Last month, the UK’s Office of Financial Sanctions Implementation’s (“OFSI”) published a Threat Assessment analyzing sanctions compliance involving UK financial services firms since February 2022, when Russia invaded Ukraine. In the first of our two-part article (available here), we summarized the six key areas of risk that OFSI identified in its Threat Assessment. In this … Continue Reading
In February 2025, the UK’s Office of Financial Sanctions Implementation (“OFSI”) issued a report outlining its assessment of the sanctions-related threats posed to the UK by firms operating in the UK’s financial services sector. As to be expected, the report focuses on the risks associated with transactions since February 24, 2022, when Russia invaded Ukraine … Continue Reading
Multi-defendant criminal investigations present a classic prisoner’s dilemma. The parties would benefit from cooperating with one another but are incented to become adversaries, most often due to a lack of information sharing and resultant lack of trust and transparency. Fortunately, the law provides a tool: the common-interest privilege, which enables parties to share information in … Continue Reading
The start of a new year presents an opportune time to reflect on the past. We have been tracking and reporting on the U.S. Department of Justice (“DOJ”)’s Civil Cyber-Fraud Initiative (“CCF Initiative”), which former U.S. Deputy Attorney General Lisa O. Monaco announced in October 2021. The CCF Initiative employs the powerful False Claims Act (“FCA”) in … Continue Reading
The decision-making process involved in disclosing a cyber incident is a nuanced and delicate dance. Companies need to consider a myriad of factors, including when to disclose and how much detail to disclose to employees, customers, or regulators, such as the Securities and Exchange Commission (“SEC”). A New York bank was recently forced to pay … Continue Reading
In 2024, the National Crime Agency (the “NCA”), which is the UK’s lead agency against organized crime; human, weapon and drug trafficking; cybercrime; and economic crime, announced its “groundbreaking” data sharing partnership with seven UK banks, namely Barclays, Lloyds, Metro Bank, NatWest, Santander, Starling Bank, and TSB.[1] This new public-private partnership (“PPP”) was the largest … Continue Reading
In a post published earlier this year, we highlighted the importance of proactively managing artificial intelligence (“AI”) risks as part of an effective compliance program. Specifically, we explored the key considerations for organizations to effectively navigate AI-related risks and enhance their compliance efforts. We also referenced Deputy Attorney General Lisa O. Monaco’s announcement incorporating an … Continue Reading
The UK and US enforcement agencies have been actively pursuing insider dealing (“insider trading”, in US parlance) since the COVID-19 pandemic ended. The UK and US have different securities enforcement regimes, but both have seen recent developments expanding the scope of conduct that can be prosecuted. For individuals and organizations trading across multiple jurisdictions, it … Continue Reading
On June 27, 2024, the Supreme Court issued its opinion in Securities Exchange Commission v. Jarkesy. The Court held that the Seventh Amendment entitles a defendant to a jury trial when the SEC seeks civil penalties for securities fraud, because these cases replicate common law fraud claims. S.E.C. v. Jarkesy, No. 22-859, slip op. at … Continue Reading
Join #TeamSPB’s Ben Glassman, Keith Bradley and Patricia Doersch for a timely webinar on the major decisions recently issued by SCOTUS. The panel will cover each of the recent decisions (Loper Bright v. Raimondo, SEC v. Jarkesy, Ohio v. EPA, and Corner Post v. the Fed) and discuss the consequences, as well as the opportunities … Continue Reading
With its second of two landmark decisions impacting the future of federal agency enforcement, SCOTUS struck down the Chevron decision last week. In a 6-3 decision in Loper Bright Enterprises v. Raimondo, the Court shifted enforcement power away from agencies and to the federal courts. The implications of the Chevron decision are both significant and … Continue Reading
SPB’s Keith Bradley authored an article for Bloomberg Law covering a recent SCOTUS decision with significant ramifications: SEC v. Jarkesy. We believe that Jarkesy will decidedly shift the landscape of agency adjudication and regulatory enforcement. For the background and possible implications of this decision, read the full article at Supreme Court’s Jarkesy Ruling Upends SEC … Continue Reading
In December 2023, the U.S. Securities and Exchange Commission’s (“SEC”) new rule requiring disclosure of material cybersecurity incidents became effective. SPB previously analyzed how the new rule applies to incidents affecting third-party vendors and what companies can do to manage reporting risks created by third-party cybersecurity incidents. In the first half of 2024, more than … Continue Reading
In today’s rapidly evolving technological landscape, the integration of artificial intelligence (“AI”) into business operations presents unparalleled opportunities for efficiency and innovation. Alongside these advancements, however, come new challenges and risks that must be addressed to ensure regulatory compliance and ethical responsibility. Recently, the Department of Justice (“DOJ”) has underscored the importance of proactively managing … Continue Reading
Deputy Attorney General Lisa Monaco’s (“Monaco”) recent remarks at Oxford University shed light on the evolving intersection of artificial intelligence (“AI”) and the criminal enforcement landscape and its profound implications for the United States Department of Justice and beyond. As the Chief Operating Officer of the Department of Justice, Monaco’s insights underscore the critical importance … Continue Reading
The rules on reporting cybersecurity risks and incidents pose many challenges for companies. Those challenges can be even more difficult when the cybersecurity incident affects third-party systems. With no exceptions for third-party cybersecurity incidents under the new cybersecurity reporting regulations, companies should take proactive steps to assess and respond appropriately to third-party cybersecurity incidents. The … Continue Reading
Between October 25 and October 27, 2023, the Financial Action Task Force (“FATF”), an international policy-making and standard-setting body dedicated to combating money laundering and terrorist financing, held its third plenary meeting of the year (the “October Plenary”), at which it made important updates to its list of jurisdictions under increased monitoring, often externally referred … Continue Reading
We have been tracking and reporting on the U.S. Department of Justice’s Civil Cyber-Fraud Initiative (“CCF Initiative”), which U.S. Deputy Attorney General Lisa O. Monaco announced in October 2021. The CCF Initiative employs the powerful False Claims Act (“FCA”) in an effort to “hold accountable entities or individuals that put U.S. information or systems at … Continue Reading
Join subject matter experts across policy, litigation, and regulation for an engaging discussion around privacy, cybersecurity, and AI. This live event will be in our Washington DC office and will include perspectives from in-house leaders, a former FBI agent, an incident response forensic expert, world-class public policy experts, and our privacy and cybersecurity professionals. The … Continue Reading
On March 1, 2023, the Department of Justice (“DOJ”) and the Securities and Exchange Commission (“SEC”) demonstrated continued interest in investigating insider trading by company executives who possess material non-public information when they unsealed an indictment and filed a civil complaint, respectively, in the Central District of California. Though a Rule 10b5-1 plan—an investment device … Continue Reading
As we recently discussed, the Department of Justice released new guidance covering a multitude of topics, including employees’ use of personal electronic devices and third-party messaging platforms, financial compensation incentives and clawbacks. At the American Bar Association’s 38th Annual National Institute on White Collar Crime, Deputy Attorney General Lisa Monaco announced the launch of the … Continue Reading
We previously offered insight into two False Claims Act (“FCA”) enforcement actions brought by the U.S. Department of Justice (“DOJ”) as part of its “Civil Cyber-Fraud Initiative” (“CCF Initiative”). Deputy Attorney General Lisa O. Monaco announced the CCF Initiative in October 2021, stating that “[t]he initiative will hold accountable entities or individuals that put U.S. … Continue Reading
On Friday, March 3, 2023, the DOJ released its updated Evaluation of Corporate Compliance Programs, which included new guidance on ephemeral messaging platforms and other issues. This new guidance was released contemporaneously with Assistant Attorney General Kenneth A. Polite, Jr.’s (‘Polite”) speech at the American Bar Association’s (“ABA”) 38th Annual National Institute on White Collar … Continue Reading
With the cold and flu season underway and COVID-19 still ever-present, it is a good time to take stock of the potential risks that come with working remotely. Following the lifting of pandemic restrictions allowing offices to open back up, many companies continued to offer work from home or hybrid arrangements. It is important for … Continue Reading
