Sourcebooks of Federal Sentencing Statistics for the years 2006 to 2017, which are available at https://www.ussc.gov/research/sourcebook/archive/. [37]   For this analysis, we reviewed all corporate criminal resolutions based on alleged violations relating to the FCPA, AML statutes, LIBOR, and foreign exchange issues, sanctions, and tax fraud, as identified by running searches using the Corporate Prosecution Registry available at http://lib.law.virginia.edu/Garrett/corporate-prosecution-registry/browse/browse.html. [38]   See Plea Agreement, United States v. Rabobank, Nat'l Ass'n, No. 18-cr-00614 (S.D. Cal. Feb. 7, 2018), available at https://www.justice.gov/opa/press-release/file/1032101/download; Deferred Prosecution Agreement, United States v. Zimmer Biomet Holdings, No. 12-cr-00080 (D.D.C. Jan. 12, 2017), available at https://www.justice.gov/opa/press-release/file/925171/download; Plea Agreement, United States v. ABB Inc., No. 4:10-cr-00664 (S.D. Tex. Sept. 29, 2010), available at https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2015/03/05/09-29-10abbinc-plea.pdf; Deferred Prosecution Agreement, United States v. ABB Ltd., No. 4:10-cr-00665 (S.D. Tex. Sept. 29, 2010), available at https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2011/02/16/09-29-10abbjordan-dpa.pdf. [39]   Guidelines § 8C2.5(b). "High-level personnel" are defined as those who have substantial control or policy-making responsibility within the organization or unit (such as directors, executives officers, or the heads of significant units or divisions).  Guidelines § 8A1.2 cmt. n.3(B).  "Substantial authority personnel" are those who "exercise a substantial measure of discretion," which encompasses "high-level personnel," individuals who exercise substantial supervisory authority, or non-managerial personnel with a significant degree of discretionary authority, such as those who can negotiate prices or approve significant contracts.  Id. § 8A1.2 cmt. n.3(C).  "Pervasiveness" is described as a sliding scale based on "the number, and degree of responsibility of individuals within substantial authority personnel who participated in, condoned, or were willfully ignorant of the offense."  Id. § 8C2.5 cmt. n.4. [40]   Id. § 8C2.5, Background note. [41]   See, e.g., Plea Agreement at 8, United States v. Tyco Valves & Controls Middle East, Inc., No. 1:12-cr-00418 (E.D. Va. Sept. 24, 2012), available at https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2012/09/27/2012-09-24-plea-agreement.pdf (one-point enhancement applied for the regional subsidiary of organization, which had only a fraction of the entire organization's approximate 70,000 employees according to 2012 annual report, available at http://www.tyco.com/uploads/files/tyco_annual-report_2012.pdf); Deferred Prosecution Agreement at 8, United States v. Shell Nigeria Exploration and Prod. Co., No. 4:10-cr-00767 (S.D. Tex. Nov. 4, 2010), ), available at https://www.justice.gov/sites/default/files/criminal-fraud/legacy/2011/02/16/11-04-10snepco-dpa.pdf (three-point enhancement applied for the Nigerian subsidiary of organization, which had only a fraction of the entire organization's approximate 90,000 employees according to 2011 annual report, available at https://reports.shell.com/annual-report/2011/servicepages/filelibrary/files/collection.php). [42]   Guidelines § 8C2.5(b) (emphasis added). [43]   Guidelines § 8A1.2 cmt. n.3(J). [44]   Global-Tech Appliances, Inc. v. SEB S.A., 563 U.S. 754, 766 & 767 n.7 (2011) (approving "willful ignorance" jury instruction). [45]   543 U.S. 220, 245 (2005) (Breyer, J.) (modifying the federal sentencing statutes so as to render the Guidelines "effectively advisory," by requiring a sentencing court to consider sentencing ranges, while permitting it to tailor a given sentence in light of other statutory considerations). [46]   Guidelines § 8C2.5(f)(1). [47]   An organization is not eligible for this mitigating factor if it was subject to an enhancement under § 8C2.5(b) based on the involvement, condonation, or willful ignorance of high-level personnel within a unit of 200 or more employees, id. § 8C2.5(f)(3)(A), and is presumptively ineligible if the relevant unit(s) had less than 200 employees or if only substantial authority personnel were implicated, id. § 8C2.5(f)(3)(B).  However, a limited exception is available if non-culpable compliance and ethics personnel identified the problem before it was discovered by outside parties and promptly reported it to the appropriate governmental authorities.  See id. § 8C2.5(f)(3)(C)(iii). [48]   Id. § 8B2.1(a), (b).  These factors are:  (1) established standards and procedures to prevent and detect criminal conduct; (2) the organization's governing authority must be knowledgeable about the content and function of the program and exercise reasonable oversight, and specific high-level individuals must be assigned responsibility for oversight; (3) reasonable efforts not to give substantial authority to personnel the organization knew or should have known has engaged in illegal or non-compliant activities; (4) reasonable steps to periodically communicate compliance and ethics standards to all staff through training and other forms of dissemination; (5) reasonable monitoring and auditing programs to ensure the compliance and ethics program is followed; (6) consistent promotion and enforcement at all levels of the organization through appropriate incentives and disciplinary measures; and (7) reasonable steps to respond to identified criminal conduct and prevent further such conduct, including by modifying the compliance and ethics program as necessary. [49]   Id. § 8B2.1(a) cmt. n.2. [50]   See note 36 supra. [51]   These factors are: (1) policy considerations, such as the severity of the offense, need to promote respect for the rule of law, deterrence, and the protection of the public from future crimes; (2) the organization's role in the offense; (3) the potential collateral consequences of a conviction; (4) non-pecuniary losses caused or threatened by the offense; (5) whether the offense involved a vulnerable victim; (6) the prior criminal records of individuals within the high-level personnel of the organization or applicable unit who were involved in the criminal conduct; (7) prior civil or criminal conduct not covered by the prior history enhancement under § 8C2.5(c); (8) if the culpability score is higher than 10 or lower than 0 (meaning the minimum or maximum multiplier is applicable); (9) partial but incomplete satisfaction of the aggravating or mitigating factors under § 8C2.5 which feed into the culpability score; (10) the factors listed at 18 U.S.C. § 3572(a) (which include the defendant's income and capacity to pay, the burden of the fine on the defendant, the degree of pecuniary loss inflicted on others, the need for restitution or the deprivation of ill-gotten gains, the extent to which the cost of the fine can or will be passed onto consumers or other persons, or the steps taken to discipline culpable employees); and (11) if the organization lacked an effective compliance program at the time of the offense conduct.  Guidelines § 8C2.8(a). [52]   Id. § 8C2.8(b). [53]   As discussed in section 2 below, our review of 119 corporate resolutions involving bribery, AML, sanctions, criminal tax, and currency violations in the past 10 years has determined that of the 82 DPAs and guilty pleas explicitly referencing the placement of the penalty relative to the applicable fine range, 16 (19.5 percent) were placed near or at the bottom of the fine range, and 60 (73.2 percent) received a discount below the low end of the fine range.  Thus, based on our analysis, for nearly 93 percent of all resolutions involving these types of violations, the fine was placed near, or even below, the bottom of the fine range. [54]   Deferred Prosecution Agreement ¶ 9, Ex. C at 7–8, Zürcher Kantonalbank (S.D.N.Y. Aug. 7, 2018), available at https://www.justice.gov/usao-sdny/press-release/file/1086876/download. [55]   Id. at ¶ 9. [56]   This number does not include resolutions where DOJ did not assess a penalty but instead deemed the financial institution's payment to other regulators sufficient to satisfy any monetary penalty.  This was the structure, for instance of the resolutions in 2011 between DOJ and a number of financial institutions regarding alleged antitrust violations in the municipal reinvestment industry. [57]   It is important to note that other U.S. regulators may order disgorgement or restitution as part of a global settlement even if DOJ does not. [58]   DOJ also entered into NPAs with Red Cedar Services, Inc. and Santee Financial Services for $2,000,000 and $1,000,000, respectively.  See Non-Prosecution Agreement with Red Cedar Services at 2, April 25, 2018, available at https://www.gibsondunn.com/wp-content/uploads/2018/07/Red-Cedar-Services-NPA-2018.pdf; Non-Prosecution Agreement with Santee Financial Services at 2, April 13, 2018, available at  https://www.gibsondunn.com/wp-content/uploads/2018/07/Santee-Financial-Services-NPA-2018.pdf. [59]    Press Release, U.S. Dep't of Justice, BNP Paribas Agrees to Plead Guilty and to Pay $8.9 Billion for Illegally Processing Financial Transactions for Countries Subject to U.S. Economic Sanctions (June 30, 2014), https://www.justice.gov/opa/pr/bnp-paribas-agrees-plead-guilty-and-pay-89-billion-illegally-processing-financial. [60]    Id. [61]    Plea Agreement at 1, United States v. BNP Paribas S.A., No. 14-cr-00460 (S.D.N.Y. June 27, 2014), BNP Paribas Plea Agreement at 1, June 27, 2014, available at  https://www.justice.gov/sites/default/files/opa/legacy/2014/06/30/plea-agreement.pdf ("BNP Paribas Plea Agreement"). [62]    Id. at 4. [63]     BNP Paribas Agrees to Plead Guilty and to Pay $8.9 Billion for Illegally Processing Financial Transactions for Countries Subject to U.S. Economic Sanctions, U.S. Dep't of Justice (June 30, 2014), available at https://www.justice.gov/opa/pr/bnp-paribas-agrees-plead-guilty-and-pay-89-billion-illegally-processing-financial. [64]     Id. [65]     Id. [66]     Press Release, U.S. Dep't of Justice, BNP Paribas Sentenced for Conspiring to Violate the International Emergency Economic Powers Act and the Trading with the Enemy Act (May 1, 2015), https://www.justice.gov/opa/pr/bnp-paribas-sentenced-conspiring-violate-international-emergency-economic-powers-act-and. [67]    Swiss Bank Program, U.S. Dep't of Justice, available at https://www.justice.gov/tax/swiss-bank-program  (last visited Jan. 8, 2019). [68]   U.S. Dep't of Justice, Program for Non-Prosecution Agreements or Non-Target Letters for Swiss Banks, available at https://www.justice.gov/iso/opa/resources/7532013829164644664074.pdf. [69] Id. The Program also included two additional categories.  Categories Three and Four, however, are not relevant for the purposes of this discussion. [70]   Swiss Bank Program, U.S. Dep't of Justice, available at https://www.justice.gov/tax/swiss-bank-program (last visited Jan. 8, 2019). [71]    Consent Order for a Civil Monetary Penalty, OCC, In re Wells Fargo Bank, N.A. (Apr. 20, 2018), available at https://www.occ.gov/static/enforcement-actions/ea2018-026.pdf. [72]   Consent Order, OCC, In re Capital One, N.A. and Capital One Bank (U.S.A.), N.A. (Oct. 23, 2018), available at https://www.occ.gov/static/enforcement-actions/ea2018-080.pdf. [73]   Id. [74]     Press Release, FRB, Federal Reserve Board Fines Goldman Sachs Group, Inc., $54.75 Million for Unsafe and Unsound Practices in Firm's Foreign Exchange (FX) Trading Business, (May 8, 2018), https://www.federalreserve.gov/newsevents/pressreleases/enforcement20180501b.htm. [75]   U.S. Dep't of Justice, Justice Manual §§ 9-28.200, 9-28.300, available at https://www.justice.gov/jm/jm-9-28000-principles-federal-prosecution-business-organizations#9-28.200. [76]   Id. §§ 9-28.700, 9-28.900, available at https://www.justice.gov/jm/jm-9-28000-principles-federal-prosecution-business-organizations#9-28.700. [77]   OCC, Policies and Procedures Manual 5000-7 (Nov. 13, 2018), https://www.occ.gov/publications/publications-by-type/other-publications-reports/ppms/ppm-5000-7.pdf. [78]   Id. at 4. [79]   Id. at 5.   [80]   FDIC, DSC Risk Management Manual of Examination Policies § 14.1, Civil Money Penalties, available at https://www.fdic.gov/regulations/safety/manual/section14-1.pdf. [81]   Justice Manual § 1-12.100, available at https://www.justice.gov/jm/jm-1-12000-coordination-parallel-criminal-civil-regulatory-and-administrative-proceedings#1-12.100.  Although this policy was officially implemented in May 2018, Rosenstein had also already announced DOJ's efforts to improve coordination in a November 2017 speech.  Rod Rosenstein, Deputy Att'y Gen., Deputy Attorney General Rosenstein Delivers Remarks at the Clearing House's 2017 Annual Conference (Nov. 8, 2017), https://www.justice.gov/opa/speech/deputy-attorney-general-rosenstein-delivers-remarks-clearing-house-s-2017-annual (announcing DOJ's efforts to "consider[] proposals to improve coordination" and "help avoid duplicative and unwarranted payments"). [82]   Justice Manual § 1-12.100, available at https://www.justice.gov/jm/jm-1-12000-coordination-parallel-criminal-civil-regulatory-and-administrative-proceedings#1-12.100. [83]   Rod Rosenstein, Deputy Att'y Gen., Deputy Attorney General Rod Rosenstein Delivers Remarks to the New York City Bar White Collar Crime Institute (May 9, 2018), https://www.justice.gov/opa/speech/deputy-attorney-general-rod-rosenstein-delivers-remarks-new-york-city-bar-white-collar. [84]   Press Release, U.S. Dep't of Justice, Société Générale S.A. Agrees to Pay $860 Million in Criminal Penalties for Bribing Gaddafi-Era Libyan Officials and Manipulating LIBOR Rate (June 4, 2018), https://www.justice.gov/opa/pr/soci-t-g-n-rale-sa-agrees-pay-860-million-criminal-penalties-bribing-gaddafi-era-libyan. [85]   Commissioner Hester M. Peirce, The Why Behind the No: Remarks at the 50th Annual Rocky Mountain Securities Conference (May 11, 2018), https://www.sec.gov/news/speech/peirce-why-behind-no-051118. [86]   Press Release, SEC, SEC Charges Credit Suisse With FCPA Violations (Jul. 5, 2018), https://www.sec.gov/news/press-release/2018-128. [87]   Interagency Coordination of Formal Corrective Action by the Federal Bank Regulatory Agencies, 83 Fed. Reg. 113, 27329 (June 12, 2018), https://www.govinfo.gov/content/pkg/FR-2018-06-12/pdf/2018-12557.pdf. [88]   Press Release, U.S. Dep't of Justice, Manhattan U.S. Attorney Announces Criminal Charges Against Société Générale S.A. For Violations Of The Trading With The Enemy Act (Nov. 19, 2018), https://www.justice.gov/usao-sdny/pr/manhattan-us-attorney-announces-criminal-charges-against-soci-t-g-n-rale-sa-violations. [89]   OFAC Enforcement Information, Société Générale S.A. Settles Potential Civil Liability for Apparent Violations of Multiple Sanctions Programs (Nov. 19, 2018), https://www.treasury.gov/resource-center/sanctions/CivPen/Documents/20181119_socgen_web.pdf. [90]   In previous OFAC resolutions involving other enforcers, OFAC resolution documents had explicitly noted that penalties (or portions of penalties) were deemed "satisfied" by payments or conditions in agreements with other agencies.  See, e.g.,  OFAC Enforcement Information, National Oilwell Varco, Inc. Settles Potential Civil Liability for Apparent Violations of the Cuban Assets Control Regulations, the Iranian Transactions and Sanctions Regulations, and the Sudanese Sanctions Regulations (Nov. 14, 2016), https://www.treasury.gov/resource-center/sanctions/CivPen/Documents/20161114_varco.pdf.OFAC Enforcement Information, Alcon Laboratories, Inc., Alcon Pharmaceuticals Ltd., and Alcon Management, SA, Settle Potential Civil Liability for Apparent Violations of the Iranian Transactions and Sanctions Regulations and the Sudanese Sanctions Regulations (Jul. 5, 2016),  https://www.treasury.gov/resource-center/sanctions/CivPen/Documents/20160705_alcon.pdf. The following Gibson Dunn attorneys assisted in preparing this client update:  M. Kendall Day, Stephanie L. Brooker, F. Joseph Warin, Carl Kennedy, Chris Jones, Jaclyn Neely, Chantalle Carles Schropp, and Alexander Moss. Gibson Dunn has deep experience with issues relating to the defense of financial institutions, and we have recently increased our financial institutions defense and AML capabilities with the addition to our partnership of M. Kendall Day. Kendall joined Gibson Dunn in May 2018, having spent 15 years as a white collar prosecutor, most recently as an Acting Deputy Assistant Attorney General, the highest level of career official in DOJ's Criminal Division. For his last three years at DOJ, Kendall exercised nationwide supervisory authority over every BSA and money-laundering charge, DPA and NPA involving every type of financial institution. Kendall joined Stephanie Brooker, a former Director of the Enforcement Division at FinCEN and a former federal prosecutor and Chief of the Asset Forfeiture and Money Laundering Section for the U.S. Attorney's Office for the District of Columbia, who serves as Co-Chair of the Financial Institutions Practice Group and a member of White Collar Defense and Investigations Practice Group. Kendall and Stephanie practice with a Gibson Dunn network of more than 50 former federal prosecutors in domestic and international offices around the globe. For assistance navigating white collar or regulatory enforcement issues involving financial institutions, please contact any Gibson Dunn attorney with whom you work, or any of the following leaders and members of the firm's White Collar Defense and Investigations and Financial Institutions practice groups: Washington, D.C. F. Joseph Warin (+1 202-887-3609, fwarin@gibsondunn.com) Richard W. Grime (+1 202-955-8219, rgrime@gibsondunn.com) Patrick F. Stokes (+1 202-955-8504, pstokes@gibsondunn.com) Judith A. Lee (+1 202-887-3591, jalee@gibsondunn.com) Stephanie Brooker (+1 202-887-3502, sbrooker@gibsondunn.com) John W.F. Chesley (+1 202-887-3788, jchesley@gibsondunn.com) Daniel P. Chung (+1 202-887-3729, dchung@gibsondunn.com) M. Kendall Day (+1 202-955-8220, kday@gibsondunn.com) David Debold (+1 202-955-8551, ddebold@gibsondunn.com) Stuart F. Delery (+1 202-887-3650, sdelery@gibsondunn.com) Michael S. Diamant (+1 202-887-3604, mdiamant@gibsondunn.com) Adam M. Smith (+1 202-887-3547, asmith@gibsondunn.com) Linda Noonan (+1 202-887-3595, lnoonan@gibsondunn.com) Oleh Vretsona (+1 202-887-3779, ovretsona@gibsondunn.com) Christopher W.H. Sullivan (+1 202-887-3625, csullivan@gibsondunn.com) Courtney M. Brown (+1 202-955-8685, cmbrown@gibsondunn.com) Jason H. Smith (+1 202-887-3576, jsmith@gibsondunn.com) Ella Alves Capone (+1 202-887-3511, ecapone@gibsondunn.com) Pedro G. Soto (+1 202-955-8661, psoto@gibsondunn.com) New York Reed Brodsky (+1 212-351-5334, rbrodsky@gibsondunn.com) Joel M. Cohen (+1 212-351-2664, jcohen@gibsondunn.com) Lee G. Dunst (+1 212-351-3824, ldunst@gibsondunn.com) Mark A. Kirsch (+1 212-351-2662, mkirsch@gibsondunn.com) Arthur S. Long (+1 212-351-2426, along@gibsondunn.com) Alexander H. Southwell (+1 212-351-3981, asouthwell@gibsondunn.com) Lawrence J. Zweifach (+1 212-351-2625, lzweifach@gibsondunn.com) Daniel P. Harris (+1 212-351-2632, dpharris@gibsondunn.com) Denver Robert C. Blume (+1 303-298-5758, rblume@gibsondunn.com) John D.W. Partridge (+1 303-298-5931, jpartridge@gibsondunn.com) Ryan T. Bergsieker (+1 303-298-5774, rbergsieker@gibsondunn.com) Laura M. Sturges (+1 303-298-5929, lsturges@gibsondunn.com) Los Angeles Debra Wong Yang (+1 213-229-7472, dwongyang@gibsondunn.com) Marcellus McRae (+1 213-229-7675, mmcrae@gibsondunn.com) Michael M. Farhang (+1 213-229-7005, mfarhang@gibsondunn.com) Douglas Fuchs (+1 213-229-7605, dfuchs@gibsondunn.com) San Francisco Winston Y. Chan (+1 415-393-8362, wchan@gibsondunn.com) Thad A. Davis (+1 415-393-8251, tadavis@gibsondunn.com) Marc J. Fagel (+1 415-393-8332, mfagel@gibsondunn.com) Charles J. Stevens - Co-Chair (+1 415-393-8391, cstevens@gibsondunn.com) Michael Li-Ming Wong (+1 415-393-8333, mwong@gibsondunn.com) Palo Alto Benjamin Wagner (+1 650-849-5395, bwagner@gibsondunn.com) London Patrick Doris (+44 20 7071 4276, pdoris@gibsondunn.com) Charlie Falconer (+44 20 7071 4270, cfalconer@gibsondunn.com) Sacha Harber-Kelly (+44 20 7071 4205, sharber-kelly@gibsondunn.com) Philip Rocher (+44 20 7071 4202, procher@gibsondunn.com) Steve Melrose (+44 (0)20 7071 4219, smelrose@gibsondunn.com) Paris Benoît Fleury (+33 1 56 43 13 00, bfleury@gibsondunn.com) Bernard Grinspan (+33 1 56 43 13 00, bgrinspan@gibsondunn.com) Jean-Philippe Robé (+33 1 56 43 13 00, jrobe@gibsondunn.com) Audrey Obadia-Zerbib (+33 1 56 43 13 00, aobadia-zerbib@gibsondunn.com) Munich Benno Schwarz (+49 89 189 33-110, bschwarz@gibsondunn.com) Michael Walther (+49 89 189 33-180, mwalther@gibsondunn.com) Mark Zimmer (+49 89 189 33-130, mzimmer@gibsondunn.com) Hong Kong Kelly Austin (+852 2214 3788, kaustin@gibsondunn.com) Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com) São Paulo Lisa A. Alfaro (+55 (11) 3521-7160, lalfaro@gibsondunn.com) Fernando Almeida (+55 (11) 3521-7095, falmeida@gibsondunn.com)   © 2019 Gibson, Dunn & Crutcher LLP, 333 South Grand Avenue, Los Angeles, CA 90071 Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Read More

January 15, 2019

2018 Year-End Securities Enforcement Update

Click for PDF I.   Introduction: Themes and Developments A.   2018 In Review The Securities and Exchange Commission, like most federal agencies, ended 2018 with a whimper, not a bang. Most staffers were furloughed as part of the federal government shutdown, a note on the SEC homepage cautioning that until further notice only a limited number of personnel would be on hand to respond to emergency situations. The shutdown curtailed the Division of Enforcement's ability to close out the year with a raft of last-minute filings, not to mention causing most SEC investigations to grind to a halt.  That said, between the December 27 shutdown and the date of this publication, the SEC did manage to institute two enforcement actions – a settlement with a car rental company for accounting errors occurring between 2012 and 2014[1]; and a settlement with a small accounting firm for failing to comply with the Custody Rule in connection with audits of an investment adviser conducted between 2012 and 2015.[2]  Given the age of the conduct, it is unclear the nature of the "emergency" requiring unpaid SEC staffers to come to work in the midst of the shutdown to release these two particular cases, though perhaps an impending statute of limitations was to blame. While the shutdown may have cut the Enforcement Division's year short, it was more than compensated for by the flurry of actions filed as the agency's September 30 fiscal year-end loomed.  Indeed, the SEC issued nearly a dozen press releases announcing enforcement actions on the last three days of the fiscal year, including several significant cases involving prominent public companies and financial institutions. The (fiscal) year-end rush appeared intended to blunt some of the criticism of the Enforcement Division's productivity in the new administration.  After filing 446 new stand-alone enforcement actions in fiscal 2017, an over 18% drop from the 548 actions filed in 2016, the docket recovered somewhat in 2018, with the SEC filing 490 new actions.[3]  (The SEC's tally of "stand-alone" enforcement actions excludes "follow-on" proceedings sanctioning individuals separately charged for violating the securities laws, and routine administrative proceedings to deregister the stock of companies with delinquent SEC filings.)  While still falling short of the final years under the prior SEC and Enforcement Division leadership, the current Division Directors were quick to note in their Annual Report that the 2015 and 2016 results were somewhat skewed by the SEC's Municipalities Continuing Disclosure (MCDC) Initiative, under which municipal securities issuers and underwriters who self-reported disclosure violations to the Division received leniency.  The initiative produced nearly 150 enforcement actions; stripped of those matters, the 2018 results actually exceeded those of recent years. The Division Directors further explained that these results were achieved notwithstanding a hiring freeze in place at the SEC since the onset of the Trump administration, and the Division's Annual Report included a plea for additional resources.  As stated in the Report, "While this achievement is a testament to the hardworking women and men of the Division, with more resources the SEC could focus more on individual accountability, as individuals are more likely to litigate and the ensuing litigation is resource intensive."  The Directors also noted the challenges posed by the Supreme Court's decision in Kokesh v. SEC, which confirmed a strict five-year statute of limitations on SEC demands for disgorgement[4], as well as the Court's more recent decision in Lucia v. SEC, which held that the SEC's method of appointing its administrative law judges violated the Appointments Clause of the U.S. Constitution and has necessitated the potential re-litigation of myriad administrative proceedings.[5] Thematically, the Enforcement Division (as well as SEC Chairman Clayton) repeatedly reiterated their focus on protecting "retail" or "Main Street" investors.  Indeed, the Division's Annual Report invoked the word "retail" no fewer than twenty-six times.  (A close second was "cyber," another Division priority, which appeared twenty-four times in the Report.)  The "retail" focus has led the SEC to highlight cases in which average investors appear to be victimized, particularly offering frauds, pump-and-dump-schemes, and misconduct by investment advisers and broker dealers directed at individual clients.  For fiscal 2018, according to the Annual Report, securities offering cases (which range from Ponzi schemes to various disclosure and registration violations in connection with securities offerings) comprised 25% of the year's enforcement actions, the largest single category.  Cases against investment advisers and investment companies were just behind at 22% of the caseload; and while the SEC continues to bring cases involving private funds and institutional investors, the lion's share of investment adviser cases fit within the SEC's "retail" focus. Despite efforts in recent years for the Enforcement Division to renew its scrutiny of public company financial reporting and disclosure – which in the past had often been the top category of SEC enforcement actions, representing a quarter or more of the docket – such cases comprised only 16% of the SEC's enforcement actions in 2018.  Rounding out the docket were cases involving broker-dealers (13%), insider trading (10%), and market manipulation (7%); FCPA cases and public finance abuse checked in at 3% of the enforcement filings apiece. B.   Whistleblowers The whistleblower bounty program enacted as part of Dodd-Frank continues to grow apace with each new year.  In its November 2018 annual report to Congress, the SEC's Office of the Whistleblower reported that the program had once again netted a record number of tips.[6]  A total of 5,282 whistleblower complaints were received in fiscal 2018, up nearly 18% from 2017.  (The report noted that the Whistleblower Office appears to have its share of vexatious whistleblowers who submit an "unusually high" number of tips, which are excluded from the tally.) As with enforcement cases ultimately filed by the Enforcement Division in 2018, the largest single category for tips for 2018 was offering frauds, representing 20% of all complaints; tips concerning corporate disclosures and financials were a close second, representing 19% of the complaints. The SEC has also continued to announce large award payments to whistleblowers whose tips led to successful enforcement actions.  In September, the SEC announced that it had awarded $39 million to a single whistleblower, the second highest award in the history of the program; the same investigation also resulted in a $15 million payment to a second whistleblower.[7]  However, due to the whistleblower regulations' confidentiality requirements, the nature of the enforcement action resulting in these awards is not reported. The SEC announced two additional whistleblower awards later that same month. First, the SEC reported a $1.5 million payment, while noting that "the award was reduced because the whistleblower did not promptly report the misconduct and benefitted financially during the delay."[8]  And in a second case, the SEC awarded $4 million to an overseas whistleblower, touting the important service that even those outside the U.S. can provide to the SEC.[9]  The SEC further heralded the tipster's continuing assistance throughout the course of the investigation. According to its most recent release, the SEC has now awarded over $326 million to 59 individuals under its whistleblower program. C.   Cybersecurity and Cryptocurrency As noted above, the SEC's Enforcement Division remains acutely focused on all things "cyber."  While this has manifested itself primarily, in recent months, on enforcement actions involving cryptocurrency and digital assets, the Division also had several noteworthy firsts in matters of cybersecurity in the latter half of the year. First, in September, the SEC brought its first enforcement action alleging violations of the Identity Theft Red Flags Rule.[10]  The SEC alleged that a broker-dealer lacked adequate safeguards to prevent intruders from resetting contractor passwords in order to gain access to personal information about certain customers.  Without admitting the allegations, the firm agreed to pay a $1 million penalty and to retain a consultant to evaluate its compliance with the Safeguards Rule and the Identity Theft Red Flags Rule. Then, in October, the Enforcement Division issued a report on its investigations of nine public companies which had been victimized by cyber fraud.[11]  According to the SEC, attackers had used fraudulent emails to pose as executives or vendors in order to dupe company personnel into sending about $100 million (in the aggregate) into bank accounts controlled by the perpetrators.  The SEC declined to charge the companies with wrongdoing, but cautioned companies that the internal controls provisions of the federal securities laws require them to ensure they have adequate policies and procedures to mitigate such incidents and safeguard shareholder assets.[12] But most of the high-tech action happened on the cryptocurrency front, with the Enforcement Division similarly touting a number of firsts.  Most of these actions related to registration-related conduct engaged in after the Commission's 2017 DAO Report, in which the Commission concluded that digital assets may be securities under the federal securities laws. In September, the SEC settled an action against a so-called "ICO superstore" and its owners for acting as unregistered broker-dealers by operating a website that permitted visitors to purchase tokens in ICOs and engage in secondary trading.[13] This was the first case in which the SEC charged unregistered broker-dealers for selling digital assets.  Collectively, the company and owners paid nearly $475,000 in disgorgement, while the owners also paid $45,000 each in penalties and consented to industry and penny stock bars and an investment company prohibition with a right to reapply after three years. The same day, the SEC found for the first time that a hedge fund manager's investments in digital assets constituted an investment company registration violation.[14]  According to the SEC, the fund falsely claimed to be regulated by and to have filed a registration statement with the SEC, and raised more than $3.6 million in four months.  It also engaged in an unregistered public offering and invested more than 40% of its assets in digital asset securities. The fund and its sole principal consented to pay a combined $200,000 penalty to settle the case. In November, the SEC settled an action against the founder of a digital token-trading platform, finding for the first time that such a platform operated as an unregistered national securities exchange.[15]  The platform in question matched buyers and sellers of digital assets, executed smart contracts, and updated a distributed ledger via the Ethereum blockchain, among other things. The founder consented to disgorge $300,000 and pay a $75,000 penalty.  The SEC noted that its investigation remains ongoing. Also in November, the SEC settled actions against two technology companies for failing to register their ICOs pursuant to federal securities laws.[16]  Both companies raised over $10 million worth of digital assets to fund their respective business ventures.  These were the first cases in which the SEC imposed civil penalties solely for ICO-related registration violations. The companies consented to return funds to investors, register their tokens as securities, file periodic reports with the SEC for at least one year, and pay $500,000 in total penalties. That same month, the SEC also for the first time brought actions against individuals for improperly promoting ICOs.  The SEC settled actions against two celebrities for their respective failures to disclose that they were being compensated for promoting upcoming ICOs on their social media accounts.[17]  The celebrities received approximately $350,000 in total for their promotions, all of which they were required to disgorge, along with $400,000 in total penalties. The celebrities also consented to a combined five-year ban on promoting any security. The second half of this year also saw the SEC crack down on ICOs claiming to be registered with the SEC.  In October, the SEC suspended trading of a company's securities after the company issued two press releases falsely claiming to have partnered with an SEC-qualified custodian for use with cryptocurrency transactions and to be conducting an "officially registered" ICO.[18]  Also in October, the SEC obtained an emergency court order halting a planned ICO that falsely claimed to be SEC-approved.[19]  On October 11, a federal judge froze the assets of the defendants—the company and its founder.  Notably, in one of the few setbacks to the SEC's aggressive enforcement program in the cryptocurrency space, the same judge subsequently denied the SEC's motion for a preliminary injunction, finding that the Commission had failed to show that the digital asset offered in the ICO was a security subject to federal securities laws.[20]  Litigation remains ongoing. Finally, September saw the SEC file a litigated action against an international securities dealer and its CEO for soliciting investors to buy and sell securities-based swaps.[21]  The SEC filed the case after an undercover FBI agent allegedly purchased securities-based swaps on the company's platform despite not meeting the required discretionary investment thresholds.  The SEC alleged that the company failed to register as a security-based swaps dealer and transacted the securities-based swaps outside of a registered national exchange. II.   Issuer and Auditor Cases A.   Accounting Fraud and Internal Controls In July, the SEC charged a drainage pipe manufacturer and its former CFO with reporting and accounting violations.[22]  According to the SEC, the company allegedly overstated its income before taxes from 2013-2015 as a result of insufficient internal accounting controls, improper accounting, and "unsupported journal entries directed or approved" by the former CFO.  Without admitting or denying the allegations, the company agreed to pay a $1 million penalty while the CFO agreed to pay a $100,000 penalty, reimburse the company approximately $175,000 in stock sale profits, and be barred from practicing as an accountant before the SEC. In early September, the SEC announced a settlement with a telecommunications expense management company and three members of the company's senior management related to allegedly fraudulent accounting practices.[23]  According to the complaint, the company prematurely reported revenue for work that had not been performed or for transactions that did not actually produce revenue.  The SEC also alleged that the company's former senior vice president of expense management operations falsified business records that were provided to auditors.  The company and three executives agreed to pay a combined penalty of $1.67 million to settle the allegations.  The litigated action against the senior VP of expense management operations remains pending. Later that month, the SEC charged a U.S.-based CFO of a public company in China with using his personal bank account to transfer over $400,000 in corporate funds from China to the U.S. to pay the company's U.S. expenses.[24]  The SEC's complaint alleged that he had previously engaged in the same practice for at least two other China-based public companies.  The SEC contended that the commingling of corporate and personal funds put the company's assets at risk of misuse and loss, and that the CFO had failed to implement an adequate set of internal accounting controls.  The CFO agreed to settle the charges without admitting wrongdoing, agreeing to pay a $20,000 fine and to be barred from serving as a public company officer or director for five years. Also in September, the SEC initiated enforcement actions against a business services company, its former CFO, and the company's former controller related to allegations of accounting fraud.[25]  The complaint alleged that the CFO manipulated the company's books to hide the increasing expense of its workers' compensation relative to revenue from its independent auditor.  When the company announced that it needed to restate its financial results to reflect the actual workers' compensation expenses, the stock price fell by 32%.  Without admitting or denying the allegations, the company agreed to pay $1.5 million to settle the charges, and the controller, who allegedly approved some of the CFO's accounting entries, agreed to pay $20,000 and be suspended from appearing before the SEC as an accountant for one year.  The case against the CFO is being litigated, and he has also been charged criminally by the United States Attorney's Office for the Western District of Washington.  The company's CEO, who was not charged with wrongdoing, agreed to pay the company back his $20,800 in cash bonuses received during the period of the alleged accounting violations. The following day, a pipeline construction company agreed to settle charges that it failed to implement adequate internal accounting controls, and failed to adequately evaluate its control deficiencies when assessing the effectiveness of its Internal Control over Financial Reporting ("ICFR"), after problems with its revenue recognition surfaced.[26]  According to the SEC, the company used contingent cost estimates to cover potential risks inherent in a project that could add unanticipated expenses to its total costs.  The company failed to implement adequate controls around its contingent cost estimates, despite recognizing that such estimates were critical for properly recognizing revenue.  Without admitting liability, the company agreed to pay a $200,000 civil penalty. Later in September, the SEC announced a settled action against a pharmaceutical company and its former CFO for allegedly understating the amount of inventory held by its wholesaler customers, which occurred as a result of the company flooding its distribution channel with products.[27]  According to the complaint, this created more short-term revenue at the expense of future sales.  Without admitting or denying the allegations, the company agreed to be enjoined from future violations and the former CFO agreed to pay approximately $1 million in penalties and disgorgement, be subject to an officer and director bar for five years, and to be barred from appearing before the SEC as an accountant with a right to apply for reinstatement after five years. In a November case involving the Kenyan subsidiary of a U.S.-based tobacco company, the SEC charged that managers at the subsidiary overrode existing internal controls and failed to report accounting errors to the parent company.[28]  As a result, the parent company filed materially misstated financial statements for more than four years, including errors to its inventory, accounts receivable, and retained earnings numbers.  The parent company agreed to settle the internal controls violations on a no admit/no deny basis.  The SEC imposed a cease-and-desist order, noting the company's remedial actions already undertaken, including sharing the results of its internal investigation with the SEC, hiring new accounting control positions within the African region, and implementing new internal accounting control procedures and policies. In December, the SEC filed a complaint against a multinational agricultural company and its executive chairman, alleging that they concealed substantial losses by improperly accounting for the divestiture of its China-based operating company.[29]  According to the SEC, the company overstated the value of stock received in the transaction and assigned a value of nearly $60 million to worthless land use rights.  The company agreed to pay a $3 million penalty and to cooperate with the SEC in future investigations, without admitting or denying the allegations.  Additionally, the CEO agreed to pay $400,000 and accept a five year officer and director bar. The next day, the SEC brought charges against a natural food company stemming from alleged weaknesses in the company's internal controls regarding end-of-quarter sales practices that helped the company meet its internal sales targets.[30]  According to the SEC, the company's sales personnel regularly offered incentives to customers to move inventory near quarter-end, including the right to return products that expired or spoiled prior to ultimate purchase, cash incentives, substantial discounts, and extended payment terms.  The company had failed to implement adequate controls to both detect and document these practices.  According to the SEC's press release, no monetary penalties were imposed based on the company's self-reporting to the SEC and significant remediation efforts, which included significant organizational changes and changes to its revenue recognition policies. Also in December, the SEC also instituted settled proceedings against a publicly-traded issuer of subprime automobile loan securities related to allegations that the company failed to accurately calculate its credit loss allowance from certain impaired loans and failed to segregate those loans from its general loan assets.[31]  The SEC also alleged that flaws in the company's internal controls led to its errors in calculating credit loss allowance and caused the company to restate its financial statements twice in a one-year period.  Without admitting or denying the allegations, the company agreed to pay a $1.5 million penalty. Finally, the SEC brought a settled proceedings against five separate companies for filing quarterly financial forms without having their financial statements reviewed in advance, which is a violation of Regulation S-X.[32]  The SEC announced the charges against all five companies in a single press release, and each company agreed to remedial action, including payment of penalties ranging from $25,000 to $75,000. B.   Misleading Disclosures Beyond the accounting-related cases discussed above, the SEC pursued an unusual number of cases based on misleading disclosures by public companies in the latter half of the year. Misleading Metrics Many of the disclosure cases instituted by the SEC involved the use of allegedly misleading metrics of interest to investors. In July, the SEC filed settled proceedings against an engineering and construction company related to allegations that it inflated a key performance metric and had various accounting control deficiencies.[33]  According to the SEC's order, the company's "work in backlog" metric, which measured the revenue the company expected to earn from future firm orders under existing contracts, improperly included at least $450 million from orders that the company had not received.  Additionally, the SEC alleged that the company's deficient accounting controls caused it to make inaccurate estimates of the costs to complete seven contracts, leading the company to restate its earnings.  Without admitting wrongdoing, the company agreed to pay a $2.5 million penalty. In August, the SEC separately instituted proceedings against a cloud communications company and two of its executives as well as executives at two online marketing companies related to allegations that they provided misleading numbers to investors.  In the first order, the SEC alleged that the company projected first quarter 2015 revenue of $74 million based on improperly reclassified sales forecasts when the CFO was aware of red flags that undermined confidence in that figure.[34]  Just a week before the end of the quarter, the company announced revenue projects that were approximately $25 million lower, causing the stock price to fall 33%.  Without admitting wrongdoing, the company agreed to pay $1.9 million and the two executives agreed to pay penalties ranging from $30,000 to $40,000.  In the second complaint, the SEC alleged that the former CEO and CFO of two online marketing companies, which formed a parent-subsidiary relationship in 2016, knowingly provided inflated subscriber figures.[35]  These charges arose out of a settled enforcement action the SEC brought against the companies themselves in June, in which the parent company agreed to pay a $8 million penalty.  Without admitting or denying the allegations, the two executives agreed to pay $1.38 million and $34,000, respectively. In September, the SEC announced a settled action with a payment processing company and its CEO.[36]  According to the SEC's allegations, the company materially overstated a key operating metric that caused research analysts to overrate the company's stock and promoted it in  its filings with the SEC, even though both the company and CEO had reason to know that the metric was inaccurate.  Without admitting or denying the allegations, the company agreed to pay a penalty of $2.1 million while the former CEO agreed to pay $120,000. Finally, in a relatively novel action, the SEC settled charges against a seller of home and business security services for failing to afford equal or greater prominence to comparable GAAP earnings measures in two of its financial statements containing non-GAAP measures.[37]  While the SEC has highlighted concerns about the prominence of non-GAAP metrics previously, this appears to be the first case in which that issue alone has resulted in an enforcement action.  Without admitting or denying the allegations, the company agreed to pay $100,000 to settle the matter. Executive Perks The SEC also brought several cases involving executive perks.  In July, the SEC announced a settlement with a chemical company related to charges that the company allegedly failed to adequately disclose approximately $3 million in perquisites given to its CEO in its 2013-2016 proxy statements.[38]  The SEC alleged that the company failed to disclose personal benefits not widely available and not integrally and directly related to an executive's job duties.  The company agreed to pay a $1.75 million penalty and hire an independent consultant to help implement new perquisite disclosure policies. Also in July, the SEC alleged that the CEO of an oil company hid approximately $10.5 million in personal loans from a company vendor and a prospective member of the board.[39]  Additionally, the SEC alleged that the CEO received undisclosed compensation and perks, and that the company failed to report more than $1 million in excess compensation in its disclosures.  Without admitting or denying the SEC's allegations, the CEO agreed to pay a $180,000 penalty and be subject to a five year bar from serving as an officer or director of a public company.  The board member also agreed to pay a penalty. Other Disclosures In July, the SEC instituted settled proceedings against a publicly-traded real estate investment trust and four executives, alleging that they failed to adequately disclose certain cashflow issues and the status of real property within its portfolio.[40]  The parties agreed to settle the charges without admitting or denying the allegations. In September, the SEC instituted proceedings against an industrial waste water treatment company and two senior executives, alleging that they failed to disclose to investors certain contractual contingencies that had not occurred in a material contract with Nassau, New York.[41]  To settle the allegations, without admitting or denying the SEC's findings, the company agreed to pay $133,000 in penalties, disgorgement, and pre-judgment interest and the two executives agreed to pay civil penalties of $60,000 and $35,000 respectively. Also in September, the SEC announced a settlement with SeaWorld Entertainment Inc. and its former CEO.[42]  The SEC's complaint alleged that the company and its CEO failed to adequately disclose the damaging impact a critical documentary had on the company's business.  Without admitting or denying the allegations, the company and former CEO agreed to pay $5 million in penalties and disgorgement.  A former vice president of communications also agreed to pay $100,000 in disgorgement and prejudgment interest, without admitting or denying the allegations. That same day, the SEC filed a settled action against a biopharmaceutical company, its CEO, and former CFO, related to allegations that the company failed to timely disclose questions about the efficacy of its flagship lung cancer drug.[43]  Without admitting or denying the SEC's allegations, the company and the executives agreed to the payment of disgorgement and penalties. Later that month, the SEC filed a settled action against a large drugstore chain, its former CEO, and former CFO for failing to communicate the increased risk of missing operating income projections in the wake of a corporate merger.[44]  The SEC alleged that in 2012, one of the predecessor entities had reaffirmed earlier projections despite internal projections showing an increased risk of falling short.  Without admitting or denying the allegations, the company paid a $34.5 million penalty and the two executives each agreed to pay $160,000. And at the end of September, the SEC announced a settlement with Tesla, Inc. and its CEO arising out of the CEO's tweets about plans to take the company private.[45]  The SEC alleged that the potential transaction was subject to numerous contingencies, and that the company lacked sufficient controls to review the CEOs tweets.  Without admitting or denying the allegations, the company and its CEO agreed to pay civil penalties; additionally, the CEO agreed to step down from the board and be replaced by an independent chairman, and the company agreed to install two new independent directors, implement controls to oversee the CEO's tweets, and establish a new committee of independent directors. C.   Auditor Cases In September, the SEC instituted proceedings against an accounting firm for improper professional conduct and violations of the securities law during the course of an audit of an information technology company.[46]   According to the SEC's complaint, the firm ignored a series of red flags concerning cash held by a related entity and provided an unqualified opinion.  The firm and two of its principals agreed to be barred from appearing before the SEC as accountants for five years, and to pay monetary penalties. In October, the SEC suspended three former accountants from a larger audit firm related to allegations that they violated auditing standards and engaged in unprofessional conduct during an audit of an insurance company.[47]  According to the SEC's order, the audit team fell behind schedule during the audit, but the senior manager directed team members to sign off on "predated" workpapers to make it appear that the audit had been completed before the company's annual report was filed with the SEC.  The SEC also concluded that the engagement partner and quality review partner failed to exercise due professional care that would have prevented these deficiencies in the audit.  Without admitting or denying the SEC's findings, the three accountants agreed to be suspended from practicing before the SEC as accountants for periods ranging from one to five years, pending applications for reinstatement. In December, the SEC instituted proceedings against an audit firm, two of its partners, and two partners from a now-defunct auditing firm, relating to "significant failures" in their audit of a company that went bankrupt after the discovery of more than $100 million in federal tax liability.[48]  According to the SEC's order, the firm identified pervasive risks of fraud in the company but failed to undertake additional steps to address the risk.  The SEC also alleged that the audit firm was not actually independent of the company due to an ongoing business relationship.  To settle the allegations, the firm agreed to  pay a penalty of $1.5 million, and hire an independent compliance consultant.  All four partners agreed to be suspended from practicing before the SEC for between one and three years, and to pay penalties ranging from $15,000 to $25,000. Finally, outside the public company audit context, the SEC charged an audit firm with failing to maintain its independence when conducting "Custody Rule" and broker-dealer audits.  The SEC alleged that the firm violated independence standards by both preparing and auditing client financial statements, accompanying notes, and accounting entries for more than 60 audits over five years.  Without admitting nor denying the allegations, the firm settled with the SEC, agreeing to pay a $300,000 penalty and to cease any engagements that fall within the purview of the SEC for one year.  If the firm later chooses to accept such engagements, it must retain an independent complaint consultant for a three-year period and comply with all of the consultant's recommendations for auditor independence. D.   Private Company Cases Finally, the SEC brought a number of financial reporting and disclosure cases against private (or pre-public) companies, including the following: In September, the SEC instituted settled proceedings against a seller of drones, toys, and other consumer products and its CEO related to allegations that they provided inaccurate sales information to the company's auditor, which caused its Form S-1 registration statement to overstate the company's revenue by approximately 15%.[49]  Without admitting or denying the SEC's allegations, the CEO agreed to pay a $10,000 penalty and the company agreed to withdraw its registration statement, which had never been declared effective. Also in September, the SEC instituted proceedings against a California-based medical aesthetics company and its former CEO.[50]  The SEC alleged that just days before the company was going to close a stock offering, the CEO learned that its Brazilian manufacturer's certificate to sell products in the European Union had been suspended, but concealed it from the company's General Counsel and underwriters.  After the offering closed and the suspension subsequently became public, the stock price fell by 52% and the CEO continued to misrepresent his knowledge.  The SEC settled with the company, recognizing the company's self-reporting to the SEC and extensive cooperation.  The SEC is litigating against the CEO. In November, the SEC instituted proceedings against an entertainment media company and five of its former officers and directors.[51]  According to the complaint, the company purchased downloads for its mobile app from outside marketing firms in order to boost its download ranking in the Apple App Store.  The company allegedly misrepresented to its shareholders why its app had risen in the download rankings, and continued to allegedly lie to shareholders about the growth of its downloads even after it stopped paying for downloads and its rankings plummeted.  The parties agreed to settle the charges without admitting or denying the allegations; the individuals agreed to pay penalties of varying amounts, three agreed to a permanent officer and director bar, and one agreed to a five-year bar. III.   Investment Advisers and Funds A.   Fees and Expenses In November, a California-based investment adviser settled allegations that it overcharged clients by failing to apply "breakpoint" discounts as provided in its fee schedule.[52]  According to the SEC, the adviser's fee schedule entailed "breakpoints" which would decrease advisory fees as the amount of client assets under management increased.  For approximately eight years, however, the advisory fee discounts were applied haphazardly, resulting in overcharges to certain client accounts.  Without admitting the allegations, the adviser agreed to pay a penalty of $50,000.  The SEC recognized that, during the investigation, the adviser undertook remedial efforts, including reimbursements to clients of overcharged fees and modifications to its policies. In December, a formerly SEC-registered fund manager settled allegations that it misallocated expenses (such as rent, overhead, and compensation) to its business development company clients as well as failed to review valuation models that caused a client to overvalue its portfolio companies.[53]  The adviser agreed to pay approximately $2.3 million disgorgement and prejudgment interest, as well as a civil money penalty of approximately $1.6 million. Also in December, the SEC filed a settled administrative proceeding against a Milwaukee-based investment adviser and its owner/chairman in connection with alleged undisclosed fees.[54]  According to the SEC, the adviser added a sum to client transactions, which it called a "Service Charge."  Part of this "Service Charge" would go towards paying a third-party broker, while the remainder went to the adviser.  The SEC alleges that the adviser did not disclose these payments to clients.  Without admitting or denying the allegations, the investment adviser and its owner agreed to pay approximately $470,000 in disgorgement and prejudgment interest, as well as a $130,000 civil penalty. Later that month, the SEC settled with a private equity fund adviser for allegedly improperly allocating compensation-related expenses to three private equity funds that it advised.[55]  According to the SEC, firm employees charged the funds for work unrelated to the three funds, violating the mandates of the governing documents of the funds.  The alleged wrongdoing spanned four years.  The firm cooperated extensively with the SEC, and the Commission accounted for those remedial efforts in settlement.  The firm agreed to more than $2 million in disgorgement and a civil monetary penalty of $375,000.   In a similar case also filed in December, the SEC settled with a fund manager for inadequate disclosures regarding certain expense allocations, as well as the alleged failure to disclose potential conflicts of interest arising from certain third-party service providers.[56]  Without admitting or denying the SEC's allegations, the company agreed to pay $1.9 million in disgorgement and prejudgment interest and a $1 million civil penalty to settle the charges. At the end of December, the SEC settled with a private equity investment adviser in connection with allegations of improper expense allocations.[57]  According to the SEC, the investment adviser manages private equity funds and as well as co-investment funds on behalf of the company's employees.  The two types of funds invest alongside each other.  When the adviser sought to acquire certain portfolio companies, co-investors were able to provide additional capital to invest.  According to the SEC, over the course of approximately fifteen years, the adviser failed to allocate certain expenses on a proportional basis between the private equity funds and the co-investor funds.  In connection with settlement, the SEC acknowledged that, following an examination by the Commission's Office of Compliance Inspections and Examinations but prior to being contacted by the Division of Enforcement staff, the adviser proactively made full reimbursements, with interest, to affected funds.  The adviser agreed to pay a civil money penalty of $400,000. The SEC also brought a number of cases involving wrap fee programs. In August, an investment advisory firm settled allegations that it lacked policies and procedures to provide investors with sufficient information for investors to evaluate the appropriateness of their investments in the company's wrap fee programs.[58]  Without admitting or denying the allegations, the firm agreed to pay a $200,000 civil penalty and to undertake efforts to enhance its procedures.  And in September, an affiliated investment adviser settled allegations that it failed to disclose conflicts of interest in connection with wrap fee programs.[59]  According to the SEC, over the course of three years, the investment adviser recommended that its clients invest in wrap fee programs, one of which was sponsored by the investment adviser.  Without admitting or denying the allegations, the company agreed to pay a $100,000 civil penalty. B.   Conflicts of Interest In July, the SEC filed a settled administrative proceeding against the managing partner and chief compliance officer of a private equity fund adviser, alleging that he arranged for one of his funds to make a loan to a portfolio company, the proceeds of which were used to purchase his personal interest in the company.[60]  The SEC alleged that the manager failed to disclose the conflicted transaction to the fund's limited partnership advisory committee.  The manager agreed to pay a civil money penalty of $80,000 without admitting or denying the allegations.  The SEC's order noted that the fund ultimately did not lose any money on the transaction. In late August, the SEC instituted settled proceedings against an investment adviser in connection with alleged failures to disclose a conflict of interest relating to third-party products.[61]  According to the SEC, the adviser's retail advisory accounts were invested in third-party products that a U.S. subsidiary of a foreign bank managed.  In contravention of established practice, the adviser's governance committee did not vote on a proposed recommendation to terminate the third-party products, and instead later permitted new adviser accounts to invest in these products.  In so doing, according to the SEC, the adviser did not disclose a conflict of interest.  Without admitting or denying the allegations, the adviser agreed to pay nearly $5 million in disgorgement and prejudgment interest, as well as a $4 million penalty. C.   Fraud and Other Misconduct In July, the SEC charged a Connecticut-based advisory firm and its CEO with placing around $19 million of investor funds into risky investments, including into companies in which they had an ownership stake, while charging large commissions on top of those investments.[62]  The complaint further alleged that the company overbilled some of its clients by calculating fees based on the earlier value of investments that had decreased in value.  The case is being litigated. In August, a Michigan-based investment management firm and its representative settled claims that they had engaged in a cherry-picking scheme.[63]  According to the SEC, the representative disproportionately allocated profitable trades to favored accounts, including personal and family accounts, at the expense of other clients.  The firm agreed to pay $75,000, and the individual respondent agreed to pay approximately $450,000 in disgorgement and penalties and to be barred from the industry.  The following month, the SEC pursued similar cherry-picking claims against a Louisiana-based adviser and its co-founder.[64]  That case is being litigated.  According to the SEC, it was the sixth case arising out of a recent initiative to combat cherry picking. September was a particularly busy month, as the SEC settled a number of fraud-based cases with investment advisers. The SEC settled charges with two New York City-based investment advisers and their 100% owner and president.[65]  The advisers allegedly engaged in a complex scheme to conceal the loss in the value of their clients' assets by making false statements, improperly redeeming investments, and failing to disclose a variety of conflicts of interest.  To settle the charges, the advisers agreed to jointly and severally pay disgorgement of approximately $1.85 million and a civil penalty of $600,000. Also in September, the SEC charged a hedge fund adviser and its principal with running a "short and distort" scheme, taking a short position and then making a series of false statements to shake investor confidence and lower the stock price of a publicly-traded pharmaceutical company.[66]  According to the SEC, the fund used written reports, interviews and social media to spread untrue claims, driving the stock price down by more than a third.  The matter is being litigated. Later that month, the SEC settled with an asset manager, its former president, and its former CFO.[67]  The asset manager and former president were charged with fraudulently using investor funds to purchase interests in products offered by the firm's parent corporation to benefit the parent, at which the former president also worked.  The individuals were also charged with improperly adjusting fund returns to show more favorable results to investors.  No charges were pursued against the parent corporation because of its prompt reporting of the misconduct, extraordinary cooperation with the SEC, and the reimbursement of around $1 million to adversely impacted investors.  The company settled for more than $4.2 million in penalties and disgorgement.  The former president and CFO agreed to pay penalties, and the president also agreed to a three-year bar from the securities industry. Early in December, an investment company settled charges of improperly recording and distributing taxable dividends, when those monies should have been recorded as return of capital.[68]  According to the SEC, while the error was not quantitatively large, it impacted a key metric used by investors and analysts to evaluate performance.  The only sanction imposed was a cease-and-desist order.  The firm admitted that its conduct violated federal securities laws and consented to the imposition of the order. D.   Share Class Selection The SEC has been particularly focused on advisers which recommend mutual funds to clients without adequately disclosing the availability of less expensive share classes.  In February 2018, the Division of Enforcement announced its Share Class Selection Disclosure Initiative, under which the Division agreed not to recommend financial penalties against advisers which self-report violations of the federal securities laws relating to mutual fund share class selection and promptly return money to victimized investors.  While the SEC has yet to announce any enforcement actions resulting from the self-reporting initiative, it has filed a number of actions against advisers which did not self-report such violations. In August, the SEC filed a settled administrative proceeding against a Utah-based investment adviser and broker-dealer relating to mutual fund distribution fees, known as 12b-1 fees.[69]  According to the SEC, for more than four years, the company, in its capacity as a broker-dealer, reaped compensation in the form of 12b-1 fees due to its clients' mutual fund investments.  However, the company, in its capacity as an investment adviser, disclosed to advisory clients that it did not receive compensation from the sale of mutual funds.  In addition, the adviser recommended more expensive share classes of certain mutual funds when cheaper shares of the same funds were available.  The company agreed to pay over $150,000 to compensate advisory clients and a $50,000 civil money penalty. In mid-September, the SEC filed a settled administrative proceeding against a limited liability company in connection with 12b-1 fees.[70]  According to the SEC, for approximately three years, the adviser improperly collected 12b-1 fees from clients by recommending more expensive mutual fund share classes with 12b-1 fees when lower-cost share classes, without 12b-1 fees, were available.  Further, the SEC alleged that the adviser received, but did not disclose, compensation it received when the adviser invested its clients in certain no-transaction fee mutual funds.  The SEC acknowledged remedial acts undertaken and the company's cooperation with the Commission.  The adviser agreed to pay over $1.3 million in disgorgement and penalties. On the same day in late December, the SEC settled two additional share class selection cases.  In the first, a Tennessee-based investment adviser settled charges in connection with the recommendation and sale of higher-fee mutual fund shares when less expensive share classes were available.[71]  The SEC alleged that for a period of approximately four years, the company's president and investment adviser representative were the top two recipients of avoidable 12b-1 fees.  The investment adviser agreed to pay approximately $850,000 in disgorgement and prejudgment interest, as well as $260,000 as a civil penalty; collectively, the two individuals agreed to pay approximately $430,000 in disgorgement and prejudgment interest, in addition to $140,000 in civil penalties.  In the second case, the SEC settled charges with two investment advisers and a CEO of one of the firm on the ground that, despite the availability of less expensive share classes of the same funds, advisory clients' funds were invested in mutual fund share classes that paid 12b-1 fees to the firms' investment adviser representatives.[72]  In total, the investment advisers and CEO agreed to pay more than $1.8 million to settle the charges. E.   Misleading Disclosures The SEC brought a number of cases alleging misleading disclosures and omissions in the second half of 2018.  In July, the SEC announced a settlement with a California-based investment adviser and its majority owner.[73]  In the firm's written disclosures to clients, the firm allegedly made material misstatements about the firm's financial condition – most saliently, omitting to disclose the firm was insolvent during the relevant period and was operating on $700,000 in loans.  The SEC also alleged that the firm improperly withheld refunds of prepaid advisory fees from clients who requested via email to terminate their relationships.  The firm and its majority owner agreed to pay $100,000 and $50,000 respectively in civil monetary penalties to settle the charges. In August, the SEC settled two cases based on failures to disclose and misleading disclosures by investment advisers.  First, a Boston–based employee-owned hedge fund sponsor settled with the SEC over allegations of omissions, misrepresentations, and compliance failures relating to its practices which resulted in materially different redemption amounts when the fund lost value in a short period of time.[74]  The allegations included a failure to implement a compliance program consistent with the adviser's obligations under the Advisers Act, a lack of disclosure to all investors of their option to redeem their investment in the fund, and inaccurate statements concerning assets in the Form ADV filed annually with the SEC.  The firm agreed to pay a civil penalty of $150,000. Four days later, the SEC settled with four related investment adviser entities for allegedly misleading investors through the use of faulty investment models.[75]  According to the SEC, the  quantitative investment models contained errors, and after discovering the issue the firms discontinued their use but did not disclose the errors.  The entities agreed to pay $97 million in disgorgement and penalties without admitting liability.  Two individual defendants, the former Chief Investment Officer and the former Director of New Initiatives of one of the entities, were also charged and settled with civil penalties of $65,000 and $25,000 respectively. Also in August, the SEC filed a litigated case against a Buffalo-based advisory firm and principal.[76]  According to the SEC, in anticipation of an SEC imposed bar, the owner of the firm sold the firm to his son.  Yet, after the imposition of the bar, his son failed to apprise clients of the bar and made misleading statements when clients inquired about the bar.  Moreover, the father allegedly impersonated his son when on phone calls with clients. A Massachusetts-based investment manager settled with the SEC on the final day of August.[77]  The company allegedly disseminated advertisements touting hypothetical returns based on blended research strategies while failing to disclose that some key quantitative ratings were determined using a retroactive, back-tested application of the financial model.  The company agreed to pay a civil penalty in the amount of $1.9 million to settle the allegations of violating the Advisers Act by publishing, circulating, and distributing advertisements containing misleading statements of material fact. In the first week of September, the SEC settled with a private investment firm and its managing partner for allegedly failing to provide limited partners in a fund with material information related to a change in the valuation of the fund.[78]  The respondents jointly agreed to pay a civil penalty in the amount of $200,000.  A week later, the SEC filed a lawsuit against an Indianapolis-based investment advisory firm and its sole owner for omitting to disclose that the firm and its owner would receive commissions of almost 20% on sales of securities which it encouraged its clients to buy.[79]  The latter case is being litigated. In December, the SEC settled with a California-based registered investment adviser for material misstatements and omissions in its advertising materials, allegedly inflating the results and success of the back-tested performance for one of its indexes over the course of eight years.[80]  The adviser agreed to pay a civil penalty of $175,000. And in late December, the SEC brought its first enforcement action against robo-advisers for misleading disclosures.[81]  Robo-advisers provide software-based, automated portfolio management services.  In the first robo-adviser case, the company disclosed to clients that it would monitor client accounts for "wash sales," which could negate the tax-loss harvesting strategy it provided to clients.  According to the SEC, however, for approximately three years the adviser did not provide such monitoring, and wash sales took place in almost one-third of accounts enrolled in the tax-loss harvesting program.  This robo-adviser agreed to pay a $250,000 penalty.  In a separate case, a second robo-adviser agreed to settle charges that it provided misleading performance information on its website and social media.  According to the SEC, the company purported to show its investment performance as compared to robo-adviser competitors, but only included a small fraction of its client accounts in the comparison.  This adviser agreed to pay a $80,000 penalty to settle the matter. F.   Other Investment Adviser Issues Supervision and Oversight In August, the SEC announced a settled action against a Minnesota-based diversified financial services company that had allegedly failed to protect retail investor assets from theft by its agents.[82]  The SEC alleged that the respondents' agents, many of whom pled guilty to criminal charges, committed fraudulent actions such as stealing client funds and forging client documents.  The company allegedly failed to adopt and implement policies and procedures reasonably designed to safeguard investor assets against misappropriation by its representatives.  The company agreed to pay a penalty of $4.5 million to settle the charges. In November, the SEC settled charges with a formerly registered investment adviser and its former CEO for negligently failing to perform adequate due diligence on certain investments.[83]  The SEC alleges that the firm failed to implement and reasonably design compliance policies and procedures which led to a failure to escalate and advise clients regarding concerns surrounding the investments, which turned out to be fraudulent.  Without admitting or denying the allegations, the firm agreed to pay a $400,000 civil penalty and the CEO agreed to a $45,000 civil penalty. Cross-Trades The SEC brought a handful of cases involving cross-trades between client accounts which favored one client at the expense of another.  In August, an investment adviser settled allegations that it had engaged in mispriced cross trades that resulted in the allocation of market savings to selected clients.[84]  According to the SEC, approximately 15,000 cross trades were executed at the bid price, resulting in the allocation of market savings to the adviser's buying clients, while depriving selling clients of market savings.  The SEC further alleged that the adviser cajoled broker-dealers into increasing the price of certain municipal bonds and executed cross trades at these inflated prices, thereby causing buying advisory clients to overpay in these transactions.  To settle the matter, the adviser agreed to reimburse its clients over $600,000, plus interest, and pay a $900,000 penalty.  The following month, the SEC instituted a similar settled administrative proceeding against a Texas-based investment adviser for failing to disclose two cross trades, causing its clients to sustain $125,000 in brokerage fees.[85] Also in September, the SEC brought a settled action against a Boston firm and one of its portfolio managers, alleging that they facilitated a number of pre-arranged cross-trades between advisory client accounts that purposefully benefited certain clients at the expense of others.[86]  In addition to paying a $1 million penalty, the company agreed to reimburse approximately $1.1 million to its harmed clients.  The former portfolio manager agreed to pay a $50,000 penalty and to submit to a nine-month suspension. Testimonial Rule Violations In July, the SEC instituted five distinct settled proceedings against two registered investment advisers, three investment adviser representatives, and one marketing consultant in connection with violations of the Testimonial Rule, which bars investment advisers from publishing testimonial advertisements.[87]  The advertisements were published on social media and YouTube.  The civil penalties ranged from $10,000 to $35,000 for each of the individuals. In September, a Kansas-based investment adviser and its president/majority owner agreed to settle charges in connection with violations of the Testimonial Rule and ethics violations.[88]  The SEC alleges that the investment adviser broadcast advertisements through the radio, and one of the radio hosts later became a client and broadcast his experience.  According to the SEC, the investment adviser contravened its policies by not monitoring the radio coverage.  The firm agreed to pay a civil penalty of $200,000.  Separately, the company's president/majority owner violated the company's code of ethics by not reporting transactions in brokerage accounts held for the benefit of his family.  He agreed to pay a civil penalty of $50,000. Pay To Play Abuses There were two "pay to play" cases settled on the same day in July.  In the first matter, the SEC alleged that three associates of a California-based investment adviser made campaign contributions to candidates who had the ability to decide on the investment advisers for public pension plans.[89]  Within two years of the contributions, in contravention of the Advisers Act, the investment adviser received compensation in connection with advising the public pension plans.  The investment adviser agreed to pay a civil penalty of $100,000.  In the other case, the SEC alleged that the firm's associates made contributions in a number of states, and the investment adviser similarly received payment to advise public pension plans in those states.[90]  The investment adviser agreed to pay a $500,000 civil penalty to settle the charges. Custody Rule Compliance The second half of the year entailed two Custody Rule cases against New York-based investment advisory firms.  Neither firm distributed annual audited financial statements in a timely fashion.  In the July matter, the SEC also alleged that the investment adviser lacked policies and procedures to preclude violations of the Advisers Act.  Without admitting or denying the allegations, the adviser agreed to pay a $75,000 civil penalty.[91]  In the September matter, the SEC also alleged that the firm violated the Compliance Rule by failing to review its policies and procedures on an annual basis.[92]  Without admitting or denying the allegations, the adviser agreed to pay $65,000 as a civil penalty. IV.   Brokers and Financial Institutions A.   Supervisory Controls and Internal Systems Deficiencies In the latter half of 2018, the SEC brought a number of cases relating to failures of supervisory controls and internal systems – an increase in this area over the first half of the year.  As part of its ongoing initiative into American Depositary Receipt ("ADR") practices, the SEC brought numerous cases relating to the handling of ADRs—U.S. securities that represent foreign shares of a foreign company and require corresponding foreign shares to be held in custody at a depositary bank.  In July, the SEC announced settled charges against two U.S. based-subsidiaries, a broker-dealer and a depositary bank, of an international financial institution alleging improper ADR handling that led to facilitating inappropriate short selling and profits.[93]  Without admitting or denying the allegations, the subsidiaries agreed to pay $75 million in disgorgement and penalties.  In September, the SEC brought settled charges against a broker-dealer and subsidiary of a French financial institution; the broker-dealer agreed to pay approximately $800,000 in disgorgement and penalties without admitting or denying the findings.[94]  In December, the SEC settled charges against a depositary bank; the bank agreed to pay $38 million in disgorgement and penalties without admitting or denying the findings. [95] And finally, also in December, the SEC brought settled charges in two cases for providing ADRs to brokers when neither the broker nor its customer owned the corresponding foreign shares.  In the first December case, the SEC settled charges with a depositary bank headquartered in New York; the bank agreed to disgorgement, interest, and penalties of approximately $55 million without admitting or denying the charges.[96]  In the second case, the SEC settled charges with another depositary bank, a subsidiary of a large New York financial services firm.[97]  The SEC's order alleged that the improper ADR handling led to inappropriate short selling and dividend arbitrage.  The firm agreed to pay over $135 million in disgorgement, and penalties without admitting or denying the charges. In addition to the ADR cases, the SEC also brought supervision cases for the failure to safeguard customer information and for the failure to supervise representatives who sold unsuitable products.  In July, the SEC brought settled charges against an international investment banking firm for failing to maintain and enforce policies and procedures designed to protect confidential customer information, including the failure to maintain effective information barriers.[98]  The SEC's order alleged that traders at the bank regularly disclosed material nonpublic customer stock buyback information to other traders and hedge fund clients; the bank agreed to a $1.25 million penalty without admitting or denying the charges.  In September, the SEC announced settled charges against a New York-based broker-dealer and two of its executives for failure to supervise representatives in sales of a leveraged exchange-traded note ("ETN") linked to oil.[99]  The SEC's order alleged that the broker-dealer's representatives did not reasonably research or understand the risks of the ETN or the index it tracked.  The broker-dealer agreed to pay over $500,000 in penalties, interest, and customer disgorgement without admitting or denying the charges, and the two executives agreed to penalties as well as a 12-month supervisory suspension.  The broker who recommended the largest number of ETN sales also agreed to a penalty of $250,000. Along with the supervisory cases described above, the SEC also brought a few cases relating to internal controls.  In August, the SEC announced settled charges in two cases against a large financial institution and two subsidiary broker-dealers involving books and records, internal accounting controls, and trader supervision.[100]  The charges in one action related to losses due to trader mismarking and unauthorized proprietary trading, which the SEC alleged were not discovered earlier due to a failure to supervise.  In the second action, the SEC alleged that the bank lacked controls necessary to prevent certain fraudulent loans. The financial institution and subsidiaries agreed to pay over $10 million without admitting or denying the allegations. Also in August, the SEC initiated settled proceedings against a credit ratings agency for alleged internal controls deficiencies relating to a purported failure to consistently apply credit ratings symbols which were used in models used to rate residential mortgage backed securities.[101]  The ratings agency agreed to pay over $16 million without admitting or denying the allegations. B.   Anti-Money Laundering As in the first half of the year, the SEC continued to bring a number of cases in the anti-money laundering ("AML") area, all relating to the failure to file suspicious activity reports ("SARs").  The Bank Secrecy Act requires broker-dealers to file SARs to report transactions suspected to involve fraud or with no apparent lawful purpose. In July, the SEC announced the settlement with a national broker-dealer relating to the failure to file SARs on the transactions of independent investment advisers that it had terminated.[102]  The broker-dealer agreed to pay a $2.8 million penalty to settle the action, without admitting or denying the charges.  Similarly, in September, the SEC instituted a settled administrative proceeding against a New York brokerage firm for failing to file SARs relating to a number of terminated investment advisers.[103]  Without admitting or denying the allegations, the firm agreed to pay a penalty of $500,000; the SEC's Order noted that the settlement took into account remedial acts undertaken by the firm.  Also in September, the SEC settled charges against a clearing firm for failure to file SARs relating to suspicious penny stock trades.[104]  As part of the settlement, the clearing firm agreed to pay a penalty of $800,000 without admitting or denying the allegations, and also agreed that it would no longer sell penny stocks deposited at the firm. In December, the SEC brought settled charges against a broker-dealer alleging that during the period 2011-2013 it neglected to monitor certain movements of funds through customers' accounts and to properly review suspicious transactions flagged by its internal monitoring systems.[105]  The firm agreed to pay a $5 million penalty to resolve the charges, as well as a $10 million penalty to the U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN) and the Financial Industry Regulatory Authority (FINRA) to resolve parallel charges.  The broker-dealer did not admit or deny the SEC's allegations except to the extent they appeared in the settlement with FinCEN. Also In December, the SEC announced settled charges against a broker-dealer for the failure to file SARs concerning over $40 million in suspicious wire transfers made by one customer in connection with a payday lending scam.[106]  The firm agreed to certain undertakings, including the hiring of an independent compliance consultant, without admitting or denying the allegations.  The U.S. Attorney's Office for the Southern District of New York also instituted a settled civil forfeiture action against the broker-dealer in which it paid $400,000; the U.S. Attorney's Office additionally entered into a deferred prosecution agreement with the firm. C.   Market Abuse Cases In the second half of 2018, the SEC's Market Abuse Unit was involved in bringing three cases relating to "dark pools" (i.e., private exchanges) and the use and execution of customer orders.  In September, the SEC announced settled charges against a large financial institution relating to alleged misrepresentations in connection with the operation of a dark pool by one of its affiliates.[107]  The SEC alleged that the firm misled customers relating to high-frequency trading taking place in the pool and also failed to disclose that over half of the orders routed to the dark pool were executed in other trading venues.  The firm and its affiliate agreed to pay over $12 million in disgorgement and penalties without admitting or denying the SEC's allegations. Also in September, the SEC, together with the New York Attorney General ("NYAG"), brought settled charges against an investment bank relating to the execution of customer orders by one of its desks responsible for handling order flow for retail investors.[108]  The SEC alleged that while the firm promoted the desk's access to dark pool liquidity, a minimal number of orders were executed in dark pools; additionally, the firm allegedly failed to disclose that retail customers did not receive price improvement on non-reportable orders.  The firm agreed to pay a total of $10 million ($5 million to the SEC and $5 million to the NYAG) without admitting or denying the allegations. And in November, the SEC brought charges against a financial technology company and its affiliate for misstatements and omissions relating to the operation of the firm's dark pool.[109]  The SEC alleged that the firm failed to safeguard subscribers' confidential trading information despite assuring firm clients that it would do so, and also did not disclose certain structural features of the dark pool to clients.  The firm and its affiliate agreed to pay a $12 million penalty to settle the charges without admitting or denying the allegations. D.   Books and Records In July, the SEC brought settled charges against a New York-based broker-dealer relating to its failure to preserve records.[110]  The SEC alleged that the broker-dealer deleted audio files after receiving a document request from the Division of Enforcement (because the department responsible for the files was unaware of the request), and also failed to maintain books and records that accurately recorded expenses.  Without admitting or denying the allegations, the firm agreed to pay a penalty of $1.25 million. In September, the SEC announced charges against a broker-dealer for providing the SEC with incomplete and deficient securities trading information known as "blue sheet data" used by the SEC in its investigations.[111]  The SEC's order alleged that approximately 29% of the broker-dealer's blue sheet submissions over a four-year time period contained deficiencies due to coding errors.  The broker-dealer admitted the findings in the SEC's Order and agreed to pay a $2.75 million penalty to settled the charges.  In December, the SEC instituted settled administrative proceedings against three broker-dealers for recordkeeping violations in another matter relating to deficient blue sheet data submissions.[112]  The SEC's Orders noted that as a result largely of undetected coding errors, the three firms submitted blue sheet data that continued various inaccuracies.  The three broker-dealers admitted the findings in the SEC's Orders and agreed to pay penalties totaling approximately $6 million.  The SEC's Orders noted the remedial efforts undertaken by the firms, including the retention of an outside consultant and the adoption of new policies and procedures for processing blue sheet requests. E.   Individual Brokers Finally, in addition to its cases involving large financial institutions, the SEC brought a number of cases against individual broker-dealer representatives.  In September, the SEC filed complaints against two brokers in New York and Florida for excessive trading in retail customer accounts which generated large commissions for the brokers but caused losses for their customers.[113]  The case is being litigated. Also in September, the SEC filed a complaint against a broker for a cherry-picking scheme in which the broker allegedly misused his access to an allocation account to cherry pick profitable trades for his own account while placing unprofitable trades in customer accounts.[114]  The SEC noted that it uncovered the alleged fraud using data analysis.  The case is being litigated, and the U.S. Attorney's Office for the District of Massachusetts announced parallel criminal charges. Finally, in December, the SEC settled with a self-employed trader (and entities that he owned and controlled) for violations of Rule 105 of Regulation M, which prohibits a person from purchasing an equity security during the restricted period of an offering where that person has sold short the same security.[115]  The SEC's Order alleged that the trader violated Rule 105 by effecting short sales during restricted periods and mismarking short sales as "long sales" in a total of 116 offerings.  The trader agreed to pay disgorgement, interest, and penalties total approximately $1.1 million without admitting or denying the charges V.   Insider Trading A.   Cases Against Corporate Insiders Corporate Executives July was a busy month for corporate executives accused of insider trading and tipping.  First, the SEC charged the former CEO of a New Jersey-based payment processing company and his romantic partner in an insider trading scheme that leveraged nonpublic information about the potential acquisition of his company by another payment processing company.[116]  On the CEO's instructions and with his funds, the romantic partner opened a brokerage account and used almost $1 million of the funds to purchase stock in the target company.  According to the SEC, the pair generated $250,000 in profits after the merger was announced.  The case is being litigated. The SEC also settled with a former VP of Investor Relations at a company operating country clubs and sports clubs alleged to have traded in his company's stock after learning that it was negotiating to be acquired.[117]  After receiving an inquiry from FINRA, the officer resigned from the company and retained counsel who reported the misconduct to the SEC and provided them substantiating documentation.  In return, the SEC agreed to a settlement that involved disgorgement of his profits of approximately $78,000 and a civil penalty equal to about one-half of the disgorgement amount. Later in July, the SEC sued a senior executive at a Silicon Valley tech company for allegedly short selling as well as selling stock in his company ahead of three different quarterly announcements that the company was likely going to miss its revenue guidance.[118]  According to the SEC, the executive made nearly $200,000 in profits from these trades.  Without admitting wrongdoing, the executive agreed to disgorge his profits and pay a corresponding civil penalty, and to bebarred from acting as an officer or director of a public company for five years.  The SEC noted that it had utilized data analysis from its Market Abuse Unit's Analysis and Detection Center to detect suspicious trading patterns in advance of earnings announcements over time. And at the end of July, the SEC sued a VP of Finance who learned from a senior executive at his company that a Chinese investment group might acquire the company.[119]  While preparing financial projections and conducting diligence, the VP allegedly used his spouse's brokerage account to purchase shares of his company.  When it became public that his company had rejected the Chinese investment group's offer in the hopes of receiving a higher price, the company's share increased 24%, resulting in the VP earning nearly $90,000.  Without admitting liability, the officer agreed to disgorgement of his gains and a corresponding civil penalty. In August, the SEC charged a former biotech executive and others with participating in a scheme that generated $1.5 million of profits by trading ahead of the announcement of a licensing agreement between his company and another large pharmaceutical company.[120]  According to the complaint, the executive informed a friend of the license agreement.  The friend then tipped a former day trader, who, in connection with an insider-trading ring, purchased stock and options and made $1.5 million in illegal profits when the agreement was announced and the company's stock price jumped 38 percent.  In a parallel action, the U.S. Attorney's Office for the District of New Jersey charged the day trader and four members of his group with illegal insider trading ahead of secondary public stock offerings. All five defendants have pled guilty to the parallel criminal charges; the four members of the insider-trading ring other than the trader have agreed to partial settlements with the SEC for conduct including their trading on the license agreement, with potential monetary sanctions to be determined at a later date.  The SEC is continuing a previous action against the trader for alleged insider trading ahead of the secondary stock offerings. In August, the SEC sued a former Sales VP at a cemetery and funeral home operator for allegedly benefiting from confidential information obtained through his employer.[121]  After learning about a substantial decline in sales that would necessitate a reduction in the company's distribution payments, the executive sold all of his shares in the company.  As part of a settlement, the executive agreed to pay disgorgement and a civil penalty. Also in August, the SEC settled charges against a former executive of a cloud security and services company.[122]  According to the SEC, the executive informed his two brothers, to whom he had gifted stock in the past, that the company would miss its revenue guidance, and contacted his brothers' brokerage firm to coordinate the sale of all of their stock.  When the negative news was announced, the stock price dropped significantly and the brothers collectively avoided losses of over $580,000.  Under the terms of his settlement, the former executive will be barred from serving as an officer or director of a public company for two years and will pay a $581,170 penalty. In September, the SEC brought a settled action against a former executive at a mortgage servicing company.[123]  The SEC alleged that the executive engaged in insider trading surrounding three separate events, including the resolution of litigation and a CFPB enforcement action against the company, as well as negotiations to sell the company. Without admitting or denying the allegations, the executive agreed to disgorge his ill-gotten gains of almost $65,000 and to pay a penalty equal to the disgorgement amount. In October, the SEC charged a company's former Director of SEC Reporting with trading ahead of a corporate acquisition.[124]  The complaint alleged that the individual bought call options and stock in a company targeted for acquisition by a subsidiary of the company. The matter is being litigated. In November, the acquisition of two health care networks by a large health care company led to two separate misappropriation cases.  The SEC charged a man with insider trading based on information he misappropriated from his wife, a human resources executive at the acquiring company, about the planned acquisitions.[125]  According the SEC, the man overheard his wife's phone calls while she was working at home.  The husband agreed to pay disgorgement of about $64,000 and a penalty of $72,144.  The SEC also settled an insider trading charge against a man alleged to have misappropriated information from his brother, an executive at one of the target companies.[126]  According to the SEC, the insider had shared the information in confidence at a family holiday party.  The trader agreed to pay disgorgement and penalties totaling about $40,000. Board Members In a high profile case involving drug trials, the SEC and DOJ filed parallel charges for insider trading against a U.S. Congressman, his son, and a host of other individuals.[127]  According to the SEC's complaint, the Congressman learned of negative drug trial results through his seat on a biotech company's board.  The Congressman allegedly provided his son the inside information, who then told a third individual.  Over the next few days, the Congressman's son, the third individual, and a number of their friends and family members sold over a million shares of the biotech company's stock, which plummeted more than 92 percent following the announcement of the negative results.  As a result of the trading, the Congressman's son and the third individual avoided approximately $700,000 in losses.  Two of the individuals sued ultimately settled with the SEC without admitting or denying the charges, agreeing to disgorge their gains totaling approximately $35,000 and to pay a matching civil penalty.  The SEC's cases against the Congressmen, his son, and a third individual are ongoing. In August, the SEC sued the son of a bank board member who learned of the bank's potential acquisition by another bank from his father prior to the acquisition's public announcement.[128]  The son realized approximately $40,000 in gains after the acquisition became public.  Without admitting or denying the charges, the son agreed to disgorge the gains and to pay a matching civil penalty. Employee Insiders In July, the SEC sued a former financial analyst at a medical waste disposal company and his mother for trading on inside information that the company would miss its revenue guidance.[129]  Following the company's earnings announcement, its stock fell 22%, resulting in the analyst and his mother avoiding losses and earning profits of approximately $330,000.  Both the analyst and his mother agreed to settle the case without admitting liability.  They will be required to disgorge their profits and pay a civil penalty in amounts to be later determined by the court. Also in July, in the second SEC case arising out of the Equifax data breach, the SEC charged a software engineer tasked with constructing a website for consumers who were impacted by the data breach for trading the company's stock before the data breach was publicly disclosed .[130]  The engineer was fired after refusing to cooperate with the company's investigation, though he and the SEC ultimately settled the case.  As part of that settlement, the engineer was ordered to disgorge $75,000 in profits.  The U.S. Attorney's Office also filed criminal charges against the engineer. The SEC also filed a number of cases involving corporate scientists.  In July, the SEC charged a scientist at a California biotech company for trading based on positive developments in a genetic sequencing platform.[131]  According to the SEC, the scientist traded during company trading blackouts, in a brokerage account not disclosed to his employer.  He settled the case, agreeing to disgorge approximately $40,000 in profits and paying a similar civil penalty.  In August, the SEC filed suit against a scientist who learned that his healthcare diagnostics company was about to acquire another company in a tender offer.[132]  On the date the acquisition was announced, his company's stock increased 176%.  As part of the settlement, the scientist agreed to disgorge $14,000 in profits and pay a corresponding civil penalty.  And in a third case, the SEC settled with a scientist at a pharmaceutical company for allegedly trading in advance of positive results of a clinical trial.[133]  The scientist agreed to disgorgement of $134,000, but based on her voluntarily coming forward and reporting her improper trades, the SEC agreed to a reduced penalty of $67,000. The SEC brought charges in August against an in-house attorney for a shipping company who traded on inside information that his company had entered into a strategic partnership with a private equity fund.[134]  As part of a settlement, he was ordered to disgorge nearly $30,000 in profits with a matching civil penalty. And in September, the SEC charged a former professional motorcycle racer handling promotional activities for a beverage company, as well as his father, family friend, and investment adviser, with insider trading for tipping and trading ahead of an impending deal with a large beverage company.[135]  According to the SEC, after the racer had learned a significant deal was imminent, the four individuals collectively purchased over $770,000 in stock and options, in certain instances borrowing funds for the purchases.  Following the announcement, they made over $283,000 in trading profits. Without admitting or denying the findings, the individuals agreed to disgorge ill-gotten gains and to pay civil penalties. B.   Misappropriation by Investment Professionals and Other Advisors Several deal advisors, including bankers, corporate advisors, and accountants, were charged with insider trading by the SEC.  In August, the SEC charged a professional football player and a former investment banker with insider trading in advance of corporate acquisitions.[136]  The SEC alleges that after meeting at a party, the player began receiving illegal tips, facilitated through coded text messages and FaceTime conversations, from the banker about upcoming corporate mergers.  The player allegedly made $1.2 million in illegal profits by purchasing securities in companies that were soon to be acquired, in one instance generating a nearly 400 percent return.  In return, he is alleged to have rewarded the analyst by setting up an online brokerage account that both men could access, by providing cash kickbacks, free NFL tickets, and an evening on the set of a pop star's music video in which the player made a cameo appearance.  The SEC action is being litigated; both men have pled guilty to related criminal charges.  In November, the SEC also charged a family friend of the banker in connection with the same scheme.[137]  The U.S. Attorney's Office announced parallel criminal charges against this individual. In September, the SEC filed insider trading charges against a corporate deal advisor for trading in securities of two China-based companies based on confidential information about their impending acquisitions.[138]  According to the SEC, the individual, who had been providing advice to the acquiring companies, opened a brokerage account in his wife's name and used that account to generate more than $79,500 in trading profits. That same executive later became a director at a Hong Kong-based investment banking firm.  In connection with advising a client on an acquisition of its rival, he was alleged to have again used his wife's brokerage account to buy high risk call options, which he sold after news of the acquisition for profits of more than $94,400. The case is being litigated. And in December, the SEC charged an individual with misappropriating information from his fiancé, an investment banker working on a merger between two airline companies.[139]   According to the SEC, the trader overheard calls his now-wife made at home on nights and weekends, purchasing call options in the target company and netting approximately $250,000 in profits.  Without admitting or denying liability, the trader agreed to disgorge his profits and pay a matching penalty. Also in December, the SEC alleged that an IT contractor working at an investment bank had traded, and tipped his wife and father, based on information he'd learned from the bank.[140] According to the SEC, the three collectively reaped approximately $600,000 in profits by trading in advance of at least 40 corporate events.  The SEC obtained a court-ordered freeze of assets in multiple brokerage accounts connected to the alleged trading. The SEC brought several cases against accountants and their tippees.  In August, the SEC brought a settled action against a CPA who learned of an acquisition through his work as an accountant providing tax advice to a private company owned by a member of one of the companies.[141]  The individual agreed to disgorge his profits of approximately $8,000 and pay a matching civil penalty. Also that month, the SEC sued a former director of a major accounting and auditing firm for trading ahead of a merger between two of the firm's clients.[142]  According to the SEC, after learning of the planned merger, the director used a relative's account to purchase call options, which increased in value by about $150,000 following announcement of the merger.  Though the director later allowed the options to expire without selling or exercising them, he did not inform his employer that he controlled the account when the relative's name appeared on a list of individuals in connection with a FINRA investigation into suspect trading.  Without admitting liability, the director agreed to pay a $150,500 penalty and to be barred from appearing and practicing before the SEC as an accountant for two years. The SEC brought several other cases involving misappropriation by industry professionals.  In July 2018, the SEC settled charges against a broker who traded ahead of a multi-billion dollar acquisition.[143]  According to the SEC, the broker misappropriated the information from a friend who was a certified public accountant providing personal tax advice to a senior executive at the company being acquired, and who had shared the information in confidence.  Without admitting liability, he agreed to disgorgement of his nearly $90,000 in profits, a comparable civil penalty, and debarment from being a broker.  And in September, the SEC settled a claim against a CPA and a doctor for allegedly trading while in possession of confidential information regarding an impending acquisition.[144]  According to the SEC, the CPA misappropriated the information from a friend who worked at one of the companies. The SEC alleges that after the CPA shared the information with the doctor, both purchased call options in the target company.  Both the CPA and doctor agreed to pay disgorgement and civil penalties. VI.   Municipal Securities and Public Finance Cases With the SEC's Municipalities Continuing Disclosure (MCDC) Initiative (which as noted above generated  a significant number of cases) completed, the SEC's Public Finance Abuse Unit returned to its traditionally slower pace, filing just a few cases in the latter half of the year. In August, the SEC charged two firms and 18 individuals with participating in a municipal bond "flipping" scheme (i.e. improperly obtaining new bond allocations from brokers and reselling to broker-dealers for a fee.[145]  According to the SEC, the firms and their principals used false identities to pose as retail investors in order to receive priority from the bond underwriters, and then resold the bonds to brokers for a pre-arranged commission.  The SEC also charged a municipal underwriter with taking kickbacks as part of the scheme.  Most of the parties settled (with sanctions including disgorgement, penalties, and industry bars and suspensions), but aspects of the case are being litigated as well.  The SEC filed another settled case for municipal bond flipping in December.[146] In September, the SEC instituted a settled action against a municipal adviser and its principal for failing to register as municipal advisor and failing to disclose its nonregistration to a school district to which it provided services.[147]  The firm and its principal agreed to pay about $50,000 in disgorgement and penalties, and the principal agreed to be barred from the securities industry. [1]      Admin. Proc. File No. 3-18965, In re Hertz Global Holdings, Inc. (Dec. 31, 2018), available at www.sec.gov/litigation/admin/2018/33-10601.pdf. [2]      Admin. Proc. File No. 3-18966, In re Katz, Sapper & Miller, LLP (Jan. 9, 2019), available at www.sec.gov/litigation/admin/2019/34-84980.pdf. [3]      See SEC Press Release, SEC Enforcement Division Issues Report on FY 2018 Results (Nov. 2, 2018), available at www.sec.gov/news/press-release/2018-250; and accompanying Annual Report at www.sec.gov/files/enforcement-annual-report-2018.pdf. [4]      For more on Kokesh, see Gibson Dunn Client Alert, United States Supreme Court Limits SEC Power to Seek Disgorgement Based on Stale Conduct (June 5, 2017), available at www.gibsondunn.com/united-states-supreme-court-limits-sec-power-to-seek-disgorgement-based-on-stale-conduct/. [5]      For more on Lucia, see Gibson Dunn Client Alert, Supreme Court Rules That SEC ALJs Were Unconstitutionally Appointed (June 21, 2018), available at www.gibsondunn.com/supreme-court-rules-that-sec-aljs-were-unconstitutionally-appointed. [6]      Whistleblower Program, 2018 Annual Report to Congress, available at www.sec.gov/files/sec-2018-annual-report-whistleblower-program.pdf. [7]      SEC Press Release, SEC Awards more Than $54 Million to Two Whistleblowers (Sept. 6, 2018), available at www.sec.gov/news/press-release/2018-179. [8]      SEC Press Release, Whistleblower Receives Award of Approximately $1.5 Million (Sept. 14, 2018), available at www.sec.gov/news/press-release/2018-194. [9]      SEC Press Release, SEC Awards Almost $4 Million to Overseas Whistleblower (Sept. 24, 2018), available at www.sec.gov/news/press-release/2018-209. [10]     SEC Press Release, SEC Charges Firm with Deficient Cybersecurity Procedures (Sept. 26, 2018), available at www.sec.gov/news/press-release/2018-213. [11]     SEC Press Release, SEC Investigative Report: Public Companies Should Consider Cyber Threats When Implementing Internal Controls (Oct. 16, 2018), available at www.sec.gov/news/press-release/2018-236. [12]     For further discussion, see Gibson Dunn Client Alert, SEC Warns Public Companies on Cyber-Fraud Controls (Oct. 27, 2018), available at www.gibsondunn.com/sec-warns-public-companies-on-cyber-fraud-controls/. [13]     SEC Press Release, SEC Charges ICO Superstore and Owners with Operating as Unregistered Broker-Dealers (Sept. 11, 2018), available at www.sec.gov/news/press-release/2018-185. [14]     SEC Press Release, SEC Charges Digital Asset Hedge Fund Manager with Misrepresentations and Registration Failures (Sept. 11, 2018), available at www.sec.gov/news/press-release/2018-186. [15]     SEC Press Release, SEC Charges EtherDelta Founder with Operating an Unregistered Exchange (Nov. 8, 2018), available at www.sec.gov/news/press-release/2018-258. [16]     SEC Press Release, Two ICO Issuers Settle SEC Registration Charges, Agree to Register Tokens as Securities (Nov. 16, 2018), available at www.sec.gov/news/press-release/2018-264. [17]     Admin. Proc. File No. 3-18906, In re Floyd Mayweather Jr. (Nov. 29, 2018), available at www.sec.gov/litigation/admin/2018/33-10578.pdf; SEC Admin. Proc. File No. 3-18907, In re Khaled Khaled (Nov. 29, 2018), available at www.sec.gov/litigation/admin/2018/33-10579.pdf. [18]     SEC Press Release, SEC Suspends Trading in Company for Making False Cryptocurrency-Related Claims about SEC Regulation and Registration (Oct. 22, 2018), available at www.sec.gov/news/press-release/2018-242. [19]     SEC Press Release, SEC Stops Fraudulent ICO That Falsely Claimed SEC Approval (Oct. 11, 2018), available at www.sec.gov/news/press-release/2018-232. [20]     R. Todd, Judge to SEC: You Haven't Shown This ICO Is a Security Offering, The Recorder (Nov. 27, 2018), available at www.law.com/therecorder/2018/11/27/judge-to-sec-this-ico-isnt-a-security-offering/. [21]     SEC Press Release, SEC Charges Bitcoin-Funded Securities Dealer and CEO (Sept. 27, 2018), available at www.sec.gov/news/press-release/2018-218. [22]     Admin. Proc. File No. 3-18582, SEC Charges Pipe Manufacturer and Former CFO with Reporting and Accounting Violations (July 10, 2018), available at www.sec.gov/enforce/33-10517-s. [23]     SEC Press Release, SEC Charges Telecommunications Expense Management Company with Accounting Fraud (Sept. 4, 2018), available at www.sec.gov/news/press-release/2018-175. [24]     SEC Litigation Release, SEC Charges Outsourced CFO with Accounting Controls Deficiencies (Sept. 12, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24265.htm.  [25]     SEC Press Release, Business Services Company and Former CFO Charged With Accounting Fraud (Sept. 20, 2018), available at www.sec.gov/news/press-release/2018-205. [26]     Admin. Proc. File No. 3-18816, Pipeline Construction Company Settles Charges Relating to Internal Control Failures (Sept. 21, 2018), available at www.sec.gov/enforce/34-84251-s. [27]     SEC Press Release, SEC Charges Salix Pharmaceuticals and Former CFO With Lying About Distribution Channel (Sept. 28, 2018), available at www.sec.gov/news/press-release/2018-221. [28]     Admin. Proc. File No. 3-18891, Tobacco Company Settles Accounting and Internal Control Charges (Nov. 9, 2016), available at www.sec.gov/enforce/34-84562-s.  For a description of the company's remedial measures, see www.sec.gov/litigation/admin/2018/34-84562.pdf.  [29]     SEC Press Release, SEC Charges Agria Corporation and Executive Chairman With Fraud (Dec. 10, 2018), available at www.sec.gov/news/press-release/2018-276. [30]     SEC Press Release, SEC Charges The Hain Celestial Group with Internal Controls Failures (Dec. 11, 2018), available at www.sec.gov/news/press-release/2018-277. [31]     Admin. Proc. File No. 3-18932, SEC Charges Santander Consumer for Accounting and Internal Control Failures (Dec. 17, 2018), available at www.sec.gov/enforce/34-84829-s. [32]     SEC Press Release, Public Companies Charged with Failing to Comply with Quarterly Reporting Obligations (Sept. 21, 2018), available at www.sec.gov/news/press-release/2018-207. [33]     SEC Press Release, SEC Charges KBR for Inflating Key Performance Metric and Accounting Controls Deficiencies (July 2, 2018), available at www.sec.gov/news/press-release/2018-127. [34]     SEC Press Release, SEC Charges Cloud Communications Company and Two Senior Executives With Misleading Revenue Projections (Aug. 7, 2018), available at www.sec.gov/news/press-release/2018-150. [35]     SEC Press Release, SEC Charges Former Online Marketing Company Executives With Inflating Operating Metrics (Aug. 21, 2018), available at www.sec.gov/news/press-release/2018-161. [36]     Admin. Proc. File No. 3-18819, SEC Charges Payment Processing Company and Former CEO for Overstating Key Operating Metric (Sept. 21, 2018), available at www.sec.gov/enforce/33-10558-s. [37]     Admin. Proc. File No. 3-18955, In re ADT Inc. (Dec. 26, 2018), available at www.sec.gov/litigation/admin/2018/34-84956.pdf. [38]     Admin. Proc. File No. 3-18570, Dow Chemical Agrees to $1.75 Million Penalty and Independent Consultant for Failing to Disclose Perquisites (July 2, 2018), available at www.sec.gov/enforce/34-83581-s. [39]     SEC Press Release, SEC Charges Oil Company CEO, Board Member With Hiding Personal Loans (July 16, 2018), available at www.sec.gov/news/press-release/2018-133. [40]     SEC Litigation Release, SEC Charges Real Estate Investment Funds and Executives for Misleading Investors (July 3, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24185.htm. [41]     Admin. Proc. File No. 3-18770, SEC Charges Arizona Company And Two Senior Executives In Connection With Misleading Disclosures About Material Contract (Sept. 17, 2018), available at www.sec.gov/enforce/33-10550-s. [42]     SEC Press Release, SeaWorld and Former CEO to Pay More Than $5 Million to Settle Fraud Charges (Sept. 18, 2018), available at www.sec.gov/news/press-release/2018-198. [43]     SEC Press Release, Biopharmaceutical Company, Executives Charged With Misleading Investors About Cancer Drug (Sept. 18, 2018), available at www.sec.gov/news/press-release/2018-199. [44]     SEC Press Release, SEC Charges Walgreens and Two Former Executives With Misleading Investors About  Forecasted Earnings Goal (Sept. 28, 2018), available at www.sec.gov/news/press-release/2018-220. [45]     SEC Press Release, Elon Musk Settles SEC Fraud Charges; Tesla Charged With and Resolves Securities Law Charge (Sept. 29, 2018), available at www.sec.gov/news/press-release/2018-226. [46]     Admin. Proc. File No. 3-18838, In re Lichter, Yu and Associates, Inc. et al. (Sept. 25, 2018), available at www.sec.gov/litigation/admin/2018/34-84281.pdf. [47]     SEC Press Release, SEC Suspends Former BDO Accountants for Improperly "Predating" Audit Work Papers (Oct. 12, 2018), available at www.sec.gov/news/press-release/2018-235. [48]     SEC Press Release, SEC Charges Audit Firm and Suspends Accountants for Deficient Audits (Dec. 21, 2018), available at www.sec.gov/news/press-release/2018-302. [49]     Admin. Proc. File No. 3-18856, SEC Charges Drone Seller for Failing to Ensure Accuracy of Financial Statement in Advance of Planned IPO (Sept. 28, 2018), available at www.sec.gov/enforce/33-10564-s. [50]     SEC Litigation Release, SEC Charges Medical Aesthetics Company and Its Former CEO with Misleading Investors in a $60 Million Stock Offering (Sept. 19, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24275.htm. [51]     SEC Press Release, SEC Charges Giga Entertainment Media, Former Officers and Directors with Fraud in Pay-For-Download Campaign (Nov. 15, 2018), available at www.sec.gov/news/press-release/2018-263. [52]     Admin. Proc. File No. 3-18901, SEC Charges San Jose Investment Adviser for Overcharging Fees (Nov. 19, 2018), available at www.sec.gov/enforce/ia-5065-s. [53]     Admin. Proc. File No. 3-18909, Investment Adviser Settles Charges Related to Expense Misallocation and Valuation Review Failures (Dec. 3, 2018), available at www.sec.gov/enforce/33-10581-s. [54]     Admin. Proc. File No. 3-18926, SEC Charges Milwaukee-Based Advisory Firm for Receiving Undisclosed Compensation on Client Transactions (Dec. 12, 2018), available at www.sec.gov/enforce/34-84807-s. [55]     Admin. Proc. File No. 3-18935, SEC Charges Private Equity Fund Adviser for Overcharging Expenses (Dec. 17, 2018), available at www.sec.gov/enforce/ia-5079-s. [56]     Admin. Proc. File No. 3-18930, SEC Settles with Investment Adviser Who Failed to Disclose Conflicts of Interest and Misallocated Expenses (Dec. 13, 2018), available at www.sec.gov/enforce/ia-5074-s. [57]     Admin Proc. File No. 3-18958, In re Lightyear Capital LLC (Dec. 26, 2018), available at www.sec.gov/litigation/admin/2018/ia-5096.pdf. [58]     Admin. Proc. File No. 3-18638, SEC Charges Investment Adviser for Compliance Failures Relating to Wrap Fee Programs (Aug. 14, 2018), available at www.sec.gov/enforce/ia-4984-s. [59]     Admin. Proc. File No. 3-18730, SEC Charges Investment Adviser for Failing to Fully Disclose Affiliate Compensation Arrangement (Sept. 7, 2018), available at www.sec.gov/enforce/ia-5002-s. [60]     Admin. Proc. File No. 3-18604, In re Michael Devlin (July 19, 2018), available at www.sec.gov/litigation/admin/2018/ia-4973.pdf. [61]     SEC Press Release, Merrill Lynch Settles SEC Charges of Undisclosed Conflict in Advisory Decision (Aug. 20, 2018), available at www.sec.gov/news/press-release/2018-159. [62]     SEC Press Release, SEC Charges Investment Adviser and CEO with Misleading Retail Investors (July 18, 2018), available at www.sec.gov/news/press-release/2018-137. [63]     Admin. Proc. File No. 3-18649, In re Roger T. Denha (Aug. 17, 2018), available at www.sec.gov/litigation/admin/2018/34-83873.pdf; Admin. Proc. File No. 3-18648, In re BKS Advisors LLC (Aug. 17, 2018), available at www.sec.gov/litigation/admin/2018/ia-4987.pdf. [64]     SEC Litigation Release, SEC Charges Investment Adviser and Senior Officers with Defrauding Clients (Sept. 20, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24278.htm. [65]     Admin. Proc. File No. 3-18724, In re Mark R. Graham et al. (Sept. 6, 2018), available at www.sec.gov/litigation/admin/2018/ia-5000.pdf. [66]     SEC Litigation Release, SEC Charges Hedge Fund Adviser with Short-And-Distort Scheme (Sept. 13, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24267.htm. [67]     SEC Press Release, SEC Charges LendingClub Asset Management and Former Executives With Misleading Investors and Breaching Fiduciary Duty (Sept. 28, 2018), available at www.sec.gov/news/press-release/2018-223. [68]     Admin. Proc. File No. 3-18912, In re KCAP Financial, Inc. (Dec. 4, 2018), available at www.sec.gov/litigation/admin/2018/34-84718.pdf. [69]     Admin. Proc. File No. 3-18673, In re First Western Advisors (Aug. 24, 2018), available at www.sec.gov/litigation/admin/2018/34-83934.pdf. [70]     Admin. Proc. File 3-18765, In re Capital Analysts, LLC (Sept. 14, 2018), available at www.sec.gov/litigation/admin/2018/ia-5009.pdf. [71]     Admin. Proc. File No. 3-18952, SEC Charges Tennessee Investment Advisory Firm and Two Advisory Representatives with Steering Clients to Higher-Fee Mutual Fund Share Classes (Dec. 21, 2018), available at www.sec.gov/enforce/34-84918-s. [72]     SEC Press Release, Two Advisory Firms, CEO Charged With Mutual Fund Share Class Disclosure Violations (Dec. 21, 2018), available at www.sec.gov/news/press-release/2018-303. [73]     Admin. Proc. File No. 3-18607, SEC Charges Beverly Hills Investment Adviser for Improper Fees and False Filings (July 20, 2018), available at www.sec.gov/enforce/ia-4975-s. [74]     Admin. Proc. File No. 3-18657, In re Aria Partners GP, LLC (Aug. 22, 2018), available at www.sec.gov/litigation/admin/2018/ia-4991.pdf. [75]     SEC Press Release, Transamerica Entities to Pay $97 Million to Investors Relating to Errors in Quantitative Investment Models (Aug. 27, 2018), available at www.sec.gov/news/press-release/2018-167. [76]     SEC Press Release, SEC Charges Buffalo Advisory Firm and Principal With Fraud Relating to Association With Barred Adviser (Aug. 30, 2018), available at www.sec.gov/news/press-release/2018-172.  [77]     Admin. Proc. File No. 3-18704, In re Mass. Financial Services Co. (Aug. 31, 2018), available at www.sec.gov/litigation/admin/2018/ia-4999.pdf. [78]     Admin. Proc. File No 3-18729, In re VSS Fund Mmgt. LLC and Jeffrey T. Stevenson (Sept. 7, 2018), available at www.sec.gov/litigation/admin/2018/ia-5001.pdf. [79]     SEC Press Release, SEC Charges Investment Advisers With Defrauding Retail Advisory Clients (Sept. 14, 2018), available at www.sec.gov/news/press-release/2018-195. [80]     Admin. Proc. File No. 3-18948, In re Sterling Global Strategies LLC (Dec. 20, 2018), available at www.sec.gov/litigation/admin/2018/ia-5085.pdf. [81]     SEC Press Release, SEC Charges Two Robo-Advisers With False Disclosures (Dec. 21, 2018), available at www.sec.gov/news/press-release/2018-300. [82]     SEC Press Release, SEC Charges Ameriprise Financial Services for Failing to Safeguard Client Assets (Aug. 15, 2018), available at www.sec.gov/news/press-release/2018-154. [83]     Admin. Proc. File No. 3-18884, SEC Charges Advisory Firm With Due Diligence and Monitoring Failures (Nov. 6, 2018), available at www.sec.gov/enforce/ia-5061-s. [84]     Admin. Proc. File No. 3-18636, SEC Charges Investment Adviser With Mispricing Cross Trades Between Clients (Aug. 10, 2018), available at www.sec.gov/enforce/ia-4983-s. [85]     Admin. Proc. File No. 3-18767, In re Cushing Asset Management, LP (Sept. 14, 2018), available at www.sec.gov/litigation/admin/2018/ic-33226.pdf. [86]     Admin. Proc. File No. 3-18844, SEC Orders Putnam to Pay $1 Million Penalty, Suspends and Fines Former Portfolio Manager for Prearranged Cross-Trades (Sept. 27, 2018), available at www.sec.gov/enforce/ia-5050-s. [87]     Admin. Proc. File Nos. 3-18586, 3-18587, 3-18588, 3-18589, 3-18590, SEC Charges Investment Advisers and Representatives for Violating the Testimonial Rule Using Social Media and the Internet (July 10, 2018), available at www.sec.gov/enforce/3-18586-90-s. [88]     Admin. Proc. File No. 3-18779, Investment Adviser and Its President Settle Charges for Testimonial Rule and Code of Ethics Violations (Sept. 18, 2018), available at www.sec.gov/enforce/ia-5035-s. [89]     Admin. Proc. File No. 3-18585, In re Oaktree Capital Management, L.P. (July 10, 2018), available at www.sec.gov/litigation/admin/2018/ia-4960.pdf. [90]     Admin. Proc. File No. 3-18584, In re EnCap Investments L.P. (July 10, 2018), available at www.sec.gov/litigation/admin/2018/ia-4959.pdf.    [91]     Admin. Proc. File No. 3-18599, Investment Adviser Settles Charges for Custody Rule Violations (July 17, 2018), available at www.sec.gov/enforce/ia-4970-s. [92]     Admin. Proc. File No. 3-18837, Investment Adviser Settles Charges for Custody Rule and Compliance Rule Violations (Sept. 25, 2018), available at www.sec.gov/enforce/ia-5047-s. [93]     SEC Press Release, Deutsche Bank to Pay Nearly $75 Million for Improper Handling of ADRs (Jul. 20, 2018), available at www.sec.gov/news/press-release/2018-138. [94]     SEC Press Release, SG Americas Securities Charged for Improper Handling of ADRs (Sept. 25, 2018), available at www.sec.gov/news/press-release/2018-211. [95]     SEC Press Release, Citibank to Pay More Than $38 Million for Improper Handling of ADRs (Nov. 7, 2018), available at www.sec.gov/news/press-release/2018-255. [96]     Admin. Proc. File No. 3-18933, In re Bank of New York Mellon (Dec. 17, 2018), available at www.sec.gov/litigation/admin/2018/33-10586.pdf. [97]     SEC Press Release, JPMorgan to Pay More Than $135 Million for Improper Handling of ADRs (Dec. 26, 2018), available at www.sec.gov/news/press-release/2018-306. [98]     SEC Press Release, SEC Charges Mizuho Securities for Failure to Safeguard Customer Information (Jul. 23, 2018), available at www.sec.gov/news/press-release/2018-140. [99]     SEC Press Release, SEC Obtains Relief to Fully Reimburse Retail Investors Sold Unsuitable Product (Sept. 11, 2018), available at www.sec.gov/news/press-release/2018-184. [100]   SEC Press Release, Citigroup to Pay More Than $10 Million for Books and Records Violations and Inadequate Controls (Aug. 16, 2018), available at www.sec.gov/news/press-release/2018-155-0. [101]   SEC Press Release, SEC Charges Moody's With Internal Controls Failures and Ratings Symbols Deficiencies (Aug. 28, 2018), available at www.sec.gov/news/press-release/2018-169. [102]   SEC Litigation Release, SEC Charges Charles Schwab with Failing to Report Suspicious Transactions (Jul. 9, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24189.htm. [103]   Admin. Proc. File No. 3-18829, In the Matter of TD Ameritrade, Inc. (Sept. 24, 2018), available at www.sec.gov/litigation/admin/2018/34-84269.pdf. [104]   SEC Press Release, Brokerage Firm to Exit Penny stock Deposit Business and Pay Penalty for Repeatedly Failing to Report Suspicious Trading (Sept. 28, 2018), available at www.sec.gov/news/press-release/2018-225. [105]   Admin. Proc. File No. 3-18931, SEC Charges UBS Financial Services Inc. with Anti-Money Laundering Violations (Dec. 17, 2018), available at www.sec.gov/enforce/34-84828-s. [106]   Admin. Proc. File No. 30-18940, Broker-Dealer Settles Anti-Money Laundering Charges (Dec. 19, 2018), available at www.sec.gov/enforce/34-84851-s. [107]   SEC Press Release, SEC Charges Citigroup for Dark Pool Misrepresentations (Sept. 14, 2018), available at www.sec.gov/news/press-release/2018-193. [108]   SEC Press Release, Credit Suisse Agrees to Pay $10 Million to Settle Charges Related to Handling of Retail Customer Orders (Sept. 28, 2018), available at www.sec.gov/news/press-release/2018-224. [109]   SEC Press Release, SEC Charges ITG With Misleading Dark Pool Subscribers (Nov. 7, 2018), available at www.sec.gov/news/press-release/2018-256. [110]   SEC Press Release, SEC Charges BCG Financial for Failure to Preserve Documents and Maintain Accurate Books and Records (Jul. 17, 2018), available at www.sec.gov/news/press-release/2018-134. [111]   SEC Press Release, Broker-Dealer to Pay $2.75 Million Penalty for Providing Deficient Blue Sheet Data (Sept. 13, 2018), available at www.sec.gov/news/press-release/2018-191. [112]   SEC Press Release, Three Broker-Dealers to Pay More Than $6 Million in Penalties for Providing Deficient Blue Sheet Data (Dec. 10, 2018), available at www.sec.gov/news/press-release/2018-275. [113]   SEC Press Release, SEC Charges Two Brokers With Defrauding Customers (Sept. 10, 2018), available at www.sec.gov/news/press-release/2018-183. [114]   SEC Press Release, SEC Uses Data Analysis to Detect Cherry-Picking By Broker (Sept. 12, 2018), available at www.sec.gov/news/press-release/2018-189. [115]   Admin. Proc. File No. 3-18941, In the Matter of Andrew Nicoletta et al. (Dec. 19, 2018), available at www.sec.gov/litigation/admin/2018/34-84876.pdf. [116]   SEC Litigation Release, SEC Charges Former Heartland CEO, Romantic Partner in Insider Trading Scheme (Jul. 10, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24191.htm. [117]   SEC Litigation Release, SEC Charges Former Executive for Insider Trading (Jul. 5, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24186.htm. [118]   SEC Press Release, SEC Detects Silicon Valley Executive's Insider Trading (Jul. 24, 2018), available at www.sec.gov/news/press-release/2018-142. [119]   Admin. Proc. File No. 3-18618, SEC Charges VP of Finance with Insider Trading (Jul. 31, 2018), available at www.sec.gov/enforce/34-83742-s. [120]   SEC Litigation Release, SEC Charges Former Pharma Executive and Others with Insider Trading (Aug. 23, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24245.htm. [121]   Admin. Proc. File No. 3-18665, In re James T. Lentz (Aug. 22, 2018), available at www.sec.gov/litigation/admin/2018/33-10535.pdf. [122]   SEC Litigation Release, SEC Charges Former Senior Executive At Silicon Valley Company with Insider Trading (Aug. 30, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24251.htm. [123]   SEC Litigation Release, SEC Charges Former Vice President of Ocwen Financial Corporation with Insider Trading (Sept. 28, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24298.htm. [124]   SEC Litigation Release, SEC Charges Ebay's Former Director of SEC Reporting with Insider Trading (Oct. 16, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24317.htm. [125]   SEC Litigation Release, SEC Charges Husband with Insider Trading Ahead of Announcements by Wife's Employer (Nov. 8, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24340.htm. [126]   SEC Litigation Release, SEC Charges California Software Consultant with Insider Trading (Nov. 8, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24338.htm. [127]   SEC Press Release, SEC Charges U.S. Congressman and Others With Insider Trading (Aug. 8, 2018), available at www.sec.gov/news/press-release/2018-151; see also SEC Litigation Release, SEC Announces Settlement with Two Traders in Innate Insider Trading Case (Aug. 16, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24236.htm. [128]   Admin. Proc. File No. 34-83795, SEC Charges California Bank Board Member's Son with Insider Trading (Aug. 7, 2018), available at www.sec.gov/enforce/34-83795-s. [129]   SEC Litigation Release, SEC Charges Former Stericycle Financial Analyst and His Mother with Insider Trading (Jul. 24, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24212.htm. [130]   SEC Litigation Release, Former Equifax Manager Charged With Insider Trading (Jul. 2, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24183.htm. [131]   SEC Litigation. Release, Former Biotech Company Employee Charged with Insider Trading (Jul. 10, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24194.htm. [132]   SEC Litigation Release, SEC Charges Scientist for Insider Trading (Aug. 1, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24221.htm. [133]   Admin. Proc. File No. 3-18645, In re Honglan Wang (Aug. 16, 2018), available at www.sec.gov/litigation/admin/2018/34-83857.pdf. [134]   Admin. Proc. File No. 3-18655, SEC Charges Former In-House Counsel with Insider Trading (Aug. 21, 2018), available at www.sec.gov/enforce/34-83896-s. [135]   SEC Press Release, SEC Charges Former Professional Motorcycle Racer, his Investment Adviser, and Others With Insider Trading (Sept. 27, 2018), available at www.sec.gov/enforce/34-84304-s. [136]   SEC Press Release, SEC Charges NFL Player and Former Investment Banker With Insider Trading (Aug. 29, 2018), available at www.sec.gov/news/press-release/2018-170. [137]   SEC Press Release, SEC Charges Family Friend of Former Investment Banker With Insider Trading (Nov. 2, 2018), available at www.sec.gov/news/press-release/2018-251. [138]   SEC Litigation Release, SEC Charges Acquisition Advisor with Insider Trading (Sept. 14, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24269.htm. [139]   SEC Litigation Release, SEC Charges Husband of Investment Banker with Insider Trading (Dec. 17, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24375.htm. [140]   SEC Press Release, SEC Halts Alleged Insider Trading Ring Spanning Three Countries (Dec. 6, 2018), available at www.sec.gov/news/press-release/2018-273. [141]   SEC Litigation Release, SEC Charges Certified Public Accountant with Insider Trading (Aug. 21, 2018), available at www.sec.gov/litigation/litreleases/2018/lr24240.htm. [142]   Admin. Proc. File No. 3-18652, Former Director At Major Accounting Firm Settles Insider Trading Charges (Aug. 20, 2018), available at www.sec.gov/enforce/34-83889-s. [143]   Admin. Proc. File No. 3-18574, In re Michael Johnson (July 6, 2018), available at www.sec.gov/litigation/admin/2018/34-83602.pdf. [144]   Admin. Proc. File No. 3-18858, In re Unal Patel (Sept. 28, 2018), available at www.sec.gov/litigation/admin/2018/34-84315.pdf. [145]   SEC Press Release, SEC Files Charges in Municipal Bond "Flipping" and Kickback Schemes (Aug. 14, 2018), available at www.sec.gov/news/press-release/2018-153. [146]   Admin. Proc. File No. 3-18936, SEC Charges Former Municipal Bond Salesman with Fraudulent Trading Practices (Dec. 18, 2018), available at www.sec.gov/enforce/33-10587-s. [147]   Admin. Proc. File No. 3-18803, SEC Bars Head of Unregistered Municipal Advisory Firm for Failing to Disclose Material Facts to School District (Sept. 20, 2018), available at www.sec.gov/enforce/34-84224-s. The following Gibson Dunn lawyers assisted in the preparation of this client update:  Marc Fagel, Amy Mayer, Andrew Paulson, Tina Samanta, Elizabeth Snow, Craig Streit, Collin James Vierra, Timothy Zimmerman and Maya Ziv. Gibson Dunn is one of the nation's leading law firms in representing companies and individuals who face enforcement investigations by the Securities and Exchange Commission, the Department of Justice, the Commodities Futures Trading Commission, the New York and other state attorneys general and regulators, the Public Company Accounting Oversight Board (PCAOB), the Financial Industry Regulatory Authority (FINRA), the New York Stock Exchange, and federal and state banking regulators. Our Securities Enforcement Group offers broad and deep experience.  Our partners include the former Directors of the SEC's New York and San Francisco Regional Offices, the former head of FINRA's Department of Enforcement, the former United States Attorneys for the Central and Eastern Districts of California, and former Assistant United States Attorneys from federal prosecutors' offices in New York, Los Angeles, San Francisco and Washington, D.C., including the Securities and Commodities Fraud Task Force. Securities enforcement investigations are often one aspect of a problem facing our clients. Our securities enforcement lawyers work closely with lawyers from our Securities Regulation and Corporate Governance Group to provide expertise regarding parallel corporate governance, securities regulation, and securities trading issues, our Securities Litigation Group, and our White Collar Defense Group. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work or any of the following: New York Reed Brodsky (+1 212-351-5334, rbrodsky@gibsondunn.com) Joel M. Cohen (+1 212-351-2664, jcohen@gibsondunn.com) Lee G. Dunst (+1 212-351-3824, ldunst@gibsondunn.com) Barry R. Goldsmith (+1 212-351-2440, bgoldsmith@gibsondunn.com) Laura Kathryn O'Boyle (+1 212-351-2304, loboyle@gibsondunn.com) Mark K. Schonfeld (+1 212-351-2433, mschonfeld@gibsondunn.com) Alexander H. Southwell (+1 212-351-3981, asouthwell@gibsondunn.com) Avi Weitzman (+1 212-351-2465, aweitzman@gibsondunn.com) Lawrence J. Zweifach (+1 212-351-2625, lzweifach@gibsondunn.com) Tina Samanta (+1 212-351-2469 , tsamanta@gibsondunn.com) Washington, D.C. Stephanie L. Brooker (+1 202-887-3502, sbrooker@gibsondunn.com) Daniel P. Chung(+1 202-887-3729, dchung@gibsondunn.com) Stuart F. Delery (+1 202-887-3650, sdelery@gibsondunn.com) Richard W. Grime (+1 202-955-8219, rgrime@gibsondunn.com) Patrick F. Stokes (+1 202-955-8504, pstokes@gibsondunn.com) F. Joseph Warin (+1 202-887-3609, fwarin@gibsondunn.com) San Francisco Winston Y. Chan (+1 415-393-8362, wchan@gibsondunn.com) Thad A. Davis (+1 415-393-8251, tadavis@gibsondunn.com) Marc J. Fagel (+1 415-393-8332, mfagel@gibsondunn.com) Charles J. Stevens (+1 415-393-8391, cstevens@gibsondunn.com) Michael Li-Ming Wong (+1 415-393-8234, mwong@gibsondunn.com) Palo Alto Michael D. Celio (+1 650-849-5326, mcelio@gibsondunn.com) Paul J. Collins (+1 650-849-5309, pcollins@gibsondunn.com) Benjamin B. Wagner (+1 650-849-5395, bwagner@gibsondunn.com) Denver Robert C. Blume (+1 303-298-5758, rblume@gibsondunn.com) Monica K. Loseman (+1 303-298-5784, mloseman@gibsondunn.com) Los Angeles Michael M. Farhang (+1 213-229-7005, mfarhang@gibsondunn.com) Douglas M. Fuchs (+1 213-229-7605, dfuchs@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Read More

January 14, 2019

U.S. Department of Health and Human Services Issues New Guidance on Voluntary Cybersecurity Practices for Health Care Industry

Click for PDF On December 28, 2018, a Task Group that includes U.S. Department of Health and Human Services ("HHS") personnel and private-sector health care industry leaders published new guidance for health care organizations on cybersecurity best practices.[1]  The guidance—Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients—is voluntary and creates no legal obligations.  It is targeted to health care providers, payors, pharmaceutical companies, and medical device manufacturers. This publication is among the most comprehensive and detailed guidance now available to the health care industry on cybersecurity.  While voluntary, the prescriptive advice and scalable tools in the new guidance may be a valuable resource for legal, compliance, IT, and information security professionals at health care organizations.  Organizations that follow this guidance may decrease the likelihood that they will suffer a costly data breach, and in the event of a breach may be able to point to compliance with the guidance to show that they have implemented reasonable cybersecurity practices, thereby helping to defend against private lawsuits or government enforcement actions. This alert briefly describes the background and key takeaways from the guidance.  Gibson Dunn is available to answer any questions you may have about how this guidance applies to your organization, as well as any other topics related to cybersecurity or privacy in the health care industry. Background The health care industry is a primary target for attacks by cyber-criminals.  The threat is especially critical because by at least one measure the average cost of a data breach in the health sector is $408 per record, almost double that of the next highest industry.[2]  In recent years, moreover, HHS's Office for Civil Rights ("OCR")—the office charged with enforcing the Health Insurance Portability and Accountability Act of 1996 ("HIPAA")—has demonstrated an increasing willingness to bring enforcement actions against even reputable and respected organizations that have suffered a data breach.[3] The new guidance comes against this backdrop and as the result of the Cybersecurity Act of 2015, which required HHS to issue guidance through a "trusted platform and tighter partnership between the United States government and the private sector."[4]  Under Section 405(d) of the Act, industry and government leaders formed a Task Group in May 2017 to create a set of "voluntary, consensus-based principles and practices to ensure cybersecurity in the Health Care and Public Health (HPH) sector."[5]  This guidance is the result of 18 months of work by the Task Group. The Guidance Recognizing that it would be impossible to address every cybersecurity challenge in a single publication, the Task Group focused on five prevalent cybersecurity threats: 1) e-mail phishing attacks, 2) ransomware attacks, 3) loss or theft of equipment or data, 4) insider, accidental or intentional data loss, and 5) attacks against connected medical devices that may affect patient safety.[6]  For each of the five high risk cybersecurity threats, the guidance describes the risk, lists specific vulnerabilities and the potential effects of these vulnerabilities, and offers a list of "practices to consider" to help minimize the threat. The Task Group then identified a set of voluntary best practices and organized them into ten categories: E-mail Protection Systems Endpoint Protection Systems Access Management Data Protection and Loss Prevention Asset Management Network Management Vulnerability Management Incident Response Medical Device Security Cybersecurity Policies Information regarding each of these practice categories is detailed in two supplementary technical volumes—one addressing the needs of small organizations and the other addressing the requirements of medium and large organizations—as well as a supplemental volume of additional resources and templates.  The guidance also provides a toolkit for determining and prioritizing the cybersecurity practices that would be most effective, which can be used to assist organizations in conducting a cybersecurity risk assessment.[7] The specific practices identified in the guidance are not intended to replace existing regulatory requirements or frameworks (such as the HIPAA Security Rule or the NIST Cybersecurity Framework).  Instead, they are intended to be a supplemental resource for health care organizations, with the goal of "rais[ing] the cybersecurity floor across the health care industry."[8]  Specific application and resource allocation will be up to each organization, and the guidance recognizes that each organization will need to tailor cybersecurity practices to its specific size, complexity, and type.  The guidance provides a chart to assist in determining these categorizations.[9]  Importantly, the guidance does not authorize any causes of action or grounds for regulatory enforcement. Conclusion Because of the long shadow of HIPAA, the health care industry has long been among the most heavily-regulated industries when it comes to cybersecurity practices.  This new guidance offers an additional tool that health care organizations can use to gauge the adequacy of their systems and their preparedness for a cyber attack.  Given that HHS OCR is simultaneously seeking comments on how it might update HIPAA's requirements,[10] and the explosion of enforcement activity and lawsuits related to cybersecurity and privacy more generally, health care organizations would be well-served to evaluate this guidance and refine or enhance their plans to address cybersecurity issues that regulators and plaintiffs are likely to examine increasingly in the years to come.    [1]   Healthcare & Public Health Sector Coordinating Councils, Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (Dec. 28, 2018), https://www.phe.gov/Preparedness/planning/405d/Documents/HICP-Main-508.pdf.    [2]   Id. at 9.    [3]   See, e.g., Press Release, Department of Health and Human Services, Anthem Pays OCR $16 Million in Record HIPAA Settlement Following Largest U.S. Health Data Breach in History (Oct. 15, 2018), https://www.hhs.gov/about/news/2018/10/15/anthem-pays-ocr-16-million-record-hipaa-settlement-following-largest-health-data-breach-history.html, Press Release, Department of Health and Human Services, Five breaches add up to millions in settlement costs for entity that failed to heed HIPAA's risk analysis and risk management rules (Feb. 1, 2018), available at https://www.hhs.gov/about/news/2018/02/01/five-breaches-add-millions-settlement-costs-entity-failed-heed-hipaa-s-risk-analysis-and-risk.html.    [4]   Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients, at 4.    [5]   Id.    [6]   Id. at 6.    [7]   Id. at 26.    [8]   Id.    [9]   Id. at 11.    [10]   See Request for Information on Modifying HIPAA Rules to Improve Coordinate Care, 83 Fed. Reg. 64,302 (Dec. 14, 2018). Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the above developments.  Please contact the Gibson Dunn lawyer with whom you usually work, or the following authors: Ryan T. Bergsieker - Denver (+1 303-298-5774, rbergsieker@gibsondunn.com) Reid Rector - Denver (+1 303-298-5923, rrector@gibsondunn.com) Josiah J. Clarke - Denver (+1 303-298-5708, jclarke@gibsondunn.com) Please also feel free to contact the following practice group leaders: Alexander H. Southwell - Chair, Privacy, Cybersecurity and Consumer Protection Practice, New York (+1 212-351-3981, asouthwell@gibsondunn.com) Daniel J. Thomasch - Co-Chair, Life Sciences Practice, New York (+1 212-351-3800, dthomasch@gibsondunn.com) Tracey B. Davies - Co-Chair, Life Sciences Practice, Dallas (+1 214-698-3335, tdavies@gibsondunn.com) Ryan A. Murr - Co-Chair, Life Sciences Practice, San Francisco (+1 415-393-8373, rmurr@gibsondunn.com) Stephen C. Payne - Chair, FDA and Health Care Practice, Washington, D.C. (+1 202-887-3693, spayne@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Read More

January 11, 2019

2018 Year-End German Law Update

Click for PDF Looking back at the past year's cacophony of voices in a world trying to negotiate a new balance of powers, it appeared that Germany was disturbingly silent, on both the global and European stage. Instead of helping shape the new global agenda that is in the making, German politics focused on sorting out the vacuum created by a Federal election result which left no clear winner other than a newly formed right wing nationalist populist party mostly comprised of so called Wutbürger (the new prong for "citizens in anger") that managed to attract 12.6 % of the vote to become the third strongest party in the German Federal Parliament. The relaunching of the Grand-Coalition in March after months of agonizing coalition talks was followed by a bumpy start leading into another session of federal state elections in Bavaria and Hesse that created more distraction. When normal business was finally resumed in November, a year had passed by with few meaningful initiatives formed or significant business accomplished. In short, while the world was spinning, Germany allowed itself a year's time-out from international affairs. The result is reflected in this year's update, where the most meaningful legal developments were either triggered by European initiatives, such as the General Data Protection Regulation ("GDPR") (see below section 4.1) or the New Transparency Rules for Listed German Companies (see below section 1.2), or as a result of landmark rulings of German or international higher and supreme courts (see below Corporate M&A sections 1.1 and 1.4; Tax – sections 2.1 and 2.2 and Labor and Employment – section 4.2). In fairness, shortly before the winter break at least a few other legal statutes have been rushed through parliament that are also covered by this update. Of the changes that are likely to have the most profound impact on the corporate world, as well as on the individual lives of the currently more than 500 million inhabitants of the EU-28, the GDPR, in our view, walks away with the first prize. The GDPR has created a unified legal system with bold concepts and strong mechanisms to protect individual rights to one's personal data, combined with hefty fines in case of the violation of its rules. As such, the GDPR stands out as a glowing example for the EU's aspiration to protect the civic rights of its citizens, but also has the potential to create a major exposure for EU-based companies processing and handling data globally, as well as for non EU-based companies doing business in Europe. On a more strategic scale, the GDPR also creates a challenge for Europe in the global race for supremacy in a AI-driven world fueled by unrestricted access to data - the gold of the digital age. The German government could not resist infection with the virus called protectionism, this time around coming in the form of greater scrutiny imposed on foreign direct investments into German companies being considered as "strategic" or "sensitive" (see below section 1.3 - Germany Tightens Rules on Foreign Takeovers Even Further). Protecting sensitive industries from "unwanted" foreign investors, at first glance, sounds like a laudable cause. However, for a country like Germany that derives most of its wealth and success from exporting its ideas, products and services, a more liberal approach to foreign investments would seem to be more appropriate, and it remains to be seen how the new rules will be enforced in practice going forward. The remarkable success of the German economy over the last twenty five years had its foundation in the abandoning of protectionism, the creation of an almost global market place for German products, and an increasing global adoption of the rule of law. All these building blocks of the recent German economic success have been under severe attack in the last year. This is definitely not the time for Germany to let another year go by idly. We use this opportunity to thank you for your trust and confidence in our ability to support you in your most complicated and important business decisions and to help you form your views and strategies to deal with sophisticated German legal issues. Without our daily interaction with your real-world questions and tasks, our expertise would be missing the focus and color to draw an accurate picture of the multifaceted world we are living in. In this respect, we thank you for making us better lawyers - every day. ________________________ TABLE OF CONTENTS 1.      Corporate, M&A 2.      Tax 3.      Financing and Restructuring 4.      Labor and Employment 5.      Real Estate 6.      Compliance 7.      Antitrust and Merger Control 8.      Litigation 9.      IP & Technology 10.    International Trade, Sanctions and Export Controls ________________________ 1.       Corporate, M&A 1.1       Further Development regarding D&O Liability of the Supervisory Board in a German Stock Corporation In its famous "ARAG/Garmenbeck"-decision in 1997, the German Federal Supreme Court (Bundesgerichtshof - BGH) first established the obligation of the supervisory board of a German Stock Corporation (Aktiengesellschaft) to pursue the company's D&O liability claims in the name of the company against its own management board after having examined the existence and enforceability of such claims. Given the very limited discretion the court has granted to the supervisory board not to bring such a claim and the supervisory board's own liability arising from inactivity, the number of claims brought by companies against their (former) management board members has risen significantly since this decision. In its recent decision dated September 18, 2018, the BGH ruled on the related follow-up question about when the statute of limitations should start to run with respect to compensation claims brought by the company against a supervisory board member who has failed to pursue the company's D&O liability claims against the board of management within the statutory limitation period. The BGH clarified that the statute of limitation applicable to the company's compensation claims against the inactive supervisory board member (namely ten years in case of a publicly listed company, otherwise five years) should not begin to run until the company's compensation claims against the management board member have become time-barred themselves. With that decision, the court adopts the view that in cases of inactivity, the period of limitations should not start to run until the last chance for the filing of an underlying claim has passed. In addition, the BGH in its decision confirmed the supervisory board's obligation to also pursue the company's claims against the board of management in cases where the management board member's misconduct is linked to the supervisory board's own misconduct (e.g. through a violation of supervisory duties). Even in cases where the pursuit of claims against the board of management would force the supervisory board to disclose its own misconduct, such "self-incrimination" does not release the supervisory board from its duty to pursue the claims given the preponderance of the company's interests in an effective supervisory board, the court reasoned. In practice, the recent decision will result in a significant extension of the D&O liability of supervisory board members. Against that backdrop, supervisory board members are well advised to examine the existence of the company's compensation claims against the board of management in a timely fashion and to pursue the filing of such claims, if any, as soon as possible. If the board of management's misconduct is linked to parallel misconduct of the supervisory board itself, the relevant supervisory board member – if not exceptionally released from pursuing such claim and depending on the relevant facts and circumstances – often finds her- or himself in a conflict of interest arising from such self-incrimination in connection with the pursuit of the claims. In such a situation, the supervisory board member might consider resigning from office in order to avoid a conflict of interest arising from such self-incrimination in connection with the pursuit of the claims. Back to Top 1.2       Upcoming New Transparency Rules for Listed German Companies as well as Institutional Investors, Asset Managers and Proxy Advisors In mid-October 2018, the German Federal Ministry of Justice finally presented the long-awaited draft for an act implementing the revised European Shareholders' Rights Directive (Directive (EU) 2017/828). The Directive aims to encourage long-term shareholder engagement by facilitating the communication between shareholders and companies, in particular across borders, and will need to be implemented into German law by June 10, 2019 at the latest. The new rules primarily target listed German companies and provide some major changes with respect to the "say on pay" provisions, as well as additional approval and disclosure requirements for related party transactions, the transmission of information between a stock corporation and its shareholders and additional transparency and reporting requirements for institutional investors, asset managers and proxy advisors. "Say on pay" on directors' remuneration: remuneration policy and remuneration report Under the current law, the shareholders determine the remuneration of the supervisory board members at a shareholder meeting, whereas the remuneration of the management board members is decided by the supervisory board. The law only provides for the possibility of an additional shareholder vote on the management board members' remuneration if such vote is put on the agenda by the management and supervisory boards in their sole discretion. Even then, such vote has no legal effects whatsoever ("voluntary say on pay"). In the future, shareholders of German listed companies will have two options. First, the supervisory board will have to prepare a detailed remuneration policy for the management board, which must be submitted to the shareholders if there are major changes to the remuneration, and in any event at least once every four years ("mandatory say on pay"). That said, the result of the vote on the policy will continue to remain only advisory. However, if the supervisory board adopts a remuneration policy that has been rejected by the shareholders, it will then be required to submit a reviewed (not necessarily revised) remuneration policy to the shareholders at the next shareholders' meeting. With respect to the remuneration of supervisory board members, the new rules require a shareholders vote at least once every four years. Second, at the annual shareholders' meeting the shareholders will vote ex post on the remuneration report (which is also reviewed by the statutory auditor) which contains the remuneration granted to the present and former members of the management board and the supervisory board in the past financial year. Again, the shareholders' vote, however, will only be advisory. Both the remuneration report including the audit report, as well as the remuneration policy will have to be made public on the company's website for at least ten years. Related party transactions German stock corporation law already provides for various safeguard mechanisms to protect minority shareholders in cases of transactions with major shareholders or other related parties (e.g. the capital maintenance rules and the laws relating to groups of companies). In the future, in the case of listed companies, these mechanisms will be supplemented by a detailed set of approval and transparency requirements for transactions between the company and related parties. Material transactions exceeding certain thresholds will require prior supervisory board approval. A rejection by the supervisory board can be overcome by shareholder vote. Furthermore, a listed company must publicly disclose any such material related party transaction, without undue delay over media providing for a Europe-wide distribution. Identification of shareholders and facilitation of the exercise of shareholders' rights Listed companies will have the right to request information on the identity of their shareholders, including the name and both a postal and electronic address, from depositary banks, thus allowing for a direct communication line, also with respect to bearer shares ("know-your-shareholder"). Furthermore, depositary banks and other intermediaries will be required to pass on important information from the company to the shareholders and vice versa, e.g. with respect to voting in shareholders' meetings and the exercise of subscription rights. Where there is more than one intermediary in a chain, the intermediaries are required to pass on the respective information within the chain. In addition, companies will be required to confirm the votes cast at the request of the shareholders thus enabling them to be certain that their votes have been effectively cast, including in particular across borders. Transparency requirements for institutional investors, asset managers and proxy advisors German domestic institutional investors and asset managers with Germany as their home member state (as defined in the applicable sector-specific EU law) will be required (i) to disclose their engagement policy, including how they monitor, influence and communicate with the investee companies, exercise shareholders' rights and manage actual and potential conflicts of interests, and (ii) to report annually on the implementation of their engagement policy and disclose how they have cast their votes in the general meetings of material investee companies. Institutional investors will further have to disclose (iii) consistency between the key elements of their investment strategy with the profile and duration of their liabilities and how they contribute to the medium to long-term performance of their assets, and, (iv) if asset managers are involved, to disclose the main aspects of their arrangement with the asset manager. The new disclosure and reporting requirements, however, only apply on a "comply or explain" basis. Thus, investors and asset managers may choose not to make the above disclosures, provided they give an explanation as to why this is the case. Proxy advisors will have to publicly disclose on an annual basis (i) whether and how they have applied their code of conduct based again on the "comply or explain" principle, and (ii) information on the essential features, methodologies and models they apply, their main information sources, the qualification of their staff, their voting policies for the different markets they operate in, their interaction with the companies and the stakeholders as well as how they manage conflicts of interests. These rules, however, do not apply to proxy advisors operating from a non-EEA state with no establishment in Germany. The present legislative draft is still under discussion and it is to be expected that there will still be some changes with respect to details before the act becomes effective in mid-2019. Due to transitional provisions, the new rules on "say on pay" will have no effect for the majority of listed companies in this year's meeting season. Whether the new rules will actually promote a long-term engagement of shareholders and have the desired effect on the directors' remuneration of listed companies will have to be seen. In any event, both listed companies as well as the other addressees of the new transparency rules should make sure that they are prepared for the new reporting and disclosure requirements. Back to Top 1.3       Germany Tightens Rules on Foreign Takeovers Even Further After the German government had imposed stricter rules on foreign direct investment in 2017 (see 2017 Year-End German Law Update under 1.5), it has now even further tightened its rules with respect to takeovers of German companies by foreign investors. The latest amendment of the rules under the German Foreign Trade and Payments Ordinance (Außenwirtschaftsverordnung, "AWV") enacted in 2018 was triggered, among other things, by the German government's first-ever veto in August 2018 regarding the proposed acquisition of Leifeld Metal Spinning, a German manufacturer of metal forming machines used in the automotive, aerospace and nuclear industries, by Yantai Taihai Corporation, a privately-owned industry group from China, on the grounds of national security. Ultimately, Yantai withdrew its bid shortly after the German government had signaled that it would block the takeover. On December 29, 2018, the latest amendment of the Foreign Trade and Payments Ordinance came into force. The new rules provide for greater scrutiny of foreign direct investments by lowering the threshold for review of takeovers of German companies by foreign investors from the acquisition of 25% of the voting rights down to 10% in circumstances where the target operates a critical infrastructure or in sensitive security areas (defense and IT security industry). In addition, the amendment also expands the scope of the Foreign Trade and Payments Ordinance to also apply to certain media companies that contribute to shaping the public opinion by way of broadcasting, teleservices or printed materials and stand out due to their special relevance and broad impact. While the lowering of the review threshold as such will lead to an expansion of the existing reporting requirements, the broader scope is also aimed at preventing German mass media from being manipulated with disinformation by foreign investors or governments. There are no specific guidelines published by the German government as it wants the relevant parties to contact, and enter into a dialog with, the authorities about these matters. While the German government used to be rather liberal when it came to foreign investments in the past, the recent veto in the case of Leifeld as well as the new rules show that in certain circumstances, it will become more cumbersome for dealmakers to get a deal done. Finally, it is likely that the rules on foreign investment control will be tightened even further going forward in light of the contemplated EU legislative framework for screening foreign direct investment on a pan-European level. Back to Top 1.4       US Landmark Decision on MAE Clauses - Consequences for German M&A Deals Fresenius wrote legal history in the US with potential consequences also for German M&A deals in which "material adverse effect" (MAE) clauses are used. In December 2018, for the first time ever, the Supreme Court of Delaware allowed a purchaser to invoke the occurrence of an MAE and to terminate the affected merger agreement. The agreement included an MAE clause, which allocated certain business risks concerning the target (Akorn) for the time period between signing and closing to Akorn. Against the resistance of Akorn, Fresenius terminated the merger agreement based on the alleged MAE, arguing that the target's EBITDA declined by 86%. The decision includes a very detailed analysis of an MAE clause by the Delaware courts and reaffirms that under Delaware law there is a very high bar to establishing an MAE. Such bar is based both on quantitative and qualitative parameters. The effects of any material adverse event need to be substantial as well as lasting. In most German deals, the parties agree to arbitrate. For this reason, there have been no German court rulings published on MAE clauses so far. Hence, all parties to an M&A deal face uncertainty about how German courts or arbitration tribunals would define "materiality" in the context of an MAE clause. In potential M&A litigation, sellers may use this ruling to support the argument that the bar for the exercise of the MAE right is in fact very high in line with the Delaware standard. It remains to be seen whether German judges will adopt the Delaware decision to interpret MAE clauses in German deals. Purchasers, who seek more certainty, may consider defining materiality in the MAE clause more concretely (e.g., by reference to the estimated impact of the event on the EBITDA of the company or any other financial parameter). Back to Top 1.5       Equivalence of Swiss Notarizations? The question whether the notarization of various German corporate matters may only be validly performed by German notaries or whether some or all of these measures may also be notarized validly by Swiss notaries has long since been the topic of legal debate. Since the last major reform of the German Limited Liability Companies Act (Gesetz betreffend Gesellschaften mit beschränkter Haftung - GmbHG) in 2008 the number of Swiss notarizations of German corporate measures has significantly decreased. A number of the newly introduced changes and provisions seemed to cast doubt on the equivalence and capacity of Swiss notaries to validly perform the duties of a German notary public who are not legally bound by the mandatory, non-negotiable German fee regime on notarial fees. As a consequence and a matter of prudence, German companies mostly stopped using Swiss notaries despite the potential for freely negotiated fee arrangements and the resulting significant costs savings in particular in high value matters. However, since 2008 there has been an increasing number of test cases that reach the higher German courts in which the permissibility of a Swiss notarization is the decisive issue. While the German Federal Supreme Court (Bundesgerichtshof - BGH) still has not had the opportunity to decide this question, in 2018 two such cases were decided by the Kammergericht (Higher District Court) in Berlin. In those cases, the court held that both the incorporation of a German limited liability company in the Swiss Canton of Berne (KG Berlin, 22 W 25/16 - January 24, 2018 = ZIP 2018, 323) and the notarization of a merger between two German GmbHs before a notary in the Swiss Canton of Basle (KG Berlin, 22 W 2/18 – July 26, 2018 = ZIP 2018, 1878) were valid notarizations under German law, because Swiss notaries were deemed to be generally equivalent to the qualifications and professional standards of German-based notaries. The reasons given in these decisions are reminiscent of the case law that existed prior to the 2008 corporate law reform and can be interpreted as indicative of a certain tendency by the courts to look favorably on Swiss notarizations as an alternative to German-based notarizations. Having said that and absent a determinative decision by the BGH, using German-based notaries remains the cautious default approach for German companies to take. This is definitely the case in any context where financing banks are involved (e.g. either where share pledges as loan security are concerned or in an acquisition financing context of GmbH share sales and transfers). On the other hand, in regions where such court precedents exist, the use of Swiss notaries for straightforward intercompany share transfers, mergers or conversions might be considered as an alternative on a case by case basis. Back to Top 1.6       Re-Enactment of the DCGK: Focus on Relevance, Function, Management Board's Remuneration and Independence of Supervisory Board Members Sixteen years after it has first been enacted, the German Corporate Governance Code (Deutscher Corporate Governance Kodex, DCGK), which contains standards for good and responsible governance for German listed companies, is facing a major makeover. In November 2018, the competent German government commission published a first draft for a radically revised DCGK. While vast parts of the proposed changes are merely editorial and technical in nature, the draft contains a number of new recommendations, in particular with respect to the topics of management remuneration and independence of supervisory board members. With respect to the latter, the draft now provides a catalogue of criteria that shall act as guidance for the supervisory board as to when a shareholder representative shall no longer be regarded as independent. Furthermore, the draft also provides for more detailed specifications aiming for an increased transparency of the supervisory board's work, including the recommendation to individually disclose the members' attendance of meetings, and further tightens the recommendations regarding the maximum number of simultaneous mandates for supervisory board members. Moreover, in addition to the previous concept of "comply or explain", the draft DCGK introduces a new "apply and explain" concept, recommending that listed companies also explain how they apply certain fundamental principles set forth in the DCGK as a new third category in addition to the previous two categories of recommendations and suggestions. The draft DCGK is currently under consultation and the interested public is invited to comment upon the proposed amendments until the end of January 2019. Since some of the proposed amendments provide for a rather fundamentally new approach to the current regime and would introduce additional administrative burdens, it remains to be seen whether all of the proposed amendments will actually come into force. According to the current plan, following a final consultancy of the Government Commission, the revised version of the DCGK shall be submitted for publication in April 2019 and would take effect shortly thereafter. Back to Top 2.         Tax On November 23, 2018, the German Federal Council (Bundesrat) approved the German Tax Reform Act 2018 (Jahressteuergesetz 2018, the "Act"), which had passed the German Federal Parliament (Bundestag) on November 8, 2018. Highlights of the Act are (i) the exemption of restructuring gains from German income tax, (ii) the partial abolition of and a restructuring exemption from the loss forfeiture rules in share transactions and (iii) the extension of the scope of taxation for non-German real estate investors investing in Germany. 2.1       Exemption of Restructuring Gains The Act puts an end to a long period of uncertainty - which has significantly impaired restructuring efforts - with respect to the tax implications resulting from debt waivers in restructuring scenarios (please see in this regard our 2017 Year-End German Law Update under 3.2). Under German tax law, the waiver of worthless creditor claims creates a balance sheet profit for the debtor in the amount of the nominal value of the payable. Such balance sheet profit is taxable and would - without any tax privileges for such profit – often outweigh the restructuring effect of the waiver. The Act now reinstates the tax exemption of debt waivers with retroactive effect for debt waivers after February 8, 2017; upon application debt waivers prior to February 8, 2017 can also be covered. Prior to this legislative change, a tax exemption of restructuring gains was based on a restructuring decree of the Federal Ministry of Finance, which has been applied by the tax authorities since 2003. In 2016, the German Federal Fiscal Court (Bundesfinanzgerichtshof) held that the restructuring decree by the Federal Ministry of Finance violates constitutional law since a tax exemption must be legislated by statute and cannot be based on an administrative decree. Legislation was then on hold pending confirmation from the EU Commission that a legislative tax exemption does not constitute illegal state aid under EU law. The EU Commission finally gave such confirmation by way of a comfort letter in August 2018. The Act is largely based on the conditions imposed by a restructuring decree issued by the Federal Ministry of Finance on the tax exemption of a restructuring gain. Under the Act, gains at the level of the debtor resulting from a full or partial debt relief are exempt from German income tax if the relief is granted to recapitalize and restructure an ailing business. The tax exemption only applies if at the time of the debt waiver (i) the business is in need of restructuring and (ii) capable of being restructured, (iii) the waiver results in a going-concern of the restructured business and (iv) the creditor waives the debt with the intention to restructure the business. The rules apply to German corporate income and trade tax and benefit individuals, partnerships and corporations alike. Any gains from the relief must first be reduced by all existing loss-offsetting potentials before the taxpayer can benefit from tax exemptions on restructuring measures. Back to Top 2.2       Partial Abolition of Loss Forfeiture Rules/Restructuring Exception Under the current Loss Forfeiture Rules, losses of a German corporation will be forfeited on a pro rata basis if within a period of five years more than 25% but not more than 50% of the shares in the German loss-making corporation are transferred (directly or indirectly) to a new shareholder or group of shareholders with aligned interests. If more than 50% are transferred, losses will be forfeited in total. There are exceptions to this rule for certain intragroup restructurings, built-in gains and business continuations, especially in the venture capital industry. On March 29, 2017, the German Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) ruled that the pro rata forfeiture of losses (a share transfer of more than 25% but not more than 50%) is incompatible with the constitution. The court has asked the German legislator to amend the Loss Forfeiture Rules retroactively for the period from January 1, 2008 until December 31, 2015 to bring them in line with the constitution. Somewhat surprisingly, the legislator has now decided to fully cancel the pro rata forfeiture of losses with retroactive effect and with no reference to a specific tax period. Currently pending before the German Federal Constitutional Court is the question whether the full forfeiture of losses is constitutional. A decision by the Federal Constitutional Court is expected for early 2019, which may then result in another legislative amendment of the Loss Forfeiture Rules. The Act has also reinstated a restructuring exception from the forfeiture rules - if the share transfer occurs in order to restructure the business of an ailing corporation. Similar to the exemption of restructuring gains, this legislation was on hold until the ECJ's decision (European Court of Justice) on June 28, 2018 that the restructuring exception does not violate EU law. Existing losses will not cease to exist following a share transfer if the restructuring measures are appropriate to avoid or eliminate the illiquidity or the over-indebtedness of the corporation and to maintain its basic operational structure. The restructuring exception applies to share transfers after December 31, 2007. Back to Top 2.3       Investments in German Real Estate by Non-German Investors So far, capital gains from the disposal of shares in a non-German corporation holding German real estate were not subject to German tax. In a typical structure, in which German real estate is held via a Luxembourg or Dutch entity, a value appreciation in the asset could be realized by a share deal of the holding company without triggering German income taxes. Under the Act, the sale of shares in a non-German corporation is now taxable if, at some point within a period of one year prior to the sale of shares, 50 percent of the book value of the assets of the company consisted of German real estate and the seller held at least 1 percent of the shares within the last five years prior to the sale. The Act is now in line with many double tax treaties concluded by Germany, which allow Germany to tax capital gains in these cases. The new law applies for share transfers after December 31, 2018. Capital gains are only subject to German tax to the extent the value has been increased after December 31, 2018. Until 2018, a change in the value of assets and liabilities, which are economically connected to German real estate, was not subject to German tax. Therefore, for example, profits from a waiver of debt that was used to finance German real estate was not taxable in Germany whereas the interest paid on the debt was deductible for German tax purposes. That law has now changed and allows Germany to tax such profit from a debt waiver if the loan was used to finance German real estate. However, only the change in value that occurred after December 31, 2018 is taxable. Back to Top 3.         Financing and Restructuring – Test for Liquidity Status Tightened On December 19, 2017, the German Federal Supreme Court (Bundesgerichtshof – BGH) handed down an important ruling which clarifies the debt and payable items that should be taken into account when determining the "liquidity" status of companies. According to the Court, the liquidity test now requires managing directors and (executive) board members to determine whether a liquidity gap exceeding 10% can be overcome by incoming liquidity within a period of three weeks taking into account all payables which will become due in those three weeks. Prior to the ruling, managing directors had often argued successfully that only those payables that were due at the time when the test is applied needed be taken into account while expected incoming payments within a three week term could be considered. This mismatch in favor of the managing directors has now been rectified by the Court to the disadvantage of the managing directors. If, for example, on June 1 the company liquidity status shows due payables amounting to EUR 100 and plausible incoming receivables in the three weeks thereafter amounting to EUR 101, no illiquidity existed under the old test. Under the new test confirmed by the Court, payables of EUR 50 becoming due in the three week period now also have to be taken into account and the company would be considered illiquid. For companies and their managing directors following a cautious approach, the implications of this ruling are minor. Going forward, however, even those willing to take higher risks will need to follow the court determined principles. Otherwise, delayed insolvency filings could ensue. This not only involves a managing directors and executive board members' personal liability for payments made on behalf of the company while illiquid but also potential criminal liability for a delayed insolvency filing. Managing directors are thus well advised to properly undertake and also document the required test in order to avoid liability issues. Back to Top 4.         Labor and Employment 4.1       GDPR Has Tightened Workplace Privacy Rules The EU General Data Protection Regulation ("GDPR") started to apply on May 25, 2018. It has introduced a number of stricter rules for EU countries with regard to data protection which also apply to employee personal data and employment relationships. In addition to higher sanctions, the regulation provides for extensive information, notification, deletion, and documentation obligations. While many of these data privacy rules had already been part of the previous German workplace privacy regime under the German Federal Data Protection Act (Bundesdatenschutzgesetz - BDSG), the latter has also been amended and provides for specific rules applicable to employee data protection in Germany (e.g. in the context of internal investigations or with respect to employee co-determination). However, the most salient novelty is the enormous increase in potential sanctions under the GDPR. Fines for GDPR violations can reach up to the higher of EUR 20 million or 4% of the group's worldwide turnover. Against this backdrop, employers are well-advised to handle employee personnel data particularly careful. This is also particularly noteworthy as the employer is under an obligation to prove compliance with the GDPR – which may result in a reversal of the burden of proof e.g. in employment-related litigation matters involving alleged GDPR violations. Back to Top 4.2       Job Adverts with Third Gender Following a landmark decision by the German Federal Constitutional Court in 2017, employers are gradually inserting a third gender into their job advertisements. The Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) decided on October 10, 2017 that citizens who do not identify as either male or female were to be registered as "diverse" in the birth register (1 BvR 2019/16). As a consequence of this court decision, many employers in Germany have broadened gender notations in job advertisements from previously "m/f" to "m/f/d". While there is no compelling legal obligation to do so, employers tend to signal their open-mindedness by this step, but also mitigate the potential risk of liability for a discrimination claim. Currently, such liability risk does not appear alarming due to the relative rarity of persons identifying as neither male nor female and the lack of a statutory stipulation for such adverts. However, employers might be well-advised to follow this trend, particularly after Parliament confirmed the existence of a third gender option in birth registers in mid-December. Back to Top 4.3       Can Disclosure Obligation Reduce Gender Pay-Gap? In an attempt to weed out gender pay gaps, the German lawmaker has introduced the so-called Compensation Transparency Act in 2017. It obliges employers, inter alia, to disclose the median compensation of comparable colleagues of the opposite gender with comparable jobs within the company. The purpose is to give a potential claimant (usually a female employee) an impression of how much her comparable male colleagues earn in order for her to consider further steps, e.g. a claim for more money. However, the new law is widely perceived as pointless. First, the law itself and its processes are unduly complex. Second, even after making use of the law, the respective employee would still have to sue the company separately in order to achieve an increase in her compensation, bearing the burden of proof that the opposite-gender employee with higher compensation is comparable to her. Against this background, the law has hardly been used in practice and will likely have only minimal impact. Back to Top 4.4       Employers to Contribute 15% to Deferred Compensation Schemes In order to promote company pension schemes, employers are now obliged to financially support deferred compensation arrangements. So far, employer contributions to any company pension scheme had been voluntary. In the case of deferred compensation schemes, companies save money as a result of less social security charges. The flipside of this saving was a financial detriment to the employee's statutory pension, as the latter depends on the salary actually paid to the employee (which is reduced as a result of the deferred compensation). To compensate the employee for this gap, the employer is now obliged to contribute up to 15% of the respective deferred compensation. The actual impact of this new rule should be limited, as many employers already actively support deferred compensation schemes. As such, the new obligatory contribution can be set off against existing employer contributions to the same pension scheme. Back to Top 5.         Real Estate – Notarization Requirement for Amendments to Real Estate Purchase Agreements Purchase agreements concerning German real estate require notarization in order to be effective. This notarization requirement relates not only to the purchase agreement as such but to all closely related (side) agreements. The transfer of title to the purchaser additionally requires an agreement in rem between the seller and the purchaser on the transfer (conveyance) and the subsequent registration of the transfer in the land register. To avoid additional notarial fees, parties usually include the conveyance in the notarial real estate purchase agreement. Amendment agreements to real estate purchase agreements are quite common (e.g., the parties subsequently agree on a purchase price adjustment or the purchaser has special requests in a real estate development scenario). Various Higher District Courts (Oberlandesgerichte), together with the prevailing opinion in literature, have held in the past that any amendments to real estate purchase agreements also require notarization unless such an amendment is designed to remove unforeseeable difficulties with the implementation of the agreement without significantly changing the parties' mutual obligations. Any amendment agreement that does not meet the notarization requirement may render the entire purchase agreement (and not only the amendment agreement) null and void. With its decision on September 14, 2018, the German Federal Supreme Court (Bundesgerichtshof – BGH) added another exception to the notarization requirement and ruled that notarization of an amendment agreement is not required once the conveyance has become binding and the amendment does not change the existing real estate transfer obligations or create new ones. A conveyance becomes binding once it has been validly notarized. Before this new decision of the BGH, amendments to real estate purchase agreements were often notarized for the sake of precaution because it was difficult to determine whether the conditions for an exemption from the notarization requirement had been met. This new decision of the BGH gives the parties clear guidance as to when amendments to real estate purchase agreements require notarization. It should, however, be borne in mind that notarization is still required if the amendment provides for new transfer obligations concerning the real property or the conveyance has not become effective yet (e.g., because third party approval is still outstanding). Back to Top 6.         Compliance 6.1       Government Plans to Introduce Corporate Criminal Liability and Internal Investigations Act Plans of the Federal Government to introduce a new statute concerning corporate criminal liability and internal investigations are taking shape. Although a draft bill had already been announced for the end of 2018, pressure to respond to recent corporate scandals seems to be rising. With regard to the role and protection of work product generated during internal investigations, the highly disputed decisions of the Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) in June 2018 (BVerfG, 2 BvR 1405/17, 2 BvR 1780/17 – June 27, 2018) (see 2017 Year-End German Law Update under 7.3) call for clearer statutory rules concerning the search of law firm premises and the seizure of documents collected in the course of an internal investigation. In its dismissal of complaints brought by Volkswagen and its lawyers from Jones Day, the Federal Constitutional Court made remarkable obiter dicta statements in which it emphasized the following: (1) the legal privilege enjoyed for the communication between the individual defendant (Beschuldigter) and its criminal defense counsel is limited to their communication only; (2) being considered a foreign corporate body, the court denied Jones Day standing in the proceedings, because the German constitution only grants rights to corporate bodies domiciled in Germany; and (3) a search of the offices of a law firm does not affect individual constitutional rights of the lawyers practicing in that office, because the office does not belong to the lawyers' personal sphere, but only to their law firm. The decision and the additional exposure caused by it by making attorney work product created in the course of an internal investigation accessible was a major blow to German corporations' efforts to foster internal investigations as a means to efficiently and effectively investigate serious compliance concerns. Because it does not appear likely that an entirely new statute concerning corporate criminal liability will materialize in the near future, the legal press expects the Federal Ministry of Justice to consider an approach in which the statutes dealing with questions around internal investigations and the protection of work product created in the course thereof will be clarified separately. In the meantime, the following measures are recommended to maximize the legal privilege for defense counsel (Verteidigerprivileg): (1) Establish clear instructions to an individual criminal defense lawyer setting forth the scope and purpose of the defense; (2) mark work product and communications that have been created in the course of the defense clearly as confidential correspondence with defense counsel ("Vertrauliche Verteidigerkorrespondenz"); and (3) clearly separate such correspondence from other correspondence with the same client in matters that are not clearly attributable to the criminal defense mandate. While none of these measures will guarantee that state prosecutors and courts will abstain from a search and seizure of such material, at least there are good and valid arguments to defend the legal privilege in any appeals process. However, with the guidance provided to courts by the recent constitutional decision, until new statutory provisions provide for clearer guidance, companies can expect this to become an up-hill battle. Back to Top 6.2       Update on the European Public Prosecutor's Office and Proposed Cross-Border Electronic Evidence Rules Recently the European Union has started tightening its cooperation in the field of criminal procedure, which was previously viewed as a matter of national law under the sovereignty of the 28 EU member states. Two recent developments stand out that illustrate that remarkable new trend: (1) The introduction of the European Public Prosecutor's Office ("EPPO") that was given jurisdiction to conduct EU-wide investigations for certain matters independent of the prosecution of these matters under the national laws of the member states, and (2) the proposed EU-wide framework for cross-border access to electronically stored data ("e-evidence") which has recently been introduced to the European Parliament. As reported previously (see 2017 Year-End German Law Update under 7.4), the European Prosecutor's Office's task is to independently investigate and prosecute severe crimes against the EU's financial interests such as fraud against the EU budget or crimes related to EU subsidies. Corporations receiving funds from the EU may therefore be the first to be scrutinized by this new EU body. In 2018 two additional EU member states, the Netherlands and Malta, decided to join this initiative, extending the number of participating member states to 22. The EPPO will presumably begin its work by the end of 2020, because the start date may not be earlier than three years after the regulation's entry into force. As a further measure to leverage multi-jurisdictional enforcement activities, in April 2018 the European Commission proposed a directive and a regulation that will significantly facilitate expedited cross-border access to e-evidence such as texts, emails or messaging apps by enforcement agencies and judicial authorities. The proposed framework would allow national enforcement authorities in accordance with their domestic procedure to request e-evidence directly from a service provider located in the jurisdiction of another EU member state. That other state's authorities would not have the right to object to or to review the decision to search and seize the e-evidence sought by the national enforcement authority of the requesting EU member state. Companies refusing delivery risk a fine of up to 2% of their worldwide annual turnover. In addition, providers from a third country which operate in the EU are obliged to appoint a legal representative in the EU. The proposal has reached a majority vote in the Council of the EU and will now be negotiated in the European Parliament. Further controversial discussions between the European Parliament and the Commission took place on December 10, 2018. The Council of the EU aims at reaching an agreement between the three institutions by the end of term of the European Parliament in May 2019. Back to Top 7.         Antitrust and Merger Control 7.1       Antitrust and Merger Control Overview 2018 In 2018, Germany celebrated the 60th anniversary of both the German Act against Restraints of Competition (Gesetz gegen Wettbewerbsbeschränkungen -GWB) as well as the German federal cartel office (Bundeskartellamt) which were both established in 1958 and have since played a leading role in competition enforcement worldwide. The celebrations notwithstanding, the German antitrust watchdog has had a very active year in substantially all of its areas of competence. On the enforcement side, the Bundeskartellamt concluded a number of important cartel investigations. According to its annual review, the Bundeskartellamt carried out dawn raids at 51 companies and imposed fines totaling EUR 376 million against 22 companies or associations and 20 individuals from various industries including the steel, potato manufacturing, newspapers and rolled asphalt industries. Leniency applications remained an important source for the Bundeskartellamt's antitrust enforcement activities with a total of 21 leniency applications received in 2018 filling the pipeline for the next few months and years. On the merger control side, the Bundeskartellamt reviewed approximately 1,300 merger cases in 2018 – only 1% of which (i.e. 13 merger filings) required an in-depth phase 2 review. No mergers were prohibited but in one case only conditional clearance was granted and three filings were withdrawn in phase 2. In addition, the Bundeskartellamt had its first full year of additional responsibilities in the area of consumer protection, concluded a sector inquiry into internet comparison portals, and started a sector inquiry into the online marketing business as well as a joint project with the French competition authority CNIL regarding algorithms in the digital economy and their competitive effects. Back to Top 7.2       Cartel Damages Over the past few years, antitrust damages law has advanced in Germany and the European Union. One major legislative development was the EU Directive on actions for damages for infringements of competition law, which was implemented in Germany as part of the 9th amendment to the German Act against Restraints of Competition (Gesetz gegen Wettbewerbsbeschränkungen -GWB). In addition, there has also been some noteworthy case law concerning antitrust damages. To begin with, the German Federal Supreme Court (Bundesgerichtshof, BGH) strengthened the position of plaintiffs suing for antitrust damages in its decision Grauzementkartell II in 2018. The decision brought to an end an ongoing dispute between several Higher District Courts and District Courts, which had disagreed over whether a recently added provision of the GWB that suspends the statute of limitations in cases where antitrust authorities initiate investigations would also apply to claims that arose before the amendment entered into force (July 1, 2015). The Federal Supreme Court affirmed the suspension of the statute of limitations, basing its ruling on a well-established principle of German law regarding the intertemporal application of statutes of limitation. The decision concerns numerous antitrust damage suits, including several pending cases concerning trucks, rails tracks, and sugar cartels. Furthermore, recent case law shows that European domestic courts interpret arbitration agreements very broadly and also enforce them in cases involving antitrust damages. In 2017, the England and Wales High Court and the District Court Dortmund (Landgericht Dortmund) were presented with two antitrust disputes where the parties had agreed on an arbitration clause. Both courts denied jurisdiction because the antitrust damage claims were also covered by the arbitration agreements. They argued that the parties could have asserted claims for contractual damages instead, which would have been covered by the arbitration agreement. In the courts' view, it would be unreasonable, however, if the choice between asserting a contractual or an antitrust claim would give the parties the opportunity to influence the jurisdiction of a court. As a consequence, the use of arbitration clauses (in particular if inconsistently used by suppliers or purchasers) may add significant complexity to antitrust damages litigation going forward. Thus, companies are well advised to examine their international supply agreements to determine whether included arbitration agreements will also apply to disputes about antitrust damages. Back to Top 7.3       Appeals against Fines Risky? In German antitrust proceedings, there is increasing pressure for enterprises to settle. Earlier this year, Radeberger, a producer of lager beer, withdrew its appeal against a significant fine of EUR 338 million, which the Bundeskartellamt had imposed on the company for its alleged participation in the so-called "beer cartel". With this dramatic step, Radeberger paid heed to a worrisome development in German competition law. Repeatedly, enterprises have seen their cartel fines increased by staggering amounts on appeal (despite such appeals sometimes succeeding on some substantive legal issues). The reason for these "appeals for the worse" – as seen in the liquefied gas cartel (increase of fine from EUR 180 million to EUR 244 million), the sweets cartel (average increase of approx. 50%) and the wallpaper cartel (average increase of approx. 35%) – is the different approach taken by the Bundeskartellamt and the courts to calculating fines. As courts are not bound by the administrative practice of the Bundeskartellamt, many practitioners are calling for the legislator to step in and address the issue. Back to Top 7.4       Luxury Products on Amazon – The Coty Case In July 2018, the Frankfurt Higher District Court (Oberlandesgericht Frankfurt) delivered its judgement in the case Coty / Parfümerie Akzente, ruling that Coty, a luxury perfume producer, did not violate competition rules by imposing an obligation on its selected distributors to not sell on third-party platforms such as Amazon. The judgment followed an earlier decision of the Court of Justice of the European Union (ECJ) of December 2017, by which the ECJ had replied to the Frankfurt court's referral. The ECJ had held that a vertical distribution agreement (such as the one in place between Coty and its distributor Parfümerie Akzente) did not as such violate Art. 101 of the Treaty on the Functioning of the European Union (TFEU) as long as the so-called Metro criteria were fulfilled. These criteria stipulate that distributors must be chosen on the basis of objective and qualitative criteria that are applied in a non-discriminatory fashion; that the characteristics of the product necessitate the use of a selective distribution network in order to preserve their quality; and, finally, that the criteria laid down do not go beyond what is necessary. Regarding the platform ban in question, the ECJ held that it was not disproportionate. Based on the ECJ's interpretation of the law, the Frankfurt Higher District Court confirmed that the character of certain products may indeed necessitate a selective distribution system in order to preserve their prestigious reputation, which allowed consumers to distinguish them from similar goods, and that gaps in a selective distribution system (e.g. when products are sold by non-selected distributors) did not per se make the distribution system discriminatory. The Higher District Court also concluded that the platform ban in question was proportional. However, interestingly, it did not do so based on its own reasoning but based on the fact that the ECJ's detailed analysis did not leave any scope for its own interpretation and, hence, precluded the Higher District Court from applying its own reasoning. Pointing to the European Commission's E-Commerce Sector Inquiry, according to which sales platforms play a more important role in Germany than in other EU Member States, the Higher District Court, in fact, voiced doubts whether Coty's sales ban could not have been imposed in a less interfering manner. Back to Top 8.         Litigation 8.1       The New German "Class Action" On November 1, 2018, a long anticipated amendment to the German Code of Civil Procedure (Zivilprozessordnung, ZPO) entered into force, introducing a new procedural remedy for consumers to enforce their rights in German courts: a collective action for declaratory relief. Although sometimes referred to as the new German "class action," this new German action reveals distinct differences to the U.S.-American remedy. Foremost, the right to bring the collective action is limited to consumer protection organizations or other "qualified institutions" (qualifizierte Einrichtung) who can only represent "consumers" within the meaning of the German Code of Civil Procedure. In addition, affected consumers are not automatically included in the action as part of a class but must actively opt-in by registering their claims in a "claim index" (Klageregister). Furthermore, the collective action for declaratory relief does not grant any monetary relief to the plaintiffs which means that each consumer still has to enforce its claim in an individual suit to receive compensation from the defendant. Despite these differences, the essential and comparable element of the new legal remedy is its binding effect. Any other court which has to decide an individual dispute between the defendant and a registered consumer that is based on the same facts as the collective action is bound by the declaratory decision of the initial court. At the same time, any settlement reached by the parties has a binding effect on all registered consumers who did not decide to specifically opt-out. As a result, companies must be aware of the increased litigation risks arising from the introduction of the new collective action for declaratory relief. Even though its reach is not as extensive as the American class action, consumer protection organizations have already filed two proceedings against companies from the automotive and financial industry since the amendment has entered into force in November 2018, and will most likely continue to make comprehensive use of the new remedy in the future. Back to Top 8.2       The New 2018 DIS Arbitration Rules On March 1, 2018, the new 2018 DIS Arbitration Rules of the German Arbitration Institute (DIS) entered into force. The update aims to make Germany more attractive as a place for arbitration by adjusting the rules to international standards, promoting efficiency and thereby ensuring higher quality for arbitration proceedings. The majority of the updated provisions and rules are designed to accelerate the proceedings and thereby make arbitration more attractive and cost-effective for the parties. There are several new rules on time limitations and measures to enhance procedural efficiency, i.e. the possibility of expedited proceedings or the introduction of case management conferences. Furthermore, the rules now also allow for consolidation of several arbitrations and cover multi-party and multi-contract arbitration. Another major change is the introduction of the DIS Arbitration Council which, similar to the Arbitration Council of the ICC (International Chamber of Commerce), may decide upon challenges of an arbitrator and review arbitral awards for formal defects. This amendment shows that the influence of DIS on their arbitration proceedings has grown significantly. All in all, the modernized 2018 DIS Arbitration Rules resolve the deficiencies of their predecessor and strengthen the position of the German Institution of Arbitration among competing arbitration institutions. Back to Top 9.         IP & Technology - Draft Bill of German Trade Secret Act The EU Trade Secrets Directive (2016/943/EU) on the protection of undisclosed know-how and business information (trade secrets) against their unlawful acquisition, use and disclosure has already been in effect since July 5, 2016. Even though it was supposed to be implemented into national law by June 9, 2018 to harmonize the protection of trade secrets in the EU, the German legislator has so far only prepared and published a draft of the proposed German Trade Secret Act. Arguably, the most important change in the draft bill to the existing rules on trade secrets in Germany will be a new and EU-wide definition of trade secrets. This proposed definition requires the holder of a trade secret to take reasonable measures to keep a trade secret confidential in order to benefit from its protection – e.g. by implementing technical, contractual and organizational measures that ensure secrecy. This requirement goes beyond the current standard pursuant to which a manifest interest in keeping an information secret may be sufficient. Furthermore, the draft bill provides for additional protection of trade secrets in litigation matters. Last but not least, the draft bill also provides for increased protection of whistleblowers by reducing the barriers for the disclosure of trade secrets in the public interest and to the media. As a consequence, companies would be advised to review their internal procedures and policies regarding the protection of trade secrets at this stage, and may want to adapt their existing whistleblowing and compliance-management-systems as appropriate. Back to Top 10.       International Trade, Sanctions and Export Controls - The Conflict between Complying with the Re-Imposed U.S. Iran Sanctions and the EU Blocking Statute On May 8, 2018, President Donald Trump announced his decision to withdraw from the Joint Comprehensive Plan of Action (JCPOA) and re-impose U.S. nuclear-related sanctions. Under the JCPOA, General License H had permitted U.S.-owned or -controlled non-U.S. entities to engage in business with Iran. But with the end of the wind-down periods provided for in President Trump's decision on November 5, 2018, such non-U.S. entities are now no longer broadly permitted to provide goods, services, or financing to Iranian counterparties, not even under agreements executed before the U.S. withdrawal from the JCPOA. In response to the May 8, 2018 decision, the EU amended the EU Blocking Statute on August 6, 2018. The effect of the amended EU Blocking Statute is to prohibit compliance by so-called EU operators with the re-imposed U.S. sanctions on Iran. Comparable and more generally drafted anti-blocking statutes had already existed in the EU and several of its member states which prohibited EU domiciled companies to commit to compliance with foreign boycott regulations. These competing obligations under EU and U.S. laws are a concern for U.S. companies that own or seek to acquire German companies that have a history of engagement with Iran – as well as for the German company itself and its management and the employees. But what does the EU prohibition against compliance with the re-imposed U.S. sanctions on Iran mean in practice? Most importantly, it must be noted that the EU Blocking Statute does not oblige EU operators to start or continue Iran related business. If, for example, an EU operator voluntarily decides, e.g. due to lack of profitability, to cease business operations in Iran and not to demonstrate compliance with the U.S. sanctions, the EU Blocking Statute does not apply. Obviously, such voluntary decision must be properly documented. Procedural aspects also remain challenging for companies: In the event a Germany subsidiary of a U.S. company were to decide to start or continue business with Iran, it would usually be required to reach out to the U.S. authorities to request a specific license for a particular transaction with Iran. Before doing so, however, EU operators must first contact the EU Commission directly (not the EU member state authorities) to request authorization to apply for such a U.S. special license. Likewise, if a Germany subsidiary were to decide not to start or to cease business with Iran for the sole reason of being compliant with the re-imposed U.S. Iran sanctions, it would have to apply for an exception from the EU Blocking Statute and would have to provide sufficient evidence that non-compliance would cause serious damage to at least one protected interest. The hurdles for an exception are high and difficult to predict. The EU Commission will e.g. consider, "(…) whether the applicant would face significant economic losses, which could for example threaten its viability or pose a serious risk of bankruptcy, or the security of supply of strategic goods or services within or to the Union or a Member State and the impact of any shortage or disruption therein." As such, any company caught up in this conflict of interests between the re-imposed U.S. sanctions and the EU Blocking Statute should be aware of a heightened risk of litigation. Third parties, such as Iranian counterparties, might successfully sue for breach of contract with the support of the EU Blocking Regulation in cases of non-performance of contracts as a result of the re-imposed U.S. nuclear sanctions. Finally, EU operators are required to inform the EU Commission within 30 days from the date on which information is obtained that the economic and/or financial interests of the EU operator are affected, directly or indirectly, by the re-imposed U.S. Iran sanctions. If the EU operator is a legal person, this obligation is incumbent on its directors, managers and other persons with management responsibilities of such legal person. Back to Top The following Gibson Dunn lawyers assisted in preparing this client update:  Birgit Friedl, Marcus Geiss, Silke Beiter, Lutz Englisch, Daniel Gebauer, Kai Gesing, Maximilian Hoffmann, Philipp Mangini-Guidano, Jens-Olrik Murach, Markus Nauheim, Dirk Oberbracht, Richard Roeder, Martin Schmid, Annekatrin Schmoll, Jan Schubert, Benno Schwarz, Balthasar Strunz, Michael Walther, Finn Zeidler, Mark Zimmer, Stefanie Zirkel and Caroline Ziser Smith. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. The two German offices of Gibson Dunn in Munich and Frankfurt bring together lawyers with extensive knowledge of corporate, tax, labor, real estate, antitrust, intellectual property law and extensive compliance / white collar crime experience. The German offices are comprised of seasoned lawyers with a breadth of experience who have assisted clients in various industries and in jurisdictions around the world. Our German lawyers work closely with the firm's practice groups in other jurisdictions to provide cutting-edge legal advice and guidance in the most complex transactions and legal matters. For further information, please contact the Gibson Dunn lawyer with whom you work or any of the following members of the German offices: General Corporate, Corporate Transactions and Capital Markets Lutz Englisch (+49 89 189 33 150), lenglisch@gibsondunn.com) Markus Nauheim (+49 89 189 33 122, mnauheim@gibsondunn.com) Ferdinand Fromholzer (+49 89 189 33 121, ffromholzer@gibsondunn.com) Dirk Oberbracht (+49 69 247 411 510, doberbracht@gibsondunn.com) Wilhelm Reinhardt (+49 69 247 411 520, wreinhardt@gibsondunn.com) Birgit Friedl (+49 89 189 33 180, bfriedl@gibsondunn.com) Silke Beiter (+49 89 189 33 121, sbeiter@gibsondunn.com) Marcus Geiss (+49 89 189 33 122, mgeiss@gibsondunn.com) Annekatrin Pelster (+49 69 247 411 521, apelster@gibsondunn.com Finance, Restructuring and Insolvency Sebastian Schoon (+49 89 189 33 160, sschoon@gibsondunn.com) Birgit Friedl (+49 89 189 33 180, bfriedl@gibsondunn.com) Alexander Klein (+49 69 247 411 518, aklein@gibsondunn.com) Marcus Geiss (+49 89 189 33 122, mgeiss@gibsondunn.com) Tax Hans Martin Schmid (+49 89 189 33 110, mschmid@gibsondunn.com) Labor Law Mark Zimmer (+49 89 189 33 130, mzimmer@gibsondunn.com) Real Estate Peter Decker (+49 89 189 33 115, pdecker@gibsondunn.com) Daniel Gebauer (+49 89 189 33 115, dgebauer@gibsondunn.com) Technology Transactions / Intellectual Property / Data Privacy Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Kai Gesing (+49 89 189 33 180, kgesing@gibsondunn.com) Corporate Compliance / White Collar Matters Benno Schwarz (+49 89 189 33 110, bschwarz@gibsondunn.com) Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Mark Zimmer (+49 89 189 33 130, mzimmer@gibsondunn.com) Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com) Antitrust Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Jens-Olrik Murach (+32 2 554 7240, jmurach@gibsondunn.com) Kai Gesing (+49 89 189 33 180, kgesing@gibsondunn.com) Litigation Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Mark Zimmer (+49 89 189 33 130, mzimmer@gibsondunn.com) Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com) Kai Gesing (+49 89 189 33 180, kgesing@gibsondunn.com) International Trade, Sanctions and Export Control Michael Walther (+49 89 189 33 180, mwalther@gibsondunn.com) Richard Roeder (+49 89 189 33 218, rroeder@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP, 333 South Grand Avenue, Los Angeles, CA 90071 Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Read More

January 11, 2019

The Impact of the New USPTO Eligibility Guidelines on Artificial Intelligence-related Inventions

Click for PDF On January 4, 2019, the USPTO announced updated guidance to help clarify the process that examiners should undertake when evaluating whether a pending claim is directed to an abstract idea under the Supreme Court's two-step Alice test and thus not eligible for patent protection under 35 U.S.C. § 101.  Specifically, for determining whether a claim recites an abstract idea, the USPTO defined three categories by extracting and synthesizing concepts identified by the courts:  (1) mathematical concepts, (2) certain methods of organizing human activity, and (3) mental processes.  If the examiner determines that the claim falls into one of these three categories, the examiner will continue to step two.  If not, the  claim should typically not be treated by the examiner as reciting an abstract idea, who should skip step two and instead deem the claim eligible under Section 101 for patenting.[1] As to step two, the USPTO split the inquiry into two separate inquiries for the examiner to undertake if the claim is found to recite an abstract idea.  First, the examiner should determine whether the abstract idea embodied in the claim is integrated into a practical application?  For this inquiry, the examiner looks to whether the claim, as a whole, integrates the abstract idea into a practical application that imposes "meaningful limits," such that the claim is more than trying to monopolize the abstract idea.  For example, a claim may be a practical application if an additional element reflects an improvement in the functioning of a computer, or an improvement to other technology. Second, if the abstract idea underlying the claim is not integrated into a practical application, does the claim provide an inventive concept?  The USPTO explained that the Federal Circuit has held claims eligible when the additional elements recited in the claims provide "significantly more" than the abstract idea itself.  For example, a claim may be patent eligible if a specific limitation (or combination of limitations) is not well-understood, routine, conventional activity in the field. In essence, the USPTO's guidance turns the Alice test into a three part test: 1.       Does the claim recite one of the categories the USPTO considers an abstract idea? 2.       If so: a.       is the abstract idea integrated into a practical application, or b.       does the claim provide an inventive concept? What is the Impact of the Guidance on AI-related Inventions? While it obviously remains to be seen what, if any, impact these new guidelines will have on the issuance of software patents generally, and artificial intelligence patents more specifically,  the key question going forward is whether the three categorical exceptions identified by the USPTO will be the exceptions that swallow the rule.  On one hand, by stating that rejections of artificial intelligence claims as abstract ideas should typically only arise if the claim falls into one of three enumerated categories, the USPTO does seem to be providing a more defined path for drafting claims that will avoid issues of patent eligibility.  If nothing else, at least the new guidelines add clarity into how examiners will apply Section 101 rejections and may give applicants a roadmap to overcoming any such rejection.  However, on the other hand, if the categorical exceptions such as the "mathematical concept" or "mental processes" categories are broadly construed by examiners in their application of the guidelines, many AI-related inventions may still be subject to eligibility rejections under Alice. As a result, at least until further experience with the manner in which examiners implement this guidance going forward, the eligibility of a software/AI-related claims likely still will come down to artful claim drafting.  However, there are a few additional takeaways from the guidelines that may be helpful to keep in mind specific to AI patents. Categories of Abstract Ideas Out of the USPTO's three categories of abstract ideas, the one that, on its face, is most applicable to artificial intelligence is the mathematical concepts grouping.  After all, on some level, all software and AI are made up of a series of mathematical equations.  The USPTO guidance defines mathematical concepts as "mathematical relationships, mathematical formulas or equations, [and] mathematical calculations."  This definition of mathematical concept is actually fairly narrow.  It does not seem to encompass algorithms more generally, and focuses instead on the actual formulas and calculations.  As a result, while caution is still warranted, by drafting a claim without including formulas and calculations, but instead focusing more on the structure of the algorithm, a patentee may be able to circumvent rejections due to falling into the mathematical concepts category. Drafting AI claims at too high a level can also cause the claims to implicate the USPTO's other two categories.  The USPTO's mental processes category—"concepts performed in the mind (including an observation, evaluation, judgment, opinion)"—may be implicated if AI claims are drafted too broadly.  Many of the applications for which we use AI are for concepts that would normally be performed in the human mind, that require observation, evaluation, judgment and opinion.  For example, an autonomous vehicle requires AI that observes obstacles, evaluates risks, and judges what to do next.  Automating human thought and judgment, such as in a car, may fall into this category if the claims are drafted by focusing too much on the function or result, and not enough on the structure or specifics of operation of the claimed invention. The third category, methods of organizing human activity, is defined by the guidance as "fundamental economic principles or practices (including hedging, insurance, mitigating risk); commercial or legal interactions(including agreements in the form of contract; legal obligations, advertising, marketing or sales activities or behaviors; business relations); managing personal behavior or relationships or interactions between people (including social activities, teaching, and following rules or instructions)."  Certain applications of AI may also implicate this category.  For example,  in-home assistants with voice recognition software may follow certain rules or instructions depending on the commands they are given.  As such, a broadly drafted claim covering a response to a verbal command may implicate this category. Step 2A:  Practical Application Even if a claim falls into one of the categories of abstract ideas identified in the guidance, the USPTO explains that practical applications of the abstract idea may still be patentable.  For the purposes of AI-related inventions, two examples in the USPTO's guidelines are particularly important. First, the USPTO discloses that a claim may be eligible if "an additional element reflects an improvement in the functioning of a computer, or an improvement to other technology."  The USPTO gives the example of modifying a hyperlink to dynamically produce a dual-source hybrid webpage.  Although it is unclear how this consideration will be applied in practice, this seems like an important consideration for AI-related claims.  AI-related software that improves the functioning of a computer, such as by optimizing multicore processors or voice recognition, may have a better chance of being eligible, if the claims are drafted in such a way as to highlight the specific steps or structure that provide this benefit and the specification clearly delineates those benefits.  It therefore behooves the applicant to specifically claim improvements to technology for certain inventions backed up with specification descriptions.  In addition, patent applicants should be very careful in describing any feature as conventional, even if that means providing a more robust and detailed description in the application.  Often, patent applicants describe components as conventional as a short-cut to avoid longer specifications.  The differences between what the AI is doing in the invention as compared to past uses should be described in detail and its impact on how that difference changes computer performance should be clear. Second, the USPTO explains that a claim may be eligible if "an additional element implements a judicial exception with, or uses a judicial exception in conjunction with, a particular machine or manufacture that is integral to the claim."  The USPTO uses the example of a machine that uses gravity to improve speed.  This consideration seems to imply that software interacting with, or utilizing, hardware as a key element of the claimed invention will have an easier time being found eligible.  As such, applicants may choose to draft claims that tie their AI-related invention to specifically-required hardware to help show eligibility and include robust descriptions of that tie in the patent specification. Step 2B: Inventive Concept Finally, the "third" prong of the USPTO's guidelines focuses on the "inventive concept" of the alleged invention.  The USPTO explains that the examiner should consider whether the claim "adds a specific limitation or combination of limitations that are not well-understood, routine, conventional activity in the field, which is indicative that  an inventive concept may be present."  The impact of this inventive concept inquiry on AI-related claims is somewhat less clear because it is highly dependent on what the examiner considers conventional in the field of AI, or perhaps within specific types of AI-related inventions—e.g., there may well be differences based on application, such as facial recognition versus voice recognition versus autonomous vehicles.  In some cases, it may be possible to argue that particular limitations of the claim are not conventional steps or structures, and claim drafters should keep an eye out for ways to include non-conventional steps and structures in AI-related claims.  However, an applicant faced with a rejection based on this third prong may simply want to consider amending the claim to specifically recite an improvement to a technology or use of a machine to show there is a practical application, as many such inventions are often constructed based on otherwise conventional techniques. In sum, the clarity and specific examples provided in the USPTO's guidelines may arm applicants for AI-related inventions with a roadmap of how to avoid or overcome Section 101 rejections, such as by avoiding mathematical formulas or tying the claim to a specific improvement or hardware.  Until we have experience with how examiners interpret the guidelines, however, applicants should continue to exercise caution and thoughtful claim drafting. [1] The guidance does note that, in rare cases, an examiner may determine that claims that fall outside of the three identified categories nevertheless recite an abstract idea.  In such cases, the examiner must further justify and explain the reasons for finding the claim to recite an abstract idea, and such determinations will require approval by the Technology Center Director. Gibson Dunn's lawyers are available to assist in addressing any questions you may have regarding these developments.  Please contact the Gibson Dunn lawyer with whom you usually work, or the authors: Artificial Intelligence and Automated Systems Group: H. Mark Lyon - Chair, Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com) Brian M. Buroker– Washington, D.C. (+1 202-955-8541, bburoker@gibsondunn.com) Ryan K. Iwahashi - Palo Alto (+1 650-849-5367, riwahashi@gibsondunn.com) Please also feel free to contact any of the following practice group leaders: Intellectual Property Group: Wayne Barsky – Los Angeles (+1 310-552-8500, wbarsky@gibsondunn.com) Josh Krevitt – New York (+1 212-351-4000, jkrevitt@gibsondunn.com) Mark Reiter – Dallas (+1 214-698-3100, mreiter@gibsondunn.com) © 2019 Gibson, Dunn & Crutcher LLP Attorney Advertising:  The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Read More