With the 2024 election cycle underway, it is important for exempt organizations to understand and comply with relevant restrictions on political campaign activities to safeguard their tax-exempt status and avoid triggering excise tax penalties. This alert provides an overview of the political campaign rules applicable to exempt organizations and specifically highlights the restrictions on political campaign activities applicable to Section 501(c)(3), 501(c)(4), and 501(c)(6) organizations.
Restrictions on Political Activities
Exempt organizations are subject to certain restrictions regarding their participation in political campaign activities, and the amount of permissible participation is a key distinction between Section 501(c)(3), 501(c)(4), and 501(c)(6) organizations. To comply with these restrictions, an exempt organization must (1) know their specific tax-exempt status and the restrictions that apply to them, (2) understand what activities constitute political campaign activities, (3) avoid activities that violate the applicable restrictions, and (4) mitigate the risk that activities conducted by employees in their individual capacities are attributed to the organization.
Prohibited Political Campaign Intervention for Section 501(c)(3) Organizations
Section 501(c)(3) organizations are subject to an absolute prohibition on participation or intervention in political campaign activities. Organizations that violate this ban are subject to the revocation of their tax-exempt status and the imposition of excise tax penalties on both the organization itself and organization managers who approve expenditures used for impermissible political purposes. Therefore, Section 501(c)(3) organizations must avoid activities that violate the prohibition on political campaign intervention.
Prohibited political campaign intervention occurs when an exempt organization “participates in, or intervenes in” a “candidate’s” campaign for “public office” (Section 501(c)(3)).
The term “candidate” refers to any person who has declared an intent to run for national, state, or local office and likely includes incumbents until they announce an intention not to run. A candidate also includes individuals who have yet to declare an intention to run for public office, but whose potential candidacy generates significant public speculation. The term “public office” broadly refers to any national, state, or local elective office, as well as any elected position in a political party.
An organization is considered to “participate in, or intervene in” political campaign activity by making contributions to political campaign accounts or making public statements on behalf of the organization in favor of or in opposition to a candidate for public office. Specifically, the Internal Revenue Service (IRS) regulations define participation in a political campaign as “publication or distribution of written or printed statements or the making of oral statements on behalf of or in opposition to . . . a candidate” (Treas. Reg. § 1.501(c)(3)-1(c)(3)(iii)). The IRS regulations also note that political campaign intervention is not limited to these specified activities.
The IRS has interpreted prohibited political campaign intervention to include even some nonpartisan educational activities. For example, the IRS has ruled that an organization that was formed to promote public education violated the prohibition on political campaign activities when it announced the names of the school board candidates it considered most qualified following an objective review of the candidates’ qualifications (Rev. Rul. 67-71, 1967-1 C.B. 125).
These restrictions on political campaign activities do not extend to the officers, directors, or employees of a 501(c)(3) organization, provided they are acting in their individual capacities. It is particularly important, however, to mitigate the risk that any personal political activities conducted by officers, directors, or employees will be attributed to the organization. An exempt organization should ensure their employees do not use institutional resources to engage in personal political campaign activities or act in a manner that suggests they are speaking on behalf of the organization when engaged in campaign advocacy. Exempt organizations should adopt clear policies regarding political activities and institutional resources and communicate the importance of such policies to employees during an election year.
Permissible Political Activities
Some educational activities that are election-related are permissible, however, and will not be considered prohibited campaign intervention. In order to be considered “educational,” the activities must present “a sufficiently full and fair exposition of the pertinent facts” (Treas. Reg. § 1.501(c)(3)-1(d)(3)). The information presented must “permit an individual or the public to form an independent opinion or conclusion” and not be biased. Activities that satisfy this definition may be considered permissible educational activities rather than prohibited or restricted political activities.
The following types of educational activities, although election-related, are generally permissible:
Voter Registration: Voter registration drives are not considered political campaign activities if they are conducted in a nonpartisan and fair manner. An organization conducting the voter registration drive should not expressly advocate for or against any candidates or political parties as part of the voter registration. They also generally should not name candidates or provide their party affiliations. If any candidates are named, all candidates should be named. All persons interested in registering must also be permitted to register, regardless of their political preference or party affiliation.
Voter Education: Certain forms of voter education, such as the distribution of voter guides and voting records, may qualify as an educational activity provided the organization avoids editorial commentary and ensures the materials cover a broad range of issues. Organizations must not demonstrate a preference toward a certain candidate or only cover a narrow range of issues when engaging in voter education activities.
Candidate Debates and Forums: Providing a fair, neutral forum for candidate debates may qualify as an educational activity so long as the debate provides equal time to all qualified candidates. Organizations should be particularly careful to include all qualified candidates, cover a broad range of topics, have a nonpartisan group compose the questions, and clarify that the candidates’ views are not the views of the exempt organization. The moderator selected by the organization can ensure the candidates follow the ground rules for the debate, but they should not ask questions or comment on the candidate’s statement in a way the indicates support or opposition to the candidate or their positions.
Section 501(c)(4) Organizations
Section 501(c)(4) social welfare organizations have more latitude to engage in political campaign activities than Section 501(c)(3) organizations. Section 501(c)(4) organizations are not subject to an absolute ban on campaign intervention, but instead are permitted to engage in some limited political activities, provided they remain primarily engaged in social welfare activities. The IRS will compare an organization’s political activities and expenditures (plus its non-exempt activities) with its social welfare activities to determine whether the organization remains primarily engaged in promoting social welfare consistent with its tax-exempt status. Accordingly, Section 501(c)(4) organizations should maintain records to ensure they remain primarily engaged in social welfare activities during an election year. If a Section 501(c)(4) organization engages in political activities, it must also provide its members with a notice of how much of their dues were used towards political activities and determine the proxy tax on those expenditures. If member dues are used for political campaign activities, then a portion of the dues may not be a deductible business expense under Section 162.
Section 501(c)(6) Organizations
Business leagues described in Section 501(c)(6) are subject to the same less-stringent rules regarding political campaign activities as Section 501(c)(4) organizations. Section 501(c)(6) organizations may engage in some political activities on a limited basis, provided such political activities are not the organization’s primary activity. If a Section 501(c)(6) organization engages in political activities, it must also provide its members with a notice of how much of their dues were used towards political activities and determine the proxy tax on those expenditures. If member dues are used for political campaign activities, then a portion of the dues may not be a deductible business expense under Section 162.
Related Restrictions
The scope of this alert is limited to restrictions on political campaign activities under federal tax law. Exempt organizations are also subject to campaign finance restrictions and requirements by the Federal Election Commission, as well as rules regarding legislative or lobbying activities imposed by the IRS, the Lobbying Disclosure Act of 1995, and other federal, state, and local laws, which are beyond the scope of this alert.
Yesterday, with broad bipartisan support, the U.S. House of Representatives voted overwhelmingly (352-65) to support the Protecting Americans from Foreign Adversary Controlled Applications Act, designed to begin the process of banning TikTok’s use in the United States. This is music to my ears. See a previous blog post on this subject.
The Act would penalize app stores and web hosting services that host TikTok while it is owned by Chinese-based ByteDance. However, if the app is divested from ByteDance, the Act will allow use of TikTok in the U.S.
National security experts have warned legislators and the public about downloading and using TikTok as a national security threat. This threat manifests because the owner of ByteDance is required by Chinese law to share users’ data with the Chinese Communist government. When downloading the app, TikTok obtains access to users’ microphones, cameras, and location services, which is essentially spyware on over 170 million Americans’ every move, (dance or not).
Lawmakers are concerned about the detailed sharing of Americans’ data with one of its top adversaries and the ability of TikTok’s algorithms to influence and launch disinformation campaigns against the American people. The Act will make its way through the Senate, and if passed, President Biden has indicated that he will sign it. This is a big win for privacy and national security.
On March 6, 2024, the Securities and Exchange Commission (the “SEC”) adopted regulations[1] that will require public companies to file mandatory climate-related disclosures with the SEC beginning in 2026. First proposed in March 2022, the climate-related disclosure rules were finalized after consideration of over 24,000 comment letters and active lobbying of the SEC by business and public interest groups alike. These new rules are aimed at eliciting more consistent, comparable, and reliable information for investors to make informed decisions related to climate-related risks on current and potential investments.
The new rules require a registrant to disclose material climate-related risks and activities to mitigate or adapt to those risks; information about the registrant’s oversight of climate-related risks and management of those risks; and information on any climate-related targets or goals that are material to the registrant’s business, results of operations, or financial condition. In addition, these new rules require disclosure of Scope 1 and/or Scope 2 greenhouse gas (“GHG”) emissions with attestation by certain registrants when emissions are material; and disclosure of the financial effects of extreme weather events.
Unlike the initial proposal, the EU Climate Sustainability Reporting Directive (“CSRD”) and the California Climate Data Accountability Act, the new rules do not require disclosure of Scope 3 GHG emissions. The new rules require reporting based upon financial materiality, not the double-materiality (impact and financial) standard utilized by the EU under the CSRD. Whether registrants will ultimately be required to comply with the new rules depend upon the outcome of anticipated challenges, such as the challenge to the SEC’s authority to promulgate the rule filed in the Eleventh Circuit on March 6th by a coalition of ten states.
Highlights of the New Rule
In the adopting release, the SEC notes that companies are increasingly disclosing climate-related risks, whether in their SEC filings or via company websites, sustainability reports, or elsewhere; however, the content and location of such disclosures have been varied and inconsistent.[2] The new rules not only specify the content of required climate-related disclosures but also the presentation of such disclosures.
The new rules amend the SEC rules under the Securities Act of 1933 (“Securities Act”) and Securities Exchange Act of 1934 (“Exchange Act”), creating a new subpart 1500 of Regulation S-K and Article 14 of Regulation S-X. As a result, registrants, companies that are registered under the Exchange Act, will need to:
File climate-related disclosures with the SEC in their registration statements and Exchange Act annual reports;
Provide the required climate-related disclosures in either a separately captioned section of the registration statement or annual report, within another appropriate section of the filing, or the disclosures may be included by reference from another SEC filing so long as the disclosure meets the electronic tagging requirements; and
Electronically tag climate-related disclosures in Inline XBRL.
The rules require a registrant to disclose:
Climate-related risks that have had or are reasonably likely to have a material impact on the registrant’s business strategy, results of operations, or financial condition;
The actual and potential material impacts of any identified climate-related risks on the registrant’s strategy, business model, and outlook;
Specified disclosures regarding a registrant’s activities, if any, to mitigate or adapt to a material climate-related risk including the use, if any, of transition plans, scenario analysis, or internal carbon prices;
Any oversight by the board of directors of climate-related risks and any role by management in assessing and managing the registrant’s material climate-related risks;
Any processes the registrant has for identifying, assessing, and managing material climate-related risks and, if the registrant is managing those risks, whether and how any such processes are integrated into the registrant’s overall risk management system or processes;
Information about a registrant’s climate-related targets or goals, if any, that have materially affected or are reasonably likely to materially affect the registrant’s business, results of operations, or financial condition. Disclosures would include material expenditures and material impacts on financial estimates and assumptions as a direct result of the target or goal or actions taken to make progress toward meeting such target or goal;
For large accelerated filers (“LAFs”) and accelerated filers (“AFs”) that are not otherwise exempted, information about material Scope 1 emissions and/or Scope 2 emissions;
For those required to disclose Scope 1 and/or Scope 2 emissions, an assurance report at the limited assurance level, which, for an LAF, following an additional transition period, will be at the reasonable assurance level;
The capitalized costs, expenditures expensed, charges, and losses incurred as a result of severe weather events and other natural conditions, such as hurricanes, tornadoes, flooding, drought, wildfires, extreme temperatures, and sea level rise, subject to applicable one percent and de minimis disclosure thresholds, disclosed in a note to the financial statements;
The capitalized costs, expenditures expensed, and losses related to carbon offsets and renewable energy credits or certificates (“RECs”) if used as a material component of a registrant’s plans to achieve its disclosed climate-related targets or goals, disclosed in a note to the financial statements; and
If the estimates and assumptions a registrant uses to produce the financial statements were materially impacted by risks and uncertainties associated with severe weather events and other natural conditions or any disclosed climate-related targets or transition plans, a qualitative description of how the development of such estimates and assumptions was impacted, disclosed in a note to the financial statements.
Highlights of what did not get adopted
In its adopting release, the SEC described various modifications it made to its March 2022 proposed rules. The SEC explained that it made many of these changes in response to various comment letters it received. Some of the proposed rules that did not get adopted are:[3]
The SEC eliminated the proposed requirement to provide Scope 3 emissions disclosure.
The adopted rules in many instances now qualify the requirements to provide certain climate-related disclosures based on materiality.
The SEC eliminated the proposed requirement for all registrants to disclose Scope 1 and Scope 2 emissions in favor of requiring such disclosure only by large accelerated filers and accelerated filers on a phased in basis and only when those emissions are material and with the option to provide the disclosure on a delayed basis.
The SEC also exempted emerging growth companies and smaller reporting companies from the Scope 1 and Scope 2 disclosure requirement.
The SEC modified the proposed assurance requirement covering Scope 1 and Scope 2 emissions for accelerated filers and large accelerated filers by extending the reasonable assurance phase in period for LAFs and requiring only limited assurance for AFs.
The SEC eliminated the proposed requirements for registrants to disclose their GHG emissions in terms of intensity.[4]
The SEC removed the requirement to disclose the impact of severe weather events and other natural conditions and transition activities on each line item of a registrant’s financial statements. The SEC now requires disclosure of financial statement effects on capitalized costs, expenditures, charges, and losses incurred as a result of severe weather events and other natural conditions in the notes to the financial statements.
The adopted rules are less prescriptive than certain of those that were proposed. For example, the former now exclude in Item 1502(a) of Regulation S-K negative climate-related impacts on a registrant’s value chain from the definition of climate-related risks required to be disclosed. Similarly, this definition no longer includes acute or chronic risks to the operations of companies with which a registrant does business. Also, Item 1501(a) as adopted omits the originally proposed requirement for registrants to disclose (a) the identity of board members responsible for climate-risk oversight, (b) any board expertise in climate-related risks, (c) the frequency of board briefings on such risks, and (d) the details on the board’s establishment of climate-related targets or goals. Along the same lines, Item 1503 as adopted requires disclosure of only those processes for the identification, assessment, and management of material climate-related risks as opposed to a broader universe of climate-related risks. The rule as adopted does not require disclosure of how the registrant (a) determines the significance of climate-related risks compared to other risks, (b) considers regulatory policies, such as GHG limits, when identifying climate-related risks, (c) considers changes to customers’ or counterparties’ preferences, technology, or market prices in assessing transition risk, and (d) determines the materiality of climate-related risks. In the same vein, the adopted rules, unlike the proposed rules, do not require disclosure of how the registrant determines how to mitigate any high priority risks. Nor do the new rules retain the proposed requirement for a registrant to disclose how any board or management committee responsible for assessing and managing climate-related risks interacts with the registrant’s board or management committee governing risks more generally.
The SEC eliminated the proposal to require a private company that is a party to a business combination transaction, as defined by Securities Act Rule 165(f), registered on Form S-4 or Form F-4, to provide the subpart 1500 and Article 14 disclosures.
Timing of Implementation
The new rules will become effective 60 days after publication in the Federal Register. Compliance with the rules will not be required until much later, however.
Consistent with its earlier proposal, and in response to comments that the SEC received concerning the timing of implementing the proposed rule, the new rules contain delayed and staggered compliance dates that vary according to the registrant’s filing status and the type of disclosure.
The below table from the SEC’s new release summarizes the phased-in implementation dates.[5]
FILING STATUS
Large Accelerated Filers (“LAFs”)—a group whom the SEC believed most likely to be already collecting and disclosing climate-related information—will be the first registrants required to comply with the rule. The earliest that an LAF would be required to comply with the climate-disclosure rules would be upon filing its Form 10-K for the fiscal year ended December 31, 2025, which would be due no later than March 2026.[6]
Accelerated Filers (“AFs”) are not required to comply with the new rules for yet another year after LAFs. Climate-related disclosures for AFs must be included upon filing a Form 10-K for the fiscal year ended December 31, 2026, due no later than March 2027. Smaller Reporting Companies (“SRCs”), Emerging Growth Companies (“EGCs”), and Non-Accelerated Filers (“NAFs”) have yet another year to meet the first compliance deadline for climate-related disclosures. These types of filers need not include their climate-related disclosures until filing their Form 10-Ks for the fiscal year ended December 31, 2027, which, again, would be due no later than March 2028.
TYPES OF DISCLOSURES
The new rules also phase in the requirements to include certain disclosures over time. The requirements to provide quantitative and qualitative disclosures concerning material expenditures and material impacts to financial estimates or assumptions under Items 1502(d)(2), 1502(e)(2), and 1504(c)(2) are not applicable until the fiscal year immediately following the fiscal year in which the registrant’s initial compliance is required. LAFs, for example, are not required to report these qualitative and quantitative disclosures until filing a Form 10-K for the fiscal year ended December 31, 2026, due in March 2027. That should be one year after an LAF files its first Form 10-K with climate-related disclosures. The SEC adopted this phased-in approach to respond to commentators’ concerns regarding the availability (or current lack thereof) of policies, processes, controls, and system solutions necessary to support these types of disclosures.
Likewise, the new rules provide for a further phased-in compliance date for those registrants required to report their Scope 1 and Scope 2 GHG emissions and an even later date for those filers to obtain limited or reasonable assurance for those emissions disclosures. An LAF, for example, is not required to disclose its Scope 1 and Scope 2 emissions until filing its Form 10-K for the fiscal year ended December 31, 2026, due in March 2027. And those disclosures would not be required to be subject to the limited-assurance or reasonable-assurance requirements until filing the Form 10-K for the year ended December 31, 2029 or December 31, 2033, respectively.
In accordance with the table above, AFs, SRCs, EGCs, and NAFs have even more time to meet these additional disclosure requirements, if they are required to meet them at all.
It should be noted that the SEC recognized that registrants may have difficulty in obtaining GHG emission metrics by the date their 10-K report would be due. As a result, the rule contains an accommodation for registrants required to disclose Scope 1 and Scope 2 emissions, allowing domestic registrants, for example, to file those disclosures in the Form 10-Q for the second fiscal quarter in the fiscal year immediately following the year to which the GHG emissions disclosure relates. This disclosure deadline is permanent and not for a transition period.
Liability for Non-Compliance
In the introduction to the adopting release, the SEC explains that requiring registrants to provide certain climate-related disclosures in their filings will, among other things, “subject them to enhanced liability that provides important investor protections by promoting the reliability of the disclosures.”[7] This enhanced liability stems from the treatment of the disclosures as “filed” rather than “furnished” for purposes of Exchange Action Section 18 and, if included or otherwise incorporated by reference into a Securities Act registration statement, Securities Act Section 11.[8] According to the SEC, “climate-related disclosures should be subject to the same liability as other important business or financial information” that registrants include in registration statements and periodic reports and, therefore, should be treated as filed disclosures.[9]
In an attempt to balance concerns about the complexities and evolving nature of climate data methodologies and increased litigation risk, the SEC, in the adopting release, emphasizes certain modifications made in the new rules including:
limiting the scope of the GHG emissions disclosure requirement;
revising several provisions regarding the impacts of climate-related risks on strategy, targets and goals, and financial statement effects so that registrants will be required to provide the disclosures only in certain circumstances, such as when material to the registrant; and
adopting a provision stating that disclosures (other than historic facts) provided pursuant to certain of the new subpart 1500 provisions of Regulation S-K constitute “forward-looking statements” for the purposes of the PSLRA safe harbors.[10]
Registrants are subject to liability under Securities Act Section 17(a), Exchange Act Section 10(b), and/or Rule 10b-5 for false or misleading material statements in the information disclosed pursuant to the new rules.[11]
Observations
Consistent with its recent trajectory, the SEC continues to be a kinder, gentler regulator on climate disclosure requirements. Although the new rules will apply broadly to publicly traded companies, their scope is less demanding than the requirements under recent similar laws enacted in California or the EU. Under the California Climate Corporate Data Accountability Act (the “CCDA”), companies with annual revenues in excess of $1 billion and “doing business in California”[12] will be required to publicly disclose Scope 1 and Scope 2 emissions beginning in 2026, and Scope 3 emissions beginning in 2027. And because the California law applies to all companies, not just those that are publicly traded, it is also more broadly applicable and will trigger assessments and compliance for companies that are not subject to the SEC’s rule. The CCDA is currently the subject of legal challenge that includes questions of whether the required disclosures violate the First Amendment right to free speech, as well as possible federal preemption. As a result, there is a chance that the CCDA may yet be diluted or found unconstitutional. But in light of the imminent timeline for compliance, many companies subject to the CCDA are already developing programs to facilitate and ensure timely compliance with the requirements.
Similarly, the EU has broader reporting obligations under the CSRD than the SEC’s new rules. Compliance with the CSRD is required for both public and private EU companies as well as for non-EU companies with certain net annual turnovers, certain values of assets, and a certain number of employees. Under the CSRD, companies must publish information across a wide spectrum of subjects, including emissions, energy use, diversity, labor rights, and governance. Initial reporting under the CSRD begins to phase-in in 2025.
A key takeaway here is that although the SEC rules may have taken a lighter approach to climate disclosures, many large companies are likely to be subject to more stringent requirements under either the CCDA or the EU CSRD. And as some companies begin to comply to provide this information and data, the market may drive demand and an expectation that other companies, not otherwise subject to these various reporting regimes, follow suit. While the SEC rules may be a slimmed down version of what could have been, it is likely that the trend toward transparency and disclosure will continue to be driven by other regulatory bodies and market forces alike.
[1] Securities and Exchange Commission, Final Rule The Enhancement and Standardization of Climate-Related Disclosures for Investors, 17 CFR 210, 229, 230, 232, 239, and 249, adopting release available at https://www.sec.gov/files/rules/final/2024/33-11275.pdf.
[2] Id. at 48.
[3] Id. at 31-33.
[4] Id. at 225.
[5] Id. at 589.
[6] The new rules’ compliance dates apply to annual reports and registration statements. But, in the case of registration statements, compliance is required beginning with any registration statement that is required to include financial information for the full fiscal year indicated in the table above.
[7] Id. at 13.
[8] Id. at 584. At a high level, Section 18 imposes liability for false and misleading statements with respect to any material fact in documents filed with the SEC under the Exchange Act and Section 11 imposes liability for material misstatements or omissions made in connection with registered offerings conducted under the Securities Act.
[9] Id.
[10] Id. at 803.
[11] Id.
[12] A term which is not defined in the law, but is likely intentionally very broad, and is expected to be interpreted in that way.
The Journal’s recent piece about managing employees with misperceptions about their employment self-worth reminds us once again why honest and timely performance feedback makes good business sense. I have written before about the benefit of candid performance reviews, even at the risk of hurt feelings. I have also defended performance evaluations as an important tool to mitigate potential liability for employment claims. The Journal’s piece states that nearly four in 10 employees who received the lowest grades from their managers last year rated themselves as highly valued by the organization based on almost two million assessments. If true, that represents an astounding disconnect between performance-related perception and reality.
Theory is one thing. Managers who are adept at giving feedback is another. While businesses are rightly focused on running the organization’s business, training managers how to deliver quality feedback is often assigned a low priority. Adding to that deficiency is the often unmet need for managers with the right EQ to deliver feedback. But despite those challenges, which exist even for employees who relish feedback, there are some important guidelines for managing employees with an inflated sense of employment worth. Here are a few suggestions for delivering feedback for performance-deniers, who clearly require a more exacting approach.
First, performance discussions (especially about the areas in which the employee is falling short) must be done regularly and ongoing, and especially promptly after an error or mistake is committed. Performance deniers will use a one-time annual review (even if negative) to point out the obvious: if they are falling so short, the manager would not have waited so long to deliver that message (and which, in their view, adds to the review’s inherent unreliability).
Second, managers should not shy away from a denier’s tendency to fight the feedback (they disagree with it, it is wrong, it is fake). Rather, managers should use the denier’s dispute to double down on feedback: the employee’s inability to accept criticism, consider it, and even hear it, are all key parts of an employee’s commitment to the organization to grow and do better. Growth requires introspection. The refusal to engage in that process is itself a performance deficiency.
Third, managers should not permit performance conversations to become a discussion about victimization, unfair treatment or perceived persecution (all of which may end up becoming a legal claim). Performance deniers are adept at deflecting: one key deflection is to blame others and make the discussion about things entirely outside performance parameters. Managers need to be empowered to insist on returning the feedback conversation back to the key and only focus: what is the employee doing well and how can (and must) the employee improve?
Finally, organizations need to assess the impact performance deniers have on employee morale. While not all employees will share the same perception, most people are aware when others aren’t pulling their weight – especially when they are tasked to pick up the pieces. Those on the downhill slope of these assignments – often the best performers because of the natural inclination to step up – may not stick around. The slippery slope here is clear and cluelessness at work is not a great look for the business or the employee.
In recent years, the Department of Justice (DOJ) has rolled out a significant and increasing number of carrots and sticks aimed at deterring and punishing white collar crime. Speaking at the American Bar Association White Collar Conference in San Francisco on March 7, Deputy Attorney General Lisa Monaco announced the latest: a pilot program to provide financial incentives for whistleblowers.
While the program is not yet fully developed, the premise is simple: if an individual helps DOJ discover significant corporate or financial misconduct, she could qualify to receive a portion of the resulting forfeiture, consistent with the following predicates:
The information must be truthful and not already known to the government.
The whistleblower must not have been involved in the criminal activity itself.
Payments are available only in cases where there is not an existing financial disclosure incentive.
Payments will be made only after all victims have been properly compensated.
Money Motivates
Harkening back to the “Wanted” posters of the Old West, Monaco observed that law enforcement has long offered rewards to incentivize tipsters. Since the passage of Dodd Frank almost 15 years ago, the SEC and CFTC have relied on whistleblower programs that have been incredibly successful. In 2023, the SEC received more than 18,000 whistleblower tips (almost 50 percent more than the previous record set in FY2022), and awarded nearly $600 million — the highest annual total by dollar value in the program’s history. Over the course of 2022 and 2023, the CFTC received more than 3,000 whistleblower tips and paid nearly $350 million in awards — including a record-breaking $200 million award to a single whistleblower. Programs at IRS and FinCEN have been similarly fruitful, as are qui tam actions for fraud against the government. But, Monaco acknowledged, those programs are by their very nature limited. Accordingly, DOJ’s program will fill in the gaps and address the full range of corporate and financial misconduct that the Department prosecutes. And though only time will tell, it seems likely that this program will generate a similarly large number of tips.
The Attorney General already has authority to pay awards for “information or assistance leading to civil or criminal forfeitures,” but it has never used that power in any systematic way. Now, DOJ plans to leverage that authority to offer financial incentives to those who (1) disclose truthful and new information regarding misconduct (2) in which they were not involved (3) where there is no existing financial disclosure incentive and (4) after all victims have been compensated. The Department has begun a 90-day policy sprint to develop and implement the program, with a formal start date later this year. Acting Assistant Attorney General Nicole Argentieri explained that, because the statutory authority is tied to the department’s forfeiture program, the Department’s Money Laundering and Asset Recovery Section will play a leading role in designing the program’s nuts and bolts, in close coordination with US Attorneys, the FBI and other DOJ offices.
Monaco spoke directly to potential whistleblowers, saying that while the Department will accept information about violations of any federal law, it is especially interested in information regarding
Criminal abuses of the US financial system;
Foreign corruption cases outside the jurisdiction of the SEC, including FCPA violations by non-issuers and violations of the recently enacted Foreign Extortion Prevention Act; and
Domestic corruption cases, especially involving illegal corporate payments to government officials.
Like the SEC and CFTC whistleblower programs, DOJ’s program will allow whistleblower awards only in cases involving penalties above a certain monetary threshold, but that threshold has yet to be determined.
Prior to Monaco’s announcement, the United States Attorney’s Office for the Southern District of New York launched its own pilot “whistleblower” program, which became effective February 13, 2024. Both the Department-wide pilot and the SDNY policy require that the government have been previously unaware of the misconduct, but they are different in a critical way: the Department-wide policy under development will explicitly apply only to reports by individuals who did not participate in the misconduct, while SDNY’s program offers incentives to “individual participants in certain non-violent offenses.” Thus, it appears that SDNY’s program is actually more akin to a VSD program, while DOJ’s Department-wide pilot program will target a new audience of potential whistleblowers.
Companies with an international footprint should also pay attention to non-US prosecutors. The new Director of the UK Serious Fraud Office recently announced that he would like to set up a similar program, no doubt noticing the effectiveness of current US programs.
Corporate Considerations
Though directed at whistleblowers, the pilot program is equally about incentivizing companies to voluntarily self-disclose misconduct in a timely manner. Absent aggravating factors, a qualifying VSD will result in a much more favorable resolution, including possibly avoiding a guilty plea and receiving a reduced financial penalty. But because the benefits under both programs only go to those who provide DOJ with new information, every day that a company sits on knowledge about misconduct is another day that a whistleblower might beat them to reporting that misconduct, and reaping the reward for doing so.
“When everyone needs to be first in the door, no one wants to be second,” Monaco said. “With these announcements, our message to whistleblowers is clear: the Department of Justice wants to hear from you. And to those considering a voluntary self-disclosure, our message is equally clear: knock on our door before we knock on yours.”
By providing a cash reward for whistleblowing to DOJ, this program may present challenges for companies’ efforts to operate and maintain and effective compliance program. Such rewards may encourage employees to report misconduct to DOJ instead of via internal channels, such as a compliance hotline, which can lead to compliance issues going undiagnosed or untreated — such as in circumstances where the DOJ is the only entity to receive the report but does not take any further action. Companies must therefore ensure that internal compliance and whistleblower systems are clear, easy to use, and effective — actually addressing the employee’s concerns and, to the extent possible, following up with the whistleblower to make sure they understand the company’s response.
If an employee does elect to provide information to DOJ, companies must ensure that they do not take any action that could be construed as interfering with the disclosure. Companies already face potential regulatory sanctions for restricting employees from reporting misconduct to the SEC. Though it is too early to know, it seems likely that DOJ will adopt a similar position, and a company’s interference with a whistleblower’s communications potentially could be deemed obstruction of justice.
A recent decision from a bankruptcy court in Delaware provides a cautionary tale about the risks of involuntary bankruptcy.
In the Delaware case, the debtor managed a group of investment funds. The business was all but defunct when several investors, dissatisfied with the debtor’s management, filed an involuntary Chapter 7 petition. They obtained an order for relief from the bankruptcy court, then removed the debtor as manager of the funds and inserted their hand-picked manager. So far, so good.
The debtor, who was not properly served with the involuntary petition and did not give the petition the attention it required, struck back and convinced the bankruptcy court to set aside the order for relief. The debtor then went after the involuntary petitioners for damages. After 8 years of litigation, the Delaware court awarded the debtor $740,000 in damages – all of it attributable to attorneys’ fees and costs.
If you file an involuntary petition and the bankruptcy court dismisses it, then a debtor can recover costs and reasonable attorneys’ fees. The legal fees include the amount necessary to defeat the involuntary filing. In addition, if the court finds that the petition was filed in bad faith, then the court also can enter judgment for all damages proximately caused by the filing and punitive damages. The Delaware court awarded the debtor $75,000 for defeating the involuntary petition.
The debtor also sought a judgment for attorneys’ fees in pursuit of damages for violating the automatic stay. The involuntary petitioners had replaced the debtor as manager without first obtaining leave from the court to do so. The investment fund was barely operating and had little income to support a claim for actual damages. Nevertheless, the Delaware court awarded $665,000 in attorneys’ fees related to litigating the automatic stay violation.
Because the debtor had no “actual” damages from the stay violation, the involuntary petitioners contended that the debtor was not entitled to recovery of attorneys’ fees. The Delaware court pointed out that “actual” damages (e.g., loss of business income) are not a prerequisite to the recovery of attorneys’ fees, much to the chagrin of the defendants. The court held that attorneys’ fees and costs are always “actual damages” in the context of a willful violation of the automatic stay.
The Delaware court also rejected defendants’ argument that the fee amount was “unreasonable” since there was no monetary injury to the business. In other words, the debtor should not have spent so much money on legal fees because it lost on its claim. The court held that defendants’ argument was made “with the benefit of hindsight” – at the end of litigation when the court had ruled, after an evidentiary trial, that debtor suffered no actual injury. The court pointed out that the debtor sought millions in damages for the loss of management’s fees, and even though the court rejected the claim after trial, it was not an unreasonable argument for the debtor to make. The court concluded that “the reasonableness of one’s conduct must be assessed at the time of the conduct and based on the information that was known or knowable at the time.”
The involuntary petitioners likely had sound reasons to want the debtor removed as fund manager. But by pursuing involuntary bankruptcy and losing, they ended up having to stroke a check to the debtor for over $700,000. Talk about adding insult to injury. The upshot is that involuntary bankruptcy is an extreme and risky action that should be a last-resort option undertaken with extreme caution.
On March 8, 2024, just days before it was set to take effect, U.S. District Judge J. Campbell Barker of the Eastern District of Texas vacated the National Labor Relations Board’s (“NLRB’s”) recent rule on determining the standard for joint-employer status.
The NLRB issued the ruleon October 26, 2023. It established a seven-factor analysis, under a two-step test, for determining joint employer status. Under the new standard, an entity may be considered a joint employer if each entity has an employment relationship with the same group of employees and the entities share or codetermine one or more of the employees’ essential terms and conditions of employment which are defined exclusively as:
Wages, benefits and other compensation;
Hours of working and scheduling;
The assignment of duties to be performed;
The supervision of the performance of duties;
Work rules and directions governing the manner, means and methods of the performance of duties and grounds for discipline;
The tenure of employment, including hiring and discharge; and
Working conditions related to the safety and health of employees.
Set to take effect on March 11, 2024, the NLRB’s decision would have rescinded the 2020 final rule which considered just the direct and immediate control one company exerts over the essential terms and conditions of employment of workers directly employed by another firm. The new rule would have expanded the types of control over job terms and conditions that can trigger a joint employer finding.
In the lawsuit, filed by the United States Chamber of Commerce and a coalition of business groups, the Chamber and coalition claimed that the NLRB’s rule is unlawful and should be struck down because it is arbitrary and capricious. Judge Barker agreed as he held that the NLRB’s new test is unlawfully broad because an entity could be deemed a joint employer simply by having the right to exercise indirect control over one essential term. Judge Barker faulted the design of the two-step test which says an entity must qualify as a common-law employer and must have control over at least one job term of the workers at issue to be considered a joint employer, finding that the test’s second part is always met whenever the first step is satisfied. The Court vacated the new standard and indicated it will issue a final judgment declaring the rule is unlawful.
The NLRB quickly responded to the Court’s ruling. In a statement on March 9, 2024 NLRB Chairman Lauren McFerran said the “District Court’s decision to vacate the Board’s rule is a disappointing setback but is not the last word on our efforts to return our joint-employer standard to the common law principles that have been endorsed by other courts.” According to the NLRB, the “Agency is reviewing the decision and actively considering next steps in this case.”
What Employers Need to Know
The legality of the NLRB’s joint-employer standard has been a contested issue since the October 2023 announcement. The rule will not go into effect as scheduled, but Judge Barker’s decision is unlikely to be the final word on the matter.
This is likely to be one of the most consequential rulemakings of Chairman Gary Gensler’s tenure given the prioritization of addressing climate change as a key pillar for the Biden administration. However, given the significant controversy associated with this rulemaking effort, the final rules are likely to face legal challenges and congressional oversight in the coming months. As such, it remains unclear at this point whether the final rules will survive the forthcoming scrutiny.
WHAT IS IN THE RULE?
According to the SEC’s fact sheet:
“The final rules would require a registrant to disclose, among other things: material climate-related risks; activities to mitigate or adapt to such risks; information about the registrant’s board of directors’ oversight of climate-related risks and management’s role in managing material climate-related risks; and information on any climate-related targets or goals that are material to the registrant’s business, results of operations, or financial condition.
Further, to facilitate investors’ assessment of certain climate-related risks, the final rules would require disclosure of Scope 1 and/or Scope 2 greenhouse gas (GHG) emissions on a phased-in basis by certain larger registrants when those emissions are material; the filing of an attestation report covering the required disclosure of such registrants’ Scope 1 and/or Scope 2 emissions, also on a phased-in basis; and disclosure of the financial statement effects of severe weather events and other natural conditions including, for example, costs and losses.
The final rules would include a phased-in compliance period for all registrants, with the compliance date dependent on the registrant’s filer status and the content of the disclosure.”
NEXT STEPS
The final rules are likely to face significant opposition, including legal challenges and congressional oversight. It is expected that there will be various lawsuits brought against the final rules, which are likely to receive support from several industry groups, or potentially GOP-led state attorneys general who have been active in litigating against environmental, social and governance (ESG) policies and regulations. It is also possible that the final rules could face criticism from some climate advocates that the SEC did not go far enough in its disclosure requirements.
Further, it is expected that the House Financial Services Committee (HFSC) will conduct oversight hearings, as well as introduce a resolution under the Congressional Review Act (CRA), to attempt to block the regulations from taking effect. HFSC Chairman Patrick McHenry (R-NC) indicated that the Oversight and Investigations Subcommittee will hold a field hearing on March 18 and the full Committee will convene a hearing on April 10 to discuss the potential implications of the rules. If a CRA resolution were to pass the House and garner sufficient support from moderate Democrats in the Senate to pass, it would likely be vetoed by President Biden.
Ultimately, the SEC climate risk disclosure rules are unlikely to significantly change the trajectory of corporate disclosures made by multinational companies based in the U.S., most of whom have already been making sustainability disclosures in accordance with the Financial Stability Board’s Task Force on Climate-Related Financial Disclosures. The ongoing problem for investors is that such disclosures are not standardized and therefore are not comparable. Consequently, many of these large issuers may continue to enhance their sustainability disclosures in accordance with standards issued by the International Sustainability Standards Board and the Global Reporting Initiative as an investor relations imperative notwithstanding the SEC’s timetable for implementation of these final rules.
A more detailed analysis of the SEC rules is forthcoming from our Corporate and Asset Management and Investment Funds practices in the coming days.
The EO and forthcoming regulations will impact the use of genomic data, biometric data, personal health care data, geolocation data, financial data and some other types of personally identifiable information. The administration is taking this extraordinary step in response to the national security risks posed by access to US persons’ sensitive data by countries of concern – data that could then be used to surveil, scam, blackmail and support counterintelligence efforts, or could be exploited by artificial intelligence (AI) or be used to further develop AI. The EO, however, does not call for restrictive personal data localization and aims to balance national security concerns against the free flow of commercial data and the open internet, consistent with protection of security, privacy and human rights.
The EO tasks the US Department of Justice (DOJ) to develop rules that will address these risks and provide an opportunity for businesses and other stakeholders, including labor and human rights organizations, to provide critical input to agency officials as they draft these regulations. The EO and forthcoming regulations will not screen individual transactions. Instead, they will establish general rules regarding specific categories of data, transactions and covered persons, and will prohibit and regulate certain high-risk categories of restricted data transactions. It is contemplated to include a licensing and advisory opinion regime. DOJ expects companies to develop and implement compliance procedures in response to the EO and subsequent implementing of rules. The adequacy of such compliance programs will be considered as part of any enforcement action – action that could include civil and criminal penalties. Companies should consider action today to evaluate risk, engage in the rulemaking process and set up compliance programs around their processing of sensitive data.
Companies across industries collect and store more sensitive consumer and user data today than ever before; data that is often obtained by data brokers and other third parties. Concerns have grown around perceived foreign adversaries and other bad actors using this highly sensitive data to track and identify US persons as potential targets for espionage or blackmail, including through the training and use of AI. The increasing availability and use of sensitive personal information digitally, in concert with increased access to high-performance computing and big data analytics, has raised additional concerns around the ability of adversaries to threaten individual privacy, as well as economic and national security. These concerns have only increased as governments around the world face the privacy challenges posed by increasingly powerful AI platforms.
The EO takes significant new steps to address these concerns by expanding the role of DOJ, led by the National Security Division, in regulating the use of legal mechanisms, including data brokerage, vendor and employment contracts and investment agreements, to obtain and exploit American data. The EO does not immediately establish new rules or requirements for protection of this data. It instead directs DOJ, in consultation with other agencies, to develop regulations – but these restrictions will not enter into effect until DOJ issues a final rule.
Broadly, the EO, among other things:
Directs DOJ to issue regulations to protect sensitive US data from exploitation due to large scale transfer to countries of concern, or certain related covered persons and to issue regulations to establish greater protection of sensitive government-related data
Directs DOJ and the Department of Homeland Security (DHS) to develop security standards to prevent commercial access to US sensitive personal data by countries of concern
Directs federal agencies to safeguard American health data from access by countries of concern through federal grants, contracts and awards
Also on February 28, DOJ issued an Advance Notice of Proposed Rulemaking (ANPRM), providing a critical first opportunity for stakeholders to understand how DOJ is initially contemplating this new national security regime and soliciting public comment on the draft framework.
According to a DOJ fact sheet, the ANPRM:
Preliminarily defines “countries of concern” to include China and Russia, among others
Focuses on six enumerated categories of sensitive personal data: (1) covered personal identifiers, (2) geolocation and related sensor data, (3) biometric identifiers, (4) human genomic data, (5) personal health data and (6) personal financial data
Establishes a bulk volume threshold for the regulation of general data transactions in the enumerated categories but will also regulate transactions in US government-related data regardless of the volume of a given transaction
Proposes a broad prohibition on two specific categories of data transactions between US persons and covered countries or persons – data brokerage transactions and genomic data transactions.
Contemplates restrictions on certain vendor agreements for goods and services, including cloud service agreements; employment agreements; and investment agreements. These cybersecurity requirements would be developed by DHS’s Cybersecurity and Infrastructure Agency and would focus on security requirements that would prevent access by countries of concern.
The ANPRM also proposes general and specific licensing processes that will give DOJ considerable flexibilities for certain categories of transactions and more narrow exceptions for specific transactions upon application by the parties involved. DOJ’s licensing decisions would be made in collaboration with DHS, the Department of State and the Department of Commerce. Companies and individuals contemplating data transactions will also be able to request advisory opinions from DOJ on the applicability of these regulations to specific transactions.
A White House fact sheet announcing these actions emphasized that they will be undertaken in a manner that does not hinder the “trusted free flow of data” that underlies US consumer, trade, economic and scientific relations with other countries. A DOJ fact sheet echoed this commitment to minimizing economic impacts by seeking to develop a program that is “carefully calibrated” and in line with “longstanding commitments to cross-border data flows.” As part of that effort, the ANPRM contemplates exemptions for four broad categories of data: (1) data incidental to financial services, payment processing and regulatory compliance; (2) ancillary business operations within multinational US companies, such as payroll or human resources; (3) activities of the US government and its contractors, employees and grantees; and (4) transactions otherwise required or authorized by federal law or international agreements.
Notably, Congress continues to debate a comprehensive Federal framework for data protection. In 2022, Congress stalled on the consideration of the American Data Privacy and Protection Act, a bipartisan bill introduced by House energy and commerce leadership. Subsequent efforts to move comprehensive data privacy legislation in Congress have seen little momentum but may gain new urgency in response to the EO.
The EO lays the foundation for what will become significant new restrictions on how companies gather, store and use sensitive personal data. Notably, the ANPRM also represents recognition by the White House and agency officials that they need input from business and other stakeholders to guide the draft regulations. Impacted companies must prepare to engage in the comment process and to develop clear compliance programs so they are ready when the final restrictions are implemented.
On March 6, 2024, the U.S. Food and Drug Administration (FDA) sent a letter to all cinnamon manufacturers, processors, distributors, and facility operators in the US, reminding them of the requirement to implement controls to prevent contamination from potential chemical hazards in food, including ground cinnamon products. The Agency also recommended the voluntary recall of certain ground cinnamon products sold by a number of brands at six different retail chains that were found to contain levels of lead.
This letter follows the recent incidents associated with certain cinnamon apple sauce pouches that resulted in lead poisoning in young children. As we have previously blogged, FDA’s investigation into the contaminated apple sauce pouches traced the contamination back to a manufacturer and cinnamon supplier in Ecuador.
FDA notified the distributors and manufacturers of products found to contain elevated levels of lead and recommended that the manufacturers voluntarily recall these products because prolonged exposure to them may be unsafe. The products were identified during an FDA-initiated sampling and testing effort to assess cinnamon sold across numerous retail stores. No illnesses or adverse events have been reported to date related to the ground cinnamon products listed in this news release, but the FDA is concerned that, because of the elevated lead levels in these products, continued and prolonged use of the products may be unsafe.
Since the issuance of the letter, recipient companies El Chilar and Raja Foods, as well as Stonewall Kitchen and Colonna, have issued voluntary recalls for some of their cinnamon products.
FDA continues to work with the Center for Disease Control and Prevention (CDC), as well as state and local partners, to investigate elevated lead and chromium levels in individuals with reported exposure to apple cinnamon fruit puree pouches.
