On 2 March 2022, the United States signed the Convention of 2 July 2019 on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters (the “Hague Judgments Convention” or the “Convention”).[1] The Hague Judgments Convention seeks to enhance access to justice and facilitate international trade and investment by encouraging the free flow of judgments across national borders.[2] It does so by providing a set of clear, predictable rules under which civil and commercial judgments rendered by the courts of one Contracting State are recognized and enforced in other Contracting States. While not yet in force, the Hague Judgments Convention could provide an important complement to the widely adopted 1958 New York Convention on the Recognition and Enforcement of Foreign Arbitral Awards[3] (the “New York Convention”) (which provides for the recognition and enforcement of arbitral awards), as well as its sister treaty, the 2005 Hague Choice of Court Convention.[4]
I. Recognition of Foreign Judgments in the United States
At present, there is no federal law that governs the recognition of foreign judgments in the United States, nor is there an international treaty in force. Rather, recognition and enforcement are a question of state law, although the rules are relatively consistent across all 50 U.S. states and the District of Columbia.[5] Most U.S. states have modeled their approaches to foreign judgment recognition on the model laws promulgated by the National Conference of Commissioners on Uniform State Laws—the Uniform Foreign Money Judgments Recognition Act of 1962 (the “1962 Uniform Act”), or increasingly, the Uniform Foreign-Country Money Judgments Recognition Act of 2005 (the “2005 Uniform Act”).[6]
Generally, the United States favors recognition and enforcement of foreign judgments: in U.S. state and federal courts, foreign judgments are presumptively entitled to recognition and enforcement unless specific mandatory or discretionary grounds for non-recognition apply.[7]
II. The Hague Judgments Convention
The 2019 Hague Judgments Convention is the culmination of over 25 years of negotiations at the Hague Conference on Private International Law (the “Hague Conference”).[8] The process began in 1992 at the request of the United States, which sought to develop a global approach to jurisdiction and recognition of judgments.[9] The final text of the Hague Judgments Convention was eventually signed and opened for signature on 2 July 2019. Signatory States in addition to the United States include Uruguay, Ukraine, Israel, Costa Rica, and the Russian Federation (in order of signature).[10] The European Commission is also contemplating accession on behalf of the EU Member States.[11]
Recognition of Arbitral Awards under the New York Conventions and Foreign Judgments under the Hague Judgments Convention
The Convention will enter into force as soon as the second State deposits its instrument of ratification, acceptance, approval, or accession.[12] However, under Article 29 (the “bilateralization” clause), a Contracting State can prevent the application of the Convention to judgments rendered by the courts of a particular State by making a targeted declaration.[13]
The Convention applies to “the recognition and enforcement of judgments relating to civil or commercial matters.”[14] It specifically excludes subjects that are fundamental to State sovereignty or public policy (such as criminal, revenue, customs, or administrative matters),[15] as well as other specialized areas, some of which are subject to other treaty regimes or where the rules vary more significantly across jurisdictions (such as matters involving family disputes, intellectual property, antitrust, defamation, privacy, or armed forces matters).[16]
The Convention, like most domestic laws, favors recognition. It requires each Contracting State to recognize and enforce judgments from other Contracting States in accordance with its terms and permits refusal only on those grounds expressly set out in the Convention.[17]
Article 5(1) of the Convention sets out 13 “bases” of recognition and enforcement, including, inter alia, that:
- The judgment debtor is habitually resident in the foreign forum;
- The judgment debtor has their principal place of business in the foreign forum (and the claim on which the judgment is based arose out of the activities of that business);
- The judgment debtor expressly consented to the foreign court’s jurisdiction;
- The judgment debtor waived his jurisdictional objections by arguing on the merits in the forum state;
- The judgment ruled on a lease of immovable property (tenancy) and it was given by a court of the State in which the property is situated; or,
- The judgment ruled on a non-contractual obligation arising from death, physical injury, damage to or loss of tangible property, and the act or omission directly causing such harm occurred in the forum State, irrespective of where that harm occurred.
These bases for jurisdiction and enforcement echo the basic concepts found in domestic U.S. recognition and enforcement law,[18] including the constitutional due process requirements reflected in the notion of “minimum contacts” that U.S. courts require for the exercise of long-arm jurisdiction and the comity-based rules adopted by the U.S. Supreme Court in the seminal decision, Hilton v. Guyot, 159 U.S. 113 (1895).
If any of the jurisdictional tests (or “jurisdictional filters”[19]) in Article 5(1) is met, then the judgment is presumptively “eligible” for recognition and enforcement.[20] Under Article 15, national law provides a further independent basis for recognition.[21] In this sense, “the convention is a floor, not a ceiling.”[22]
Article 7 of the Convention, in turn, sets out discretionary bases for non-recognition, including, inter alia, the following:
- The defendant was not notified, or the manner of notification was incompatible with fundamental principles of service of documents in the forum State;
- The decision was obtained by fraud;
- Recognition or enforcement would be “manifestly incompatible” with the public policy of the recognizing State;
- The specific proceedings were incompatible with fundamental principles of procedural fairness of the recognizing State; or,
- The judgment is inconsistent with a judgment given by a court of the recognizing State in a dispute between the same parties.[23]
This too reflects the traditional non-recognition grounds found in most national legal systems, including that of the United States, such as inconsistency with the forum State’s public policy, due process violations, fraud, lack of notice or proper service, and conflict with other judgments.[24]
The Hague Judgments Convention is therefore in line with many precepts of existing U.S. recognition and enforcement law reflected in the 2005 Uniform Act.[25] However, the Convention covers not only foreign money judgments, but civil and commercial decisions generally.
III. Implications for the Recognition of Foreign Judgments in the United States
The Convention could be “a gamechanger for cross-border dispute settlement”[26] by providing a set of consistent rules for the recognition and enforcement of foreign judgments, much like the New York Convention has been for the widespread adoption of arbitral awards. Ultimately, a judgment in an international dispute is only as valuable as the judgment creditor’s ability to have it recognized and enforced abroad (where the judgment debtor or its assets may be found). However, making the enforcement of foreign judgments easier can be a double-edged sword. While a more robust and predictable enforcement regime can certainly be beneficial, that is only the case where the foreign court provides due process and a just outcome.
Ultimately, the force of the Hague Judgments Convention will depend on how widely it is signed and ratified. Following the U.S. signature, the Hague Judgments Convention will not automatically come into force in the United States. It must first undergo a ratification process in U.S. Congress, a procedure that can in some cases take several years. Ratification may be slower here due to the prevalence of state law (and absence of federal law) in this particular area.[27]
For U.S. litigants, if ultimately ratified by the United States, the Hague Judgments Convention could aid the recognition and enforcement of U.S. judgments in a wider range of countries, in particular in jurisdictions that may currently refuse recognition on reciprocity grounds (i.e., where a foreign court would not recognize a U.S. judgment unless convinced that its judgment would receive the same treatment by a U.S. court). Similarly, the Convention could facilitate the recognition and enforcement of foreign judgments issued by courts of other Contracting States in U.S. courts (of course subject to the above-mentioned non-recognition defenses). This would greatly increase the ability of both U.S. and non-U.S. litigants to obtain meaningful cross-border relief in transnational litigation.
Until the Hague Judgments Convention comes into force, global trade and investment will continue to be facilitated by alternative dispute resolution mechanisms, such as the New York Convention for arbitral awards, as discussed above, and the new Singapore Convention for international settlement agreements resulting from mediation.[28] Thus, for now, international arbitration awards remain more portable than foreign judgments (in addition to other advantages of international arbitration, like the selection of a neutral forum to avoid any “home court” advantage).[29]
___________________________
[1] Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, July 2, 2019, https://www.hcch.net/en/instruments/conventions/full-text/?cid=137 (hereinafter “Convention”) (last visited Mar. 18, 2022).
[2] See Hague Conference on Private International Law, Explanatory Note Providing Background on the Proposed Draft Text and Identifying Outstanding Issues, Prel. Doc. No 2, 3 (2016) (“[T]he future Convention is intended to pursue two goals: to enhance access to justice; [and] to facilitate cross-border trade and investment, by reducing costs and risks associated with cross-border dealings.”)
[3] Convention on the Recognition and Enforcement of Foreign Arbitral Awards (hereinafter “New York Convention”), June 10, 1958, 21.3 U.S.T. 2517, 3 U.N.T.S. 330.
[4] Convention on Choice of Court Agreements, June 30, 2005, 44 I.L.M. 1294 (hereinafter “2005 Choice of Court Convention”).
[5] See Gibson Dunn, New York Updates Law on Recognition of Foreign Country Money Judgments to Bring in Line with Other U.S. Jurisdictions, June 22, 2021, https://www.gibsondunn.com/new-york-updates-law-on-recognition-of-foreign-country-money-judgments-bring-in-line-with-other-us-jurisdictions/.
[8] See generally Louise Ellen Teitz, Another Hague Judgments Convention? Bucking the Past to Provide for the Future, 29 Duke J. Comp. & Int’l L. 491 (2019) (reviewing the Convention’s negotiations history).
[9] See generally Ronald A. Brand, The Hague Judgments Convention in the United States: A “Game Changer” or a New Path to the Old Game?, 82 U. Pitt. L. Rev. 847 (2021).
[10] See Hague Conference on Private International Law, Status Table – Convention of 2 July 2019 on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, https://www.hcch.net/en/instruments/conventions/status-table/?cid=137 (last visited Mar. 18, 2022).
[11] European Commission, Proposal for a Council Decision on the Accession by the European Union to the Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, COM (2021) 388 (July 16, 2021), here (last visited Mar. 18, 2022) (recommending accession to the Convention so as to ensure the circulation of foreign judgments beyond the EU area and to increase “growth in international trade and foreign investment and the mobility of citizens around the world”).
[17] See id. at art. 4(1) (“A judgment given by a court of a Contracting State (State of origin) shall be recognised and enforced in another Contracting State (requested State) in accordance with the provisions of this Chapter. Recognition or enforcement may be refused only on the grounds specified in this Convention.”).
[18] See Gibson Dunn, New York Updates Law on Recognition of Foreign Country Money Judgments to Bring in Line with Other U.S. Jurisdictions, June 22, 2021, https://www.gibsondunn.com/new-york-updates-law-on-recognition-of-foreign-country-money-judgments-bring-in-line-with-other-us-jurisdictions/.
[19] See Brand, supra note 9, at 851.
[20] On the other hand, a judgment that ruled on rights in rem in immovable property “shall be recognised and enforced if and only if the property is situated in the State of origin.” Convention, art. 6.
[21] Convention, art. 15 (“Subject to Article 6, this Convention does not prevent the recognition or enforcement of judgments under national law.”)
[22] Teitz, supra note 8, at 503.
[24] See also 2005 Choice of Court Convention, art. 9 (setting forth grounds for non-recognition).
[25] See Gibson Dunn, New York Updates Law on Recognition of Foreign Country Money Judgments to Bring in Line with Other U.S. Jurisdictions, June 22, 2021, https://www.gibsondunn.com/new-york-updates-law-on-recognition-of-foreign-country-money-judgments-bring-in-line-with-other-us-jurisdictions/.
[26] Hague Conference on Private International Law, Gamechanger for Cross-Border Litigation in Civil and Commercial Matters to be Finalized in the Hague (June 18, 2019) (quoting the Secretary General of the Hague Conference), https://www.hcch.net/en/news-archive/details/?varevent=683 (last visited Mar. 18, 2022).
[27] The United States has been a member of the Hague Conference since 1964 and is currently a Contracting Party to seven Hague Conventions (Convention Abolishing the Requirement of Legalisation for Foreign Public Documents (“Apostille Convention”), Oct. 5, 1961, 527 U.N.T.S.; Convention on the Service Abroad of Judicial and Extrajudicial Documents in Civil or Commercial Matters (“Service Convention”), Nov. 15, 1965, 658 U.N.T.S. 163; Convention on the Taking of Evidence Abroad in Civil or Commercial Matters (“Evidence Convention”), Mar. 18, 1970, 847 U.N.T.S. 231; Convention on the Civil Aspects of International Child Abduction (“Child Abduction Convention”), Oct. 25, 1980, 1343 U.N.T.S. 89; Convention on Protection of Children and Co-operation in respect of Intercountry Adoption (“Adoption Convention”), May 29, 1993, 1870 U.N.T.S. 167; Convention on the Law Applicable to Certain Rights in respect of Securities Held with an Intermediary (“Securities Convention”), July 5, 2006, 46 I.L.M. 649; Convention on the International Recovery of Child Support and Other Forms of Family Maintenance (“Child Support Convention”), Nov. 23, 2007, 47 I.L.M. 257. The U.S. has not yet ratified the 2005 Choice of Court Convention, often seen as the sister treaty to the Hague Judgments Convention.
[28] See generally United Nations Convention on International Settlement Agreements Resulting from Mediation, opened for signature Aug. 7, 2019 (adopted Dec. 20, 2018) (“Singapore Convention”), https://treaties.un.org/pages/ViewDetails.aspx?src=TREATY&mtdsg_no=XXII-4&chapter=22&clang=_en (last visited Mar. 18, 2022).
[29] For international commercial arbitration awards, the above map shows the broad reach of the New York Convention.
The following Gibson Dunn lawyers prepared this client alert: Rahim Moloo, Lindsey D. Schmidt, Maria L. Banda, and Nika Madyoon.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s International Arbitration, Judgment and Arbitral Award Enforcement or Transnational Litigation practice groups, or the following:
Rahim Moloo – New York (+1 212-351-2413, rmoloo@gibsondunn.com)
Lindsey D. Schmidt – New York (+1 212-351-5395, lschmidt@gibsondunn.com)
Anne M. Champion – New York (+1 212-351-5361, achampion@gibsondunn.com)
Maria L. Banda – Washington, D.C. (+1 202-887-3678, mbanda@gibsondunn.com)
Please also feel free to contact the following practice group leaders:
International Arbitration Group:
Cyrus Benson – London (+44 (0) 20 7071 4239, cbenson@gibsondunn.com)
Penny Madden QC – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Judgment and Arbitral Award Enforcement Group:
Matthew D. McGill – Washington, D.C. (+1 202-887-3680, mmcgill@gibsondunn.com)
Robert L. Weigel – New York (+1 212-351-3845, rweigel@gibsondunn.com)
Transnational Litigation Group:
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Perlette Michèle Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)
Andrea E. Neuman – New York (+1 212-351-3883, aneuman@gibsondunn.com)
William E. Thomson – Los Angeles (+1 213-229-7891, wthomson@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
With the energy transition gaining pace and the use of LNG as a bridge fuel to phase out the use of coal for power generation, the environmental credentials of LNG are in the spotlight. Although LNG has lower carbon emissions than other fossil fuels, participants in the LNG industry have been exploring ways to further decarbonise the LNG value chain. So called ‘carbon-neutral’ LNG transactions, where carbon credits are used to offset the emissions from LNG, are gaining popularity and there is a nascent market developing, with over 30 carbon-neutral LNG cargoes having been traded to date.
To encourage the growth of such transactions, certain organisations have published methodologies which seek to standardise the measurement and reporting of emissions from LNG, as well as ensuring that the carbon credits used to offset these emissions have been properly issued and retired, and price assessments are now being published to help market participants track the incremental cost of carbon-neutrality in LNG transactions. As the world works towards net zero, an increased focus on emissions is driving stricter requirements for LNG projects and LNG transactions which could signal a growing role for carbon-neutral LNG.
In this alert, we analyse carbon-neutral LNG transactions and consider the measurement of emissions and transaction reporting, with a view to establishing whether carbon-neutral LNG trades are the beginning of a new paradigm that the LNG industry will need to adopt in order to address the requirements of governments, customers and stakeholders.
The following Gibson Dunn lawyers assisted in the preparation of this article: Brad Roach, Nick Kendrick, and Zan Wong. The authors wish to thank Jeffrey Moore and Kenneth Foo from S&P Global Platts for their contributions to this article.
Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding the article. Please contact Brad Roach or the Gibson Dunn lawyer with whom you usually work, or the following leaders of the firm’s Oil and Gas practice group:
Brad Roach – Singapore (+65 6507 3685, broach@gibsondunn.com)
Michael P. Darden – Houston (+1 346 718 6789, mpdarden@gibsondunn.com)
Anna P. Howell – London (+44 (0) 20 7071 4241, ahowell@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
On 23 February 2022, the European Commission (“EC”) published its long-awaited draft directive on “Corporate Sustainability Due Diligence” (the “Directive“),[1] which sets out mandatory human rights and environmental due diligence obligations for corporates, together with a civil liability regime to enforce compliance with the obligations to prevent, mitigate and bring adverse impacts to an end.[2]
The draft Directive will now undergo further review and debate, with its likely adoption by the European Parliament and subsequent implementation into domestic legal systems anticipated by 2027.
This was hailed as an opportunity to introduce uniform standards for corporates operating in Europe, in circumstances where numerous individual jurisdictions have been developing their own, differing human rights and environmental due diligence and/or reporting obligations (see our previous client alert).
|
Key features of the Directive
|
Introduction of four key corporate due diligence obligations
The Directive lays down four key due diligence obligations regarding actual and potential “adverse human rights impacts” and “adverse environmental impacts” (both of which the Directive defines by reference to international conventions). The due diligence is to be conducted not only in relation to companies’ own operations and those of their subsidiaries, but also the operations of their “established business relationships” (whether direct or indirect), where those operations are related to the company’s “value chains”.[8]
“Value chain” is broadly defined as “activities related to the production of goods or the provision of services by a company, including the development of the product or the service and the use and disposal of the product as well as the related activities of upstream and downstream established business relationships of the company”. For regulated financial services companies, the Directive gives further guidance, noting that the value chain “shall only include the activities of the clients receiving such loan, credit, and other financial services and of other companies belonging to the same group whose activities are linked to the contract in question”.
Integrate human rights and environmental due diligence
First, companies are required to integrate human rights and environmental due diligence into all of their corporate policies and have in place “a specific due diligence policy” which contains: (i) a description of the company’s due diligence approach; (ii) a code of conduct to be followed by company employees and subsidiaries; and (iii) a description of processes put in place to implement due diligence—including measures taken to extend its application to “established business relationships”.
Identify actual or potential adverse impacts
Second, as noted above, companies are required to take appropriate measures to identify actual and potential adverse human rights and environmental impacts arising not only from their own operations, but their subsidiaries’ and the operations of established business relationships in their value chains. (Certain companies are, however, confined to identifying only “severe” adverse impacts.)[9] This is an ongoing, continuous obligation for companies within the scope of the Directive, except for financial institutions which need only identify adverse impacts before providing a service (such as credit or a loan).
In terms of how to identify the adverse impacts, the Directive contemplates the use of both qualitative and quantitative information, including use of independent reports, information gathering through the complaints procedure (see below) and consultations with potentially affected groups.
Prevent or mitigate potential adverse impacts
Third, companies have an obligation to prevent potential adverse impacts – and, where this is not possible, to adequately mitigate adverse impacts that have been or should have been identified pursuant to the prior identification obligation. This is contemplated through a number of strategies:
- Companies should, where complex prevention measures are required, develop and implement a “prevention action plan” (in consultation with affected stakeholders), including timelines and indicators for improvement. Related measures include the requirement to make necessary investment into management or production processes and infrastructures.
- In the case of direct business relationships, companies should seek contractual assurances from their direct business partners that the latter will ensure compliance with the company’s code of conduct and prevention action plan, including by seeking contractual assurances from their own partners, to the extent that their activities are part of the company’s value chain. This is known as “contractual cascading”.
- In the case of indirect business relationships, where potential adverse impacts cannot be prevented or mitigated through the prevention action plan and related measures, the company may seek to conclude a contract with that indirect partner, aimed at achieving compliance with the company’s code of conduct or a prevention action plan.
- Where the potential adverse impacts cannot be prevented or adequately mitigated by the prevention action plan and use of contractual assurances and contracts, the company is required to refrain from entering into new or extending existing relations with the partner in question. To the extent permitted by the relevant local laws, the company must also: (i) temporarily suspend commercial relations with the partner in question, while pursuing prevention and minimisation efforts (provided there is reasonable expectation that the efforts will succeed in the short-term), or (ii) where the potential adverse impact is severe, terminate the business relationship with respect to activities concerned.
Bring to an end or minimise actual adverse impacts
Finally, companies must bring to an end actual adverse impacts that have been or should have been identified. Where this is not possible, companies should ensure that they minimise the extent of such an impact. Companies are required to take the following actions, as necessary: (i) neutralise the adverse impact or minimise its extent, including through the payment of damages to the affected persons; (ii) implement a corrective action plan with timelines and indicators; (iii) seek contractual assurances; and (iv) make necessary investments. As with the obligation to prevent and mitigate potential adverse impacts, there are provisions governing circumstances where the actual adverse impact cannot be brought to an end or minimised.[10]
Standalone climate change obligation
Group 1 companies are required to adopt a plan to ensure that the business model and strategy of the company are compatible with limiting global warming to 1.5°C in line with the Paris Agreement. The plan should identify the extent to which climate change is a risk for, or an impact of, the company’s operations. Fulfilment of the obligations in the plan should then be taken into account in the context of directors’ variable remuneration, where such remuneration is linked to the director’s contribution to business strategy and long-terms interests and sustainability.
Expansion of directors’ duties
The Directive introduces a “directors’ duty of care” provision requiring directors to take into account the human rights, climate change and environmental consequences of their decisions in the short, medium and long term. Directors[11] should put into place and oversee due diligence actions and policies, and adapt the company’s strategy where necessary. Member States must ensure that their laws applicable to breach of directors’ duties are extended to the provisions in the Directive. As currently drafted, the Directive itself does not impose personal liability on directors for non-compliance.
In practical terms, this will likely carry with it obligations of transparency, and boards should document how they are engaging with sustainability requirements and considering risks in all relevant decision-making, including on matters of strategy. Directors should also ensure that they are sufficiently informed on how due diligence processes and reporting lines are resourced and managed within the company, and conduct training on ESG matters.
What will be required of the board will ultimately be industry-specific, but it will be important to demonstrate that the board is actively engaging with these issues.
Sanctions and enforcement
Non-compliance with the substantive requirements of the Directive carries the threat of civil liability and specific sanctions. A civil liability provision requires Member States to ensure companies are liable for damages if: (a) they have failed to prevent or mitigate potential adverse impacts; and (b) as a result of this failure, an adverse impact that could have been avoided in fact occurred and caused damage. Importantly, a company cannot escape liability by relying on local law (for example, where the jurisdiction of the alleged adverse impact does not provide for damages). Where, however, a company has taken the “appropriate” due diligence measures identified in the Directive, there should be no such liability unless it was “unreasonable” in the circumstances to expect that the action taken (including as regards verifying business partners’ compliance) would be adequate to prevent, mitigate, bring to an end or minimise the extent of the adverse impact. This begs the question as to what may be considered “unreasonable” and what measures are to be considered “appropriate” for the relevant company, to which there are no clear answers in the Directive. Further guidance on the scoping of expectations and nature of “appropriate” due diligence will be essential.
Meanwhile, the Directive requires Member States to set up supervisory authorities to monitor compliance, but gives discretion as regards sanctions for non-compliance. These authorities will be empowered to conduct investigations, issue orders to stop violations, and publish their decisions.
In-scope companies which are incorporated outside the EU must also appoint an “authorised representative”, i.e. a natural or legal person domiciled or established in the EU Member State in which that company generated most of its annual net turnover in the EU in the previous year. The authorised representative must have a mandate to act on the company’s behalf in relation to complying with the Directive, and will communicate and cooperate with supervisory authorities.
Next steps
The draft Directive will now be presented to the Council of the European Union and the European Parliament, upon whom it is incumbent to reach agreement on a final text. It is expected that the Directive will be subject to further debates by a range of industry, government and NGO stakeholders, and it remains to be seen whether any material changes will be made. The political tailwinds behind EU-wide action in this area are strong,[12] particularly as national governments across the EU continue to implement their own legislative measures and the European Parliament has already advocated for similar legislation. Current best estimates envisage adoption in or around 2023, with subsequent transposition into national law two to four years thereafter. Hence, it is likely that the earliest that companies will be required to report pursuant to the proposed Directive will be in relation to the financial years ending 2025 or 2026.
The draft Directive is an ambitious proposal and there remain a number of open questions regarding the scope and nature of the duties envisaged. Further guidance on issues such as the nature of due diligence has been promised by the Commission, and will be critical as corporates seek to understand their obligations and address them in practical terms.
__________________________
[1] On the same date, the European Commission also published a Q&A publication and a factsheet which provide further colour and background to the draft Directive. These are available on the European Commission’s Corporate Sustainability Due Diligence website.
[2] This follows a public consultation period held between 26 October 2020 and 8 February 2021, and an EU Parliament draft directive on “Corporate Due Diligence and Corporate Accountability” published on 10 March 2021 (the “EU Parliament draft Directive“). See our previous client alert, addressing the 27 January 2021 report containing the proposed EU Parliament draft Directive.
[3] The definition of “companies” extends beyond corporate entities to other forms of enterprises with separate legal personality by reference to the Accounting Directive 2013/34 and to certain regulated financial undertakings regardless of their legal form. See Article 2(iv) of the draft Directive (defining “Company”).
[4] See Article 2(2) of the draft Directive. Whilst the parameters of application of the Directive draw upon thresholds and definitions that have been utilised in other EU sustainability and ESG-related regulations (such as the Non-Financial Reporting Directive and the proposed new Corporate Sustainability Reporting Directive (CSRD)), this threshold relating to turnover attributable to high impact sectors is a new development.
[5] Namely, the reporting requirements under Articles 19a and 29a of Directive 2014/95/EU (the Non-Financial Reporting Directive), which will soon be replaced by the Corporate Sustainability Reporting Directive).
[6] This compares to the broader scope of the CSRD which is expected to capture around 50,000 entities.
[7] See Article 2(iv) of the draft Directive (defining “Company”).
[8] The italicized terms are defined under the Directive (Article 3).
[9] Namely, Group 2 companies, and non-EU companies generating a net turnover of more than EUR 40 million but not more than EUR 150 million in the EU in the preceding financial year, provided at least 50% of its net worldwide turnover was generated in a high-impact sector.
[10] Namely, as in Article 7, the company may seek to conclude a contract with an entity with whom it has an indirect relationship with a view to achieving compliance with the company’s code of conduct or corrective plan (Article 7(4)), and refrain from entering into new or extending existing relations with the partner in connection with or in the value chain where the impact has arisen, and shall temporarily suspend commercial relationships or terminate the business relationship where the adverse impact is severe (Article 7(6)).
[11] “Directors” is defined broadly in the draft Directive as those who are part of the “administrative, management or supervisory bodies of a company”, the CEO and any Deputy CEO, in addition to other persons who perform similar functions. “Board of directors” is broadly defined as “the administrative or supervisory body responsible for supervising the executive management of the company”, or those performing equivalent functions. See draft Directive, Articles 3((o), (p).
[12] This proposal also comes off the back of a flurry of other developments in the EU in relation to ESG-related regulation. These developments include the European Commission’s presentation of the same date of a Communication on Decent Work Worldwide, and very recent feedback and developments on proposed changes to the CSRD from various European Parliament committees, including the Permanent Representatives Committee’s (Coreper) general approach regarding the European Commission’s proposed CSRD, published on 18 February 2022 and European Parliament’s Economic and Monetary Affairs Committee’s (ECON) opinion and proposed changes to the CSRD, published on 28 February 2022.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Environmental, Social and Governance (ESG) practice, or the following authors:
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Selina S. Sagayam – London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)
Sophy Helgesen – London (+44 (0) 20 7071 4261, shelgesen@gibsondunn.com)
Stephanie Collins – London (+44 (0) 20 7071 4216, SCollins@gibsondunn.com)
Ashley Kate Hammett – London (+44 (0) 20 7071 4240, ahammett@gibsondunn.com)
Please also feel free to contact the following ESG practice leaders:
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Elizabeth Ising – Washington, D.C. (+1 202-955-8287, eising@gibsondunn.com)
Perlette M. Jura – Los Angeles (+1 213-229-7121, pjura@gibsondunn.com)
Ronald Kirk – Dallas (+1 214-698-3295, rkirk@gibsondunn.com)
Michael K. Murphy – Washington, D.C. (+1 202-955-8238, mmurphy@gibsondunn.com)
Selina S. Sagayam – London (+44 (0) 20 7071 4263, ssagayam@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Utah is poised to join California, Virginia, and Colorado in enacting comprehensive data privacy legislation. Although Utah’s law largely follows the Virginia and Colorado models—with a few provisions that may ease the burden on businesses—it adds to an increasingly active state legislative landscape. Meanwhile, California is proposing changes to its landmark privacy law as other states plow ahead with debating or updating their own data privacy laws. Companies should account for these changes as they develop programs to comply with the laws.
Utah Consumer Privacy Act
In Utah, the legislature unanimously passed the Utah Consumer Privacy Act.[1] After the bill reaches the governor’s desk, he will have 20 days to sign or veto it or it will become law automatically signature if the governor vetoes the bill, the legislature has sufficient votes to override the veto, given that it was passed unanimously. Once enacted, the new law will become effective by its terms on December 31, 2023,[2]—approximately one year after the similar laws in Colorado and Virginia go into force. Comparable to the other laws, the new law applies to companies that (1) conduct business in Utah or target consumers in the state, (2) have $25 million or more in annual revenue, and (3) either (a) process or control personal data of 100,000 or more Utah consumers or (b) process or control personal data of 25,000 or more Utah consumers and derive 50 percent or more of their gross revenue from selling personal data.[3]
While Utah’s law is similar to Virginia’s and Colorado’s laws, it has a few differences that may make the law easier for businesses to follow. For example, like Virginia and Colorado, Utah does not include a private right of action in its law, although the attorney general can seek statutory damages, as described more fully below. However, unlike the laws in Virginia and Colorado, Utah’s law does not require businesses to conduct and document data protection assessments about their data-processing practices.[4] Utah also does not require businesses to set up a mechanism for consumers to appeal a business’s decision regarding the consumer’s request to exercise any of their personal data rights.[5] And finally, Utah’s law makes it easier to charge a fee when responding to consumer requests. Specifically, businesses may charge a fee when responding to consumer requests to exercise their personal data rights in Virginia only if those requests are “manifestly unfounded, excessive, or repetitive,”[6] or in Colorado only if a second request is made in a 12-month period.[7] But Utah allows businesses to charge a fee in both those situations as well as when the business “reasonably believes the primary purpose in submitting the request was something other than exercising a right” or is harassing, disruptive, or poses an undue burden on the controller.[8]
Relating to enforcement, while Utah’s Division of Consumer Protection can investigate potential violations, Utah’s law, like Colorado’s and Virginia’s, limits enforcement to the state attorney general.[9] The attorney general must give companies at least 30 days to cure before initiating an action.[10] If the attorney general does bring such an action, they may collect statutory damages of up to $7,500 per violation or actual damages.[11]
Developments in Other States
As Utah moves ahead with its new privacy law, California legislators have floated proposals to extend the business-to-business and employment-related exemptions in the California Consumer Privacy Act (“CCPA”). Under those exemptions, the CCPA does not generally apply to employment-related data or data involved in transactions between businesses for due diligence or to provide a good or service. The California Privacy Rights Act (“CPRA”) is presently set to sunset those exemptions on January 1, 2023. But the bills introduced in California would extend those exemptions either through January 1, 2026, or pursuant to the alternative bill, indefinitely.[12]
California is not the only state with updates to its comprehensive data privacy law in the works. Colorado’s attorney general announced recently that a formal notice of proposed rulemaking under the Colorado Privacy Act will be issued by this fall to prepare regulations that will be implemented by January 2023. In the meantime, town halls and meetings are planned to gather comments on that rulemaking.
Other states are moving rapidly to join California, Colorado, Virginia, and Utah. Data privacy laws have passed committee or chamber votes this year in Indiana, Iowa, Florida, Massachusetts, Ohio, Washington, and Wisconsin, and numerous other states also are considering legislation. Although the precise contours of these laws—and how many, if any more this year, will be enacted, and when—remain in flux, the enactment of state privacy laws already has ushered in notable regulatory changes affecting how companies collect and manage data while imposing a host of new obligations and potential liability, across the country. Companies would be well-served to focus their compliance programs accordingly.
We will continue to monitor developments in this area, and are available to discuss these issues as applied to your particular business.
___________________________
[1] Utah Consumer Privacy Act (“UCPA”), S.B. 227, 2022 Leg. Sess. (Utah 2022).
[4] See Colorado Privacy Act (“CPA”), S.B. 21-190, § 6-1-1309, 73d Leg., 2021 Regular Sess. (Colo. 2021); Virginia Consumer Data Protection Act (“VCDPA”), S.B. 1392, § 59.1-576, 2021 Spec. Sess. (Va. 2021).
[5] See CPA, 6-1-1306(3)(a); VCDPA, § 59.1-573(C).
[8] UCPA, § 7, 13-61-203(4)(b)(i)(B)-(C).
[9] UCPA, § 13, 13-61-305; § 13, 13-61-401; § 14, 13-61-402(1)-(2).
[10] UCPA, § 14, 13-61-402(3)(b)-(c).
[11] UCPA, § 14, 13-61-402(3)(d).
[12] See A.B. 2871, 2021–2022 Reg. Sess. (Calif. 2022); A.B. 2891, 2021–2022 Reg. Sess. (Calif. 2022).
This alert was prepared by Ryan T. Bergsieker, Cassandra Gaedt-Sheckter, Eric M. Hornbeck and Alexander H. Southwell.
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Privacy, Cybersecurity and Data Innovation practice group:
United States
Alexander H. Southwell – Co-Chair, PCDI Practice, New York (+1 212-351-3981, asouthwell@gibsondunn.com)
S. Ashlie Beringer – Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)
Debra Wong Yang – Los Angeles (+1 213-229-7472, dwongyang@gibsondunn.com)
Matthew Benjamin – New York (+1 212-351-4079, mbenjamin@gibsondunn.com)
Ryan T. Bergsieker – Denver (+1 303-298-5774, rbergsieker@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202-887-3786, dburns@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650-849-5203, cgaedt-sheckter@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213-229-7269, nhanna@gibsondunn.com)
Howard S. Hogan – Washington, D.C. (+1 202-887-3640, hhogan@gibsondunn.com)
Robert K. Hur – Washington, D.C. (+1 202-887-3674, rhur@gibsondunn.com)
Kristin A. Linsley – San Francisco (+1 415-393-8395, klinsley@gibsondunn.com)
H. Mark Lyon – Palo Alto (+1 650-849-5307, mlyon@gibsondunn.com)
Karl G. Nelson – Dallas (+1 214-698-3203, knelson@gibsondunn.com)
Ashley Rogers – Dallas (+1 214-698-3316, arogers@gibsondunn.com)
Deborah L. Stein – Los Angeles (+1 213-229-7164, dstein@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213-229-7186, evandevelde@gibsondunn.com)
Benjamin B. Wagner – Palo Alto (+1 650-849-5395, bwagner@gibsondunn.com)
Michael Li-Ming Wong – San Francisco/Palo Alto (+1 415-393-8333/+1 650-849-5393, mwong@gibsondunn.com)
Europe
Ahmed Baladi – Co-Chair, PCDI Practice, Paris (+33 (0) 1 56 43 13 00, abaladi@gibsondunn.com)
James A. Cox – London (+44 (0) 20 7071 4250, jacox@gibsondunn.com)
Patrick Doris – London (+44 (0) 20 7071 4276, pdoris@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33-180, kgesing@gibsondunn.com)
Bernard Grinspan – Paris (+33 (0) 1 56 43 13 00, bgrinspan@gibsondunn.com)
Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33-180, mwalther@gibsondunn.com)
Alejandro Guerrero – Brussels (+32 2 554 7218, aguerrero@gibsondunn.com)
Vera Lukic – Paris (+33 (0) 1 56 43 13 00, vlukic@gibsondunn.com)
Sarah Wazen – London (+44 (0) 20 7071 4203, swazen@gibsondunn.com)
Asia
Kelly Austin – Hong Kong (+852 2214 3788, kaustin@gibsondunn.com)
Connell O’Neill – Hong Kong (+852 2214 3812, coneill@gibsondunn.com)
Jai S. Pathak – Singapore (+65 6507 3683, jpathak@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
On March 9, 2022, the Securities and Exchange Commission (“SEC” or “Commission”) held a virtual open meeting where it considered a rule proposal for new cybersecurity disclosure requirements for public companies, primarily consisting of: (i) current reporting of material cybersecurity incidents and (ii) periodic reporting of material updates to cybersecurity incidents, the company’s cybersecurity risk management, strategy, and governance practices, and the board of directors’ cybersecurity expertise, if any.
The proposal passed on party lines and the comment period ends on the later of 30 days after publication in the Federal Register or May 9, 2022 (which is 60 days from the date that the rules were proposed). Below please find a summary description of the rule proposal, as well as certain Commissioner’s concerns related to the proposal.
Summary of Proposed Amendments
New Current Reporting Requirements
The proposed amendments would require current reporting of material cybersecurity incidents by adding new Item 1.05 to Form 8-K. As is the case with almost all other Form 8-K items, Item 1.05 would require companies to disclose material cybersecurity incidents[1] within four business days. The trigger date for the disclosure is the date of the materiality determination, rather than the date of discovery of the incident, although companies are required to make a materiality determination as soon as reasonably practicable after discovery. Required disclosure would include:
- When the incident was discovered and whether it is ongoing;
- A brief description of the nature and scope of the incident;
- Whether any data was stolen, altered, accessed, or used for any other unauthorized purpose;
- The effect of the incident on the company’s operations; and
- Whether the company has remediated or is currently remediating the incident.
According to the release, “[w]hat constitutes “materiality” for purposes of the proposed cybersecurity incidents disclosure would be consistent with that set out in the numerous cases addressing materiality in the securities laws, including: TSC Industries, Inc. v. Northway, Inc.,[2] Basic, Inc. v. Levinson,[3] and Matrixx Initiatives, Inc. v. Siracusano[4].”[5] The SEC noted in the proposed rule that it would not expect companies to disclose technical information about its planned response, cybersecurity systems, related networks and devices, or vulnerabilities “in such detail as would impede the company’s response or remediation of the incident.”[6] However, Item 1.05 would not allow for a reporting delay when there is an ongoing internal or external investigation related to the cybersecurity incident. Notably, however, an untimely filing of Item 1.05 disclosure on Form 8-K would not result in a loss of Form S-3 and Form SF-3 eligibility and would be covered by the safe harbor for Section 10(b) and Rule 10b-5 liability. With respect to foreign private issuers, the amendments would similarly create a disclosure trigger for cybersecurity incidents on Form 6-K.
New Periodic Reporting Requirements
Material Updates to Cybersecurity Incidents. The proposed amendments would add additional disclosure requirements to public companies’ quarterly and annual reports by introducing new Item 106(d) of Regulation S-K, which would require companies to disclose any material changes, additions, or updates to information required to be disclosed pursuant to proposed Item 1.05 of Form 8-K in the company’s Form 10-Q or Form 10-K for the covered period (the company’s fourth fiscal quarter in the case of a Form 10-K) in which the material change, addition, or update occurred. Item 106(d) would also require companies to disclose when a series of previously undisclosed individually immaterial cybersecurity incidents becomes material in the aggregate.
Risk Management and Strategy. In addition, public companies would be required to disclose their policies and procedures, if any, to identify and manage cybersecurity risks and threats. The company would also be required to describe whether it engages assessors or other third parties in connection with its risk assessment and any policies or procedures for risks in connection with the use of third party service providers. The other topics included in proposed Item 106(b) would require disclosure regarding whether the company undertakes to prevent, detect and minimize the threat of cybersecurity incidents; whether the company has business continuity, contingency or recovery plans in the event of cybersecurity incident; whether previous cybersecurity incidents have informed changes in the company’s governance, policies and procedures, or technologies; whether and how cybersecurity-related risk and incidents have affected or are reasonably likely to affect the company’s results of operations or financial condition; and whether and how cybersecurity risks are considered as part of the company’s business strategy, financial planning, and capital allocation.
Governance. Proposed Item 106(c) of Regulation S-K would require disclosure regarding the role of the board of directors and management in cybersecurity governance. With respect to the board of directors, companies would need to disclose whether the entire board, specific board members or a board committee is responsible for the oversight of cybersecurity risks. Disclosure would also need to include a discussion of the processes by which the board is informed about cybersecurity risks, the frequency of discussions on cybersecurity, and whether and how the board or responsible board committee considers cybersecurity risks as part of its business strategy, risk management, and financial oversight. With respect to management, companies would need to disclose whether certain management positions or committees are responsible for measuring and managing cybersecurity risk and the relevant expertise of such persons. The company would also need to disclose whether it has designated a chief information security officer, or someone in a comparable position, and if so, to whom that individual reports within the company’s organizational chart, the relevant expertise of any such persons, the processes by which such persons or committees are informed about and monitor the prevention, mitigation, detection, and remediation of cybersecurity incidents, and whether and how frequently such persons or committees report to the board or a committee of the board on cybersecurity risk.
Director Cybersecurity Expertise. Proposed Item 407(j) of Regulation S-K would require companies to annually disclose (in proxy statements for their annual meetings of shareholders or their annual reports on Form 10-K) cybersecurity expertise of directors of the company, if any. If any member of the board has cybersecurity expertise, the company would be required to disclose the name of any such director, and provide such detail as necessary to fully describe the nature of the director’s expertise. Cybersecurity expertise would remain undefined, but the proposed rule would introduce criteria relevant for the determination, such as whether the director has work experience in cybersecurity, whether the director obtained a certification or degree in cybersecurity, and whether the director has knowledge, skills or other background in cybersecurity. Similar to the existing safe harbor with respect to “audit committee financial experts,” proposed Item 407(j)(2) would state that a person who is determined to have expertise in cybersecurity will not be deemed an expert for any purpose, including, without limitation, for purposes of Section 11 of the Securities Act of 1933, as a result of being designated or identified as a director with expertise in cybersecurity pursuant to proposed Item 407(j).
Foreign Private Issuers. Comparable changes would be made to require similar disclosures on an annual basis on Form 20-F.
Structured Data Requirements
Disclosures required under the proposed rules would need to be tagged in Inline XBRL, which would include block text tagging of narrative disclosures, as well as detail tagging of quantitative amounts disclosed within the narrative disclosures. According to the release, “[t]his Inline XBRL tagging would enable automated extraction and analysis of the granular data required by the proposed rules, allowing investors and other market participants to more efficiently perform large-scale analysis and comparison of this information across registrants and time periods.”[7]
For additional information on the proposed amendments, please see the following links:
Commissioner Concerns
The Commission voted three to one in support of the proposed amendments, with Commissioner Peirce dissenting. Chair Gensler supported the proposed rules noting that “companies and investors alike would benefit if this disclosure were required in a consistent, comparable, and decision-useful manner.”[8] Chair Gensler emphasized two ways in which the proposed rules would enhance cybersecurity disclosure and allow investors to assess cybersecurity risks more effectively, by requiring (i) ongoing disclosures regarding companies’ governance, risk management, and strategy with respect to cybersecurity risks and (ii) mandatory, material cybersecurity incident reporting. Commissioner Peirce expressed some reservations about the proposal. Specifically, Commissioner Peirce voiced concern that: (i) the governance disclosure requirements could be viewed as substantive guidance for the composition and functioning of both the boards of directors and management of public companies; (ii) the policy disclosure requirements may pressure companies to consider adapting their existing policies and procedures to conform to the Commission’s preferred approach; and (iii) the Commission is not best suited to design cybersecurity programs to be effective for all companies. Although Commissioner Peirce was more supportive of the cybersecurity incident reporting requirements, stating that they provided guideposts for companies to follow in reporting material cybersecurity incidents, she was critical of the proposed rule’s inflexibility with regard to whether temporary relief from the disclosure requirements would best protect investors in cases of ongoing investigations.
For the published statements of the Commissioners, please see the following links:
As mentioned above, the comment period ends on the later of 30 days after publication in the Federal Register or May 9, 2022 (which is 60 days from the date that the rules were proposed). Comments may be submitted: (1) using the SEC’s comment form at https://www.sec.gov/rules/submitcomments.htm; (2) via e-mail to rule-comments@sec.gov (with “File Number S7-09-22″ on the subject line); or (3) via mail to Secretary, Securities and Exchange Commission, 100 F Street NE, Washington, DC 20549-1090. All submissions should refer to File Number S7-09-22.
Takeaways
The proposed rule contemplates extensive changes to current reporting requirements, and many of the disclosure topics act as guidance with respect to the SEC’s expectations for public companies’ cybersecurity risk management, strategy, and governance. In light of these changes, public companies should consider the following:
- Incident Disclosure Obligations Take Priority Over All Other Considerations. As noted by Commissioner Peirce, proposed Item 1.05 of Form 8-K does not provide companies with flexibility with respect to the timing of disclosing material cybersecurity incidents, even when it may be beneficial to delay disclosure. Under the proposed rule, companies would be required to report material cybersecurity incidents within four business days of the materiality determination, even when doing so may hinder the efforts of law enforcement to investigate the extent of the incident or apprehend wrongdoers. The disclosure mandate would also effectively override any deferral provided under state and local law, as companies will still need to timely file the required Form 8-K even where a state or local law would permit a delay in notifying the public about the incident. In addition, the proposed rule does not distinguish ongoing incidents from past or remediated incidents in the reporting requirements, which could result in required disclosure of cybersecurity incidents that still have active vulnerabilities. In these instances, disclosure could exacerbate the severity of the incident, as wrongdoers could become aware of and seek to exploit current vulnerabilities in the company’s systems. In essence, the proposed rule does not allow companies to take into account any other considerations on whether to disclose material cybersecurity incidents. The proposing release justifies the rule by stating that it is “critical to investor protection and well-functioning orderly and efficient markets that investors promptly receive information regarding material cybersecurity incidents.”[9] However, the SEC does not demonstrate that the inflexibility of the rule is necessary for the functioning of the markets or that such other considerations are less critical to investor protection than strict adherence to the proposed reporting regime. Moreover, the mere fact that the trigger date for the disclosure requirement is the date of the materiality determination does not provide companies with flexibility given the rule’s expectation that companies will make such determination as soon as reasonably practicable after discovery of the incident.
- Companies May Need to Revisit their Cybersecurity Policies and Procedures. The proposed rule would require companies to disclose many facets of their cybersecurity policies and procedures, such as whether there are procedures for overseeing cybersecurity risk arising from the use of third party service providers. These disclosure topics are likely to incentivize companies to revisit their policies and procedures in order to ensure that they address such topics, as companies will want to avoid disclosure of policies that lack features that the SEC focuses on or that appear less robust than those of their peers. In addition, it will be important for companies revisiting their cybersecurity policies to ensure that they provide for effective disclosure controls and procedures that include communication between the cybersecurity team, or those responsible for cybersecurity, and the legal team. These channels of communication will be necessary for the prompt assessment and escalation of detected cybersecurity incidents, which serves the purposes of providing for proper oversight and complying with the proposed disclosure requirements. Communication will need to be maintained through the conclusion and remediation of cybersecurity incidents, given the requirement to provide material updates to the disclosure and to disclose any series of previously undisclosed, immaterial incidents that become material in the aggregate. Companies without a chief information security officer, or equivalent, should consider whether such a position should be created in light of the requirement to disclose whether the company has such an officer.
- Boards May Need to Revisit Their Oversight Role and Structures. While many companies already include disclosure on the board’s role in overseeing cybersecurity risk in their proxy statements, the proposed rule introduces a broad set of discussion topics that will need to be addressed. In particular, boards that have not delegated responsibility for overseeing cybersecurity disclosures to a specific board committee will need to consider whether it is appropriate to do so. Companies should also consider the channels through which cybersecurity information is communicated to the board (or designated committee) and evaluate whether such channels provide effective and timely communications. Boards will also need to assess whether the amount of time spent addressing cybersecurity during meetings is appropriate given the requirement to disclose the frequency of discussions on the topic.
- Director Cybersecurity Experience will be at a Premium. Requiring disclosure of whether any of a company’s directors have cybersecurity expertise will likely pressure companies to prioritize candidates with cybersecurity experience as part of their search process in order to avoid appearing behind on cybersecurity compared to their peers. Given that companies will need to describe such expertise in their annual disclosure, directors with substantive cybersecurity experience may be highly sought after. In addition, many companies include cybersecurity in director skill matrices in their proxy statements. Should the rules be adopted as proposed, those companies will need to consider whether their assessments of experience align with the criteria proposed by the SEC, or risk potentially confusing investors with two different standards for cybersecurity expertise.
__________________________
[1] Cybersecurity incident is defined to mean an unauthorized occurrence on or conducted through a company’s information systems that jeopardizes the confidentiality, integrity, or availability of a company’s information systems or any information residing therein.
[2] TSC Indus. v. Northway, 426 U.S. 438, 449 (1976).
[3] Basic Inc. v. Levinson, 485 U.S. 224, 232 (1988).
[4] 563 U.S. 27 (2011).
[6] Id.
[7] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Exchange Act Release, No. 34-94382 (Mar. 9, 2022) at Part II.G, available at https://www.sec.gov/rules/proposed/2022/33-11038.pdf.
[8] Chairman Gary Gensler, “Statement on Proposal for Mandatory Cybersecurity Disclosures” (Mar. 9, 2022), available https://www.sec.gov/news/statement/gensler-cybersecurity-20220309.
[9] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Exchange Act Release, No. 34-94382 (Mar. 9, 2022) at Part II.B.3, available at https://www.sec.gov/rules/proposed/2022/33-11038.pdf.
This alert was prepared by Alexander H. Southwell, Ashlie Beringer, Lori Zyskowski, Thomas J. Kim, and Julia Lapitskaya.
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Privacy, Cybersecurity and Data Innovation and Securities Regulation and Corporate Governance practice groups, or the following authors:
Alexander H. Southwell – New York (+1 212-351-3981, asouthwell@gibsondunn.com)
S. Ashlie Beringer – Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)
Lori Zyskowski – New York (+1 212-351-2309, lzyskowski@gibsondunn.com)
Thomas J. Kim – Washington, D.C. (+1 202-887-3550, tkim@gibsondunn.com)
Julia Lapitskaya – New York (+1 212-351-2354, jlapitskaya@gibsondunn.com)
We would like to thank Matthew Dolloff in our New York office for his work on this article.
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
The United States, the European Union, the United Kingdom, Australia, Japan and other countries have issued or announced sanctions and export controls targeting Russia and the Russia-backed separatist regions of Ukraine known as the Donetsk People’s Republic and the Luhansk People’s Republic. The United States took the first step by issuing broad jurisdiction-based sanctions on the two regions, similar to the existing sanctions on the Crimea region of Ukraine, and followed up with additional sanctions targeting Russia’s financial system. NATO allies also announced sanctions—including targeted designations by the United Kingdom and a sanctions package by the European Union—and non-NATO allies promised or implemented tough sanctions in close coordination. As tensions continue to rise, we continue to see more series of tools from the NATO countries and their allies to exert economic pressure on Russia to deescalate the ongoing crisis in Ukraine and withdraw its army from Ukraine’s borders.
Hear from our experts about these developments and how companies should proactively assess their exposure to the sanctions and export controls measures being discussed.
MODERATOR:
David A. Wolber is a Registered Foreign Lawyer (New York) in Hong Kong and Of Counsel in the Hong Kong office of Gibson, Dunn & Crutcher. He is a member of the firm’s International Trade Practice Group. Mr. Wolber assists clients around the world in understanding and navigating complex legal, compliance, reputational, political and other risks arising out of the interplay of various international trade, national security and financial crime laws and regulations, with particular expertise advising clients on economic and trade sanctions, export controls, foreign direct investment controls/CFIUS, anti-money laundering (AML) and anti-bribery and anti-corruption (ABC) laws and regulations.
PANELISTS:
Patrick Doris is a partner in the London office whose practice includes transnational litigation, cross-border investigations, and compliance advisory for clients including major global investment banks, global corporations, leading U.S. operators in the financial sectors, and global manufacturing companies, among others. He advises financial sector clients and others on OFAC and EU sanctions violations, responses to major cyber-penetration incidents, and other matters relating to national supervisory and regulatory bodies.
Christopher T. Timura is Of Counsel in the Washington D.C. office. He counsels clients on compliance with U.S. and international customs, export controls, and economic sanctions law and represents them before the departments of State (DDTC), Treasury (OFAC and CFIUS), Commerce (BIS), Homeland Security (CBP and ICE), and Justice in voluntary and directed disclosures, civil and criminal enforcement actions and investment reviews. Working with in-house counsel, boards, and other business personnel, he helps to identify and leverage existing business processes to integrate international trade compliance, and CSR-related data gathering, analysis, investigation, and reporting throughout client business operations.
Richard Roeder is an associate in the Munich office who was previously seconded to the Washington, D.C. office and worked with the firm’s U.S. sanctions and export control team and assisted clients in managing the challenges posed by the divergence between U.S. and EU economic and financial sanctions. He advises clients in the banking, insurance, automotive, mining, oil and gas, healthcare and information technology industries in the areas of sanctions, anti-money-laundering and anti-corruption compliance.
Claire Yi is an associate in the Washington, D.C. office. She is a member of the firm’s International Trade and White Collar Defense and Investigations Practice Groups. Ms. Yi received her Juris Doctor, magna cum laude, from Harvard Law School, where she was an Articles Editor for Harvard International Law Journal. During law school, she served as an intern for the Compliance and Business Risk Department at the World Bank-International Finance Corporation, for the Office of the Inspector General at the State Department, and for the Office of the Legal Adviser at the State Department.
On March 9, 2022, President Biden signed a long-awaited Executive Order (titled “Ensuring Responsible Development of Digital Assets” and issued with an accompanying Fact Sheet) regarding the U.S. government’s strategy for digital assets, defined to include cryptocurrencies and other forms of exchange that are recorded on the blockchain.[1] Citing the need for the federal government to address the role of digital assets in the financial system, the Executive Order represents the first whole-of-government approach to the benefits and risks of digital assets. It is a general policy statement that reflects the views of the administration, as opposed to a specific proposal for regulation.
In our view, there are three principal takeaways from the Executive Order. First, it acknowledges the exponential growth and opportunity that the digital asset ecosystem presents, and outlines a policy interest in “responsible financial innovation” and the need for evolution and coordination to ensure that the United States continues to be a leader in the space. Second, the Executive Order identifies a number of perceived general risk areas that digital assets can pose on issues ranging from consumer protection to national security to the environment. Third, to address these risks, the Executive Order tasks various federal agencies—working in coordination—to draft a host of reports, frameworks, and action plans to evaluate the various perceived challenges and opportunities presented by digital assets. We discuss each takeaway in order below.
U.S. Commitment to Digital Asset Leadership
To date, countries around the world have taken divergent stances on digital assets. Cryptocurrency transactions are banned in China, for instance, whereas other jurisdictions have gone as far as to make bitcoin legal tender.[2] It was not clear where the White House would come down on this spectrum, as individual U.S. lawmakers, regulators, and enforcers have offered differing views on how to approach digital assets.
The Executive Order offers a strong endorsement of the potential of digital assets and the need for the United States to play a leading role in shaping the design of this ecosystem. Specifically, it declares that “[w]e must reinforce United States leadership in the global financial system and in technological and economic competitiveness, including through the responsible development of payment innovations and digital assets.”[3] Further, it provides that the U.S. has an interest in remaining at the “forefront” of the “responsible development and design of digital assets,” where its leadership can “sustain United States financial power and promote United States economic interests.”[4] One potential way to do so is by creating a central bank digital currency (“CBDC”), which, as discussed below, the Executive Order tasks various parts of the government to study at length.
The Executive Order also recognizes the benefits that digital assets can provide to consumers, as they may help expand equitable access to financial services by, for instance, “making investments and domestic and cross-border funds transfers and payments cheaper, faster, and safer.”[5]
At the same time, the Executive Order acknowledges that many opportunities and challenges posed by blockchain-based ecosystems fall outside the scope of existing laws and that government approaches to date have been “inconsistent,” “necessitating an necessitate an evolution and alignment of the United States Government approach to digital assets.”[6]
Potential Risks in the Digital Asset Ecosystem
The Executive Order identifies a number of broad potential risk areas involving digital assets that may implicate a wide range of participants in the ecosystem including exchanges, custody providers, investors, token issuers, and companies that accept digital assets for payment. Specific risks cited in the Executive Order include:
- Data Protection—Without “sufficient oversight and standards,” firms providing digital asset services “may provide inadequate protections for sensitive financial data, custodial and other arrangements relating to customer assets and funds.”[7]
- Privacy—Key “safeguards” identified in “responsible development” of digital assets include “maintain[ing] privacy” and “shield[ing] against arbitrary or unlawful surveillance.”[8]
- Risk Disclosures—An important facet of protecting investors is ensuring adequate “disclosures of risks associated with investment.”[9]
- Cybersecurity—Cybersecurity issues that have occurred at major digital asset exchanges and trading platforms to date have contributed to billions of dollars of losses.[10]
- Systemic Risk—In order to mitigate systemic risk, digital asset issuers, exchanges and trading platforms, and other intermediaries “should, as appropriate, be subject to and in compliance with regulatory and supervisory standards that govern traditional market infrastructures and financial firms.”[11] Moreover, new and unique uses of digital assets “may create additional economic and financial risks” that require “an evolution to a regulatory approach.”[12]
- National Security and Illicit Finance—Noting that digital assets can pose significant national security and illicit finance risks ranging from terrorism financing to cybercrime, the Executive Order aims to “ensure appropriate controls and accountability” for digital asset systems to “promote high standards for transparency, privacy, and security” in order to counter these activities.[13]
- Sanctions Evasion—Digital assets may be used to circumvent sanctions.[14]
- Climate and Pollution—The United States also has an interest in reducing “negative climate impacts and environmental pollution” from “some cryptocurrency mining.”[15]
In light of some of these risks, President Biden’s Executive Order provides that the United States “must support technological advances that promote responsible development and use of digital assets,” including by ensuring that digital asset technologies “are developed, designed, and implemented in a responsible manner” that includes privacy and security, features and controls to defend against illicit exploitation, and efforts to reduce negative environmental impacts.[16]
Researching the Path Forward
To determine the next steps for the U.S. government in the digital asset space, the Executive Order establishes an interagency process to address many of the opportunities and challenges outlined above.[17] Further, it calls for a number of reports, frameworks, action plans, and more to be developed, as outlined in the table below.
Critically, the Executive Order does not itself implement any new regulations over the digital asset space or require that agency reviews adopt particular rules or requirements. Instead, it just identifies what homework needs to be done. Accordingly, the Executive Order has not changed the jurisdiction of any U.S. regulator or enforcer with respect to digital assets, nor does it call for Congress to act to expand the jurisdiction or authority of independent agencies such as the CFTC or SEC, even as it opens by acknowledging that the novel challenges and opportunities presented by digital assets may not be within the scope of existing federal laws.[18] Various federal agencies are therefore instructed to “consider” whether some of the digital asset risks that are identified—such as privacy, consumer protection, and investor protection—are within the jurisdiction of existing regulators or “whether additional measures may be needed.”[19] The agencies’ conclusions to those questions, of course, will be of great interest to all market participants and those interested in digital assets and blockchain technology, including potentially to members of Congress.
Notably absent from the Executive Order is any reference to regulations implementing the tax information reporting provisions of HR 3684, the Infrastructure Investment and Jobs Act, signed into law on November 15, 2021. As discussed in this Gibson Dunn Client Alert, those provisions are one of the few recent legislative measures addressing digital assets and include effective dates that contemplate reporting requirements on a broad range of digital asset transactions beginning in January of 2023.
| Subject | Lead Agency | Supporting Agencies | Detailed Description | Due |
| Action Plans, Frameworks, and Reports | ||||
| Report on Strengthening International Law Enforcement[18] | DOJ | State, Treasury, DHS | How to strengthen international law enforcement cooperation for detecting, investigating, and prosecuting criminal activity related to digital assets. | Within 90 days (June 7, 2022) |
| Framework for International Engagement[19] | Treasury | State, Commerce, USAID, other relevant agencies | Establishing a framework for interagency international engagement to enhance adoption of global principles and standards for how digital assets are used and transacted. | Within 120 days (July 7, 2022) and an update one year later |
| Report on Prosecution of Crimes related to Digital Currency[20] | DOJ | Treasury, DHS | The role of law enforcement agencies in detecting, investigating, and prosecuting criminal activity related to digital assets, including any recommendations on regulatory or legislative actions. | Within 180 days (September 5, 2022) |
| Report on the Future of Money and Payment Systems[21] | Treasury | State, DOJ, Commerce, DHS, OMB, DNI | Topics include (i) the conditions that drive broad adoption of digital assets; (ii) the extent to which technological innovation may influence these outcomes; and (iii) the implications for the United States financial system, the modernization of and changes to payment systems, economic growth, financial inclusion, and national security. Also, various considerations related to the potential development of a CBDC. | Within 180 days (September 5, 2022) |
| Report on the Implications of Development and Adoption of Digital Assets[22] | Treasury | Labor and other agencies, potentially including FTC, SEC, CFTC, CFPB, and Federal banking agencies | Conditions that would drive mass adoption of different types of digital assets and the risks and opportunities such growth might present. Policy recommendations to protect United States consumers, investors, and businesses, and support expanding access to safe and affordable financial services. | Within 180 days (September 5, 2022) |
| Report on Environmental Impact Mitigation[23] | OSTP | Treasury, DOE, EPA, CEA, National Climate Advisor, other relevant agencies | Connections between distributed ledger technology and economic and energy transitions, including the potential for these technologies to impede or advance efforts to tackle climate change and the impacts these technologies have on the environment. | Within 180 days (September 5, 2022), update one year later |
| Framework for Enhancement of United States Economic Competitiveness[24] | Commerce | State, Treasury, other relevant agencies | A framework for enhancing United States economic competitiveness in, and leveraging of, digital asset technologies. | Within 180 days (September 5, 2022) |
| Report on Financial Stability Risks and Regulatory Gaps[25] | Treasury | FSOC[26] | The specific financial stability risks and regulatory gaps posed by various types of digital assets and recommendations to address such risks, including any proposals for new legislation or additional or adjusted regulation and supervision. | Within 210 days (October 5, 2022) |
| Coordinated Action Plan to Mitigate Identified Risks[27] | Treasury | State, DOJ, Commerce, DHS, OMB, DNI, other relevant agencies | The role of law enforcement and measures to increase financial services providers’ compliance with AML/CFT obligations related to digital asset activities. | Within 120 days of submission of the National Strategy for Combating Terrorist and Other Illicit Financing |
| CBDC Research | ||||
| Assessment of Legislative Changes[28] | DOJ | Treasury, Federal Reserve | Whether legislative changes would be necessary to issue a United States CBDC. | Within 180 days (September 5, 2022) |
| Technical Evaluation of the Requirements to Support a CBDC System[29] | OSTP; U.S. CTO | Treasury, Federal Reserve, other agencies | The technological infrastructure, capacity, and expertise that would be necessary at relevant agencies to facilitate and support the introduction of a CBDC system. | Within 180 days (September 5, 2022) |
| Legislative Proposal related to a United States CBDC[30] | DOJ | Treasury, Federal Reserve | Based upon Future of Money Report and any relevant materials developed by the Federal Reserve. | Within 210 days (October 5, 2022) |
| Recommendation for Continued Research[31] | Federal Reserve | Encouraged to continue research on the extent to which CBDCs could improve future payments systems, to assess the optimal form of a U.S. CBDC, to develop a strategic plan that evaluates the necessary steps and requirements for the potential implementation and launch of a U.S. CBDC, and evaluate the extent to which a U.S. CBDC could enhance or impede the ability of monetary policy to function effectively as a macroeconomic stabilization tool. | N/A | |
| Considerations, Notices, and Voluntary Submissions | ||||
| Submission of Supplemental Annexes relating to Illicit Finance Risks[32] | Treasury, State, DOJ, Commerce, DHS, OMB, DNI, other agencies | Agencies may submit supplemental annexes offering additional views on illicit finance risks posed by digital assets. | Within 90 days of submission of the National Strategy for Combating Terrorist and Other Illicit Financing | |
| Consideration of Competition Policy[33]</td | DOJ, FTC, CFPB | Potential effects the growth of digital assets could have on competition policy. | N/A | |
| Consideration of Consumer Protection and Privacy[34] | FTC, CFPB | Whether privacy or consumer protection measures within their respective jurisdictions may be used to protect users of digital assets and whether additional measures may be needed. | N/A | |
| Consideration of Investor and Market Protections[35] | SEC, CFTC, Federal Reserve, FDIC, OCC | Whether investor and market protection measures within their respective jurisdictions may be used to address the risks of digital assets and whether additional measures may be needed. | N/A | |
Conclusion
The Executive Order is both a landmark and a question mark for U.S. digital asset policy. It boldly proclaims that the United States intends to lead in promoting the responsible development and design of digital assets, even as it details in broad strokes many of the risks that the digital asset ecosystem could pose to consumers, investors, and citizens. But it does not address how these risks will be addressed in concrete terms, nor does it speak to the unique privacy, consumer and cybersecurity values and opportunities that are furthered by the technological innovation of the blockchain. As a result, continued uncertainty remains in the digital asset space with respect to, among other things, a clear regulatory framework, with regulation by enforcement continuing to be significant, even on certain fundamental questions. In the coming months, Gibson Dunn will be closely monitoring additional developments and the research outputs required by the Executive Order in order to help its clients across the digital asset space navigate regulatory risks and requirements in the United States.
___________________________
[1] Many of the top administration officials and heads of agencies announced their support for the Executive Order, including Treasury Secretary Yellen, Consumer Financial Protection Bureau (“CFPB”) Chairman Chopra, Commerce Secretary Raimondo, National Security Advisor Sullivan and National Economic Council Director Deese, Commodity Futures Trading Commission (“CFTC”) Chairman Behnam, and a tweet from Securities and Exchange Commission (“SEC”) Chair Gensler. The White House also convened a background call with senior administration officials to discuss the Executive Order.
[2] See, e.g., Alun John, Samuel Shen and Tom Wilson, China’s top regulators ban crypto trading and mining, sending bitcoin tumbling, Reuters (Sept. 24, 2021), https://www.reuters.com/world/china/china-central-bank-vows-crackdown-cryptocurrency-trading-2021-09-24/; Aaryamann Shrivastava, Swiss City To Make Bitcoin a Legal Tender After Mexico and El Salvador, FX Empire (Mar. 4, 2022), https://www.fxempire.com/news/article/swiss-city-to-make-bitcoin-a-legal-tender-after-mexico-and-el-salvador-922943.
[17] Executive Order, § 5(b)(v); see also Executive Order, § 4(b).
[18] Executive Order, § 8(b)(iv).
[19] Executive Order, §§ 8(b)(i); 8(b)(ii).
[20] Executive Order, § 5(b)(iii).
[22] Executive Order, § 5(b)(i).
[23] Executive Order, §§ 5(b)(vii); 5(b)(viii).
[24] Executive Order, § 8(b)(iii).
[26] The FSOC comprises 10 voting members (the heads of Treasury, the Federal Reserve, OCC, CFPB, SEC, FDIC, CFTC, FHFA, NCUA, and a Senate-confirmed member with insurance expertise) and five nonvoting members (Office of Financial Research, Federal Insurance Office, a state insurance commissioner, a state banking supervisor, and a state securities commissioner). See About FSOC, U.S. Department of Treasury, https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/fsoc/about-fsoc.
[28] Executive Order, § 4(d)(i).
[29] Executive Order, § 5(b)(ii).
[30] Executive Order, § 4(d)(ii).
[33] Executive Order, § 5(b)(iv).
[34] Executive Order, § 5(b)(v).
[35] Executive Order, § 5(b)(vi)
Gibson Dunn stands ready to help guide industry players through the most complex challenges that lay at the intersection of regulation, public policy, and technical innovation of blockchain and cryptocurrency. If you wish to discuss any of the matters set out above, please contact Gibson Dunn’s Crypto Taskforce (cryptotaskforce@gibsondunn.com), or any member of its Financial Institutions, Global Financial Regulatory, Public Policy, Administrative Law and Regulatory, Privacy, Cybersecurity and Data Innovation, Tax Controversy and Litigation, or White Collar Defense and Investigations teams.
Ashlie Beringer – Co-Chair, Privacy, Cybersecurity & Data Innovation Group, Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com)
Matthew L. Biben – Co-Chair, Financial Institutions Group, New York (+1 212-351-6300, mbiben@gibsondunn.com)
Michael D. Bopp – Co-Chair, Public Policy Group, Washington, D.C. (+1 202-955-8256, mbopp@gibsondunn.com)
Stephanie L. Brooker – Co-Chair, White Collar Defense & Investigations Group, Washington, D.C.
(+1 202-887-3502, sbrooker@gibsondunn.com)
M. Kendall Day – Co-Chair, Financial Institutions Group, Washington, D.C. (+1 202-955-8220, kday@gibsondunn.com)
Michael J. Desmond – Co-Chair, Global Tax Controversy & Litigation Group, Los Angeles/ Washington, D.C. (+1 213-229-7531, mdesmond@gibsondunn.com)
Roscoe Jones, Jr. – Co-Chair, Public Policy Group, Washington, D.C.
(+1 202-887-3530, rjones@gibsondunn.com)
Thomas J. Kim – Partner, Securities Regulation and Corporate Governance Practice Group, Washington, D.C. (+1 202-887-3550, tkim@gibsondunn.com)
Arthur S. Long – Partner, Financial Institutions and Securities Regulation Practice Groups, New York (+1 212-351-2426, along@gibsondunn.com)
Eugene Scalia – Co-Chair, Administrative Law and Regulatory Group, Washington, D.C. (+1 202-955-8543, escalia@gibsondunn.com)
Jeffrey L. Steiner – Co-Chair, Global Financial Regulatory Group, Washington, D.C. (+1 202-887-3632, jsteiner@gibsondunn.com)
Helgi C. Walker – Co-Chair, Global Litigation Group, Washington, D.C. (+1 202-887-3599, hwalker@gibsondunn.com)
Chris Jones – Senior Associate, White Collar Defense & Investigations Group, San Francisco (+1 415-393-8320, crjones@gibsondunn.com)
Associate Allison Ortega also contributed to this client alert.
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
New York partner Anne M. Champion and associate Lee R. Crain are the authors of “New York Times v. Sullivan Is Safe From Sarah Palin” [PDF] published by Bloomberg Law on February 25, 2022.
On February 14, 2022, the Department of Justice and U.S. Attorney’s Office for the Middle District of Florida announced they had reached a $5.5 million settlement with NCH Healthcare System (“NCH”) to resolve common law claims arising from NCH’s donations to local government entities—payments that the government alleged were used improperly to fund Florida’s share of Medicaid payments made to NCH.
NCH is a non-profit entity that operates two hospitals in Collier County, Florida. The government alleged that between October 2014 and September 2105, NCH provided free nursing and athletic training services to the Collier County School Board and paid other financial obligations on behalf of Collier County.[1] Under the government’s theory, these donations were designed to artificially increase Medicaid payments made to NCH without any corresponding expenditure of state or local funds on health care. Instead, the donations allowed the county and its local school board to avoid various expenditures, which left funds available to be paid to the State of Florida as its share of Medicaid payments owed to NCH. Under federal law, specifically 42 U.S.C. § 1396b(w)(2)(B), Florida’s share of Medicaid payments must consist of state or local government funds, and not “non-bona fide donations” from private health care providers. A non-bona fide donation triggers a corresponding federal expenditure for the federal share of Medicaid without any corresponding increase in state expenditures. This is prohibited by law to ensure that states pay their required share of Medicaid payments and are incentivized to prevent fraud, waste, and abuse in their Medicaid programs.[2]
Notably, the NCH settlement agreement released only common law claims of mistake and unjust enrichment, and the United States expressly reserved its rights to later bring claims under the False Claims Act (“FCA”) and other laws.[3] Of the $5.5 million settlement payment, just under $5 million was designated as “restitution” for tax purposes—suggesting that the parties agreed that NCH would pay a multiple of 1.1 times single damages, notwithstanding that the United States is limited to recovering single damages under common law theories.[4] By comparison, DOJ policy is to compromise False Claims Act claims for no less than double damages, with exceptions to go lower where the defendant demonstrates substantial cooperation with the government’s investigation. While it’s not necessarily the case that the narrow release in this case means that there will ultimately be subsequent FCA litigation, it does highlight that DOJ may be willing to pursue and settle cases involving potential allegations of health care fraud for less than double damages based on so-called “innocent” overpayments—albeit without an FCA release—where evidence of scienter may fail to meet the threshold for a viable FCA case.[5] Further, NCH agreed to fully cooperate with the government’s investigation of other potential defendants, including its officers and employees, and to provide the United States with all relevant non-privileged documents, including reports and interview memoranda, relating to the alleged conduct.[6]
The NCH settlement also signals that in-kind and monetary donations made to state and local entities may be at an increased risk of scrutiny by the Department of Justice. The NHS settlement comes amidst ongoing investigations and settlements involving donations made by pharmaceutical manufacturers to purportedly independent foundations and patient assistance programs, and could signal that the government might infer bad intent from a broader array of donations made by healthcare entities. Clearly, the government will not shy away from pursuing transactions under the fraud and abuse laws that it believes run afoul of regulatory requirements, even if such transactions confer public benefit. In light of these heightened risks, clients are advised to carefully scrutinize their donation practices, whether monetary or in-kind.
___________________________
[1] NCH Healthcare Settlement Agreement, Office of Pub. Affairs, U.S. Dep’t of Justice (Feb. 14, 2022) at recital B, https://www.justice.gov/opa/press-release/file/1471946/download; see also Press Release, Office of Pub. Affairs, U.S. Dep’t of Justice, Florida’s NCH Healthcare System Agrees to Pay $55 Million to Settle Common Law Allegations (Feb. 14, 2022), https://www.justice.gov/opa/pr/florida-s-nch-healthcare-system-agrees-pay-55-million-settle-common-law-allegations.
[2] The federal government provides partial funding for state Medicaid programs through Federal Financial Participation (“FFP”) funding. 42 C.F.R. § 431.958. The amount of FFP funds each state is eligible for is based on the state’s own Medicaid expenditure amount, which may only include state or local government funds. 42 U.S.C. § 1396b(a). Non-bona fide donations from private health care providers, including in-kind services, may not be included in the calculation of the state’s own Medicaid expenditures. Id. §§ 1396b(w)(1)(a), (2)(B).
[3] NCH Healthcare Settlement Agreement, supra note 1, ¶ 3.
[4] See, e.g., U.S. ex rel. Robinson-Hill v. Nurses’ Registry & Home Health Corp., No. CIV.A. 5:08-145-KKC, 2015 WL 3403054, at *4 (E.D. Ky. May 27, 2015) (“Recovery on a claim for payment by mistake is limited to that portion of the payment in excess of the actual amount owed. Lastly, recovery on a claim for unjust enrichment is limited to the amount of the benefits improperly received by the defendant. Thus, with these common law claims, the United States may recover the amounts wrongfully or erroneously paid to defendants by the Medicare program, but the Government is not entitled to recover any penalties or punitive damages.”) (internal citations omitted).
[5] See also, e.g., Drakontas LLC Settlement Agreement, U.S. Atty’s Office for the Eastern Dist. of Pa. (May 3, 2016) at III.C–D, https://www.justice.gov/usao-edpa/file/849061/download (releasing only common law breach of contract, payment by mistake, and unjust enrichment claims when DOJ alleged defendant operated a non-compliant accounting system that resulted in the U.S. making improper and excessive payments).
[6] NCH Healthcare Settlement Agreement, supra note 1, ¶ 8.
The following Gibson Dunn lawyers assisted in the preparation of this alert: Jonathan M. Phillips, Winston Y. Chan, Brendan Stewart, and Emma Strong.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s False Claims Act/Qui Tam Defense, FDA and Health Care, Government Contracts, or White Collar Defense and Investigations practice groups.
Washington, D.C.
Jonathan M. Phillips – Co-Chair, False Claims Act/Qui Tam Defense Group (+1 202-887-3546, jphillips@gibsondunn.com)
F. Joseph Warin (+1 202-887-3609, fwarin@gibsondunn.com)
Joseph D. West (+1 202-955-8658, jwest@gibsondunn.com)
Robert K. Hur (+1 202-887-3674, rhur@gibsondunn.com)
Geoffrey M. Sigler (+1 202-887-3752, gsigler@gibsondunn.com)
Lindsay M. Paulin (+1 202-887-3701, lpaulin@gibsondunn.com)
San Francisco
Winston Y. Chan – Co-Chair, False Claims Act/Qui Tam Defense Group (+1 415-393-8362, wchan@gibsondunn.com)
Charles J. Stevens (+1 415-393-8391, cstevens@gibsondunn.com)
New York
Reed Brodsky (+1 212-351-5334, rbrodsky@gibsondunn.com)
Mylan Denerstein (+1 212-351-3850, mdenerstein@gibsondunn.com)
Alexander H. Southwell (+1 212-351-3981, asouthwell@gibsondunn.com)
Brendan Stewart (+1 212-351-6393, bstewart@gibsondunn.com)
Casey Kyung-Se Lee (+1 212-351-2419, clee@gibsondunn.com)
Denver
John D.W. Partridge (+1 303-298-5931, jpartridge@gibsondunn.com)
Robert C. Blume (+1 303-298-5758, rblume@gibsondunn.com)
Monica K. Loseman (+1 303-298-5784, mloseman@gibsondunn.com)
Ryan T. Bergsieker (+1 303-298-5774, rbergsieker@gibsondunn.com)
Reid Rector (+1 303-298-5923, rrector@gibsondunn.com)
Dallas
Robert C. Walters (+1 214-698-3114, rwalters@gibsondunn.com)
Andrew LeGrand (+1 214-698-3405, alegrand@gibsondunn.com)
Los Angeles
Nicola T. Hanna (+1 213-229-7269, nhanna@gibsondunn.com)
Timothy J. Hatch (+1 213-229-7368, thatch@gibsondunn.com)
Deborah L. Stein (+1 213-229-7164, dstein@gibsondunn.com)
James L. Zelenay Jr. (+1 213-229-7449, jzelenay@gibsondunn.com)
Palo Alto
Benjamin Wagner (+1 650-849-5395, bwagner@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
A cross-office, cross-disciplinary Gibson Dunn team represents Shanghai Pudong Science and Technology Investment Co. (“PDSTI”) in matters related to its investment in ICON Aircraft, Inc. (“ICON”).
PDSTI, a Chinese investment company specializing in technology industries, obtained unconditional CFIUS approval in February 2022 for its 2017 investment in ICON, a U.S. manufacturer of recreational amphibious aircraft. Due to that investment, PDSTI holds 47% of ICON and has the right to appoint a majority of its board.
In June 2021, five U.S.-based ICON shareholders filed a derivative lawsuit against PDSTI and its affiliates, among others, in the Delaware Court of Chancery, alleging that the defendants are working to expropriate ICON’s assets to China. Before the PDSTI defendants moved to dismiss, the same shareholders reported PDSTI’s non-notified 2017 transaction to CFIUS, commencing a months-long process in August 2021. Gibson Dunn also represents the PDSTI defendants in the ongoing Delaware lawsuit.
Despite heightened U.S. government review of Chinese investments in recent years, PDSTI and ICON successfully obtained unconditional approval without any mitigation measures after a thorough and comprehensive review and investigation by CFIUS. The Wall Street Journal covered this matter and remarked that “[t]he outcome is … notable given how carefully [CFIUS] has been scrutinizing Chinese investment in U.S. technology in recent years.”
* * * *
The Gibson Dunn corporate team is led by Fang Xue. The Gibson Dunn CFIUS team includes Judith Alison Lee, Scott Toussaint, and Claire Yi, and former counsel Stephanie Connor. The Gibson Dunn litigation team includes Mark Kirsch, Jeffrey Rosenberg, Kevin White, and Andrew Ferguson. The Gibson Dunn restructuring team is led by David Feldman.
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
The United States, the European Union, the United Kingdom, Australia, and Japan issued or announced sanctions targeting Russia and the Russia-backed separatist regions of Ukraine known as the Donetsk People’s Republic and the Luhansk People’s Republic. The United States took the first step by issuing broad jurisdiction-based sanctions on the two regions, similar to the existing sanctions on the Crimea region of Ukraine, and followed up with additional sanctions targeting Russia’s financial system. NATO allies also announced sanctions—including targeted designations by the United Kingdom and a sanctions package by the European Union—and non-NATO allies promised tough sanctions in close coordination. As tensions continue to rise, we will likely see more series of tools from the NATO countries and their allies to exert economic pressure on Russia to deescalate the ongoing crisis in Ukraine and withdraw its army from Ukraine’s borders.
Hear from our experts about these developments and how companies should proactively assess their exposure to the sanctions and export controls measures being discussed.
MODERATOR:
Judith Alison Lee is a partner in the Washington, D.C. office and Co-Chair of the firm’s International Trade Practice Group. Ms. Lee is a Chambers ranked leading International Trade, Export Controls, and Economic Sanctions lawyer practicing in the areas of international trade regulation, including USA Patriot Act compliance, economic sanctions and embargoes, export controls, and national security reviews (“CFIUS”). Ms. Lee also advises on issues relating to virtual and digital currencies, blockchain technologies and distributed cryptoledgers.
PANELISTS:
Patrick Doris is a partner in the London office whose practice includes transnational litigation, cross-border investigations, and compliance advisory for clients including major global investment banks, global corporations, leading U.S. operators in the financial sectors, and global manufacturing companies, among others. He advises financial sector clients and others on OFAC and EU sanctions violations, responses to major cyber-penetration incidents, and other matters relating to national supervisory and regulatory bodies.
Richard Roeder is an associate in the Munich office who was previously seconded to the Washington, D.C. office and worked with the firm’s U.S. sanctions and export control team and assisted clients in managing the challenges posed by the divergence between U.S. and EU economic and financial sanctions. He advises clients in the banking, insurance, automotive, mining, oil and gas, healthcare and information technology industries in the areas of sanctions, anti-money-laundering and anti-corruption compliance.
Adam Smith is a partner in the Washington, D.C. office and a highly experienced international trade lawyer. Mr. Smith previously served in the Obama Administration as the Senior Advisor to the Director of OFAC and as the Director for Multilateral Affairs on the National Security Council. Mr. Smith focuses on international trade compliance and white collar investigations, including with respect to federal and state economic sanctions enforcement, the FCPA, embargoes, and export controls.
Claire Yi is an associate in the Washington, D.C. office and a member of the firm’s International Trade and White Collar Defense and Investigations Practice Groups. Ms. Yi’s background includes having interned in the Compliance and Business Risk Department at the World Bank-International Finance Corporation, in the Office of the Inspector General at the State Department, and in the Office of the Legal Adviser at the State Department.
New York partners Reed Brodsky and Eric J. Stock are the authors of “What the Antitrust Case Against Martin Shkreli Tells Us About the Latest Trends in Antitrust Enforcement and Shareholder Liability” [PDF] published by the New York Law Journal on February 28, 2022.
New York associate Jessica Trafimow, a recent law graduate, assisted in the preparation of the article.
Antitrust enforcers in the United States and abroad, traditionally, have applied relatively lenient scrutiny to mergers between a supplier or input provider and a customer (so-called “vertical transactions”). That stereotype, however, is now squarely in question. In the last year, the Federal Trade Commission (FTC) has challenged three proposed vertical transactions – two of which have been abandoned by the parties. And just last week, the Antitrust Division of the Justice Department filed suit to block another vertical transaction. This increased enforcement, combined with the 2021 withdrawal of the Vertical Merger Guidelines,[1] signals an era of uncertainty for certain kinds of vertical transactions that, in the past, would have closed with few if any remedies. In this alert, we discuss the agencies’ recent enforcement actions and the implications for companies considering vertical transactions.
Recent Challenges to Vertical Transactions
Lockheed-Aerojet. In January 2022, the FTC challenged Lockheed’s proposed acquisition of Aerojet, a supplier of missile propulsion systems used in missiles made by Lockheed and other defense prime contractors. The FTC alleged that the merger would lessen competition by giving Lockheed control over critical components that its rival prime contractors and propulsion suppliers need to compete. The FTC further alleged that Aerojet has access to competitively sensitive information about Lockheed’s rivals and the merger would grand Lockheed access to that proprietary information.[2]
In a similar transaction involving Northrop Grumman’s proposed acquisition of Orbital ATK, only a few years earlier in 2018, the parties settled similar agency concerns with behavioral remedies, including (i) a commitment to continue selling rocket motors to rivals; and (ii) an agreement to segregate the business with a firewall.[3] Reportedly, Lockheed and Aerojet proposed a firewall here, but the proposed remedy was rejected by the FTC.[4] The parties abandoned the transaction earlier this month after the FTC had filed suit, seeking to enjoin the deal.[5]
NVIDIA-Arm. In December 2021, the FTC sued to block semiconductor chip supplier NVIDIA Corp.’s acquisition of chip designer, Arm, Ltd. The FTC alleged the transaction would provide NVIDIA control over critical Arm technology and enable the merged firm to limit production and prevent Arm from licensing innovations that conflict with NVIDIA’s business interests. The FTC further alleged the merger would provide NVIDIA with competitively sensitive information regarding Arm licensees, many of which are NVIDIA competitors.[6]
This merger complaint was the first brought under the leadership of FTC Chair Lina Khan, after a lengthy investigation, in which, the Commission cooperated with other investigating authorities, including the United Kingdom’s Competition and Markets Authority (CMA), the European Commission (EC), and China’s State Administration for Market Regulations (SAMR).
Again, the parties offered remedies – here, to spin-off Arm’s licensing business as an independent entity, albeit under NVIDIA’s ultimate control – but they did not satisfy the FTC.[7] Reportedly, the FTC sought input from third-parties before rejecting the proposal, as it typically does.[8] In the UK, NVIDIA offered remedies during the Phase I review such as (i) equal access and open licensing for Arm’s intellectual property; and (ii) safeguards for confidential information. But these commitments were insufficient to prevent a Phase II investigation.[9] The parties abandoned the transaction earlier this month.
Illumina-Grail. In March 2021, the FTC challenged Illumina’s proposed acquisition of Grail, maker of a noninvasive, early cancer detection test. Illumina is the only provider of DNA sequencing products essential to these kinds of early detection tests, according to the FTC complaint. The FTC’s complaint further alleged that the merger would enable Illumina to raise the prices of Grail’s future competitors and impede their development of products that would rival Grail’s technology.[10] The agency originally filed a motion for preliminary injunction in federal court in May 2021, but withdrew the request, citing the reduced risk of the transaction in closing considering the ongoing EC review.[11] The EC took up a review upon a recommendation from several member states.
Illumina offered 12-year supply contracts to its customers with guarantees of continued supply and no price increases.[12] The companies also offered, supposedly, “far-reaching behavioral remedies” to the EC, but the details of these remedies were not made public.[13] The EC review remains ongoing and the FTC administrative trial is seeking to enjoin the transaction recently concluded, with a decision expected in the coming months.
Key Takeaways for Parties Considering Vertical Transactions
New Theories of Alleged Harm. While economic analysis has traditionally been used to demonstrate procompetitive benefits of vertical transactions to consumers (e.g., lower costs), the agencies in these cases allege that the potential for the merged firm to disadvantage market participants outweighs any potential benefits. The focus of the agencies’ claims appears to be on harm to others’ ability to compete. According to the agencies, such harm might arise where one or both of the merging parties has a high market share in its respective market.
Bipartisan Enforcement. Each of the three FTC challenges to a vertical transaction in the last year has followed a unanimous Commission vote. This bipartisan consensus indicates that we are likely to see a continued increase in challenges to M&A activity across all administrations.
Intra-Governmental Cooperation. Competition agencies regularly cooperate with other government agencies with relevant expertise. For example, in Lockheed’s proposed vertical acquisition of Aerojet, the U.S. Department of Defense reviewed the transaction and made undisclosed recommendations to the FTC.[14] In 2018, Broadcom’s hostile takeover of Qualcomm was halted by a presidential order because the transaction raised national security concerns.[15] In connection with NVIDIA’s proposed acquisition of Arm, the UK Secretary of State for Digital, Culture, Media, and Sports (DCMS) requested a public interest intervention and directed the CMA to review the transaction for national security concerns.[16] DCMS was particularly concerned with the integral role semiconductors play in the United Kingdom’s infrastructure, especially in defense and national security.
International Investigations and Cooperation. Vertical transactions are receiving heightened scrutiny from regulatory agencies around the world, including, most notably, the U.S. antitrust agencies, EC and European Union member states, and SAMR. Further, antitrust agencies across the globe are increasing cooperation. For example, in the NVIDIA-Arm transaction, the EC indicated it is “cooperating with competition authorities around the world.”[17] It appears that this increased cooperation may lengthen the merger review period. Coordination among agencies was the suspected reason behind the unprecedented eight-month SAMR pre-filing investigation.[18] And in the Illumina-Grail transaction, the EC has exercised the ability to take referrals from member states without those member states independently having jurisdiction to review the transaction under their own merger control regimes.[19]
__________________________
[1] Fed. Trade Comm’n, Statement of Chair Lina M. Khan, Commissioner Rohit Chopra, and Commissioner Rebecca Kelly Slaughter on the Withdrawal of the Vertical Merger Guidelines Commission File No. P810034 (Sept. 15, 2021), here.
[2] Compl. [Redacted-Public Version], In the Matter of Lockheed Martin Corp. and Aerojet Rocketdyne Holdings, Inc., Docket No. 9405 (Feb. 14, 2022), https://www.ftc.gov/system/files/documents/cases/d09405_-_assignment_of_joint_motion_to_dismiss_complaint_-_public_1.pdf, ¶¶ 12–15.
[3] Curtis Eichelberger, Confluence of government actors likely to place Lockheed, Aerojet merger under greater US scrutiny (Aug. 2, 2021), https://mlexmarketinsight.com/news-hub/editors-picks/area-of-expertise/antitrust/confluence-of-government-actors-likely-to-place-lockheed-aerojet-merger-under-greater-us-scrutiny.
[4] Lockheed Martin, Lockheed Martin Reports Fourth Quarter And Full Year 2021 Financial Results (Jan. 25, 2022), https://news.lockheedmartin.com/2022-01-25-Lockheed-Martin-Reports-Fourth-Quarter-and-Full-Year-2021-Financial-Results; Aerojet Rocketdyne, Aerojet Rocketdyne Holdings, Inc. Announces Update on Proposed Merger Transaction with Lockheed Martin (Jan. 25, 2022), https://www.rocket.com/article/aerojet-rocketdyne-holdings-inc-announces-update-proposed-merger-transaction-lockheed-martin.
[5] Aerospace, Lockheed Martin Cancels Aerojet Rocketdyne Merger After Antitrust Pressure (Feb. 14, 2022), https://dot.la/lockheed-martin-cancels-aerojet-rocketdyne-2656663782.html; see Fed. Trade Comm’n, Statement Regarding Termination of Lockheed Martin Corporation’s Attempted Acquisition of Aerojet Rocketdyne Holdings Inc. (Feb. 15, 2022), https://www.ftc.gov/news-events/press-releases/2022/02/statement-regarding-termination-lockheed-martin-corporations.
[6] Compl. [Redacted-Public Version], In the Matter of Nvidia Corp. SoftBank Group Corp., and Arm, Ltd., Dkt No. 9404 (Dec. 2, 2021), here, ¶¶ 7–12 .
[7] Flavia Fortes, Curtis Eichelberger and Austin Peay, Nvidia-Arm deal blocked by US FTC, remedies didn’t address concerns (Dec. 2, 2021), https://content.mlex.com/#/content/1341929.
[9] Competition Markets and Authority, Digital Secretary asks CMA to carry out further investigation into NVIDIA’s takeover of Arm (Nov. 16, 2021), https://www.gov.uk/government/news/digital-secretary-asks-cma-to-carry-out-further-investigation-into-nvidias-takeover-of-arm.
[10] Compl. [Redacted-Public Version], In the Matter of Illumina Inc. and Grail Inc., Docket No. 9401 (March 13, 2021), here, ¶¶ 1, 11–14.
[11] Curtis Eichelberger and Austin Peay, Illumina closes Grail deal while EC continues review, US FTC trial starts Aug. 24 (Aug. 18, 2021), https://content.mlex.com/#/content/1317564.
[12] MLex, Illumina offers contract to customers for 12-year supply with guarantees of continued supply, no price increases (April 1, 2021), here; Curtis Eichelberger and Nicholas Hirst, Illumina, Grail fix for merger’s anticompetitive harms adopted by five companies (Nov. 2, 2021), https://content.mlex.com/#/content/1334057.
[13] Natalie McNellis, Illumina makes EU remedy offer for Grail acquisition; deadline extended to March 25 (Jan. 28, 2022), https://content.mlex.com/#/content/1354851.
[14] U.S. Dep’t of Defense, DoD Statement on Proposed Lockheed Martin and Aerojet Rocketdyne Merger (Jan. 25, 2022), https://www.defense.gov/News/Releases/Release/Article/2910941/dod-statement-on-proposed-lockheed-martin-and-aerojet-rocketdyne-merger/.
[15] Federal Register, Regarding the Proposed Takeover of Qualcomm Incorporated by Broadcom Limited (March 12, 2019), https://www.federalregister.gov/documents/2018/03/15/2018-05479/regarding-the-proposed-takeover-of-qualcomm-incorporated-by-broadcom-limited.
[16] Competition and Markets Authority, Proposed acquisition of ARM Limited by NVIDIA Corporation: public interest intervention (April 19, 2021), https://www.gov.uk/government/publications/proposed-acquisition-of-arm-limited-by-nvidia-corporation-public-interest-intervention.
[17] European Commission, Mergers: Commission opens in-depth investigation into proposed acquisition of Arm by NVIDIA (Oct. 27, 2021), https://ec.europa.eu/commission/presscorner/detail/pt/ip_21_5624.
[18] MLex Staff, Nvidia-Arm merger review clock officially begins in China (Jan. 25, 2022), https://content.mlex.com/#/content/1353624?referrer=content_seehereview.
[19] European Commission Press Corner, Mergers: Commission starts investigation for possible breach of the standstill obligation in Illumina / GRAIL transaction (Aug. 20, 2021), https://ec.europa.eu/commission/presscorner/detail/en/ip_21_4322.
The following Gibson Dunn lawyers prepared this client alert: Adam Di Vincenzo, Kirsten Limarzi, Rachel Brass, Stephen Weissman, Chris Wilson, and Jacqueline Sesia.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please feel free to contact the Gibson Dunn attorney with whom you usually work in the firm’s Antitrust and Competition Practice Group, or the following:
Adam Di Vincenzo – Washington, D.C. (+1 202-887-3704, adivincenzo@gibsondunn.com)
Kristen C. Limarzi – Washington, D.C. (+1 202-887-3518, klimarzi@gibsondunn.com)
Chris Wilson – Washington, D.C. (+1 202-955-8520, cwilson@gibsondunn.com)
Rachel S. Brass – Co-Chair, Antitrust & Competition Group, San Francisco
(+1 415-393-8293, rbrass@gibsondunn.com)
Stephen Weissman – Co-Chair, Antitrust & Competition Group, Washington, D.C.
(+1 202-955-8678, sweissman@gibsondunn.com)
Ali Nikpay – Co-Chair, Antitrust & Competition Group, London (+44 (0) 20 7071 4273, anikpay@gibsondunn.com)
Christian Riis-Madsen Co-Chair, Antitrust & Competition Group, Brussels (+32 2 554 72 05, criis@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
In the current market environment, strong pre-IPO readiness can position companies to more swiftly access IPO market windows. This recorded presentation explores preliminary planning, structuring and governance considerations for private companies considering an IPO. Our lawyers also discuss alternative exit strategies and how steps taken to prepare for an IPO can be beneficial to companies that ultimately do not go public. Join our team of capital markets panelists in the first installment of our 2022 Series – IPO and Public Company Readiness.
PANELISTS:
Aaron Briggs is a partner in Gibson Dunn’s San Francisco office, where he works in the firm’s Securities Regulation and Corporate Governance practice group. Mr. Briggs’ practice focuses on advising public companies of all sizes (from pre-IPO to mega-cap), with a focus on technology and life sciences companies, on a wide range of disclosure, compliance, corporate governance, investor communications and ESG matters. Prior to re-joining the firm in 2018, Mr. Briggs served as Executive Counsel – Corporate, Securities & Finance at GE.
Evan M. D’Amico is a partner in Gibson Dunn’s Washington, D.C. office, where his practice focuses primarily on mergers and acquisitions. Mr. D’Amico advises companies, private equity firms, boards of directors and special committees in connection with a wide variety of complex corporate matters, including mergers and acquisitions, asset sales, leveraged buyouts, spin-offs and joint ventures. He also has experience advising issuers, borrowers, underwriters and lenders in connection with financing transactions and public and private offerings of debt and equity securities. Mr. D’Amico has particular expertise in advising special purpose acquisition companies (SPACs), operating companies and investors in connection with SPAC business combinations and financing transactions.
Julia Lapitskaya is a partner in Gibson Dunn’s New York office and a member of the firm’s Securities Regulation and Corporate Governance practice group. Ms. Lapitskaya advises clients on a wide range of securities and corporate governance matters, with a focus on SEC and listing exchanges’ compliance and reporting requirements, corporate governance best practices, annual meeting matters, shareholder activism, board and committee matters, ESG and executive compensation disclosure issues, including as part of initial public offerings and spin-off transactions.
Eric M. Scarazzo is a partner in Gibson Dunn’s New York office. He is a member of the firm’s Capital Markets, Securities and Regulation and Corporate Governance, Power and Renewables, Global Finance, and Mergers and Acquisitions practice groups. As a key member of the capital markets practice, Mr. Scarazzo is involved in some of the firm’s most complicated and high-profile securities transactions. Additionally, he has been a certified public accountant for over 20 years. His deep familiarity with both securities and accounting matters permits Mr. Scarazzo to play an indispensable role supporting practice groups and offices throughout the firm. He provides critical guidance to clients navigating the intersection of legal and accounting matters, principally as they relate to capital markets financings and M&A disclosure obligations.
Harrison Tucker is an associate in Gibson Dunn’s Houston office, where he currently practices with the firm’s Capital Markets, Mergers and Acquisitions and Securities Regulation and Corporate Governance practice groups. He represents public and private businesses in a broad range of corporate and securities matters. Mr. Tucker represents issuers and investment banking firms in both equity and debt offerings, including Rule 144A offerings. His practice also includes mergers and acquisitions and general corporate concerns, including Exchange Act reporting and corporate governance.
MCLE CREDIT INFORMATION:
This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.
Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact CLE@gibsondunn.com to request the MCLE form.
Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour.
California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.
The United States has now imposed additional new sanctions and sweeping export controls that not only target key pillars of the economies of Russia and Belarus but will also have significant collateral effects across a wide range of other sectors in Russia. These latest measures follow an initial tranche of sanctions announced on February 21 and 22, 2022, which we discussed in depth in our alert from last week. Following the surge of Russian troops into Ukraine in an invasion that the White House condemned as “an unprovoked and unjustified attack,” the new measures are significant in size and scope and range across targeting Russia’s largest financial institutions, restricting access to U.S. capital markets, restricting access to technology, and even designating President Vladimir Putin personally for blocking sanctions. Cumulatively, sanctions and export controls announced over the past week represent U.S. efforts to exert “unprecedented diplomatic and economic costs on Russia.” We enter the upcoming week with potentially more of these efforts in store—including the removal of select Russian banks from the Society for Worldwide Interbank Financial Telecommunication (“SWIFT”) messaging system, as announced on February 26, 2022.
Sanctions on the Russian Economy
The new round of U.S. sanctions announced on February 24, 2022 includes “significant and unprecedented” action to impose a severe economic toll on the Russian economy, including measures that target almost 80 percent of all banking assets in Russia. The sanctions specifically target Russia’s two largest banks and also impose restrictions related to new debt and equity in more than a dozen Russian state-owned enterprises and large privately-owned financial institutions. Combined with the measures announced earlier in the week, these measures are designed to cut off large portions of the Russian economy from access to the U.S. financial system, crimping the ability of major Russian enterprises both to engage in dollar-denominated trade and to raise new capital.
Full Blocking Sanctions on VTB Bank and Other Financial Institutions
Pursuant to Executive Order (“E.O.”) 14024, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) has enacted blocking sanctions on state-owned VTB Bank (“VTB”), Russia’s second-largest financial institution and the holder of almost 20 percent of Russia’s banking assets. As a result of this action, all of the bank’s property and interests in property that come within U.S. jurisdiction are frozen and, except as authorized by OFAC, U.S. persons are generally prohibited from engaging in transactions involving VTB. By operation of OFAC’s Fifty Percent Rule, similar restrictions apply to any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons, including VTB. Notably, VTB is among the largest financial institutions that the United States has ever targeted with blocking sanctions.
In addition to VTB, the United States concurrently imposed blocking sanctions on Otkritie, Sovcombank, Novikombank, and dozens of their majority-owned subsidiaries.
Correspondent and Payable-Through Account Sanctions on Sberbank
In a further measure targeted at Russia’s financial sector, OFAC imposed correspondent and payable-through account (“CAPTA”) sanctions through new Directive 2 under E.O. 14024 on Sberbank, the largest financial institution in Russia and the main creditor of Russia’s economy. Although stopping short of full blocking sanctions like those imposed on VTB Bank—presumably on account of Sberbank’s sheer size and centrality to the Russian economy—effective as of March 26, 2022, U.S. financial institutions will be prohibited from opening or maintaining a correspondent or payable-through account for or on behalf of, or processing a transaction involving, Sberbank or any of its majority-owned subsidiaries. The practical effect of this measure is that Russia’s largest bank has been cut off from the U.S. financial system and U.S. dollar-denominated trade. The foreign financial institutions that are subject to CAPTA sanctions are identified on OFAC’s List of Foreign Financial Institutions Subject to CAPTA (“CAPTA List“).
Restrictions on New Debt and Equity
OFAC also issued Directive 3 under E.O. 14024 to place new debt and equity restrictions on 13 major Russian state-owned enterprises and financial institutions. Together, the targeted firms hold assets of nearly $1.4 trillion and will now be restricted from raising money in the U.S. capital market. In particular, these restrictions—which are broadly similar to the sectoral sanctions imposed on certain Russian enterprises in the wake of the Kremlin’s 2014 annexation of Crimea—prohibit transactions by U.S. persons or dealings within the United States involving new debt of longer than 14 days maturity and new equity issued by the following entities: Sberbank, AlfaBank, Credit Bank of Moscow, Gazprombank, Russian Agricultural Bank, Gazprom, Gazprom Neft, Transneft, Rostelecom, RusHydro, Alrosa, Sovcomflot, and Russian Railways. From a policy perspective, these measures are designed to severely limit Russia’s ability to raise new capital for its military activities in Ukraine.
Crucially, like existing sectoral sanctions on Russia, both of the new Directives announced by OFAC (Directives 2 and 3) are narrow in scope as both expressly provide that, absent some other prohibition, all other lawful U.S. nexus activities involving the targeted entities are permitted.
General Licenses
Concurrent with these sanctions, OFAC issued eight general licenses applicable under the Russian Harmful Foreign Activities Sanctions Program:
- General License 5, “Official Business of Certain International Organizations and Entities,” authorizes transactions for the conduct of the official business of certain international organizations and entities.
- General License 6, “Transactions Related to the Exportation or Reexportation of Agricultural Commodities, Medicine, Medical Devices, Replacement Parts and Components, or Software Updates, or the Coronavirus Disease 2019 (COVID-19) Pandemic,” authorizes certain transactions ordinarily incident and necessary to humanitarian trade in agricultural commodities, medicine, and medical devices.
- General License 7, “Authorizing Overflight Payments, Emergency Landings, and Air Ambulance Services,” authorizes payment of charges for services rendered in connection with overflights of Russia or emergency landings in the Russia by aircraft registered in the United States or owned or controlled by U.S. persons.
- General License 8, “Authorizing Transactions Related to Energy,” authorizes, until June 24, 2022, certain transactions related to energy involving five named Russian entities and their subsidiaries. Transactions “related to energy” is specifically defined to mean “the extraction, production, refinement, liquefaction, gasification, regasification, conversion, enrichment, fabrication, transport, or purchase of petroleum, including crude oil, lease condensates, unfinished oils, natural gas liquids, petroleum products, natural gas, or other products capable of producing energy, such as coal, wood, or agricultural products used to manufacture biofuels, or uranium in any form, as well as the development, production, generation, transmission, or exchange of power, through any means, including nuclear, thermal, and renewable energy sources.”
- General License 9, “Authorizing Transactions Related to Dealings in Certain Debt or Equity,” authorizes, until May 25, 2022, dealings in debt or equity of five named Russian entities and their subsidiaries issued prior to February 24, 2022. Any divestment or transfer of debt or equity relying on this authority must be made to a non-U.S. person.
- General License 10, “Authorizing Certain Transactions Related to Derivative Contracts,” authorizes, until May 25, 2022, the winding down of derivative contracts entered into with five named Russian entities and their subsidiaries prior to February 24, 2022. Any payments to a blocked person must be made into a blocked account.
- General License 11, “Authorizing the Wind Down of Transactions Involving Certain Blocked Persons,” authorizes, until March 26, 2022, transactions ordinarily incident and necessary to the wind down of transactions involving Otkritie, Sovcombank, VTB, or any entity in which one of those persons owns a 50 percent or greater interest.
- General License 12, “Authorizing U.S. Persons to Reject Certain Transactions,” authorizes, until March 26, 2022, U.S. persons to reject (rather than block) all transactions prohibited by E.O. 14024 involving certain blocked persons that are not authorized. Persons relying on this general license should review the implications for their rejected transaction reporting obligations to OFAC.
Sanctions on President Putin and Russian Elites
Following a meeting with NATO and other allies on Friday, February 25, 2022, OFAC designated Russian President Vladimir Putin, Minister of Foreign Affairs Sergei Lavrov, Minister of Defense Sergei Shoigu, and Chief of the General Staff Valery Gerasimov to the Specially Designated Nationals and Blocked Persons (“SDN”) List pursuant to E.O. 14024. With this designation, President Putin joins the “exceedingly rare” company—including North Korea’s Chairman Kim Jong Un, Syria’s President Bashar al-Assad, and Belarus’s President Alyaksandr Lukashenka—of sitting heads of states personally targeted by U.S. sanctions.
The announcement of sanctions against President Putin as an individual comes one day after OFAC also designated several members of the Russian elite—also called “enablers” of the President by OFAC—to the SDN List pursuant to E.O. 14024. Notably, OFAC designated Sergei Ivanov, Andrey Patrushev, and Ivan Sechin, all of whom are adult children of close Putin associates who had themselves either been previously designated or who were re-designated in connection with this latest round of sanctions. Additionally, OFAC designated several senior executives at state owned banks. In listing out the key Russian elites that have so far been designated, OFAC warned that it “will designate more in the future if Russia’s unprovoked campaign against Ukraine does not immediately conclude.”
Sanctions on Nord Stream 2 Pipeline
On February 23, 2022, OFAC designated to the SDN List Nord Stream 2 AG, the Swiss company in charge of an eponymous gas pipeline project that Germany halted the day before, as well as its chief executive officer. These designations were made under the authority provided by the Protecting Europe’s Energy Security Act of 2019, which the Biden administration had previously waived exercising in May 2021. In announcing this significant policy shift, President Biden applauded Germany for halting the certification of the pipeline project and noted that the two countries “closely coordinated our efforts to stop the Nord Stream 2 pipeline.” OFAC accompanied this designation with General License 4 that provides a short, one-week wind-down period that expires on March 2, 2022.
Sanctions on Belarusian Financial Institutions and Defense Sector
After Russian troops positioned in Belarus launched an invasion in Ukraine on February 24, 2022, OFAC responded that same day by imposing sanctions not just on Russia but also on 24 Belarusian entities and individuals. Compared to the sanctions imposed on Russia, these Belarus-focused sanctions remain highly targeted. However, designations of Belarusian entities and individuals indicate Treasury’s serious approach to any country that supports or facilitates Russia’s invasion of Ukraine. The sanctions issued on February 24, 2022 focus primarily on two sectors of the Belarusian economy: financial institutions and the defense sector.
Belarusian Financial Institutions
Pursuant to Executive Order 14038, OFAC designated the state-owned Bank Dabrabyt and Belarussian Bank of Development and Reconstruction Belinvestbank (“Belinvestbank”), along with two of Belinvestbank’s subsidiaries. E.O. 14038, issued in August 2021, authorizes blocking sanctions against persons determined by the U.S. Secretary of the Treasury, in consultation with the U.S. Secretary of State, “to be owned or controlled by, or to have acted or purported to act for or on behalf of, directly or indirectly, the Government of Belarus.” E.O. 14038 has previously been used to implement sanctions targeting “the degradation of democracy in Belarus” under the Lukashenka regime.
U.S. sanctions on certain Russian financial institutions (discussed above) are already expected to have a significant impact on the Belarusian economy. U.S. Secretary of the Treasury Janet Yellen commented that, “due to the interconnectedness between the two countries, the actions Treasury took against Russia [on Thursday, February 24, 2022] will also impose severe economic pain on the Lukashenka regime.” When combined with the designation of the two Belarusian banks, these sanctions targeted nearly 20 percent of Belarus’s entire financial sector.
Belarusian Defense Sector
OFAC also targeted Russia’s reliance on the Belarusian defense and related materiel sector by designating ten defense industry entities, as well as executives of some of those entities, pursuant to E.O. 14038. These designations build on OFAC’s December 2021 designation of five Belarusian defense firms “in response to the Lukashenka regime’s blatant disregard for international norms and the wellbeing of its own citizens.”
In addition to these entities, OFAC added two senior officials of the Belarusian government’s security apparatus—Belarusian Minister of Defense Viktor Khrenin and State Secretary of the Security Council of Belarus Aleksandr Volfovich—to the SDN List.
Belarusian Elites
Beyond targeting financial institutions and the defense sector, OFAC continues to target Belarusian elites who support the Lukashenka regime’s erosion of democracy in Belarus. The February 24, 2022 sanctions also included the designation of Aliaksandr Zaitsau and his company OOO Sokhra, which engages in gold mining and the promotion of Belarusian industrial products in Africa and the Middle East. According to OFAC, Zaitsau continues to maintain close ties to the Lukashenka family.
Concurrent with these designations of Belarusian entities and individuals, OFAC issued two general licenses related to the Belarus Sanctions Program:
- General License 6, “Official Business of the United States Government,” authorizes all otherwise prohibited transactions for the conduct of the U.S. Government’s official business.
- General License 7, “Official Business of Certain International Organizations and Entities,” authorizes transactions for the conduct of the official business of certain international organizations and entities.
Expansion of Export Controls Targeting Russia
The U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) on February 24, 2022 simultaneously issued a Final Rule on the Implementation of Sanctions Against Russia Under the Export Administration Regulations (“EAR”). The Final Rule uses several policy tools, each described below, to create a dramatic expansion of restrictions on exports, reexports, and in-country transfers to Russia.
Importantly, in a notable gesture of multilateral coordination, BIS incorporated several exclusions for “partner countries” in the restrictions. “Partner countries” refer to those countries that are adopting or have expressed intent to adopt substantially similar export controls measures to those the United States has adopted, and can be found in a list provided in Supplement No. 3 to Part 746 of the EAR. Currently, “partner countries” include the European Union member states, Australia, Canada, Japan, New Zealand, and the United Kingdom.
Expansion of Item-Based Licensing Requirements
The Final Rule imposes additional license requirements for export, reexport, and in-country transfer to Russia of all items with Export Control Classification Numbers (“ECCNs”) in Categories 3–9 of the Commerce Control List (“CCL”)—which include, among others, dual-use items used in electronics design, development and production, computers, telecommunications, manufacturing, aerospace, navigation, and marine applications. The new license requirements impact items described under 58 separate ECCNs that were not previously controlled for export to Russia, and BIS will review all such license applications with a presumption of denial unless the planned exports are in support of a short list of end uses, such as safety of flight. The expansion of items controlled for export to Russia also means that foreign-made items that incorporate U.S.-controlled content that were not previously subject to U.S. export control licensing requirements will now be subject to those requirements when destined for Russia, unless they are being exported from countries that are adopting export controls similar to those the United States has now adopted. As a result, companies exporting from many countries may now need to reassess whether their products have become subject to BIS licensing requirements due to these changes.
Additionally, in line with earlier sanctions announced on February 21, 2022, there are new license requirements that impose an effective trade embargo on all exports, reexports, and in-country transfers to the separatist regions of Ukraine—the so-called Donetsk People’s Republic (“DNR”) and Luhansk People’s Republic (“LNR”). The license requirements are applicable for all items subject to the EAR, other than food and medicine designated as EAR99 and certain EAR99 or ECCN 5D992.c software for Internet-based communications.
These changes went into effect on February 24, 2022.
Extension of Export Licensing Requirements to New Products Produced Using Controlled Software and Technology
The United States has long controlled certain foreign-made products that were produced directly from certain national security-controlled U.S. software and technology or from plants or components of plants that were produced from this software and technology. Because these controls, called Foreign Direct Product (“FDP”) rules, hinge on the use of controlled software and technology, they effectively extend U.S. export controls to products made outside of the United States that do not otherwise incorporate U.S. content. Under this rule, U.S. export controls could be applied not only to chips that incorporate U.S.-origin processors, but also to any chips that are manufactured using certain U.S. equipment.
In 2020, seeking a new way to restrict supply chains to Huawei affiliates designated on BIS’s Entity List, BIS created a new FDP rule to reach semiconductors, computers, and telecommunication items that were directly produced using U.S.-origin software, technology, plants, or major components of plants that were destined for supply chains that involved Huawei in almost any role. BIS defined the concept of “direct product” in an especially broad way to include not only any item that incorporates any part, component, or equipment produced using the defined items, but also to capture any item used in their production. Thus, even products that were merely tested using the controlled equipment would now require export licensing when Huawei-affiliated entities designated on BIS’s Entity List were involved. The few short regulatory provisions and footnotes that described this new rule sent trade compliance specialists scrambling, even within suppliers many tiers removed from Huawei, to determine whether the software, technology, or equipment they were using to make their products was export-controlled in ways that made their products suddenly subject to new U.S. export licensing requirements.
In the Final Rule announced on February 24, 2022, BIS has now created two new FDP rules that will impact not just a single company in Russia, but a broad swath of both low- and high-technology sectors in the Russian economy. The first is an FDP rule that applies to all exports, reexports, and in-country transfers ultimately destined for Russia (the “Russia FDP Rule”), and the second is an FDP rule that applies to all exports, reexports, and in-country transfers ultimately destined for Russian military end users (the “Russia MEU FDP Rule”). We compare these rules side-by-side in the below table.
|
Russia FDP Rule |
Russia MEU FDP Rule |
|
Export of foreign-produced item would require a license if it is:
AND
|
Export of foreign-produced item would require a license if it is:
AND
|
|
Does not apply to foreign-produced items that would be designated as EAR99 (items not listed on the CCL), which includes many consumer items used by the Russian people. |
Applies to all foreign-produced items, including those designated EAR99, with limited exceptions. |
For the Russia MEU FDP Rule, the “footnote 3 designation” means that an entity will have, under the “license requirement” note on its Entity List designation, a citation that says “See § 734.9(g).3” Along with the creation of the Russia MEU FDP Rule, BIS immediately assigned the “footnote 3 designation” to nearly 50 entities, which means that a license is required to export, reexport, or transfer all FDP items to these entities and that license applications will be reviewed under a policy of denial. Forty-five of these entities, including the Ministry of Defence of the Russian Federation, were previously on the Commerce Department’s Military End User (“MEU”) List, but have now been moved to the Entity List, thus subjecting them to broader restrictions. Two new entities—the International Center for Quantum Optics and Quantum Technologies LLC, and SP Kvant—were newly added to the Entity List with footnote 3 designations.
Currently, all partner countries are fully excluded from the scope of both new FDP rules. This means that items produced in the partner countries would not be subject to the FDP rules’ licensing requirements.
Although BIS has given exporters until March 26, 2022 to comply with the new FDP rules, we expect that it will take many companies much longer to assess whether the items they are making are now subject to either of the two new Russia-specific FDP rules. Especially given the breadth of the Russia MEU FDP Rule, we expect that many companies outside of Russia will simply cease all supply to designated and potential military end users in Russia.
Expansion of Military End Use and Military End User Controls
The Final Rule also expands the existing Russia ‘military end use’ and ‘military end user’ controls to all items subject to the EAR, with limited exceptions. Previously, the ‘military end use’ and ‘military end user’ controls had applied only to a subset of items identified in Supplement No. 2 to Part 744 of the EAR. Now, these controls apply broadly, with limited exceptions for food and medicine designated as EAR99 and items classified as ECCN 5A992.c or 5D992.c, so long as they are not for Russian “government end users” or Russian state-owned enterprises.
License Review Policy and License Exceptions
License requests under these new requirements will be reviewed with a policy of denial with limited exceptions. Exceptions to the license review policy, which are specific to an ECCN’s reasons for control and would be reviewed on a case-by-case basis, are for applications related to safety of flight, maritime safety, humanitarian needs, government space cooperation, civil telecommunications infrastructure, government-to-government activities, and to support limited operations of partner country companies in Russia.
There may be certain license exceptions that apply to the exports, reexports, and in-country transfers to Russia, but many of these license exceptions are only available under limited circumstances. For example:
- License exception TMP (Temporary Imports, Exports, Reexports, and Transfers in Country) is available for items for use by the news media.
- License exception TSU (Technology and Software Unrestricted) is available for software updates to civil end users that are subsidiaries of, or joint ventures with, companies headquartered in the United States or partner countries.
- License exception ENC (Encryption Commodities, Software, and Technology) is available for encryption items, but not if they are destined for Russian government end users and Russian state-owned enterprises.
- License exception CCD (Consumer Communication Devices) is available for certain consumer communication devices, but not if they are destined for government end users or certain individuals associated with the government.
As a result, persons relying on these license exceptions would need to conduct due diligence on the end users to ensure that they are complying with the precise scope of the license exceptions.
No case-by-case license application review or license exceptions are available for items subject to licensing requirements under the Russia MEU FDP Rule.
Next Steps
On February 26, 2022, the White House, together with the European Commission, France, Germany, Italy, the United Kingdom, and Canada, issued a joint statement announcing their commitment to impose further sanctions in response to “Putin’s war of choice,” including the removal of select Russian banks from the SWIFT network, the principal messaging system for global financial institutions to send and receive transaction-related information. In response to concerns that Russia has built up its foreign reserves to withstand the blow of Western sanctions, the countries also committed to preventing the Russian Central Bank from deploying its international reserves in ways that undermine the impact of sanctions. Japan signed on the joint statement during its day on February 27, 2022, completing the entire G7’s support for these upcoming measures.
A constant subject of policy discussions since the 2014 annexation of Crimea, removal of Russian banks from SWIFT did not seem to be gathering global support until just days ago. The joint statement represents both a seismic shift in policy and an impressive example of multilateral coordination, and the countries will be launching a joint task force that would carry on the spirit of coordinated sanctions implementation by identifying and freezing assets of sanctioned persons. However, details of how to achieve the selective SWIFT removal or Central Bank restrictions are yet to be finalized, and we will be following closely for more announcements.
The next steps are now dependent on Russia’s next moves. In a matter of just one week, the U.S. Government has issued a new Executive Order, several directives, designations, and general licenses under three different sanctions programs, as well as new export controls regulations. These measures were an outcome of significant multilateral coordination, by what President Biden called “a coalition of partners representing well more than half of the global economy.” As Russia continues its military incursion further into Ukraine, more Western sanctions are on the horizon. Russia, in turn, will begin considering its counteractions to respond to Western financial pressure. Following the Western sanctions in 2014, Russia responded with restrictions on agricultural imports and gas flows to Europe—this time, more could be in store, including the criminalization of compliance with foreign sanctions. As industry strives to understand these wide-ranging and complex new sanctions and export controls, we are likely to see more guidance from the U.S. Government to help foreign investors and multinational companies navigate the changing—and challenging—regulatory landscape.
The following Gibson Dunn lawyers assisted in preparing this client update: Claire Yi, Scott R. Toussaint, Lindsay Bernsen Wardlaw, Jacob A. McGee, Sean J. Brennan, Judith Alison Lee, Adam M. Smith, and Christopher Timura.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the above developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s International Trade practice group:
United States:
Judith Alison Lee – Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com)
Ronald Kirk – Co-Chair, International Trade Practice, Dallas (+1 214-698-3295, rkirk@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202-887-3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213-229-7269, nhanna@gibsondunn.com)
Marcellus A. McRae – Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com)
Adam M. Smith – Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com)
Laura R. Cole – Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202-955-8250, cmullen@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202-887-3509, ssewall@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202-955-8270, szhang@gibsondunn.com)
Asia:
Kelly Austin – Hong Kong (+852 2214 3788, kaustin@gibsondunn.com)
David A. Wolber – Hong Kong (+852 2214 3764, dwolber@gibsondunn.com)
Fang Xue – Beijing (+86 10 6502 8687, fxue@gibsondunn.com)
Qi Yue – Beijing – (+86 10 6502 8534, qyue@gibsondunn.com)
Europe:
Attila Borsos – Brussels (+32 2 554 72 10, aborsos@gibsondunn.com)
Nicolas Autet – Paris (+33 1 56 43 13 00, nautet@gibsondunn.com)
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Patrick Doris – London (+44 (0) 207 071 4276, pdoris@gibsondunn.com)
Sacha Harber-Kelly – London (+44 (0) 20 7071 4205, sharber-kelly@gibsondunn.com)
Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Matt Aleksic – London (+44 (0) 20 7071 4042, maleksic@gibsondunn.com)
Benno Schwarz – Munich (+49 89 189 33 110, bschwarz@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33 180, mwalther@gibsondunn.com)
Richard W. Roeder – Munich (+49 89 189 33 115, rroeder@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.
Los Angeles partners James Zelenay and Nick Hanna and associate Harper Gernet-Girard are the authors of “FCA enforcement, one year into the Biden administration” [PDF] published by the Daily Journal on February 22, 2022.
Washington, D.C. partner Kristen Limarzi is the author of “The FTC’s Efforts to Break Up Facebook Misses Actual Concerns” [PDF] published by Bloomberg Law on February 17, 2022.
Decided February 24, 2022
Unicolors, Inc. v. H&M Hennes & Mauritz, LP., No. 20-915
Today, the Supreme Court held 6-3 that a copyright holder can file a copyright infringement suit even if its copyright registration application included inaccurate information that was the result of an innocent mistake of fact or law.
Background:
A copyright holder cannot bring an infringement suit unless it holds a valid copyright registration certificate. A certificate is valid even if it contains inaccurate information, unless the inaccuracy “was included on the application for copyright registration with knowledge that it was inaccurate” and, “if known, would have caused the Register of Copyrights to refuse registration.” 17 U.S.C. § 411(b). After Unicolors sued H&M for copyright infringement, H&M argued that Unicolors’ copyright registration certificate was invalid because Unicolors had knowingly included inaccurate information in its application by applying to register multiple works in a single application even though it had made those works separately available to clients and the public.
The district court ruled that a certificate is invalid under § 411(b) only if the applicant intended to defraud the Copyright Office, and Unicolors’ mistake of law did not evidence an intent to defraud. The Ninth Circuit reversed, holding that § 411(b) does not contain an intent-to-defraud requirement, and that Unicolors’ application contained factual information Unicolors knew was inaccurate. It was irrelevant, in the Ninth Circuit’s view, whether the inaccuracy was the result of Unicolors’ inadvertent misunderstanding of a principle of copyright law.
Issue:
Whether 17 U.S.C. § 411(b)’s “knowledge” requirement excuses inadvertent mistakes of fact or law.
Court’s Holding:
Yes. The “knowledge” element in § 411(b) requires a showing that the copyright registration applicant actually knew that the inaccurate information in its application was inaccurate, and excuses inaccuracies that were the result of an innocent mistake of fact or law.
“Lack of knowledge of either fact or law can excuse an inaccuracy in a copyright registration.”
Justice Breyer, writing for the Court
What It Means:
- The Court’s decision means that copyright holders can defend inaccuracies in registration certificates on the ground that they were the product of an innocent mistake of either fact or law. The Court’s ruling could provide additional protection for copyright registrants such as novelists, poets, and painters who may be unfamiliar with the complexities of the Copyright Act or who in good faith reach incorrect conclusions about what the law requires.
- Although copyright holders can file new registration applications to fix innocent inaccuracies, copyright claims have a three-year statute of limitations, and statutory damages and attorneys’ fees are available only for infringements that occur after a valid registration is in place. Today’s ruling potentially expands the scope of cases involving inaccurate copyright registrations.
- The Court emphasized that willful blindness to an inaccuracy may constitute actual knowledge under § 411(b), and that circumstantial evidence—such as the significance of the error, the complexity of the relevant rule, and the applicant’s experience with copyright law—could influence whether the applicant was actually aware of, or willfully blind to, the inaccuracy.
The Court’s opinion is available here.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the Supreme Court. Please feel free to contact the following practice leaders:
Appellate and Constitutional Law Practice
| Allyson N. Ho +1 214.698.3233 aho@gibsondunn.com |
Mark A. Perry +1 202.887.3667 mperry@gibsondunn.com |
Lucas C. Townsend +1 202.887.3731 ltownsend@gibsondunn.com |
| Bradley J. Hamburger +1 213.229.7658 bhamburger@gibsondunn.com |
Related Practice: Intellectual Property
| Howard S. Hogan +1 202.887.3640 hhogan@gibsondunn.com |
Kate Dominguez +1 212.351.2338 kdominguez@gibsondunn.com |
Y. Ernest Hsin +1 415.393.8224 ehsin@gibsondunn.com |
| Josh Krevitt +1 212.351.4000 jkrevitt@gibsondunn.com |
Jane M. Love, Ph.D. +1 212.351.3922 jlove@gibsondunn.com |
Ilissa Samplin +1 213.229.7354 isamplin@gibsondunn.com |
Los Angeles partner Heather Richardson, Orange County associate Jennafer Tryck, and Washington, D.C. associate Tessa Gellerson are the authors of “How Courts Are Ruling On The Arbitrability Of ERISA Claims” [PDF] published by Law360 on February 24, 2022.
On February 21 and 22, 2022, the United States, the European Union, the United Kingdom, Australia, and Japan issued and/or announced sanctions targeting Russia and the Russia-backed separatist regions of Ukraine known as the Donetsk People’s Republic (“DNR”) and the Luhansk People’s Republic (“LNR”). The United States took the first step by issuing broad jurisdiction-based sanctions on the two regions, similar to the existing sanctions on the Crimea region of Ukraine, and followed up with additional sanctions targeting Russia’s financial system. NATO allies also announced sanctions—including targeted designations by the United Kingdom and a sanctions package by the European Union—and non-NATO allies promised tough sanctions in close coordination. These actions are only among a few of several tools we expect the United States and its allies will use in the coming days and weeks as Russia continues to stoke military tension in the region.
These actions follow nearly a decade of lasting conflict in eastern Ukraine and a quick escalation over the past few weeks. After the 2014 Ukrainian revolution and the Euromaidan movement, which saw a pro-Western government elected in Ukraine, pro-Russia protests against the new government began in eastern Ukraine. These protests in the DNR and LNR regions eventually developed into full-scale fighting, with Russia backing the separatists against the Ukrainian military and more than 10,000 people killed in the conflict. Shaky ceasefires between the two sides have existed for several years, but in recent days, artillery shelling has increased along with other violations of the ceasefire agreements, with the Ukrainian government claiming that these attacks were orchestrated by Russia or pro-Russia separatists in the region.
In response to formal appeals from the de facto leaders of the breakaway regions for sovereign recognition from Russia, Russian president Vladimir Putin convened a meeting of his security council on Monday, February 21, 2022 under the pretext of seeking recommendations on how to answer the requests. After the meeting of the council, Putin delivered a televised address to the public, referring to eastern Ukraine as “historically Russian territory” and saying that it is “necessary to take a long overdue decision to immediately recognize the independence and sovereignty of the Donetsk People’s Republic and the Luhansk People’s Republic.” Immediately thereafter, Putin ordered Russian troops to enter the regions for a “peacekeeping” mission under the treaties of “friendship and mutual assistance” that Russia ratified that same day with the individual regions. All diplomatic efforts to maintain the territorial integrity of Ukraine while the parties sought to ease building tensions thus suffered a serious setback.
US Issues New Executive Order Imposing Sweeping Sanctions on Separatist Regions
Just hours after Putin’s televised speech, President Biden signed a new Executive Order issuing broad sanctions on the DNR and LNR regions of Ukraine, and any other regions of Ukraine as may be determined by the Secretary of the Treasury, in consultation with the Secretary of State (collectively, the “Covered Regions”). The Executive Order is nearly identical to Executive Order 13685 that announced comprehensive sanctions on the Crimea region of Ukraine in 2014.
First, the Executive Order prohibits: (1) new investment in the Covered Regions by a U.S. person; (2) import of any goods, services, or technology from these regions to the United States; and (3) export of any goods, services, or technologies from the United States or by a U.S. person to these regions. The Executive Order further prohibits U.S. persons from financing, facilitating, or guaranteeing transactions by foreign persons that U.S. persons would be prohibited from engaging directly.
Second, the Executive Order authorizes blocking sanctions on any person determined by the Secretary of the Treasury, in consultation with the Secretary of State, to be: (1) a person operating in the Covered Regions; or (2) a leader, official, senior executive officer, or board member of an entity operating in the Covered Regions. The Executive Order also authorizes sanctions on an entity determined to be owned or controlled by a blocked person pursuant to the Executive Order, or any person who has provided material support for a blocked person pursuant to the Executive Order. No such individual designations have yet been made, which is very similar to how OFAC responded at the inception of Executive Order 13685.
Concurrent with the signing of the Executive Order, OFAC issued six general licenses:
- General License 17, “Authorizing the Wind Down of Transactions Involving the So-called Donetsk People’s Republic or Luhansk People’s Republic Regions of Ukraine” authorizes all prohibited transactions “that are ordinarily incident and necessary to the wind down of transactions involving” the Covered Regions until March 23, 2022.
- General License 18, “Authorizing the Exportation or Reexportation of Agricultural Commodities, Medicine, Medical Devices, Replacement Parts and Components, or Software Updates to Certain Regions of Ukraine and Transactions Related to the Coronavirus Disease 2019 (COVID-19) Pandemic” authorizes the export of agricultural commodities, medicine, medical devices, replacement parts and components, or software updates to the Covered Regions. This authorization is similar to that of the existing General License 4 with respect to the Crimea region, but is more expansive in that it does not include the exclusions that are in General License 4 (e.g., export to military or law enforcement purchasers, certain agricultural commodities, and certain medicines), that it expands the scope to software updates in addition to replacement parts, and that it includes a separate COVID-19 authorization.
- General License 19, “Authorizing Transactions Related to Telecommunications and Mail” authorizes transactions that are ordinarily incident and necessary to the receipt or transmission of telecommunications in the Covered Regions. This authorization is similar to the existing General License 8 with respect to the Crimea region.
- General License 20, “Official Business of Certain International Organizations and Entities” authorizes official business of certain international organizations and entities in the Covered Regions. Of note, the list of international organizations includes the Organization for Security and Co-operation in Europe, an entity that has been actively seeking to de-escalate the conflict in recent days.
- General License 21, “Authorizing Noncommercial, Personal Remittances and the Operation of Accounts” authorizes transactions that are ordinarily incident and necessary to the transfer of noncommercial, personal remittances to or from the Covered Regions. This authorization is similar to the existing General License 6 with respect to the Crimea region.
- General License 22, “Authorizing the Exportation of Certain Services and Software Incident to Internet-Based Communications” authorizes export of certain services incident to the exchange of personal communications over the internet or software necessary to enable such services in the Covered Regions. This is similar to the existing General License 9 with respect to the Crimea region, but is more expansive in that it does not require the services and software to be widely available to the public with no cost to the user.
The issuance of these expansive general licenses is in line with the White House’s repeated messaging that the sanctions “are not directed at the people of Ukraine” or “the innocent people who live in the so-called DNR and LNR regions.” Particularly during the COVID-19 pandemic, the Biden administration has continued to include broad humanitarian exceptions in new sanctions measures, including those taken in response to the situations in Myanmar and Ethiopia. It is noteworthy that OFAC further created an expansive COVID-19 authorization for transactions related to the prevention, diagnosis, or treatment of the COVID-19 pandemic, without any specific definition or exception.
General License 17 is also consistent with OFAC’s past practices of allowing parties a period of time to adjust to significant new sanctions measures to minimize the immediate disruption to the global economy. Similar to the more recent wind-down licenses from OFAC, there is no requirement for U.S. persons participating in authorized transactions to file a report with OFAC, which reduces the administrative burden of relying on the license. However, the 30-day wind-down period is much shorter than the typical 60- to 90-day periods that OFAC has granted in announcing other sanctions measures. It is likely that future wind-down licenses from OFAC regarding sanctions targeting Russia will be similarly brief.
Parties planning to rely on these general licenses should note that all six general licenses expressly limit their authorizations to transactions and activities that are prohibited by this particular Executive Order. The general licenses do not authorize transactions with persons or entities designated pursuant to other sanctions programs. As a result, parties should be careful not to engage in transactions and activities that are prohibited under another authority, such as the sectoral sanctions under Executive Order 13662. Parties should also take note of the differences between the general licenses granted with respect to the Crimea sanctions and to the DNR and LNR sanctions, in case a counterparty is sanctioned under both Executive Order 13685 and the new Executive Order.
US Imposes Sanctions on Russian Financial Services Sector
On February 22, 2022, OFAC designated to the SDN List two financial institutions that it determined are crucial to financing the Russian defense industry—Corporation Bank for Development and Foreign Economic Affairs Vnesheconombank (VEB) and Promsvyazbank Public Joint Stock Company (PSB)—along with 42 of their subsidiaries. OFAC also designated three individuals—Denis Aleksandrovich Bortnikov, Petr Mikhailovich Fradkov, and Vladimir Sergeevich Kiriyenko—who OFAC determined were “powerful Russians in Putin’s inner circle.”
All of the designations were made under the authority of the Executive Order 14024, which we discussed in depth in a previous update. Importantly, Executive Order 14024 had authorized blocking sanctions against persons determined to operate in certain sectors of the Russian economy, with specific sectors to be determined by the Secretary of the Treasury, in consultation with the Secretary of State. When Executive Order 14024 was issued in April 2021, OFAC had identified the technology sectors and defense and related materiel sector as potential targets of future designations. In the most recent action taken on February 22, 2022, OFAC additionally identified the financial services sector of the Russian economy, making it easier for the United States to use a single, consolidated sanctions tool to target the entire financial services sector. OFAC accompanied this determination with FAQ 964, noting that its determination merely lays the groundwork for future sanctions against persons that operate in the financial services sector, rather than actually serving as sanctions on the entire financial services sector.
Additionally, OFAC issued Directive 1A, amending and superseding Directive 1 that was issued under Executive 14024. Importantly, Directive 1A includes restrictions on the participation in the secondary market for ruble or non-ruble denominated bonds issued after March 1, 2022 by the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, or the Ministry of Finance of the Russian Federation. As a result of this new Directive 1A, the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, and the Ministry of Finance of the Russian Federation have been designated to the Non-SDN Menu-Based Sanctions List.
Concurrent with these additional sanctions, OFAC issued two general licenses:
- General License 2, “Authorizing Certain Servicing Transactions Involving State Corporation Bank for Development and Foreign Economic Affairs Vnesheconombank” authorizes all prohibited transactions “that are ordinarily incident and necessary to the servicing of bonds issued before March 1, 2022 by the Central Bank of the Russian Federation, the National Wealth Fund of the Russian Federation, or the Ministry of Finance of the Russian Federation,” but to the extent that such transaction is not prohibited by the new Directive 1A.
- General License 3, “Authorizing the Wind Down of Transactions Involving State Corporation Bank for Development and Foreign Economic Affairs Vnesheconombank” authorizes all prohibited transactions “that are ordinarily incident and necessary to the wind down of transactions involving” VEB for a 30-day period until March 24, 2022.
Again, parties planning to rely on these general licenses should note that the general licenses expressly limit their authorizations to transactions and activities that are prohibited by Executive Order 14024.
EU Announces Sanctions Package to be Implemented
The EU has announced, yet not formally issued, new sanctions on Russia. While in the morning of February 22, 2022, the presidents of the European Council and the European Commission had welcomed “the steadfast unity of [EU] Member States and their determination to react with robustness and speed,” the subsequent announcement of the specific contemplated measures was more limited in scope than expected by many and only came after a surprisingly lengthy meeting of EU Foreign Affairs Ministers. The formal issuance and implementation of the contemplated measures is now expected in the course of the week.
First, in what the EU has now referred to as “solid package” of “calibrated measures,” EU financial sanctions (broadly comparable to U.S. SDN designations) will target individuals and entities involved in the violations of international law by the Kremlin, including in the recognition of the Donetsk and Luhansk regions as independent entities.
Second, the EU will target banks that finance the Russian military apparatus and contribute to the destabilization of Ukraine. Such banks have not yet been named and will either be targeted via EU financial sanctions or via more limited EU economic sanctions (broadly comparable to U.S. SSI designations).
Third, the EU has announced that it plans to ban trade between the EU and the Donetsk and Luhansk regions by implementing comprehensive EU Economic Sanctions comparable to those implemented after the annexation by Russia of Crimea in 2014.
Finally, the EU announced new measures to restrain Russian efforts to raise further capital on EU’s financial markets by limiting respective access for the Russian state and government. Such measures will likely take the form of targeted EU Economic Sanctions and prohibit or at least limit dealings with, for example, transferable securities and money-market instruments with a certain maturity and prohibit making loans or credit to those targeted.
The EU also announced that it had prepared and stands ready to adopt additional measures at a later stage if needed in the light of further developments.
Germany Stops Certification of Nord Stream 2
As a first reaction, the German Chancellor Olaf Scholz announced that the certification of the Nord Stream 2 pipeline has been stopped, and thus the pipeline will not become operational until further notice. This action was perhaps the least expected response and carries significant practical impact. The Nord Stream 2 project was intended to supply energy from Russia to the European Union, and Germany—along with other EU member states—had so far contested any attempts to impose sanctions on the Nord Stream 2 project in light of Russian aggression, in part due to the European Union’s heavy reliance on energy sources from Russia. With this action, Germany sent a clear message that it stands ready to join severe sanctions against Russia.
United Kingdom Sanctions Russian Banks and Oligarchs
On February 10, 2022, the UK pre-emptively amended its legislation on Russia sanctions—the Russia (Sanctions) (EU Exit) Regulations 2019 (S.I. 2019/855) (the “UK Russia Sanctions Regulations”)—via the enactment of The Russia (Sanctions) (EU Exit) (Amendment) Regulations 2022 (SI 2022/123) (the “Amended Regulations”).
The Amended Regulations widened the scope of the UK Russia Sanctions Regulations by expanding its designation criteria. The designation criteria now include entities and individuals that are involved in “obtaining a benefit from or supporting the Government of Russia.” Previously, the UK could only impose travels bans or asset freezes on those involved in “destabilising Ukraine or undermining or threatening the territorial integrity, sovereignty or independence of Ukraine.”
For the purposes of the Amended Regulations, being “involved in obtaining a benefit from or supporting the Government of Russia” includes, among other things, carrying on business “of economic significance” or “in a sector of strategic significance” to the Government of Russia, those sectors being the Russian chemicals, construction, defense, electronics, energy, extractives, financial services, information, communications, digital technologies, and transport sectors. This is therefore a very significant expansion in the scope of the designation criteria which empowers the UK to impose sanctions on a wide range of businesses that may not necessarily have a strong nexus to the Russian government, save that the nature of their business and/or the sector(s) in which they operate are of economic significance to the Russian government.
Using its new powers under the Amended Regulations, the UK government updated the UK Sanctions List on February 22, 2022 by designating five Russian banks (Bank Rossiya, Black Sea Bank for Development and Reconstruction, Joint Stock Company Genbank, IS Bank, Public Joint Stock Company Promsvyazbank) as well as three wealthy individuals (Gennadiy Nikolayevich Timchenko, Boris Romanovich Rotenberg and Igor Arkadyevich Rotenberg) as being subject to an asset freeze.
The UK’s Prime Minister, Boris Johnson, has described this sanctions package as “the first tranche, the first barrage“ of what the UK is prepared to do. Foreign Secretary, Liz Truss, said in her statement that “this first wave of sanctions will hit oligarchs and banks close to the Kremlin. It sends a clear message that the UK will use [its] economic heft to inflict pain on Russia and degrade their strategic interests.” She further stated that “in the event of further aggressive acts by Russia against Ukraine,” the UK has prepared “an unprecedented package of further sanctions ready to go. These include a wide-ranging set of measures targeting the Russian financial sector, and trade.” However, for some in the UK, these measures do not go far enough, and Boris Johnson is under pressure to impose tougher sanctions.
Allies Outside NATO Join in Announcing Tough Response
Japan’s Minister of Foreign Affairs Hayashi Yoshimasa stated that Japan would continue to monitor the development of the situation in Ukraine with serious concern and coordinate a tough response, including sanctions in cooperation with the international community.
Australia’s Minister of Foreign Affairs declared that the Australian Government was coordinating closely with the United States, United Kingdom, European Union, and other governments around the world to ensure there were severe costs for Russia’s aggression and that, along with its partners, Australia was prepared to announce swift and severe sanctions that would target key Russian individuals and entities responsible for undermining Ukraine’s sovereignty and territorial integrity.
Possible Next Steps
There has been much speculation in recent days about the sanctions packages that would be revealed upon Russia’s invasion of Ukraine. So far, many world leaders have stopped short of calling Russia’s recognition of the two regions and his deployment of the Russian military to these regions a full-scale invasion, perhaps in part as an effort to deescalate tension or to leave space for additional sanctions if the situation worsens. However, the recent measures allow more authority for the Western countries to issue additional sanctions in case of further escalation—such as a new Executive Order that authorizes sanctions on persons operating in the separatist regions of Ukraine and a financial services sector determination that authorizes sanctions on persons operating in the Russian financial services sector. As tensions continue to rise, we will likely see more series of tools from the NATO countries and their allies to exert economic pressure on Russia to deescalate the ongoing crisis in Ukraine and withdraw its army from Ukraine’s borders. Companies should continue to pay attention to the ongoing developments and proactively assess their exposure to the sanctions and export controls measures being discussed.
In the lead up to the recent sanctions, leaders of the NATO countries engaged in close coordination and dialogue and had reported that they have “wrapped up“ and are “unified“ on potential sanctions packages to be used. However, we have seen varying degrees of severity and speed in the measures that each of the governments were able to impose immediately following the action from Russia. We expect there to be continued effort for coordination and convergence across the various jurisdictions, but we are closely tracking the differences in the sanctions imposed in different jurisdictions and the resulting compliance impact for companies operating in the global market.
The following Gibson Dunn lawyers assisted in preparing this client update: Claire Yi, Jacob A. McGee, Richard Roeder, Julian Reichert, Alexander Stahl, Kanchana Harendran, David A. Wolber, Judith Alison Lee, Adam M. Smith, Christopher Timura, Michael Walther, Benno Schwartz, Patrick Doris, and Attila Borsos.
Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding the above developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s International Trade practice group:
United States:
Judith Alison Lee – Co-Chair, International Trade Practice, Washington, D.C. (+1 202-887-3591, jalee@gibsondunn.com)
us-and-allies-announce-sanctions-on-russia-and-separatist-regions-of-ukraine
Nicola T. Hanna – Los Angeles (+1 213-229-7269, nhanna@gibsondunn.com)
Marcellus A. McRae – Los Angeles (+1 213-229-7675, mmcrae@gibsondunn.com)
Adam M. Smith – Washington, D.C. (+1 202-887-3547, asmith@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202-887-3690, ctimura@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202-955-8685, cmbrown@gibsondunn.com)
Laura R. Cole – Washington, D.C. (+1 202-887-3787, lcole@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202-955-8250, cmullen@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202-887-3509, ssewall@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202-955-8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202-887-3588, stoussaint@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202-955-8270, szhang@gibsondunn.com)
Asia:
Kelly Austin – Hong Kong (+852 2214 3788, kaustin@gibsondunn.com)
David A. Wolber – Hong Kong (+852 2214 3764, dwolber@gibsondunn.com)
Fang Xue – Beijing (+86 10 6502 8687, fxue@gibsondunn.com)
Qi Yue – Beijing – (+86 10 6502 8534, qyue@gibsondunn.com)
Europe:
Attila Borsos – Brussels (+32 2 554 72 10, aborsos@gibsondunn.com)
Nicolas Autet – Paris (+33 1 56 43 13 00, nautet@gibsondunn.com)
Susy Bullock – London (+44 (0) 20 7071 4283, sbullock@gibsondunn.com)
Patrick Doris – London (+44 (0) 207 071 4276, pdoris@gibsondunn.com)
Sacha Harber-Kelly – London (+44 (0) 20 7071 4205, sharber-kelly@gibsondunn.com)
Penny Madden – London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com)
Matt Aleksic – London (+44 (0) 20 7071 4042, maleksic@gibsondunn.com)
Benno Schwarz – Munich (+49 89 189 33 110, bschwarz@gibsondunn.com)
Michael Walther – Munich (+49 89 189 33 180, mwalther@gibsondunn.com)
Richard W. Roeder – Munich (+49 89 189 33 115, rroeder@gibsondunn.com)
© 2022 Gibson, Dunn & Crutcher LLP
Attorney Advertising: The enclosed materials have been prepared for general informational purposes only and are not intended as legal advice.