Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the login-customizer domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home1/natiopq9/public_html/wp-includes/functions.php on line 6131

Deprecated: Function WP_Dependencies->add_data() was called with an argument that is deprecated since version 6.9.0! IE conditional comments are ignored by all supported browsers. in /home1/natiopq9/public_html/wp-includes/functions.php on line 6131

Deprecated: Function WP_Dependencies->add_data() was called with an argument that is deprecated since version 6.9.0! IE conditional comments are ignored by all supported browsers. in /home1/natiopq9/public_html/wp-includes/functions.php on line 6131
Financial Services Law Archives - Page 16 of 41 - The National Law Forum

Category: Financial Services Law

NCUA Issues New Guidance to Credit Unions Which Permits Hemp Banking

On August 19, 2019, the chairman of the National Credit Union Association issued a letter with guidance to all credit unions.  Prior to August 19, hemp businesses had difficulty locating banks or other entities that would permit them to conduct normal merchant banking activities. That issue has, in part, been addressed by this letter of guidance. Questions remain, however, regarding many merchant services and whether FinCEN will issue a similar guidance.  In either event, banks or credit unions that bank with hemp businesses have numerous compliance obligations under the Bank Secrecy Act (BSA) and Anti-Money Laundering Act (AML).  It is important to make your banking institution aware of your business purpose to avoid the Suspicious Activity Reports (SAR) that could negatively impact your business operations.

According to Chairman Hood, “Credit unions need to be aware of the Federal, State and Indian Tribe laws and regulations that apply to any hemp-related businesses they serve. Credit unions that choose to serve hemp-related businesses in their field of membership need to understand the complexities and risks involved.

While it is generally a credit union’s business decision as to the types of permissible services and accounts to offer, credit unions must have a Bank Secrecy Act (BSA) and Anti-Money Laundering (AML) compliance program commensurate with the level of complexity and risks involved. In particular, credit unions need to incorporate the following into their BSA/AML policies, procedures, and systems:

  • Credit unions need to maintain appropriate due diligence procedures for hemp-related accounts and comply with BSA and AML requirements to file Suspicious Activity Reports (SARs) for any activity that appears to involve potential money laundering or illegal or suspicious activity. It is the NCUA’s understanding that SARs are not required to be filed for the activity of hemp-related businesses operating lawfully, provided the activity is not unusual for that business. Credit unions need to remain alert to any indication an account owner is involved in illicit activity or engaging in activity that is unusual for the business.

  • If a credit union serves hemp-related businesses lawfully operating under the 2014 Farm Bill pilot provisions, it is essential the credit union knows the state’s laws, regulations, and agreements under which each member that is a hemp-related business operates. For example, a credit union needs to know how to verify the member is part of the pilot program.  Credit unions also need to know how to adapt their ongoing due diligence and reporting approaches to any risks specific to participants in the pilot program.

  • When deciding whether to serve hemp-related businesses that may already be able to operate lawfully–those not dependent on the forthcoming USDA regulations and guidelines for hemp production–the credit union needs to first be familiar with any other federal and state laws and regulations that prohibit, restrict, or otherwise govern these businesses and their activity.  For example, a credit union needs to know if the business and the product(s) is lawful under federal and state law, and any relevant restrictions or requirements under which the business must operate.

https://www.ncua.gov/newsroom/press-release/2019/ncua-releases-interim-guidance-serving-hemp-businesses

As the regulatory entities work through the changes in federal law, new rules and regulations are inevitable.  FinCEN, the FDA and TTB are expected to issue new regulations, although they do not appear to be on the horizon any time soon.  The SAFE Banking Act, STATE’s Act and other new federal legislation remain held up in committee.

© 2019 Dinsmore & Shohl LLP. All rights reserved.

For more on finance regulations, see the National Law Review Financial Institutions & Banking law page.

What Investors Need to Know About the New $6.2 Billion Visa, Mastercard Settlement

Visa, Inc., Mastercard, Inc., and other financial institutions have agreed to pay merchants between $5.56 billion and $6.26 billion to settle a 13-year old antitrust litigation. For years, the case has driven shrewd investors to transact with retailers seeking to monetize their claims against the card companies. With a much-anticipated settlement now on the table, would-be investors should take note.

On September 18, an amended settlement agreement (the “Settlement”) was filed in the US District Court for the Eastern District of New York. The Settlement signals possible resolution of a long-standing lawsuit brought in 2005 by approximately 12 million retailers accusing Visa and Mastercard of improperly inflating interchange fees (also known as swipe fees) charged to retailers. The Settlement modifies a prior settlement agreement approved by the District Court in December 2013.1

The agreement, reached after a year of active mediation, seeks to remedy the flaws of the prior agreement. Notably, the Settlement limits both the scope and duration of the release. Additionally, it addresses only monetary damages associated with the lawsuit and is not contingent on the resolution of injunctive relief claims, which may be pursued separately.

Under the Settlement, the value of a merchant’s claim will be based on the amount of interchange fees attributable to that merchant’s Mastercard and Visa payment card transactions during the time period beginning January 1, 2004 up until the preliminary approval date of the Settlement. Pro rata payments to merchants who file valid claims will be determined by the amount remaining in the monetary fund after deductions for “opt outs” (as described below) and administrative costs, and by the aggregate dollar amount of claims filed.2

Similar to the prior agreement, the Settlement provides that the monetary fund may be reduced based on the number of merchants that opt out of the class. Up to $700 million may be returned to the defendants if more than 15 percent of the merchants opt out. If more than 25 percent of merchants opt out, the Settlement may be terminated.

The Settlement is still subject to approval by US District Judge Margo Brodie. If the Court grants preliminary approval, known class members will receive written notice concerning their legal rights. Claim forms are not available at this time.

Katten will keep you apprised of settlement developments and trading considerations. The case is In re Payment Card Interchange Fee and Merchant Discount Antitrust Litigation, case number 1:05-md-01720, in the US District Court for the Eastern District of New York.

1 In June 2016, the US Court of Appeals for the Second Circuit invalidated the original settlement on the grounds that certain merchants were not adequately represented because the same counsel had represented separate settlement classes with conflicting interests. The Court of Appeals also took issue with the broad release that would preclude merchants from pursuing certain future claims indefinitely. In March 2017, the Supreme Court declined to hear the case, remanding it back to the District Court for further proceedings.

2 The original settlement of $7.25 billion was, at the time, the largest in history. However, thousands of merchants ultimately opted out, reducing the monetary fund to approximately $5.3 billion.

©2018 Katten Muchin Rosenman LLP

Proposed House Bill Would Set National Data Security Standards for Financial Services Industry

A new bill introduced by House Financial Services subcommittee Chairman Rep. Blaine Luetkemeyer would significantly change data security and breach notification standards for the financial services and insurance industries. Most notably, the proposed legislation would create a national standard for data security and breach notification and preempt all current state law on the matter.

Breach Notification Standard

The Gramm-Leach-Bliley Act (GLBA) currently requires covered entities to establish appropriate safeguards to ensure the security and confidentiality of customer records and information and to protect those records against unauthorized access to or use. The proposed House bill would amend and expand  GLBA to mandate notification to customers “in the event of unauthorized access that is reasonably likely to result in identify theft, fraud, or economic loss.”

To codify breach notification at the national level, the proposed legislation requires all GLBA covered entities to adopt and implement the breach notification standards promulgated by the Comptroller of the Currency, the Board of Governors of the Federal Reserve System, the Federal Deposit Insurance Corporation, and the Office of Thrift Supervisor in its  Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice. This guidance details the requirements for notification to individuals in the event of unauthorized access to sensitive information that has or is reasonably likely to result in misuse of that information, including timing and content of the notification.

While the Interagency Guidance was drafted specifically for the banking sector, the proposed legislation also covers insurance providers, investment companies, securities brokers and dealers, and all businesses “significantly engaged” in providing financial products or services.

If enacted, this legislation will preempt all laws, rules, and regulations in the financial services and insurance industries with respect to data security and breach notification.

Cohesiveness in the Insurance Industry

The proposed legislation provides uniform reporting obligations for covered entities – a benefit particularly for insurance companies who currently must navigate a maze of something conflicting state law breach notification standards. Under the proposed legislation, an assuming insurer need only notify the state insurance authority in the state in which it is domiciled. The proposed legislation also requires the insurance industry to adopt new codified standards for data security.

To ensure consistency throughout the insurance industry, the proposed legislation also prohibits states from imposing any data security requirement in addition to or different from the standards GLBA or the Interagency Guidance.

If enacted, this proposed legislation will substantially change the data security and breach notification landscape for the financial services and insurance industries. Entities within these industries should keep a careful eye on this legislation and proactively consider how these proposed revisions may impact their current policies and procedures.

 

Copyright © by Ballard Spahr LLP

CMS Proposes to Overhaul the Medicare Shared Savings Program

On August 9, 2018, the Centers for Medicare and Medicaid Services (CMS) issued a proposed rule to overhaul the Medicare Shared Savings Program (MSSP). The proposal, titled “Pathways to Success,” would make significant changes to the accountable care organization (ACO) model at the heart of the program. The proposed changes include a restructuring of the current ACO risk tracks, updating spending benchmarks, increased ACO flexibility to provide care, as well as changes to the electronic health records requirements for ACO practitioners.

Background

There are currently 561 Shared Savings Program ACOs serving over 10.5 million Medicare fee-for-service (FFS) beneficiaries. Under the MSSP, ACOs are assessed based on quality and outcome measures, and by comparing their overall health care spending to a historical benchmark. ACOs receive a share of any savings under the historical benchmark if they meet the quality performance requirements.

Currently, the MSSP allows ACOs to participate in one of three “tracks.” Track 1 is a “one-sided” model, meaning that participating ACOs share in their savings, but are not required to pay back spending over the historical benchmark. Track 2 and Track 3 are “two-sided” models, meaning that participating ACOs share in a larger portion of any savings under their benchmark, but may also be required to share losses if spending exceeds the benchmark. Currently, the vast majority of ACOs participate in Track 1.

Restructuring the Tracks

CMS proposes retiring Track 1 and Track 2, creating a BASIC track, and renaming Track 3 the ENHANCED Track. CMS describes the BASIC track as a “glide path” that will help ACOs transition to higher levels of risk and potential reward.  To that end, the BASIC track contains five levels that ACOs would transition through over the course of a five year contract period, spending a maximum of one year at each level. The first two years would involve upside-only risk, with a transition to increasing levels of financial risk in the remaining three years. Current Track 1 ACOs will be limited to one-year of upside-only participation before taking on downside risk. This is a substantial acceleration from the current Track 1 Model, which permits ACOs to avoid downside risk for up to six years.

Finally, the proposed rule draws a distinction between low revenue ACOs and high revenue ACOs. Low revenue ACOs (typically composed of rural ACOs and physician practices) would be permitted to spend two 5-year contract periods on the BASIC track. High revenue ACOs (typically composed of hospitals) would be permitted only one 5-year contract period on the Basic track.

Source: Proposed Rule: Medicare Program; Medicare Shared Savings Program; Accountable Care Organizations–Pathways to Success

Updating the Historical Spending Benchmarks

Every year, an ACO’s spending is comparing to its historical benchmark to determine the ACO’s participation in any shared savings or losses. Under the proposed rule, the benchmark methodology will incorporate regional FFS expenditures beginning in the first contract period. Also, the historical benchmark will be rebased at the beginning of each 5-year contract period. Adjustments to the benchmark related to regional expenditures will be capped at 5% of the national Medicare FFS per capita expenditure. According to CMS, these changes will improve the predictability of historical benchmark setting and increase the opportunity for ACOs to achieve savings against the historical benchmark.

Expanding ACO Flexibility in Beneficiary Care

The proposed rule contains several changes to the MSSP aimed at increasing the flexibility of ACOs to provide cost-effective care to their assigned beneficiaries. For example, to support the ACO’s coordination of care across health care settings, ACOs will be eligible to receive payment for telehealth services furnished to prospectively assigned beneficiaries even when they would otherwise be prohibited based on geographic prerequisites. The proposed rule also expands the Skilled Nursing Facility (SNF) 3-Day Rule Waiver to all ACOs in two-sided models. This waiver permits Medicare coverage of certain SNF services that are not preceded by a qualifying 3-day inpatient hospital stay.

Finally, the proposed rule permits ACOs in two-sided models to reward beneficiaries with incentive payments of up to $20 for primary care services received from ACO professionals, Federally Qualified Health Centers, or Rural Health Clinics.

Changing Electronic Health Record Requirements

Currently, one of the quality measures for which ACOs are assessed relates to the percentage of participating primary care providers that successfully demonstrate meaningful use of an electronic health records system for each year of participation in the program. The proposed rule eliminates this measure. Instead, CMS proposes to adopt an “interoperability criterion” that assesses the use of certified electronic health record technology for initial program participation and as part of each ACO’s annual certification of compliance with program requirements.

Commentary

CMS’s proposal is not surprising in light of CMS Administrator Seema Verma’s recent comments about upside-only ACOs. At an American Hospital Association annual membership meeting this past spring, Administrator Verma is quoted as saying:

[T]he majority of ACOs, while receiving many waivers of federal rules and requirements, have yet to move to any downside risk.  And even more concerning, these ACOs are increasing Medicare spending, and the presence of these ‘upside-only’ tracks may be encouraging consolidation in the market place, reducing competition and choice for our beneficiaries.  While we understand that systems need time to adjust, our system cannot afford to continue with models that are not producing results.

Though the rule is only a proposal at this time, the above comments illustrate that CMS is serious about requiring providers to be more financially accountable for the care of their patients. And the agency is clear-eyed about the short-term impact of the proposal, estimating that more than 100 ACOs will exit the MSSP over the next 10 years if the proposal is finalized.  The agency nevertheless believes that the new program would be attractive to providers due to its simplicity (as compared to the current program) and the new opportunity it offers clinicians to qualify as participating in an Advanced Alternative Payment Model (APM) when they reach year 5 of the BASIC track. APMs are an important concept under the Quality Payment Program (QPP) that was ushered in by the Medicare Access and CHIP Reauthorization Act of 2015. Clinicians participating in an Advanced APM are exempt from reporting under the QPP’s Merit-based Incentive Payment System (MIPS) and are eligible for certain financial incentives. The fates of the MSSP and the QPP are thus intertwined, and the co-evolution of the programs is at a critical stage, especially in light of CMS’s July release of a proposed rule modifying the QPP. We will continue to report on the developments of both of these programs.

 

©1994-2018 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

Treasury Releases Report on Nonbank Institutions, Fintech, and Innovation

On July 31, 2018, the U.S. Department of the Treasury released a reportidentifying numerous recommendations intended to promote constructive activities by nonbank financial institutions, embrace financial technology (“fintech”), and encourage innovation.

This is the fourth and final report issued by Treasury pursuant to Executive Order 13772, which established certain Core Principles designed to inform the manner in which the Trump Administration regulates the U.S. financial system.  Among other things, the Core Principles include:  (i) empower Americans to make independent financial decisions and informed choices; (ii) prevent taxpayer-funded bailouts; (iii) foster economic growth and vibrant financial markets through more rigorous regulatory impact analysis; (iv) make regulation efficient, effective, and appropriately tailored; and (v) restore public accountability within federal financial regulatory agencies and rationalize the federal financial regulatory framework.

Treasury’s lengthy report contains over 80 recommendations, which are summarized in an appendix to the report.  The recommendations generally fall into four categories:  (i) adapting regulatory approaches to promote the efficient and responsible aggregation, sharing, and use of consumer financial data and the development of key competitive technologies; (ii) aligning the regulatory environment to combat unnecessary regulatory fragmentation and account for new fintech business models; (iii) updating a range of activity-specific regulations to accommodate technological advances and products and services offered by nonbank firms; and (iv) facilitating experimentation in the financial sector.

Some notable recommendations include:

Embracing Digitization, Data, and Technology

  • TCPA Revisions: Recommending that Congress and the Federal Communications Commission amend or provide guidance on the Telephone Consumer Protection Act to address unwanted calls and revocation of consent.

  • Consumer Access to Financial Data: Recommending that the Bureau of Consumer Financial Protection (“BCFP”) develop best practices or principles-based rules to promote consumer access to financial data through data aggregators and other third parties.

  • Data Aggregation: Recommending that various agencies eliminate legal and regulatory uncertainties so that data aggregators can move away from screen scraping to more secure and efficient methods of access.

  • Data Security and Breach Notification:  Recommending that Congress enact a federal data security and breach notification law to protect consumer financial data and notify consumers of a breach in a timely manner, with uniform national standards that preempt state laws.

  • Digital Legal Identity:  Recommending efforts by financial regulators and the Office of Management and Budget to enhance public-private partnerships that facilitate the adoption of trustworthy digital legal identity products and services and support full implementation of a U.S. government federated digital identity system.

  • Cloud Technologies, Artificial Intelligence, and Financial Services:  Recommending that regulators modernize regulations and guidance to avoid imposing obstacles on the use of cloud computing, artificial intelligence, and machine learning technologies in financial services, and to provide greater regulatory clarity that would enable further testing and responsible deployment of these technologies by financial services firms as these technologies evolve.

Aligning the Regulatory Framework to Promote Innovation

  • Harmonization of State Licensing Laws:  Encouraging efforts by state regulators to develop a more unified licensing regime, particularly for money transmission and lending, and to coordinate supervisory processes across the states, and recommending Congressional action if meaningful harmonization is not achieved within three years.

  • OCC Fintech Charter:  Recommending that the Office of the Comptroller of the Currency move forward with a special purpose national bank charter for fintech companies.

  • Bank-Nonbank Partnerships:  Recommending banking regulators tailor and clarify regulatory guidance regarding bank partnerships with nonbank firms.

Updating Activity-Specific Regulations

  • Codification of “Valid When Made” and True Lender Doctrines:  Recommending that Congress codify the “valid when made” doctrine and the legal status of a bank as the “true lender” of loans it originates but then places with a nonbank partner, and that federal banking regulators use their authorities to affirm these doctrines.

  • Encouraging Small-Dollar Lending:  Recommending that the BCFP rescind its Small-Dollar Lending Rule and that federal and state financial regulators encourage sustainable and responsible short-term, small-dollar installment lending by banks.

  • Adoption of Debt Collection Rules:  Recommending that the BCFP promulgate regulations under the Fair Debt Collection Practices Act to establish federal standards governing third-party debt collection, including standards that address the reasonable use of digital communications in debt collection activities.

  • Promote Experimentation with New Credit Models and Data:  Recommending that regulators support and provide clarity to enable the testing and experimentation of newer credit models and data sources by banks and nonbank financial firms.

  • Regulation of Credit Bureaus:  Recommending that the Federal Trade Commission and other relevant regulators take necessary actions to protect consumer data held by credit reporting agencies and that Congress assess whether further authority is needed in this area.

  • Regulation of Payments:  Recommending that the Federal Reserve act to facilitate a faster payments system, as well as changes to the BCFP’s remittance transfer rule.

Enabling the Policy Environment

  • Regulatory Sandboxes:  Recommending that federal and state regulators design a unified system to provide expedited regulatory relief and permit meaningful experimentation for innovative financial products, services, and processes, essentially creating a “regulatory sandbox.”

  • Technology Research Projects:  Recommending that Congress authorize financial regulators to undertake research and development and proof-of-concept technology partnerships with the private sector.

  • Cybersecurity and Operational Risks:  Recommending that financial regulators consider cybersecurity and other operational risks as new technologies are implemented, firms become increasingly interconnected, and consumer data are shared among a growing number of third parties.

© 2018 Covington & Burling LLP

United States Imposes Additional Sanctions Against Russian Entities and Individuals

On April 6, the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) announced expanded sanctions against Russian entities and individuals, targeting a number of Russian oligarchs in the energy, banking, and other sectors and companies they own or control, as well as 17 senior Russian government officials. The Treasury Department also issued a detailed press release outlining the rationale for each of these designations. Given the prominence of the targeted oligarchs in Russian business and the extent of their business holdings, as well as the size and importance of the targeted companies in the Russian economy, the action could have a significant impact on companies doing business in Russia.

The OFAC action blocks the property and interests in property of the targeted entities and individuals when it comes into the United States or the possession or control of a U.S. person, and also prohibits virtually all dealings or transactions by U.S. persons with the targeted parties, who are now on OFAC’s List of Specially Designated Nationals and Blocked Persons (“SDN List”). The sanctions also apply to entities that are owned 50 percent or more by sanctioned persons, including the newly sanctioned parties. Non-U.S. persons also could be impacted by the new designations, through potential exposure to secondary sanctions for undertaking significant transactions with these parties.

The action follows the enactment last year of the Countering Americas Adversaries through Sanctions Act of 2017 (“CAATSA”), as discussed in our client alert, which imposed certain sanctions on Russia that apply to U.S. and non-U.S. companies, and the release earlier this year of an Administration report to Congress that identified Russian oligarchs, as called for in CAATSA. A number of the individuals sanctioned in today’s action were identified in that report.

At the same time it announced the new designations, OFAC also issued two general licenses. One authorizes U.S. persons doing business with certain of the newly sanctioned entities to wind down their activities between now and June 5, 2018. The other general license authorizes U.S. persons to divest or transfer debt, equity, or other holdings in three of the blocked entities to non-U.S. persons (other than sanctioned parties) between now and May 7, 2018. OFAC also issued related guidance on these actions in the form of responses to new Frequently Asked Questions (“FAQs”).

Companies and Individuals Targeted by the Sanctions

The new sanctions were imposed under existing Executive Orders, but follow from the enactment last year of CAATSA, which among other things required (in CAATSA Section 241) that the Administration report to Congress on significant “senior political figures and oligarchs in the Russian Federation.” This report, filed with Congress on January 29, 2018, did not entail the imposition of sanctions against the individuals identified in the report. At the time, however, Treasury Secretary Steven Mnuchin warned that some of the individuals could be later targeted for sanctions, saying that “there will be sanctions that come out of this report.”

Today’s designations target several individuals included in the CAATSA Section 241 report, and others who are closely tied to Russian President Vladimir Putin. In total, 26 individuals and 15 entities were designated today (including several non-Russian parties designated under sanctions authorities related to narcotics trafficking and several Russian parties designated for activities involving Syria).

Among the designated Russian oligarchs are close associates of President Putin who are operating in the energy sector, such as Vladimir Bogdanov, Director General and Vice Chairman of the Board of Directors of Surgutneftegaz; Victor Vekselberg, the founder and

Chairman of the Board of Directors of the Renova Group; Oleg Deripaska, the founder of

Russia’s largest industrial group Basic Element, which includes EN+ and Rusal; Igor Rotenberg, the son of previously sanctioned Arkady Rotenberg and owner of the gas drilling company,

Gazprom Burenie; and Kirill Shamalov, who married President Putin’s daughter in 2013 and is a minority shareholder of SIBUR.

Among the sanctioned Russian government officials are top managers of state companies and financial institutions, such as Alexey Miller, the Chairman of the Management Committee and Deputy Chairman of the Board of Directors of Gazprom; Andrey Akimov, the Chairman of the

Management Board of Gazprombank; and Andrey Kostin, the President, Chairman of the Management Board, and Member of the Supervisory Council of VTB Bank. Additionally, the sanctioned Russian Senator, Suleiman Kerimov, is connected to Russia’s largest gold producer, Polyus, and Duma member Andrei Skoch has ties to USM Holdings.

Notably, Russia’s major state-owned weapons trading company, Rosoboronexport, also was designated for asset-blocking for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services in support of, the Government of Syria. Previously, Rosoboronexport had been targeted only by U.S. sectoral sanctions that restricted U.S. person dealings in new debt of Rosoboronexport of greater than 30 days’ maturity.

As noted above, the addition of these entities and individuals to OFAC’s SDN List has several important ramifications.

First, U.S. persons are required to block the property and interests in property—as broadly defined—of these parties when it comes into the United States or the possession or control of U.S. persons. A “U.S. person” for these purposes is a U.S. entity and its non-U.S. offices and branches; individual U.S. citizens and lawful permanent residents (“green-card” holders), no matter where located or by whom employed; and non-U.S. persons when present in or operating from the United States. Funds of SDNs that are blocked must be placed into segregated, “frozen” accounts and reported to OFAC within 10 business days.

Second, U.S. persons are broadly prohibited from transacting or dealing with SDNs, unless authorized by OFAC (such as through the two new general licenses described below or specific licenses issued by OFAC).

As noted above, the above-described restrictions extend not just to listed persons, but also to entities in which those persons own a 50 percent or greater interest, individually or collectively with other SDNs. The application of this long-standing OFAC rule is particularly significant here, where the named individuals have wide-ranging business holdings, since the sanctions on the designated oligarchs also apply to any companies in which they, individually or with other sanctioned parties, own a 50 percent or greater interest.

The designations also can impact non-U.S. persons dealing with the designated parties, as more fully described below.

New General Licenses

To minimize immediate disruptions to U.S. persons from these designations, OFAC issued General License 12,which temporarily authorizes all transactions and activities that are ordinarily incident and necessary to the maintenance or “wind down” of operations, contracts, or other agreements, including the importation of goods, services, or technology into the United States involving one or more blocked entities identified in the general license.

For those entities listed on General License 12, U.S. persons may, until June 5, 2018, permissibly wind down operations, contracts, or agreements in effect prior to April 6, 2018. This General License also would apply to any entity owned 50 percent or more by entities listed in the General License. In FAQs issued with the new sanctions designations, OFAC explains that the blocked entities listed in General License 12 may, for the duration of the General License, make salary and pension payments, and provide other benefits, to U.S. persons. In addition, U.S. persons may continue to provide services to the listed entities until the License expires. General License 12 also permits U.S. persons to import goods into the United States from blocked entities listed on General License 12.

Significantly, although wind-down activities would include accepting payments from the enumerated entities, General License 12 clarifies that U.S. persons may not make payments to such entities; instead, any payments to, or for the direct or indirect benefit of, a blocked person—whether listed in General License 12 or not—must be deposited in a blocked, interestbearing account located in the United States. Therefore, although the new FAQs explain that U.S. persons may import goods into the United States from blocked entities listed on General License 12 until its expiration, any outstanding payments for such goods must be deposited into a blocked account.

Importantly, the list of blocked persons with whom U.S. persons may conduct wind-down activities is not coextensive with the newly designated individuals and entities. Instead, General License 12 covers only 12 of the 15 newly designated entities. It omits three newly designated entities—Gallistica Diamante, Rosoboronexport, and Russian Financial Corporation, each of which was designated under authorities other than those related to Russia—and all newly designated individuals. Therefore, General License 12 does not permit wind-down activities with these three entities, with any of the newly designated individuals, or with any entity owned 50 percent or more by the designated persons and not separately listed on General License 12.

OFAC also issued General License 13, which authorizes transactions and activities that are ordinarily incident and necessary to divest or transfer debt, equity, or other holdings in three blocked entities to a non-U.S. person (other than a sanctioned party), or to facilitate the transfer of debt, equity, or other holdings in those same three entities by a non-U.S. person to another non-U.S. person (other than a sanctioned party). General License 13 applies only to three of the newly designated entities:  EN+ Group PLC, GAZ Group, and United Company RUSAL PLC. General License 13 expires on May 7, 2018.

The activities permitted by General License 13 include facilitating, clearing, and settling transactions to divest to a non-U.S. person debt, equity, or other holdings in the blocked persons, including on behalf of U.S. persons. The License does not authorize unblocking any property other than as described above, or for U.S. persons to sell debt, equity, or other holdings to, or to invest in the debt, equity, or other holdings in, any blocked person, including those listed on General License 13. (It also prohibits facilitating any such transactions.)

With respect to both General License 12 and General License 13, U.S. persons participating in transactions authorized by the licenses must file detailed reports with OFAC within 10 days of the applicable General License’s expiration. Those reports must include the names and addresses of the parties involved, the type and scope of activities conducted, and the dates on which the activities occurred. Reports under General License 12 are due on June 15, 2018, and reports under General License 13 are due on May 17, 2018.

Secondary Sanctions under CAATSA Sections 226 and 228

In addition to the direct implications for U.S. persons associated with the new SDN

designations, there are certain secondary sanctions risks for non-U.S. parties that have dealings with these parties.

Section 228 of CAATSA, in amending earlier legislation, requires that asset-blocking sanctions be imposed against non-U.S. persons that knowingly “facilitate a significant transaction…, including deceptive or structured transactions, for or on behalf of…any person subject to sanctions imposed by the United States with respect to the Russian Federation.” This would include any of the newly added SDNs or parties owned 50 percent or more, individually or collectively, by SDNs. And Section 226 of CAATSA, again amending earlier legislation, requires the imposition of mandatory secondary sanctions on foreign financial institutions if the Treasury Department determines that they have knowingly facilitated “significant financial transactions” on behalf of any Russian person added to OFAC’s SDN List pursuant to existing Ukrainerelated authorities. In particular, foreign financial institutions can lose the ability to maintain or open U.S. correspondent accounts or payable-through accounts as a consequence of certain dealings with the individuals or entities designated today.

OFAC’s FAQ guidance clarifies the scope of these secondary sanctions authorities. Among other things, FAQ 545 provides that “facilitating” a transaction for or on behalf of a sanctioned person means “providing assistance for a transaction from which the person in question derives a particular benefit of any kind,” and sets out factors OFAC will consider in evaluating whether a transaction is “significant.” It also provides that a transaction is not “significant” if a U.S. person would not require a specific license from OFAC to conduct the transaction.

FAQ 542 provides guidance on the term “significant financial transaction” in the context of secondary sanctions against foreign financial institutions. It confirms, among other things, that “OFAC will generally interpret the term ‘financial transaction’ broadly to encompass any transfer of value involving a financial institution.” This would include, but is not limited to, the receipt or origination of wire transfers; the acceptance or clearance of commercial paper; the receipt or origination of ACH or ATM transactions; the holding of nostro, vostro, or loro accounts; the provision of trade finance or letter of credit services; the provision of guarantees or similar instruments; the provision of investment products or instruments or participation in investment; and any other transactions for or on behalf of, directly or indirectly, a person serving as a correspondent, respondent, or beneficiary. FAQ 542 also provides that a transaction is not “significant” if a U.S. person would not require a specific license from OFAC to conduct the transaction.

In this regard, new FAQ 547 confirms that activity authorized by new General Licenses 12 and 13, if occurring within the time period authorized in these general licenses, would not be considered “significant” for purposes of a secondary sanctions determination. The new FAQ guidance also emphasizes that the “intent” of the new designations is to “impose costs on Russia for its malign behavior.” It indicates that the U.S. government “remains committed to coordination with our allies and partners in order to mitigate adverse and unintended consequences of these designations.”

© 2018 Covington & Burling LLP

Peter FlanaganCorrine GoldsteinPeter LichtenbaumKimberly StrosniderDavid Addis, Stephen Rademaker, Elena Postnikova, and Blake Hulnick of Covington & Burling LLP

SEC Approves NYSE Proposed Rule Change Requiring a Delay in Release of End-Of-Day Material News

On December 4, 2017, the U.S. Securities and Exchange Commission (“SEC”) approved the New York Stock Exchange’s (the “NYSE”) proposed rule change to amend Section 202.06 of the NYSE Listed Company Manual to prohibit listed companies from releasing material news after the NYSE’s official closing time until the earlier of the publication of such company’s official closing price on the NYSE or five minutes after the official closing time. The new rule means that NYSE listed companies may not release end-of-day material news until 4:05 P.M. EST on most trading days or until the publication of such company’s official closing price, whichever comes first. The one exception to the new rule is that the delay does not apply when a company is publicly disclosing material information following a non-intentional disclosure in order to comply with Regulation FD. Regulation FD mandates that publicly traded companies disclose material nonpublic information to all investors at the same time.

© 2017 Jones Walker LLP
This post was written by Alexandra Clark Layfield of Jones Walker LLP.
Learn more at the National Law Review‘s Finance Page.

CFTC Clarifies That Variation Margin Constitutes Settlement

The Division of Clearing and Risk (DCR) of the Commodity Futures Trading Commission has issued an interpretive letter clarifying that payments of variation margin, price alignment amounts and other payments in satisfaction of outstanding exposures on a counterparty’s cleared swap positions constitute “settlement” under the  (CEA) and CFTC Regulation 39.14. The CEA and CFTC Regulation 39.14 provide that a derivatives clearing organization (DCO) must effect a settlement at least once each business day and ensure that settlements are final when effected.

Although not mentioned by DCR, the letter is clearly intended to complement earlier guidance issued jointly by the Federal Reserve Board, the Office of the Comptroller of the Currency and the Federal Deposit Insurance Corporation (Guidance) regarding the Regulatory Capital Treatment of Certain Centrally Cleared Derivatives Contracts Under Regulatory Capital Rules. As the Guidance explains in greater detail, for purposes of the risk-based capital calculation and the supplementary leverage ratio calculation, the regulatory capital rules require financial institutions to calculate their trade exposure amount with respect to derivatives contracts. The trade exposure amount, in turn, is determined, in part, by taking into account the remaining maturity of such contracts. The Guidance goes on to explain that for a derivatives contract that is structured such that on specific dates any outstanding exposure is settled and the terms are reset so that the fair value of the contract is zero, the remaining maturity equals the time until the next reset.

“Accordingly, for the purpose of the regulatory capital rules, if, after accounting and legal analysis, the institution determines that (i) the variation margin payment on a centrally cleared Settled-to-Market Contract settles any outstanding exposure on the contract, and (ii) the terms are reset so that fair value of the contract is zero, the remaining maturity on such contract would equal the time until the next exchange of variation margin on the contract.”

CFTC Letter No. 17-51 provides the legal analysis to confirm that, as a condition of registration with the CFTC as a DCO, each DCO must provide for daily settlement of all obligations, including the payment and receipt of all variation margin obligations, which payments are irrevocable and unconditional when effected. As a result, a clearing member’s obligations to each DCO are satisfied daily and the fair value of the open cleared derivatives held at the DCO is effectively reset to zero daily.

This post was written by James M. Brady & Kevin M. Foley of Katten Muchin Rosenman LLP., ©2017
For more Financial & Banking legal analysis, go to The National Law Review

Equifax Breach Affects 143M: If GDPR Were in Effect, What Would Be the Impact?

The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian residents had been compromised. By exploiting a website application vulnerability, hackers gained access to certain information such as names, Social Security numbers, birth dates, addresses, and in some instances, driver’s license numbers and credit card numbers. While this latest breach will force consumers to remain vigilant about monitoring unauthorized use of personal information and cause companies to revisit security practices and protocols, had this event occurred under the Global Data Protection Regulation (GDPR) (set to take effect May 25, 2018), the implications would be significant. This security event should serve as a sobering wake up call to multinational organizations and any other organization collecting, processing, storing, or transmitting personal data of EU citizens of the protocols they must have in place to respond to security breaches under GDPR requirements.

Data Breach Notification Obligations

Notification obligations for security breaches that affect U.S. residents are governed by a patchwork set of state laws. The timing of the notification varies from state to state with some requiring that notification be made in the “most expeditious time possible,” while others set forth a specific timeframe such as within 30, 45, or 60 days. The United States does not currently have a federal law setting forth notification requirements, although one was proposed by the government in 2015 setting a 30-day deadline, but the law never received any support.

While the majority of the affected individuals appear to be U.S. residents, Equifax stated that some Canadian and UK residents were also affected. Given Equifax’s statement, the notification obligations under GDPR would apply, even post-Brexit, as evidenced by a recent statement of intent maintaining that the United Kingdom will adopt the GDPR once it leaves the EU. Under the GDPR, in the event of a personal data breach, data controllers must notify the supervisory authority “without undue delay and, where feasible, not later than 72 hours after having become aware of it.” If notification is not made within 72 hours, the controller must provide a “reasoned justification” for the delay. A notification to the authority must at least: 1) describe the nature of the personal data breach, including the number and categories of data subject and personal data records affected, 2) provide the data protection officer’s contact information, 3) describe the likely consequences of the personal data breach, and 4) describe how the controller proposes to address the breach, including any mitigation efforts. If it is not possible to provide the information at the same time, the information may be provided in phases “without undue further delay.”

According to Equifax’s notification to individuals, it learned of the event on July 29, 2017. If GDPR were in effect, notification would have been required much earlier than September 7, 2017. Non-compliance with the notification requirements could lead to an administrative fine of up to 10 million Euros or up to two percent of the total worldwide annual turnover.

Preparing for Breach Obligations Under GDPR

With a security breach of this magnitude, it is easy to imagine the difficulties organizations will face in mobilizing an incident response plan in time to meet the 72-hour notice under GDPR. However, there are still nearly eight months until GDPR goes into effect on May 25, 2018. Now is a good time for organizations to implement, test, retest, and validate the policies and procedures they have in place for incident response and ensure that employees are aware of their roles and responsibilities in the event of a breach. Organizations should consider all of the following in crafting a GDPR incident response readiness plan:

plan, GDPR, incident response

This post was written by Julia K. Kadish and Aaron K. Tantleff of Foley & Lardner LLP © 2017
For more legal analysis got to The National Law Review

Will Blockchain Render the Bill of Lading a Relic?

A bill of lading is an old form of legal document.  As merchants in the seventeenth and eighteenth centuries ceased accompanying their goods on ships and entrusted their proper delivery to the carrier, a need arose for a tangible and transferable document evidencing which party was entitled to receive the goods at their destination.  The merchants developed a system in which the sender would obtain a receipt from the ship’s master and convey it to the intended recipient of the goods, who would subsequently present the receipt to the carrier upon delivery to prove his title to the goods.

Today, hundreds of years after the introduction of the bill of lading, technological innovation—and of particular interest, the emergence of blockchain technology—is raising new questions about the future of this venerable document of title.  Recent media accounts report collaborative ventures between traders and financial institutions using blockchain solutions to serve the functions of bills of lading.1  Modern bills of lading still perform the same basic functions as their ancient ancestors: they evidence the title to the goods being shipped, the contract of carriage, and the right to receive and direct the disposition of those goods.  The blockchain solutions emerging in commodities trading seem to have the same functions.  It is fair to ask, then, whether blockchain is a new kind of bill of lading – or is something different that will render the bill of lading a relic.

What is Blockchain and How Does It Work?

While there are various potential applications of blockchain technology,2 it may generally be described as a decentralized, automated system for storing information about transactions among its members.  For our current purposes, we envision a hypothetical blockchain (the “Model Blockchain”) that has the following qualities:

  1. It would be “permissioned”—that is, participants in the Model Blockchain must be admitted by the existing members and the general public would not have access. The members would presumably include the relevant merchants buying and selling the goods, the carriers responsible for their shipment and the financial institutions that finance such transactions.

  2. The Model Blockchain would not be anonymous. Each member would be identifiable by its applicable digital signature, which a computer could match to such member’s name.

  3. The system would be decentralized and “trustless,” in that no single party would validate a transaction. Rather, transactions would be validated by the Model Blockchain’s members collectively.  For example, each member would verify (via computer) basic facts about the transaction to protect against fraud or double spending.  After validation, a transaction would be written into a block in the Model Blockchain. Data in a block would be encrypted such that it is nearly impossible to modify.  This decentralized verification system—referred to as a distributed ledger—is the fundamental characteristic common to all blockchain systems.

In practice, the data for any particular transaction in the Model Blockchain would identify the transferor, the transferee, the carrier, the time of the transaction, what is transferred, and any miscellaneous data the transferor decides to include as “metadata.”  Further, we imagine that the legal title to real-world, tangible assets being transferred via the Model Blockchain would be represented as digital coins (“Blockcoins”).  A Blockcoin would be analogous to a Bitcoin, but would have no monetary value and instead would represent the goods themselves.3  Blockcoins and the Model Blockchain would work in tandem to identify electronically who controls the Blockcoin and thus has title to the goods.

Will Blockchain Supplant the Bill of Lading?

As the breadth of the potential applications of blockchain becomes increasingly clear and the technology becomes more widely accepted, the next step is to determine how blockchain can be implemented within the existing legal framework governing bills of lading.  Under U.S. state law, the rules governing bills of lading and other documents of title are housed mainly in Article 7 of the Uniform Commercial Code (“UCC”)4.  A gating question, therefore, becomes whether the Model Blockchain system constitutes a bill of lading under the UCC.

As you may expect, the vast majority of the applicable UCC provisions were drafted with paper bills of lading in mind.  While new concepts, such as “electronic documents of title,” have been incorporated into the UCC over time to accommodate technological advances, the basic structure still largely employs concepts foreign to the electronic frontier, such as “bearer,” “issuer,” or “copy.”  The challenge will be to structure the blockchain and draft the accompanying legal documentation in a manner that preserves the parties’ rights and property interests under the UCC.  It appears that, properly designed, a blockchain system can be accommodated in existing UCC provisions governing bills of lading.

Benefits of Blockchain Being Bills of Lading

If blockchain transactions are bills of lading under the UCC, the benefits to transacting parties could be many.  A classification under the UCC would provide clear legal answers regarding how to receive a perfected security interest in the bill of lading (and the underlying assets covered thereby).  We believe that the Model Blockchain bill of lading could be negotiable or non-negotiable, if properly designed.  There are well-understood risks of holding or lending against negotiable or non-negotiable instruments, and corresponding well-developed business practices in the trade and trade finance markets.  For example, the UCC contains various rules on the rights of competing claimants (whether they are direct owners, transferees or secured parties) claiming an interest to a document or the underlying goods.  To the extent that a blockchain transaction fits into an existing paradigm, the legal benefits and risks to transacting parties and creditors will be embedded in, and consistent with, existing frameworks and business considerations, thereby significantly reducing friction when migrating to an electronic blockchain system.

The use of blockchain in lieu of bills of lading remains largely hypothetical at this time, but offers real benefits to market participants (e.g., cost-savings, reduction in fraud, etc.) and appears attainable from a legal perspective. Indeed, it may very well become the industry standard sooner rather than later.

1   See, e.g., “What’s cooking in the blockchain kitchen?” (2017), https://www.ing.com/Newsroom/All-news/Whats-cooking-in-the-blockchain-ki… and Denis Balibouse, Mercuria Introduces Blockchain to Oil Trade with ING, SocGen, Reuters, Jan. 19, 2017,http://www.reuters.com/article/us-davos-meeting-mercuria-idUSKBN1531DJ.

2   For examples of recent endeavors, see Blockchain: A Better Way to Track Pork Chops, Bonds, Bad Peanut Butter?, N.Y. Times,https://www.nytimes.com/2017/03/04/business/dealbook/blockchain-ibm-bitc….

3   Bitcoins used for such purposes are called “colored coins.”  Nicolas Dorier, Programming The Blockchain in C# 95,https://www.gitbook.com/download/pdf/book/programmingblockchain/programm….

4   Unless otherwise noted, this article generally refers to the Uniform Commercial Code as in effect in New York.

This post was contributed by Martin Horowitz,Stephen M. Johnson Christopher M. McDermott and Jeffrey Nagle of Cadwalader, Wickersham & Taft LLP.
Read more legal analysis at the National Law Review.