Author: National Law Forum

A group of in-house attorneys developed the National Law Review on-line edition to create an easy to use resource to capture legal trends and news as they first start to emerge. We were looking for a better way to organize, vet and easily retrieve all the updates that were being sent to us on a daily basis.In the process, we’ve become one of the highest volume business law websites in the U.S. Today, the National Law Review’s seasoned editors screen and classify breaking news and analysis authored by recognized legal professionals and our own journalists. There is no log in to access the database and new articles are added hourly. The National Law Review revolutionized legal publication in 1888 and this cutting-edge tradition continues today.

States Sue the Biden Administration to Stop Loan Relief Plan

On April 9, 2024, seven states filed suit against the Biden administration in an attempt to block its new “SAVE” plan, an income-driven repayment plan that leads to eventual loan forgiveness. The case is pending in the U.S. District Court for the Eastern District of Missouri.

Plaintiff states claim that the plan is unlawful because it evades limits Congress imposed for income-based repayment plans and sets arbitrarily high thresholds that would effectively create a grant program for student borrowers. Plaintiffs allege that the US Supreme Court struck down a similar plan last year proposed by the Biden administration which would have cost taxpayers $430 billion. See Biden v. Nebraska, 143 S. Ct. 2355, 2362 (2023). The states allege that the plan violates the Higher Education Act of 1965 and subsequent amendments, which allows student-loan cancelation to occur only after a borrower pays 15% of their disposable income (which is defined as 150% above the poverty line) after 25 years.

The states further allege that the disposable income threshold would increase from 150% to 225% above the poverty line and that the plan would only require borrowers to pay 5% of their income for 10 years before loans are cancelled, “gut[ting] the statutory purpose of providing loans.”

Plaintiffs seek a declaratory judgment that the relief plan is unlawful and injunctive relief.

Putting It Into Practice: State attorneys general continue to challenge Biden regulatory actions through litigation (previously discussed here and here). Given the success they have achieved thus far, it will be interesting to see how this litigation develops. We will continue to monitor the case for developments.

Copyright © 2024, Sheppard Mullin Richter & Hampton LLP.
For more news on Biden’s loan forgiveness plan, visit the NLR Financial Institutions & Banking section.

Supply Chains are the Next Subject of Cyberattacks

The cyberthreat landscape is evolving as threat actors develop new tactics to keep up with increasingly sophisticated corporate IT environments. In particular, threat actors are increasingly exploiting supply chain vulnerabilities to reach downstream targets.

The effects of supply chain cyberattacks are far-reaching, and can affect downstream organizations. The effects can also last long after the attack was first deployed. According to an Identity Theft Resource Center report, “more than 10 million people were impacted by supply chain attacks targeting 1,743 entities that had access to multiple organizations’ data” in 2022. Based upon an IBM analysis, the cost of a data breach averaged $4.45 million in 2023.

What is a supply chain cyberattack?

Supply chain cyberattacks are a type of cyberattack in which a threat actor targets a business offering third-party services to other companies. The threat actor will then leverage its access to the target to reach and cause damage to the business’s customers. Supply chain cyberattacks may be perpetrated in different ways.

  • Software-Enabled Attack: This occurs when a threat actor uses an existing software vulnerability to compromise the systems and data of organizations running the software containing the vulnerability. For example, Apache Log4j is an open source code used by developers in software to add a function for maintaining records of system activity. In November 2021, there were public reports of a Log4j remote execution code vulnerability that allowed threat actors to infiltrate target software running on outdated Log4j code versions. As a result, threat actors gained access to the systems, networks, and data of many organizations in the public and private sectors that used software containing the vulnerable Log4j version. Although security upgrades (i.e., patches) have since been issued to address the Log4j vulnerability, many software and apps are still running with outdated (i.e., unpatched) versions of Log4j.
  • Software Supply Chain Attack: This is the most common type of supply chain cyberattack, and occurs when a threat actor infiltrates and compromises software with malicious code either before the software is provided to consumers or by deploying malicious software updates masquerading as legitimate patches. All users of the compromised software are affected by this type of attack. For example, Blackbaud, Inc., a software company providing cloud hosting services to for-profit and non-profit entities across multiple industries, was ground zero for a software supply chain cyberattack after a threat actor deployed ransomware in its systems that had downstream effects on Blackbaud’s customers, including 45,000 companies. Similarly in May 2023, Progress Software’s MOVEit file-transfer tool was targeted with a ransomware attack, which allowed threat actors to steal data from customers that used the MOVEit app, including government agencies and businesses worldwide.

Legal and Regulatory Risks

Cyberattacks can often expose personal data to unauthorized access and acquisition by a threat actor. When this occurs, companies’ notification obligations under the data breach laws of jurisdictions in which affected individuals reside are triggered. In general, data breach laws require affected companies to submit notice of the incident to affected individuals and, depending on the facts of the incident and the number of such individuals, also to regulators, the media, and consumer reporting agencies. Companies may also have an obligation to notify their customers, vendors, and other business partners based on their contracts with these parties. These reporting requirements increase the likelihood of follow-up inquiries, and in some cases, investigations by regulators. Reporting a data breach also increases a company’s risk of being targeted with private lawsuits, including class actions and lawsuits initiated by business customers, in which plaintiffs may seek different types of relief including injunctive relief, monetary damages, and civil penalties.

The legal and regulatory risks in the aftermath of a cyberattack can persist long after a company has addressed the immediate issues that caused the incident initially. For example, in the aftermath of the cyberattack, Blackbaud was investigated by multiple government authorities and targeted with private lawsuits. While the private suits remain ongoing, Blackbaud settled with state regulators ($49,500,000), the U.S. Federal Trade Commission, and the U.S. Securities Exchange Commission (SEC) ($3,000,000) in 2023 and 2024, almost four years after it first experienced the cyberattack. Other companies that experienced high-profile cyberattacks have also been targeted with securities class action lawsuits by shareholders, and in at least one instance, regulators have named a company’s Chief Information Security Officer in an enforcement action, underscoring the professional risks cyberattacks pose to corporate security leaders.

What Steps Can Companies Take to Mitigate Risk?

First, threat actors will continue to refine their tactics and techniques. Thus, all organizations must adapt and stay current with all regulations and legislation surrounding cybersecurity. Cybersecurity and Infrastructure Security Agency (CISA) urges developer education for creating secure code and verifying third-party components.

Second, stay proactive. Organizations must re-examine not only their own security practices but also those of their vendors and third-party suppliers. If third and fourth parties have access to an organization’s data, it is imperative to ensure that those parties have good data protection practices.

Third, companies should adopt guidelines for suppliers around data and cybersecurity at the outset of a relationship since it may be difficult to get suppliers to adhere to policies after the contract has been signed. For example, some entities have detailed processes requiring suppliers to inform of attacks and conduct impact assessments after the fact. In addition, some entities expect suppliers to follow specific sequences of steps after a cyberattack. At the same time, some entities may also apply the same threat intelligence that it uses for its own defense to its critical suppliers, and may require suppliers to implement proactive security controls, such as incident response plans, ahead of an attack.

Finally, all companies should strive to minimize threats to their software supply by establishing strong security strategies at the ground level.

© Copyright 2024 Squire Patton Boggs (US) LLP
For more news on Supply Chain Cybersecurity, visit the NLR Communications, Media & Internet section.

Importance of Negotiating Assignment and Subletting Provisions in Health Care Leases

In our ongoing series of blog posts, we examine key negotiating points for tenants in triple net health care leases. We also offer suggestions for certain lease provisions that will protect tenants from overreaching and unfair expenses, overly burdensome obligations, and ambiguous terms with respect to the rights and responsibilities of the parties. These suggestions are intended to result in efficient lease negotiations and favorable lease terms from a tenant’s perspective. In our first two blog posts, we considered the importance of negotiating initial terms and renewal terms and operating expense provisions. This latest blog post in our series focuses on negotiating assignment and subletting provisions.

It is imperative for a commercial tenant, particularly a private equity-owned health care tenant, to include provisions in a lease which allow the tenant the flexibility to assign and sublease the commercial space without the necessity of having to obtain the landlord’s consent and/or to meet burdensome landlord conditions.

Most leases prohibit transfers by assignment and subletting or require landlord’s prior written consent subject to meeting certain burdensome conditions. In addition, landlords often include a “change of control” provision which provides that sale of a controlling interest is deemed a transfer requiring landlord consent. A health care tenant looking for flexibility for reorganization or internal transfer subject to private equity control will want to push back on change of control provisions and will want to ensure that their lease allows for certain permitted transfers that do not require landlord consent. Carving out “permitted transfers” customarily includes transfers to: (i) an affiliate of the named tenant under the lease (meaning, any entity, directly or indirectly, which controls, is controlled by or is under common control with tenant); (ii) a successor entity created by merger, consolidation or reorganization of tenant; or (iii) an entity which shall purchase all or substantially all of the assets or a controlling interest in the stock or membership of tenant. If the tenant is a management services organization (MSO), the lease should also include explicit landlord permission for a sublease between the MSO and the provider that will occupy the leased premises.

Landlords may accept the concept of permitted transfers but often seek to impose certain conditions to allowing such transfers. Certain conditions on permitted transfers are reasonable, such as requirements for advance notice, that the proposed permitted transferee assume all obligations under the lease, that the permitted transferee operate only for the permitted use set forth in the lease, and that a copy of the transfer document be provided to landlord. However, other conditions, such as requiring a net worth test for the assignee or financial reporting requirements, can be burdensome and serve to undermine the concept of permitted transfers without landlord consent. We advise our clients in these instances to push back or limit these conditions as much as possible.

Other common assignment and subletting provisions should expressly not apply to permitted transfers. These include recapture provisions which allow a landlord to terminate the lease and recapture the space, excess profit provisions which provide that any excess profits realized as the result of a transfer will be shared between landlord and tenant, and administrative fees and reimbursements to landlord which are often charged to tenants in connection with an assignment or subletting request. Restrictions on transfers should not apply to guarantor entities. Often with private equity, the guarantor is the parent entity and cannot be restricted by a landlord as to transfer, restructuring or reorganization at the top of its organization.

In the case of transfers that do not fall within the definition of “permitted transfers” and require landlord consent, a tenant will want to include language that landlord will not unreasonably withhold, condition, or delay such consent. Other tenant protections should also be considered, including a cap on administrative and review fees reimbursable by tenant to landlord, a reasonably short time period for landlord to approve or disapprove a request (i.e., 30 days) or be deemed to have approved, a reasonably short time period for landlord to exercise recapture rights or be deemed to have approved, and a provision that excess profits will be shared equally rather than all belonging to landlord.

Negotiation of assignment and subletting terms is critical for tenants, particularly with respect to private equity-owned health care tenants. The goal for tenants in negotiating these points is to provide flexibility for addressing future financial and operational needs. As with other highly negotiated lease terms, we recommend addressing assignment and subletting provisions in detail in advance in the letter of intent. This makes expectations of the parties clear, saves time and money by avoiding protracted negotiations, and results in an overall efficient lease negotiation process.

In our next post, we will cover the importance of negotiating maintenance and repair terms and will offer suggestions for limiting a tenant’s exposure.

©2024 Epstein Becker & Green, P.C. All rights reserved.
For more news on Health Care Leases, visit the NLR Health Law & Managed Care section.

Good News for Offshore Wind Blows in With New Guidance From the Treasury and IRS

The Inflation Reduction Act of 2022 (IRA) includes several tax credits to encourage investment in renewable energy projects, including an Investment Tax Credit (ITC) that is worth up to 30% of the overall project cost. The developer of a renewable energy project can receive a bonus of up to 10% on top of the ITC for a qualified facility that is located or placed in service in an “energy community.” One type of area that can qualify as an energy community under the IRA — the one most relevant to offshore wind projects — is an area that has significant employment or local tax revenues from fossil fuels and a higher-than-average unemployment rate.

In order to apply the criteria to offshore wind facilities, the US Department of Treasury initially proposed that an offshore wind project would be deemed to be located or placed in service at the place closest to the point of interconnection (POI) where there is land-based equipment that conditions the energy generated by the offshore wind project for transmission, distribution, or use.

Stakeholders in the offshore wind industry believed, however, that this approach did not adequately reflect the original intent of the IRA as it neglected to take into account the long-term benefits of activity related to offshore wind projects at locations, particularly ports, that were not at the POI.

Responding to stakeholder advocacy over the past several months, on March 22, the Internal Revenue Service (IRS) released updated guidance in IRS Notice 2024-30 (the Notice). The Notice permits projects with multiple POIs to qualify for the bonus credit, so long as one of the POIs is within an energy community. Stakeholders believe that this will be key in developing the shared transmission infrastructure that will be required for effective use of offshore wind energy.

Further, the Notice permits offshore wind facilities to attribute their nameplate capacity to additional property — namely, to supervisory control and data acquisition system (SCADA) equipment owned by the owner of the offshore wind project and located in an EC Project Port (as defined in the Notice). SCADA equipment is property that is used to remotely monitor and control the operations of the offshore wind project. The SCADA system is effectively the nerve center for an offshore wind project.

An “EC Project Port” is defined in the Notice as a port that is used either full or part time to facilitate maritime operations necessary for the installation or operation and maintenance of the offshore wind project, and that has a significant long-term relationship with the project’s owner by virtue of ownership or lease arrangements. The personnel based at the port need to include staff who are employed by, or who work as independent contractors for, the project’s owner and who perform functions essential to the project’s operations. Staff based at the port will be considered to perform functions essential to the project’s operations only if they collectively perform all the following functions: management of marine operations, inventory and handling of spare parts and consumables, and berthing and dispatch of operation and maintenance vessels and associated crews and technicians.

Finally, the Notice adds two industry codes from the North American Industry Classification System (NAICS) to those that are used to determine a community meets the IRA’s required percentage of its workforce who are employed in the extraction, processing, transport, or storage of coal, oil, or natural gas. These additional NAICS codes designate oil pipeline infrastructure and natural gas distribution infrastructure. These additional codes are intended to bring the benefits of the energy community bonus credit to more communities and the IRS has amended its list of energy communities accordingly.

Advocates note that the updated guidance in the Notice represents a more holistic approach to the energy communities bonus credit that will give offshore wind project developers more flexibility in identifying ports for their investment, The increased flexibility will bring the economic benefit of the offshore wind industry to more communities, which will ultimately reduce the cost burden to ratepayers.

© 2024 Jones Walker LLP
For more news on Tax Credits for Renewable Energy, visit the NLR Tax section.

Fourth Circuit Reverses $1 Billion Award for Vicarious Liability Claim for More than 10,000 Works

On January 12, 2021, the U.S. District Court for the Eastern District of Virginia awarded a group of music recording companies (the plaintiffs) a $1 billion verdict against Cox Communications (Cox). The Virginia court’s ruling found that Cox, an internet service provider (ISP), was contributorily and vicariously liable for copyright infringement committed by certain subscribers on its networks. The plaintiffs alleged that the ISP allowed the unauthorized downloading and distribution of more than 10,000 copyrighted works by Cox subscribers who had already received three or more notices of infringement. The district court in Virginia established that the “takedown” notices sent by the plaintiffs provided Cox with the requisite knowledge of its subscribers’ repeated infringement to substantiate their claim that Cox was contributorily liable, suggesting that Cox had sufficient specific knowledge of infringement to have done something about it.

The plaintiffs’ notice to Cox identified the IP address of the subscriber, as well as the time of infringement and the identification of the infringed work, which the plaintiffs argued was sufficiently specific knowledge for Cox to be able to identify the subscriber and to exercise its policy by suspending or terminating the infringing subscriber. This case proceeded to trial on two theories of secondary liability – vicarious and contributory copyright infringement. The plaintiffs argued that Cox failed to act on these known repeat infringers, and the jury found Cox liable for willful contributory infringement and vicarious infringement, ordering Cox to pay more than $99,000 for each of the infringed-upon works. Cox appealed the jury verdict.

On appeal, before the U.S. Court of Appeals for the Fourth Circuit, Cox raised several questions of law concerning the secondary liability for copyright infringement, as well as what constitutes a derivative work in the Internet Age.

Vicarious Infringement
The Fourth Circuit’s analysis first considered whether the district court erred in denying plaintiffs’ vicarious infringement claim. “A defendant may be held vicariously liable for a third party’s copyright infringement [if the defendant] (1) profits directly from the infringement and (2) has a right and ability to supervise the direct infringer.” See Metro-Goldwyn-Mayer Studios, Inc. v. Grokster, Ltd., 545 U.S. 913, 930 n.9 (2005) (internal citations omitted). The Fourth Circuit found that the plaintiffs failed to establish the first element as a matter of law and thus found that the plaintiffs failed to establish that Cox was vicariously liable.

In reaching this decision, the Fourth Circuit turned to the landmark decision in Shapiro, Bernstein & Co., 316 F.2d 304 (2d Cir. 1963), a case on vicarious liability for infringing copyrighted music recordings. In Shapiro, a department store was sued for the selling of “bootleg” records by a concessionaire operating in its stores. The store had the right to supervise the concessionaire and employees, demonstrating its control over the infringement. There, the store received a certain percentage of every record sale, “whether ‘bootleg’ or legitimate,” giving it “a more definite financial interest” in the infringing sales.” Thus, the Shapiro court found that the financial gains were clearly spelled out from the bootleg sales and acts of infringement in Shapiro.

Next, the Fourth Circuit recognized that courts have found that a defendant may possess a financial interest in a third party’s infringement of copyrighted music, even absent a strict correlation between each act of infringement and an added penny of profits. See Fonovisa, Inc. v. Cherry Auction, Inc., 76 F.3d 259 (9th Cir. 1996). In Fonovisa, the operator of a swap meet allowed vendors to sell infringing goods, and the operator collected “admission fees, concession stand sales, and parking fees” but no sales commission “from customers who want[ed] to buy the counterfeit recordings at bargain-basement prices.” The Fonovisa court found that the plaintiffs adequately showed a financial benefit from the swap meet owner and the sales of pirated recordings at the swap meet, which was a draw for customers. Thus, the infringing sales “enhance[d] the attractiveness of the venue of the potential customers, finding the swap meet operator had a financial interest in the infringement sufficient to state a claim for vicarious liability.”

The Fourth Circuit established that Shapiro and Fonovisa provided the steppingstones of the principles of copyright infringement to the internet and cyberspace and that Congress agreed that “receiving a one-time setup fee and flat periodic payment for service” from infringing and non-infringing users alike ordinarily “would not constitute a financial benefit directly attributable to the infringing activity.” Ellison v. Robertson, 357 F. 3d 1072, 1079 (9th Cir. 2004) (internal citations omitted). The Court also reviewed other court precedents, including A&M Records v. Napster, Inc., 239 F.3d 1004 (9th Cir. 2001), to show that increased pirated music drew in users as a direct financial interest for vicarious liability., but also notes that courts have found no evidence of a direct financial benefit between subscribers of American Online (AOL) and the availability of infringing content.’’ Ellison, 357 F.3d at 1079.

Against this backdrop, the Fourth Circuit held that to prove Cox was vicariously liable, the plaintiffs had to demonstrate that Cox profited from its subscribers’ infringing download and distribution of the plaintiffs’ copyrighted songs, which – given the evidence at trial – it did not. While the district court found it was enough that Cox repeatedly declined to cancel an ISP subscriber’s monthly subscription fee, the Fourth Circuit found this evidence to be insufficient. Instead, the Fourth Circuit found that the continued monthly payment fees for internet service, even by repeat infringers, was not a financial benefit flowing directly from the copyright infringement. Cox established that subscribers paid a flat fee even if all of its subscribers stopped infringing. Recognizing that an internet provider would necessarily lose money if it canceled subscriptions only demonstrates that service providers have a direct financial interest in providing subscribers with access to the internet only. Thus, the Fourth Circuit held that vicarious liability demands proof that the defendant profits directly from the acts of infringement for which it is being held accountable.

To rebut this, the plaintiffs claimed that the jury could infer that subscribers paid monthly membership fees based on the high volume of infringing content. The Fourth Circuit rejected this argument and found that the evidence was insufficient to prove that customers were drawn to Cox’s internet service or that they continued the service because they were specifically drawn to the opportunity to infringe the plaintiffs’ copyrights. The plaintiffs further asserted that subscribers were willing to pay more for the opportunity to infringe based on Cox’s tiered structure for internet access – but the plaintiffs fell short in proving this claim because no reasonable inference could be drawn that Cox subscribers paid more for faster internet to infringe on the copyrighted works. Ultimately, the Court found that the plaintiffs could not establish a causal connection between subscribers’ copyright infringement and Cox’s revenue for monthly subscriptions. Thus, the Fourth Circuit held that Cox was not liable for its subscribers’ copyright infringement and reversed the district court’s ruling on this theory. The court vacated the $1 billion damages award and remanded the case for a new trial on damages, holding that the jury’s finding of vicarious liability could have influenced its assessment of statutory damages.

Contributory Infringement
The Fourth Circuit then examined the remaining issue of contributory infringement. Under this theory, “one who, with knowledge of the infringing activity, induces, causes or materially contributes to the infringing conduct of another is liable for the infringement, too.” Cox argued that the district court erred by taking away the factual determination from the jury that notices of past infringement established Cox’s knowledge that subscribers were substantially certain to infringe in the future. Cox had contracted with a third party to provide copyright violation notices to users and asserted that it used these notices as their safe harbor under the Digital Millennium Copyright Act to alert violators and to terminate access to users who were repeat infringers. Despite this, the Fourth Circuit ultimately agreed with the jury’s finding that Cox materially contributed to copyright infringement occurring on its network and that its conduct was culpable.

Therefore, a three-judge panel found that Cox was liable for willful copyright infringement but reversed the vicarious liability verdict and remanded a new trial on damages. The Fourth Circuit held that because Cox did not profit from its subscribers’ acts of infringement, a legal prerequisite for vicarious liability, Cox was not liable for damages under the vicarious liability theory.

The Impact
The Fourth Circuit’s decision recognizes a new dawn breaking in copyright law, one that requires a causal connection between profit and/or financial gain and a defendant’s acts of infringement to prove vicarious liability in a copyright infringement claim under the Copyright Act. The plaintiffs attempted to bridge the financial gap between acknowledging access to infringing content through a monthly internet subscription and high-volume infringing acts. However, the Fourth Circuit found that this leap in logic was a step too far and reversed the award for vicarious liability for lack of evidence to find this missing connection between Cox subscribers and infringing plaintiffs’ content.

While this may be one route the courts may consider to reduce music piracy damages, it remains to be seen whether other courts will take this approach to determining that profit is the key element supporting other vicarious liability claims in cyberspace.

© 2024 Wilson Elser
For more news on Copyright Litigation, visit the NLR Intellectual Property section.

Regulation Round Up March 2024

Welcome to the UK Regulation Round Up, a regular bulletin highlighting the latest developments in UK and EU financial services regulation.

Key developments in March 2024:

28 March

FCA Regulation Round-up: The FCA published its regulation round-up for March 2024.

26 March

AIFMD IIDirective (EU) 2024/927 amending the Alternative Investment Fund Managers Directive (2011/61/EU) (“AIFMD”) and the UCITS Directive (2009/65/EC) (“UCITS Directive”) relating to delegation arrangements, liquidity risk management, supervisory reporting, provision of depositary and custody services, and loan origination by alternative investment funds has been published in the Official Journal of the European Union (“EU”). Please refer to our dedicated article on this topic here.

ELTIFs: The European Commission published a Communication to the Commission explaining that it intends to adopt, with amendments, ESMA’s proposed regulatory technical standards (“RTS”) under Regulations 9(3), 18(6), 19(5), 21(3) and 25(3) of the Regulation on European Long-Term Investment Funds ((EU) 2015/760) as amended by Regulation (EU) 2023/606.

Financial Promotions: The FCA published finalised guidance (FG24/1) on financial promotions on social media.

Cryptoassets: The Investment Association (“IA”) published its second report on UK fund tokenisation written by the technology working group to HM Treasury’s asset management taskforce.

25 March

Cryptoassets: ESMA published a final report (ESMA75-453128700-949) on draft technical standards specifying requirements for co-operation, exchange of information and notification between competent authorities, European Supervisory Authorities and third countries under the Regulation on markets in cryptoassets ((EU) 2023/1114) (“MiCA”).PRIIPS Regulation: the European Parliament’s Economic and Monetary Affairs Committee (“ECON”) published the report (PE753.665v02-00) it has adopted on the European Commission’s legislative proposal for a Regulation making amendments to the Regulation on key information documents (“KIDs”) for packaged retail and insurance-based investment products (1286/2014) (“PRIIPs Regulation”) (2023/0166(COD)).

Alternative Investment Funds: The FCA published the findings from a review it carried out in 2023 of alternative investment fund managers that use the host model to manage alternative investment funds.

AIFMD: Four Delegated and Implementing Regulations concerning cross-border marketing and management notifications relating to the UCITS Directive and the AIFMD have been published in the Official Journal of the European Union (hereherehere, and here).

22 March

Smarter Regulatory Framework: HM Treasury published a document on the next phase of the Smarter Regulatory Framework, its project to replace assimilated law relating to financial services.

21 March

Market Transparency: ESMA published a communication on the transition to the new rules under the Markets in Financial Instruments Regulation (600/2014) (“MiFIR”) to improve market access and transparency.

Retail Investment Package: ECON published a press release announcing it had adopted its draft report on the proposed Directive on retail investment protection (2023/0167(COD)). The proposed Directive will amend the MiFID II Directive (2014/65/EU) (“MiFID II”), the Insurance Distribution Directive ((EU) 2016/97), the Solvency II Directive (2009/138/EC), the UCITS Directive and the AIFMD.

19 March

ESG: The Council of the EU proposed a new compromise text for the Corporate Sustainability Due Diligence Directive, on which political agreement had previously been reached in December 2023.

FCA Business Plan: The FCA published its 2024/25 Business Plan, which sets out its business priorities for the year ahead.

15 March

Customer Duty: The FCA announced that it is to conduct a review into firms’ treatment of customers in vulnerable circumstances.

PRIIPS Regulation: The Joint Committee of the European Supervisory Authorities published an updated version of its Q&As (JC 2023 22) on the key information document requirements for packaged retail and insurance-based investment products (“PRIIPs”), as laid down in Commission Delegated Regulation (EU) 2017/653.

14 March

FCA Regulatory Approach: The FCA published a speech given by Nikhil Rathi, FCA Chief Executive, on its regulatory approach to deliver for consumers, markets and competitiveness and its shift to outcomes-focused regulation.

11 March

AML: HM Treasury launched a consultation on improving the effectiveness of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692). The consultation runs until 9 June 2024 and covers four distinct areas.

08 March

ESG: The IA published a report on insights and suggested actions for asset managers following the commencement of reporting obligations of climate-related disclosures under the ESG sourcebook.

ESG: The House of Commons Treasury Committee published a report on the findings from its “Sexism in the City” inquiry.

Cryptoassets: The EBA published a consultation paper (EBA/CP/2024/09) on draft guidelines on redemption plans under Articles 47 and 55 of the MiCA.

05 March

Financial Sanctions: The Foreign, Commonwealth and Development Office published Post-Legislative Scrutiny Memorandum: Sanctions and Anti-Money Laundering Act 2018.

AML: The FCA published a Dear CEO letter sent to Annex I financial institutions concerning common control failings identified in anti-money laundering (AML) frameworks.

ESG: The European Commission adopted a delegated regulation supplementing the Securitisation Regulation ((EU) 2017/2402) with regard to regulatory technical standards specifying, for simple, transparent and standardised non-ABCP traditional securitisation, and for simple, transparent and standardised on-balance-sheet securitisation, the content, methodologies and presentation of information related to the principal adverse impacts of the assets financed by the underlying exposures on sustainability factors.

CRD IV: The European Commission adopted a Commission Implementing Regulation that amends Commission Implementing Regulation (EU) 650/2014 containing ITS on supervisory disclosure under the CRD IV Directive (2013/36/EU) (“CRD IV”).

01 March

Alternative Investment Funds: The FCA published a portfolio letter providing an interim update on its supervisory strategy for the asset management and alternatives portfolios.

Corporate Transparency: The Economic Crime and Corporate Transparency Act 2023 (Commencement No. 2 and Transitional Provision) Regulations 2024 (SI 2024/269) have been made and published.

Financial Sanctions: The Treasury Committee launched an inquiry into the effectiveness of financial sanctions on Russia.

EMIR: The FCA published a consultation paperin which it, together with the Bank of England, seeks feedback on draft guidance in the form of Q&As on the revised reporting requirements under Article 9 of UK EMIR (648/2012).

FCA Handbook: The FCA published Handbook Notice 116 (dated February 2024), which sets out changes to the FCA Handbook made by the FCA board on 29 February 2024.

FCA Handbook: the FCA published its 43rd quarterly consultation paper (CP24/3), inviting comments on proposed changes to a number of FCA Handbook provisions.

Amar Unadkat, Sulaiman Malik & Michael Singh also contributed to this article.

© 2024 Proskauer Rose LLP.
For more news on EU and UK Financial Services Regulation, visit the NLR Financial Institutions & Banking section.

Department of Justice Ramps Up Investigations of Private Clubs that Received PPP Loans

As Varnum’s government investigations team has previously discussed, (link) the COVID-era Paycheck Protection Program (PPP) resulted in millions of businesses receiving emergency loans. The PPP’s hurried implementation, coupled with confusion among recipients over eligibility requirements, created an environment ripe for both fraud and the issuance of loans to ineligible recipients. Over the past few years, the Department of Justice (DOJ) has focused on fraud by among other things, opening civil investigations under the False Claims Act and bringing criminal charges against PPP loan recipients who misused loan proceeds on luxury items. But recently, the DOJ has shifted its focus to a new category of PPP recipients: social clubs that may have been technically ineligible for the loans they received.

The opportunity for improper loans to social clubs comes about because of a technical wrinkle in how Congress wrote the American Rescue Plan Act of 2021. In this Act, Congress made social clubs (i.e. golf clubs, tennis clubs, yacht clubs) organized under 26 U.S.C. § 501(c)(7) eligible for PPP loans. However, Congress incorporated an agency regulation that prohibited loans to “private clubs and businesses which limited the numbers of memberships for reasons other than capacity.” The result is that social clubs that limit their number of members for any reason besides capacity were technically ineligible for PPP loans.

In recent months, the DOJ has issued Civil Investigation Demands (CIDs) to clubs that it believes might not have been eligible for PPP loans. These CIDs are demands for documents and interrogatory answers and often relate to employment records, income statements, the membership admission process, prospective members’ applications, the club’s governance, and membership information. CIDs are expansive and the government can use the club’s answer in future civil or criminal proceedings.

Given the DOJ’s new focus, clubs should review their PPP paperwork now and consult with an attorney to determine whether their loan was properly issued. If the clubs find technical violations, proactively approaching the government through counsel may be beneficial. If a club receives a CID, it should immediately contact an attorney to begin preparing the appropriate response.

© 2024 Varnum LLP
by: Ronald G. DeWaardRegan A. GibsonGary J. MouwNeil E. Youngdahl of Varnum LLP

For more news on Paycheck Protection Program Fraud Enforcement, visit the NLR Criminal Law / Business Crimes section.

Amendments to New York LLC Transparency Act Delay Effective Date, Among Other Changes

New York Governor Kathy Hochul last month signed into law amendments to the recently enacted New York LLC Transparency Act (as amended, the “NYLTA”), extending the NYLTA’s effective date from December 21, 2024, to January 1, 2026 (the “Effective Date”).

The NYLTA will require all limited liability companies (“LLCs”) either formed under New York law or foreign LLCs that seek to be authorized to do business in New York to submit certain beneficial ownership information to the New York Department of State. LLCs will be required to disclose their beneficial owners unless the LLC qualifies for an exemption from the requirements. New York LLCs and foreign LLCs registered to do business in New York should evaluate their structure with counsel that is familiar with the NYLTA (and the federal Corporate Transparency Act (the “CTA”)) to determine whether they will have a filing obligation under the new law.

For New York LLCs formed on or prior to the Effective Date, and foreign LLCs authorized to do business in New York on or prior to the Effective Date, the deadline to file the required beneficial ownership report or the statement specifying the applicable exemptions(s) from the filing requirement is January 1, 2027. For New York LLCs formed after the Effective Date, and foreign LLCs authorized in New York after the Effective Date, the NYLTA will require that beneficial ownership information be submitted within thirty days of filing the articles of organization for an LLC formed under New York law or the initial application for registration filed by a foreign LLC. Thereafter, the NYLTA (as amended) imposes an ongoing requirement to file an annual statement with the New York Department of State confirming or updating (1) the beneficial ownership disclosure information; (2) the street address of the entity’s principal executive office; (3) status as an exempt company, if applicable; and (4) such other information as may be designated by the New York Department of State.

The definitions of important terms such as “exempt company,” “reporting company,” “applicant,” and “beneficial owner” used in the NYLTA refer to the equivalent definitions in the CTA but are limited in application only to LLCs. Correspondingly, the NYLTA shares the same 23 exemptions from the reporting requirements as the CTA. If an LLC falls within one or more of the available exemptions, however, in a departure from the CTA, the NYLTA requires the entity to submit a statement attested to under penalty of perjury indicating the specific exemption(s) for which the LLC qualifies.

Potential penalties for failing to comply with the NYLTA include monetary penalties of $500 for every day that a required filing under the NYLTA is past due, as well as a potential suspension or cancellation of an LLC.

The amendments to the NYLTA also provide that the beneficial ownership information relating to natural persons will be deemed confidential except (1) by written consent of or request by the beneficial owner of the LLC; (2) by court order; (3) to federal, state, or local government agencies performing official duties as required by statute; or (4) for a valid law enforcement purpose. This is in contrast to the original New York statute, which provided for beneficial ownership information to be made publicly available in a searchable database.

© 2024 Blank Rome LLP
For more news on the New York LLC Transparency Act, visit the NLR Corporate & Business Organizations section.

Will Hemp Save the World, Before the Government Kills It?

There is a great line in the wonderful film Charlie Wilson’s War, where Charlie Wilson (played remarkably by the inimitable Tom Hanks) describes the successful, if relatively covert, involvement of the United States government in the Soviet-Afghan War: “These things happened. They were glorious and they changed the world… and then we f***d up the endgame.”

With the next Farm Bill somewhere on the horizon, I believe we are approaching a similar moment for the future of hemp. I believe the future of hemp is glorious and that it can change the world. What will we do to the endgame?

This is an analysis about the current state of hemp and whether that industry will revolutionize the world before the government relegates it back to the ash heap of history. It just so happens to dovetail with my personal experience representing clients in connection with the hemp business.

In the Beginning…

Back in the “stone age” (circa 2017) when I decided I wanted to be a cannabis lawyer, I began with a focus on hemp. [As a brief aside, telling people in Alabama you practice cannabis law in 2017 must have been what Noah felt like when he was telling people it was about to start raining.]

The 2014 Farm Bill, which for the first time legalized “industrial hemp” as distinct from marijuana under the Controlled Substances Act and allowed state agricultural departments and universities to license the production of hemp, cracked the door for a nascent and limited hemp market, and it was a remarkable time to advise new hemp operators and investors about how to maximize this opportunity within the contours of the law.

At the same time, I was regularly receiving calls from existing clients, colleagues within the firm, and strangers about how their non-cannabis companies should conduct themselves when approached by hemp companies who wanted to do business with them. The latter category included banks, insurance companies, real estate companies, and myriad companies who had questions about how their employees’ use of hemp interplayed with the companies’ existing drug testing policies. Most of the time the companies were reluctant to have anything to do with hemp, but the conversations were interesting, and it was clear that most companies realized the landscape was changing. It was the Wild West, and I was having a ball.

Rocket Fuel

Enter the 2018 Farm Bill and the explosion of the hemp industry. The 2018 Farm Bill dropped the word “industrial” and defined “hemp” as:

the plant Cannabis sativa L. and any part of that plant, including the seeds thereof and all derivatives, extracts, cannabinoids, isomers, acids, salts, and salts of isomers, whether growing or not, with a delta-9 tetrahydrocannabinol concentration of not more than 0.3 percent on a dry weight basis.

In addition to removing the limitations from the 2014 Farm Bill licensing, the 2018 Farm Bill also moved oversight authority from the Department of Justice and DEA to the USDA and FDA.

The 2018 Farm Bill was a tectonic shift, and we recognized the new regime’s potential almost immediately, predicting the following:

  • Increased “smart” money and research. Because hemp has been a Schedule I substance along with marijuana for decades, many sophisticated sources of funding have abstained from financing the industry. This placed hemp at a competitive disadvantage to other commodities and prevented hemp from reaching its full potential. Now that hemp can be manufactured and sold without substantial legal risks, look for the money to flow toward this underserved sector. Publicly traded companies, private equity firms, venture capitalists and other investment groups will all take significant stakes in both the manufacturing and selling of hemp and hemp-derived products. In addition to traditional commercial development efforts, much of this cash is likely to be spent to hire top researchers to develop proprietary strands of hemp to meet a range of product applications and to take steps to protect the resulting intellectual property.
  • Explosion of hemp and hemp-derived products. Fueled in large part by this injection of financing from sophisticated investors, there is likely to be an explosion in the ways that hemp is used. Hemp already has hundreds — if not thousands — of known uses, and that number should grow substantially once the industry is exposed to the market forces that come with smart money and increased research. The biggest winner may be the hemp-derived CBD business. Hemp-derived CBD is a compound believed to have significant therapeutic benefits without an appreciable psychoactive component. The Washington Post has reported that “dozens of studies have found evidence that [CBD] can treat epilepsy as well as a range of other illnesses, including anxiety, schizophrenia, heart disease, and cancer.” One industry analysis predicts that the hemp-CBD market alone could hit $22 billion by 2022. The health and wellness sector should see particular hemp-related activity and growth in the coming years.
  • Increased ancillary services provided to hemp-related businesses. Because hemp has been included within the definition of marijuana under federal law for decades, most banks, law firms and other service providers have avoided providing services to hemp businesses to avoid the risk of charges of money laundering or conspiring to violate state and federal drug laws. The absence of such service providers has fostered a great deal of uncertainty in an area where certainty and clarity have been sorely needed. With hemp’s new legal status, look for professional service providers to enter the market in 2019 and beyond. Of course, entities looking to provide services to hemp-related businesses should take adequate precautions to ensure those businesses are only producing federally legal hemp.
  • Consolidation and integration. An interesting phenomenon in “legal” marijuana states has been the rapid consolidation and integration of marijuana growers, processors and dispensaries. Some states have mandated vertical integration (e.g., the growers are the sellers) through regulation. And a number of large cannabis companies have acquired grow operations or multi-unit dispensaries rather than establish a cannabis presence in a state from scratch. The hemp industry is likely to follow a similar path, both through government regulation and because larger companies are likely to seek to obtain sufficient quantities of hemp through consolidation and vertical integration. Accordingly, attorneys and investors should anticipate significant merger and acquisition activity in the coming years.
  • Federal regulations and state regimes. The 2018 Farm Bill does not create an entirely unregulated playing field for hemp. Over the coming months, the U.S. Department of Agriculture and Food and Drug Administration will issue regulations implementing the 2018 Farm Bill. State governments will also unveil plans governing the testing, labeling and marketing of hemp-related products, as well as the licensing and monitoring of hemp-related businesses.

I’m proud to say that we were pretty much on the money with these projections, and countless studies and data confirm that hemp can be a viable product with countless form factors that help shape the global economy.

That is when I realized that I might be able to make a career as a cannabis lawyer.

The Good with the Bad

Of course, the development of the hemp industry has not been without controversy – in fact it may be the controversy that has spurred much of the development.

I would be lying to you if I told you that every hemp or hemp-derived product was designed with the best of intentions or contained appropriate mechanisms to ensure consumer safety. There are certainly hemp-derived products on the market that have not been subjected to sufficient product development and testing, and that are being marketed in ways that rightfully should concern policymakers and the public. Novel, psychoactive cannabinoids that fall within the bounds of the terms, if perhaps not the spirit, of the Farm Bill fill the shelves of stores around the country with little to no mechanisms for enforcement. That should change, and Americans should have confidence that the products made available to them are safe and effective.

In response to this proliferation, a number of states have enacted rules and regulations restricting the production and sale of certain hemp-derived cannabinoids. A number of those rules – for example, age and purity restrictions for psychoactive cannabinoids – seem well-intentioned, and we expect to see more of those unless and until the federal government takes further action.

On occasion, however, it appears that the motivations of policymakers may be less pure. It is no secret amongst those in the cannabis industry that marijuana licensees in states that have legalized marijuana are no fans of the unregulated hemp-derived psychoactive industry. After all, marijuana companies are subject to astronomical taxes and endure regulatory costs that make turning a profit far more difficult than if they were able to offer a product that offered a somewhat similar “high” without the institutional overhead and headwinds. Florida may be the clearest and most recent example. With adult-use marijuana widely expected to become law in Florida soon, the state legislature recently passed a law largely prohibiting delta-8 and delta-10.

On the other hand, it would be wrong, even lazy, to suggest that the development of hemp-based products has been without substantial benefits to society as a whole. Entrepreneurs are developing hemp-based substitutes for any number of the most common products used around the globe, meaning that the addressable market for hemp is everyone on earth and beyond.

A younger version of me once wrote, in comparing the addressable market for marijuana to that of hemp:

Hemp, on the other hand, has the potential to dwarf marijuana in the global market. Unlike its sister plant, hemp has the capacity to replace products we use every day without us even realizing it. For example, hemp can provide a substitute for concrete, plastic, fuel, automotive parts, clothes, etc. These are products nearly all consumers need but they neither realize nor care what the products are made of, as long as they work. In that way, while the market for marijuana is limited to consumers looking to purchase marijuana, the market for hemp includes anyone who purchases products that can be manufactured by hemp. In part for these reasons, experts predict four to five times growth in the industrial hemp market in the next five years.

I stand by those words. I am convinced that hemp can change the world.

But I am equally convinced that local, state, and federal governments can, without the appropriate consideration for hemp’s benefits, relegate the plant back to its prohibition era status and deny the world its many benefits. The policy choices made by state governments, and perhaps most importantly by the federal government during the next Farm Bill, could fundamentally alter the future of hemp. Will it be a soon-forgotten shooting star that dazzled the world for a decade and then burned out, or will we look back at the past decade as the renaissance of one of civilization’s oldest and most versatile plants?

Conclusion

I’ll end where I began because Philip Seymour Hoffman’s work is revered by the Budding Trends community (and anyone with taste), and because the film’s ominous conclusion is a message for anyone who wants to see the hemp industry thrive in the years ahead.

As Hanks’ character celebrates the Afghan defeat of the Soviets, the hardened CIA analyst played by Hoffman offers this parable:

On his sixteenth birthday the boy gets a horse as a present. All of the people in the village say, “Oh, how wonderful!”

The Zen master says, “We’ll see.”

One day, the boy is riding and gets thrown off the horse and hurts his leg. He’s no longer able to walk, so all of the villagers say, “How terrible!”

The Zen master says, “We’ll see.”

Some time passes and the village goes to war. All of the other young men get sent off to fight, but this boy can’t fight because his leg is messed up. All of the villagers say, “How wonderful!”

The Zen master says, “We’ll see.”

The message behind this story is pretty clear. We’re prone to jump to conclusions about whether something is “good” or “bad.” We are especially quick to label something as “bad.” The reality is that things can be either good or bad, both good and bad, or neither. When it comes to whether Congress and the states will recognize hemp’s great potential, I guess we’ll see.

© 2024 Bradley Arant Boult Cummings LLP
For more on Hemp, visit the NLR Biotech, Food, Drug section.

Federal Court Confirms Case Challenging Bank of America’s Fraudulent COVID Relief Program Can Proceed

In a significant step forward for consumer protection, the Northern District of California confirmed that claims that Bank of America’s (“BofA”) misled its customers with false promises to provide overdraft fee relief during the COVID-19 pandemic could proceed.

The litigation centers on allegations that BofA widely advertised a COVID-19 bank fee relief program to garner publicity and goodwill but, instead of honoring its promises, the Bank abruptly and quietly ended any relief just a few months into the raging pandemic. Instead of announcing the shutdown, BofA kept promoting the program when none existed. Plaintiffs and other Americans across the country, who were suffering significant financial hardship as a result of the pandemic, trusted the bank’s marketing, and incurred significant fees that the bank refused to waive.

Plaintiffs Anthony Ramirez, Mynor Villatoro Aldana, and Janet Hobson have lodged claims on behalf of a putative nationwide class and state subclasses. The Court’s denial of BofA’s motion to dismiss supports plaintiffs’ allegations that the bank’s continued advertisement of the defunct relief program was deceptive and unlawful, depriving consumers across the country of millions of dollars in promised fee refunds.

This decision bolsters consumer protection rights and reinforces the judiciary’s role in ensuring that big banks like BofA make good on their promises to financially struggling customers.

The case is Ramirez, et al. v. Bank of America, N.A., Case No.: 4:22-cv-00859-YGR in the United States District Court for the Northern District of California.

A copy of the order is available here.

© 2024 by Tycko & Zavareei LLP
For more news on BofA COVID-19 bank fee relief program litigation, visit the NLR Litigation / Trial Practice section.