Tag: fraud

How Business Owners Can Watch For Fraud

Fraud can quickly take down a successful business, or at the very least create significant issues for you to deal with. As a business owner, it’s important that you know how to watch for fraudulent activities by your employees. Here are a few tips for approaching the subject in your business:

Be careful who you hire

Preventing fraud begins before you even hire your employees. As you work through the selection process, be sure to investigate your potential hires, especially those who deal with finances. You can use a background check, credit report and social media check to look for any red flags.

Protect your business with anti-fraud policies

You should always have company policies in place that state that fraud is not accepted and that includes specific procedures to help prevent and deal with fraud.

Consistent analysis

Use data analysis to double-check the transactions of your business. This can help catch any errors or possible instances of fraud.

Educate your employees

Though you may have the definition of fraud and your stance against it in your company policies, that doesn’t mean that your employees are aware. Especially for new hires, create fraud education and training for them to complete.

Make it easy for whistleblowers to come forward

Create a company culture that is honest and open. This can help draw employees who are willing to call out fraud when they see it. Create procedures that allow whistleblowers to feel safe coming forward and reporting misconduct.

Watch for red flags

As an employer, it’s important to keep an eye on your employees. You have a unique opportunity to spot red flags like employees that live beyond their means or have significant financial struggles.

Don’t let any suspicious activity slide. Be sure to quickly and thoroughly address anything that you notice that could be indicative of fraud.

© 2020 by Raymond Law Group LLC.

Sellers Beware – The COVID-19 Pandemic Has Opened the “Price-Gouging” Pandora’s Box

As the Covid-19 emergency goes on, both federal and New Jersey authorities have begun to enforce anti-price gouging and anti-hoarding provisions of federal and state law. A wide range of businesses, including but going beyond the sellers of medical equipment, should be aware of the limits imposed by these statutes and the dangers posed by enforcement.

A.        The New Jersey Consumer Fraud Act

As has been widely reported in the media, the State of New Jersey is aggressively enforcing the anti-price gouging provisions of the Consumer Fraud Act, N.J.S.A. 56:8-107 through 109, during the current coronavirus emergency. Enforcement of the statute by the Division of Consumer Affairs or by private civil action under the Consumer Fraud Act poses a risk to the sellers of a broad variety of goods. However, it also poses a potential remedy for business purchasers for end use whose ordinary supply chain has been disrupted by the emergency.

During a state of emergency declared by the Governor, N.J.S.A. 56:8-109 declares it to be an “unlawful commercial practice” for any person to sell or offer for sale “any merchandise which is consumed or used as a direct result of an emergency or which is consumed or used to preserve, protect, or sustain the life, health, safety or comfort of persons or their property for a price that constitutes an excessive price increase.”  In turn N.J.S.A. 56:8-108 defines an “excessive price increase” as more than 10 percent greater than the seller’s price in the usual course of business immediately before the declaration of emergency, unless the price increase is attributable either to the seller passing through increased prices from its supplier or costs imposed by the emergency. In that case, the statute defines an excess price increase as an increase of more than 10 percent beyond the seller’s customary pre-emergency markup.

The statutory language sweeps broadly and may be applied to price increases of almost any product where demand has increased or the supply chain has been disrupted by the coronavirus emergency. A recent news story reports that more than 3,600 complaints of alleged price-gouging have been made to the Attorney General’s Division of Consumer Affairs, against more than 2,100 business, involving not only medical supplies but food and commodities in short supply like toilet paper and disinfectants. The Division is urging the public to remain “vigilant” and is actively soliciting complaints on its website. As it investigates complaints, the Division is issuing subpoenas for the seller’s pre-emergency and current cost, price and markup information. The defense of passing through increased costs requires the seller to document both higher charges from suppliers and other costs, such as hazard pay for employees, imposed by the emergency.

Penalties for violation of the Consumer Fraud Act include civil penalties of up to $10,000 for a first offense. There are additional penalties if the violation was directed against senior citizens or persons with disabilities. In addition, the Attorney General may obtain an injunction against future violations. The courts may order restitution to consumers of money obtained in violation of the Act, and twice the amount obtained in the case of senior citizens. Failure to make restitution as ordered is punishable as contempt of court.

In addition to the enforcement powers of the Attorney General, N.J.S.A. 56:8-19 gives any person who has suffered an “ascertainable loss of moneys or property . . . as a result of any practice declared unlawful” under the Consumer Fraud Act as amended or supplemented a private right of action to recover treble damages and attorneys’ fees, either directly or as a counterclaim in a suit by the seller. No reported decision decides whether this private right of action would apply to a violation of the Act’s anti-price gouging provisions, but it is reasonable to anticipate that creative counsel are contemplating private class actions on behalf of retail purchasers.

The private right of action under the Consumer Fraud Act extends not only to individual consumers but to businesses that purchase supplies or equipment for use in the business. Hospitals, medical practices and other large scale purchasers of supplies and equipment affected by the coronavirus emergency may wish to explore that possibility.

B.        The Federal Defense Production Act

The Korean War vintage Defense Production Act (“DPA”) gives the President broad powers to direct the production of essential goods and to prioritize their distribution during periods of declared national emergency. Section 101 of the DPA, 50 U.S.C. § 4511, authorizes the President or his delegate to designate goods as scarce materials critical to the national defense. Section 102 of the Act, 50 U.S.C.§ 4512, the anti-hoarding provision, prohibits any person from accumulating “1) in excess of the reasonable demands of business, personal, or home consumption, or (2) for the purpose of resale at prices in excess of prevailing market prices, materials which have been designated by the President as scarce materials or materials the supply of which would be threatened by such accumulation.”  Designations are required to be published in the Federal Register. Section 103 of the DPA, 50 U.S.C. § 4513 makes the violation of § 102 a federal crime subject to a $10,000 fine and one year imprisonment. In addition § 706, 50 U.S.C. § 4556, authorizes the federal courts to enjoin violations of the DPA at the suit of the government. Other provisions, not relevant here, authorize the government to provide incentives and subsidies to increase production of essential goods.

The DPA is based on the War Powers Acts of World War II. It is designed to authorize the kind of command economy in place during that war, in which the armed forces were the sole end user, the government controlled production by placing contracts, fixing priorities and allocating raw materials, and the government directly controlled prices in the civilian market. It empowers the federal government to become the sole buyer and allocator of materials critical to the national defense. However, the President has chosen not to take the responsibility for centralized purchasing and allocation of critical medical supplies. Instead, the federal government has decided to allow states and other end users to compete for limited resources while using the DPA’s criminal provisions to try to curb the more egregious examples of exploitation.

On March 23, 2020, the President issued Executive Orders 13909 and 13910, which invoke his authority under DPA § 101 to declare ventilators and medical personal protective equipment as scarce materials critical to the national defense. Under authority designated by the Executive Orders, on March 25, 2020 the Secretary of Health and Human Services designated a variety of masks, gloves, gowns, face shields and other personal protective equipment, as well as respirators, sterilization materials, and ventilators as scarce materials subject to the anti-hoarding section of the DPA.  The designation was published in the Federal Register at 85 FR 17592 (Mar. 30, 2020). It enumerates the types of short-supply equipment but does not provide guidance as to what constitutes accumulation in excess of reasonable demand for consumption or what prices are considered in excess of the prevailing market price.

The Department of Justice has created a joint federal-state anti-hoarding task force under the leadership of the United States Attorney for the District of New Jersey, and several criminal prosecutions of alleged hoarders have been instituted. However, the prohibitions in DPA § 102 of accumulation “in excess of reasonable demands” for the holder’s consumption or for resale at a price “in excess of prevailing market prices” appear to impose a rather vague standard of criminal liability, and there do not appear to be any reported decisions interpreting them. Unlike the New Jersey statute, there is no definite markup that would be allowed.

DPA § 104, 50 U.S.C. §4514, prohibits the President from imposing wage or price controls without Congressional authorization. Perhaps for that reason, the government has not set permissible prices for short-supply equipment at any time since the HHS designation. Instead, the government is taking the position that prevailing prices are either prices in effect in January and February of 2020, before the coronavirus crisis began in the United States, or that they are “benchmark” prices of a major private manufacturer. Whether either of those standards provides fair advance notice sufficient to support criminal liability is, to say the least, contestable.

In addition, the government’s position appears to criminalize what may be entirely legitimate economic activity. Experience has shown that there were large amounts of masks and other designated short-supply medical equipment scattered in pockets of inventory around the United States and abroad. Middlemen perform the valuable service of finding these supplies, marshaling them and making them available to end users. That takes effort, which will not be undertaken without the prospect of compensation. Unlike the New Jersey statute, the DPA does not on its face recognize the costs incurred by accumulators to obtain otherwise unavailable goods, either those passed through from upstream sellers, the expenses of search, or reasonable compensation for the effort involved.

In conclusion, the government has not used the Defense Production Act to set prices directly. Its criminal anti-hoarding provisions  are a very blunt instrument for regulating economic activity in a time of shortage, especially because the federal government is not acting as the sole buyer or allocator of goods or fixing prices but is instead requiring end users of short-supply equipment to compete against each other. These criminal provisions have never been tested in court, and they leave open the possibility of vigorous defense based on the lack of a clear standard of criminal liability, on the need to attract scarce goods into the market, and on the pass-through of legitimate costs incurred to do so, including a reasonable profit.

© Copyright 2020 Sills Cummis & Gross P.C.

For more on COVID-19 related price issues, see the National Law Review Coronavirus News legal section.

U.S. District Court Issues Temporary Restraining Order for Silver Products Fraudulently Promoted as a Treatment for COVID-19

On April 29, 2020, the U.S. District Court for the District of Utah issued a temporary restraining order (TRO) to halt the sale of a fraudulent coronavirus (COVID-19) treatment.  The U.S. Department of Justice (DOJ) announced the court’s decision in an effort to halt the sale of silver products fraudulently claimed to prevent and cure COVID-19.

DOJ filed a civil complaint on April 27, 2020, against defendants Gordon Pedersen of Cedar Hills, Utah and his companies, My Doctor Suggests LLC and GP Silver LLC.  The complaint alleges that defendants began fraudulently promoting and selling various silver products in early 2020 with claims that the silver products would treat and prevent COVID-19.  Some of the alleged false and misleading claims made by defendants include that having silver particles in the bloodstream would block the virus from attaching to cells, that silver would “usher” the virus out of the body, and that silver would destroy all forms of viruses and protect against COVID-19.

The U.S. Food and Drug Administration (FDA) issued a statement on the Utah case that “FDA will continue to help ensure those who place profits above the public health during the COVID-19 pandemic are stopped” and that FDA is “fully committed to working with the Department of Justice to take appropriate action against those jeopardizing the health of Americans by offering and distributing products with unproven claims to prevent or treat COVID-19.”

The enforcement action will be prosecuted in a coordinated action by the U.S. Attorney’s Office for the District of Utah and the DOJ Civil Division Consumer Protection Branch, with the assistance of the FDA’s Office of Criminal Investigations and Office of the Chief Counsel.  In addition to the TRO, prosecutors obtained a separate court order temporarily freezing the defendants’ assets in order to preserve the court’s ability to grant effective final relief and to maintain the status quo.  A hearing on the DOJ’s request for a preliminary injunction is set for May 12, 2020.  If the case proceeds to trial, the government will need to prove its allegations to obtain a permanent injunction against the defendants.

In another case, DOJ announced on April 17, 2020, that the United States District Court for the Southern District of Florida issued a TRO to halt the sale of an unapproved and potentially dangerous industrial bleach product being marketed as a “miracle” treatment for COVID-19.  The FDA and the U.S. Federal Trade Commission (FTC) had issued a warning letter to the defendant, Genesis II Church of Health and Healing, on April 8, 2020.  According to the FDA, oral ingestion of the defendant’s product called the Miracle Mineral Solution can cause nausea, vomiting, diarrhea, and severe dehydration.  The FDA and the FTC have issued nearly 40 separate warning letters in 2020 to companies selling unapproved or misbranded products with claims to prevent or to treat COVID-19.

Commentary

Particulate elemental silver and silver salts can be effective antimicrobial agents, and numerous products containing these active ingredients are currently registered for various antimicrobial uses.  The U.S. Environmental Protection Agency, along with other federal agencies, are working to ensure that necessary reviews and approvals of legitimate products intended to address COVID 19 are as expeditious as possible.  Products that need these regulatory reviews and approval, but that are marketed without them, are and will likely continue to be a current enforcement focus.

©2020 Bergeson & Campbell, P.C.

For more in COVID-19 fraud prevention, see the National Law Review Coronavirus News section.

FCC Subjects Robocallers and Caller Identification Fraudsters to Increased Penalties and Broader Enforcement

On May 1, 2020, the Federal Communications Commission (FCC) adopted rules to strengthen protections against robocalls and the manipulation of caller identification information to misrepresent the true identity of the caller (known as caller ID spoofing).1 The FCC’s amended rules, which implement portions of the recently-enacted Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), streamline the procedure for commencing enforcement actions against violators and expand the statute of limitations applicable to FCC proceedings against robocallers and caller ID spoofers2 (see GT Alert, TRACED Act Subjects Robocallers to Increased Penalties, Outlines Regulatory and Reporting Requirements to Deter Violations).

The FCC’s changes to its rules include the following:

  • Eliminating the requirement that the FCC issue a citation to a person or entity that violates prohibitions against robocalling before issuing a notice of apparent liability if the person or entity does not hold a license, permit, or other authorization issued by the FCC. As noted by FCC Chairman Ajit Pai in the news release accompanying the FCC’s Order: “Robocall scam operators don’t need a warning these days to know what they are doing is illegal, and this FCC has long disliked the statutory requirement to grant them mulligans.” Caller ID spoofers are already subject to FCC enforcement actions without receiving a citation as a warning.3
  • Increasing the penalty amount to up to $10,000 for each intentional unlawful robocall in addition to the monetary forfeiture permitted under 47 U.S.C. § 503 (for persons or entities that are not FCC licensees or common carriers, the forfeiture penalty shall not exceed $20,489 for each violation and $153,669 for any continuing violation).4 Importantly, each unlawful robocall is considered to be a separate violation, so the potential forfeiture amounts could be very high.
  • Extending the statute of limitations applicable to FCC enforcement actions for intentional robocall violations and for caller ID spoofing violations to four years. Under the amended rule, the FCC may not impose a forfeiture penalty against a person for violations that occurred more than four years prior to the date a notice of apparent liability is issued. The statute of limitations had been one year for all robocall violations and two years for call ID spoofing violations. This change will significantly increase the timeframe of conduct subject to FCC enforcement and that can be included in a proposed forfeiture amount.

Conclusion

The FCC’s amended rules, consistent with the TRACED Act, are intended to discourage unlawful robocalling and caller ID spoofing by abolishing the “one free pass” formerly applicable to entities that do not hold FCC authorizations, increasing the penalties for intentional violations, and expanding the statute of limitations period. This is the FCC’s most recent action to implement the TRACED Act by strengthening protections against unlawful robocalls and caller ID spoofing. Other steps recently taken by the FCC include initiating a rulemaking proceeding to prevent one-ring scams (when a caller initiates a call and allows the call to ring for a short duration with the aim of prompting the called party to return the call and be subject to charges). Given the FCC’s significant focus on combatting illegal robocalling, it is important that companies that rely on robocalls to contact consumers understand the federal laws governing such calls implement procedures to ensure that they comply with those laws and regulations.

1 The Telephone Consumer Protection Act (TCPA) (which was amended by the TRACED Act) and the FCC’s implementing regulations generally prohibit the use of autodialed, prerecorded or artificial voice calls (commonly known as robocalls) to wireless telephone numbers and the use of prerecorded or artificial voice calls to residential telephone numbers unless the caller has received the prior express consent of the called party (certain calls, such as telemarketing calls, require prior express written consent) or is subject to specified exemptions. See 47 U.S.C. § 227; 47 C.F.R. § 64.1200.

2 The FCC issued these rules pursuant to an order, rather than utilizing notice and comment procedures, because the content of the rules did not require the exercise of administrative discretion. The rules will become effective 30 days after the date of publication in the Federal Register.

3 The FCC may issue a forfeiture order if it finds that the recipient of a notice of apparent liability has not adequately responded to the FCC’s allegations. The FCC may also seek to resolve the matter through a consent order which generally requires the alleged violator to make a voluntary payment, develop a compliance plan, and file compliance reports.

4 See 47 U.S.C. § 503(b)(2)(D) as adjusted for inflation. The FCC has authority to make upward or downward adjustments to forfeiture amounts based on several factors. See 47 C.F.R. § 1.80.

©2020 Greenberg Traurig, LLP. All rights reserved.

COVID-19 Government Enforcement And Investigation Priorities: Minimizing Your Business Risk

The 2019 novel coronavirus (COVID-19) pandemic has changed our day-to-day routines and forced us to navigate many unique challenges in our personal and business lives. One challenge many businesses are facing is how to operate within the confines of the pandemic while complying with federal rules and regulations, both those that are well-established and those that have been promulgated to address specific needs brought on by COVID-19. While the pandemic has also affected the U.S. Department of Justice (DOJ) and other agency enforcement offices, there is no sign that government investigations into wrongdoing will decline. In some cases, government authorities are increasing their efforts to protect the public.

In this environment, it is important that businesses ensure operations are in accordance with DOJ and agency guidance so their actions do not trigger a government investigation. While some steps businesses can take to minimize the likelihood of an investigation were commonplace prior to the pandemic, others require a better understanding of specific guidance promulgated by DOJ and other agencies in the wake of COVID-19.

DOJ PRIORITIZATION OF EXPLOITATION CASES

The DOJ has taken clear steps to establish prioritization of investigations during the pandemic and will be focusing on exploitation cases and other COVID-19-related fraud schemes.

In March 2020, Attorney General William Barr directed all U.S. Attorneys to prioritize the investigation of these fraud schemes. Common schemes include:

  1. Individuals and business selling fake COVID-19 cures
  2. Phishing emails from entities posing as being associated with the World Health Organization or the U.S. Centers for Disease Control and Prevention
  3. Malicious websites or apps appearing to share COVID-19-related information to gain and lock access to devices until payment is secured
  4. Illegitimate or non-existent charitable organizations seeking donations
  5. Fraudulent billing by medical providers obtaining patient information for COVID-19 testing and then billing for other tests and procedures

To further that directive, the Attorney General’s Office also instructed each U.S. Attorney to appoint a Coronavirus Fraud Coordinator (Coordinator) for his or her judicial district. This Coordinator is to serve as legal counsel for his or her district on COVID-19 matters, direct the prosecution of COVID-19-related crimes, and conduct outreach and awareness initiatives regarding common forms of fraudulent schemes that seek to wrongly take advantage of needs and conditions resulting from the pandemic. The Coordinators in the Eastern District of Wisconsin and Western District of Wisconsin are Assistant U.S. Attorneys Kelly Watzka and Chadwick Elgersma, respectively.

DOJ is actively investigating and prosecuting wrongdoing during pandemic

Watzka, Elgersma and their colleagues at the various U.S. Attorneys’ Offices across the nation are encouraging the public to report fraud and other schemes resulting from the pandemic. Many U.S. Attorneys are contacting health care facilities for leads on potential schemes involving hoarding personal protective equipment and warning and advising the public on scams related to COVID-19 Economic Impact Payments. Additional measures include teaming with the American Association of Retired Persons (AARP) and other organizations to disseminate information to the public.

Since late March 2020, enforcement actions have been filed against providers and nonmedical personnel for promoting fake COVID-19 treatment. Charges have also been filed against those attempting to sell fake personal protective equipment to the U.S. Department of Veterans Affairs, attempting to smuggle mislabeled drugs into the U.S. to treat COVID-19, making false statements regarding accumulation and sale of personal protective equipment, and soliciting investments in a company fraudulently claiming funds would be used to market COVID-19 treatments and cures. Further, the DOJ estimates federal authorities have disrupted hundreds of internet domains that were used to exploit the pandemic to commit fraud and other crimes.

REDUCE YOUR RISK OF ALLEGATIONS OF FRAUD OR MISUSE OF GOVERNMENT FUNDS

While the cases above involve particularly egregious cases of fraud, it is important to remember that we are in the early months of COVID-19 relief programs and pursuit of COVID-19-related investigations. As the government continues to provide various aid packages to individuals and businesses alike, it will be important for all businesses, and especially those receiving federal funds, to take action to ensure compliance with the law relating to those funds in order to prevent future investigations. It is likely future investigations would be for less flagrant corporate actions.

Initiatives such as the White House’s National Emergency Declaration, which devotes $50 billion to containing the pandemic, and the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), which includes a $2 trillion dollar stimulus package, will help relieve some of the financial stress impacting businesses. However, with these initiatives comes rules and regulations to ensure that the funds are used as intended.

The CARES Act also created a Special Inspector General for Pandemic Recovery (SIGPR) to “conduct, supervise, and coordinate audits and investigations” of the CARES Act’s financial assistance programs and any other U.S. Department of the Treasury programs established under the CARES Act. In so doing, the SIGPR will be meticulously monitoring those businesses that have received assistance under the CARES Act to prevent and detect fraud and abuse, and to facilitate the identification and prosecution of participants of fraud and abuse.

With these initiatives comes special concern for investigations, charges and enforcement actions under the False Claims Act (FCA).1 The FCA is the primary civil enforcement tool used by the DOJ to pursue those who fraudulently obtain relief money, and fraudulently bill under contracts with the government. The government’s employment of the FCA is likely to expand as small businesses and large corporations alike receive federal funds under the CARES Act, and enter contracts to meet the increased need for emergency goods and services.

Businesses of all sizes and operating in all industries should therefore take additional steps beyond their standard practices to limit the potential for allegations of fraud or misuse of government funds. These steps should not only reinforce pre-pandemic workplace compliance and internal governance standards, but should also involve a system for maintaining documentation and preservation of relief-related correspondence, documents and actions. Importantly, no business should ignore or loosen any of their internal governance procedures or any laws, rules or regulations in the name of expediency.

OTHER FEDERAL AND STATE AGENCY ENFORCEMENT POLICIES DURING COVID-19

Beyond DOJ, several federal and state government agencies have issued policy statements regarding their enforcement priorities and activities during the pandemic.

U.S. Securities and Exchange Commission

Unlike some agencies that have publicized their willingness to be flexible and considerate of the unique circumstances in exercising their enforcement authority, the Securities and Exchange Commission (SEC) has maintained that its enforcement division is fully operational and that it will be vigilant against threats targeting “Main Street” investors.

In its public statements, the SEC has emphasized the importance of maintaining market integrity and following corporate controls. Its recent enforcement activities have focused on fraud schemes and other illegal activity arising from the COVID-19 emergency. It has issued trading suspensions for a number of stocks, many for companies that purported to offer health products or services related to COVID-19. Additionally, the agency has cautioned about “fraudulent stock promotions, unregistered offerings, phony charitable investments, affinity fraud, and fake products offering high returns.”

Investment scams come in a variety of flavors suited to COVID-19. For example, investment in underfunded or fraudulent companies that supposedly make products or services related to COVID-19 prevention or treatment, alternative investments claiming to not be vulnerable to ongoing market risk, or investments purporting to offer unrealistic returns by taking advantage of the market volatility or low prices. In Wisconsin, the Department of Financial Institutions has specifically called out the threat of COVID-19-related charity scams.

In addition to investment scams, the SEC has warned about an increased potential for insider trading owing to a greater number of people who may have access to nonpublic information. The enforcement division has released a statement reminding directors, officers and employees of their obligations to keep nonpublic information confidential and to comply with insider trading laws. The statement likewise urged public companies to adhere to their established disclosure controls, codes of ethics and other regulatory obligations.

The SEC is also encouraging consultation with its staff to ensure that financial reporting standards are maintained, demonstrating enhanced focus on these issues, and may not be forgiving of regulatory lapses where consultation with the SEC was not undertaken. However, the SEC has stated that it is not looking to second-guess good faith attempts to provide investors and other market participants appropriately-framed, forward-looking information.

U.S. Department of Health and Human Services

In the wake of extraordinary efforts by health care providers to combat the COVID-19 pandemic, including through enhanced and novel collaborations among different entities, the U.S. Department of Health and Human Services (HHS) has issued blanket waivers with respect to the Stark Law, which generally prohibits providers from referring Medicaid or Medicare patients to entities with which they have a financial relationship. The blanket waivers permit such referrals for 18 specifically designated relationships, such as referrals by owners of physician-owned hospitals or owners of ambulatory surgery centers that temporarily convert to hospitals. The relationship must be related to the COVID-19 emergency (which is broadly defined) and must not raise concerns regarding fraud or abuse. The blanket waivers are retroactive to March 1, 2020.

Subsequently, in an April 3, 2020, policy statement, HHS’s Office of the Inspector General (OIG) announced that it will similarly relax enforcement of the Anti-Kickback Statute in relation to certain remuneration related to COVID-19. The Anti-Kickback Statute generally prohibits providing or receiving remuneration in exchange for patient referrals. The purpose of the OIG’s temporary policy is to afford flexibility to providers of health care services who may be unable to comply with technical aspects of the Anti-Kickback Statute. The policy permits providers to pursue certain financial relationships that would otherwise be prohibited, such as payments made by a facility or physician for space or equipment rental below fair market value, the purchase of items or services below fair market value, or payments to physicians that are above their normal contracted rate.

Importantly, while the Anti-Kickback Statute policy is based on the Stark Law blanket waivers, it is notably narrower than the blanket waivers, covering only certain of the 18 enumerated categories provided for in the blanket waivers. All other arrangements prohibited by the Anti-Kickback Statute are unaffected by this policy. Moreover, the Anti-Kickback Statute policy applies only prospectively to conduct occurring on April 3, 2020, and later. Like the blanket waivers, to qualify for the Anti-Kickback Statute policy conduct must be related to care provided in connection with COVID-19, must not create a risk of fraud or abuse, and must be adequately documented.

While these HHS policies show the agency’s willingness to accommodate the special needs of health care providers, the policies are complex and warrant careful review to determine how they may apply to your organization or practice.

U.S. Environmental Protection Agency

After early reports suggesting that the U.S. Environmental Protection Agency (EPA) was significantly curtailing enforcement efforts, the agency has since issued a more detailed temporary policy.

Under the Temporary COVID-19 Enforcement Policy, the EPA will not seek penalties for noncompliance with routine monitoring and reporting requirements, if, on a case-by-case basis, the EPA agrees that such noncompliance was caused by COVID-19. The same policy applies to administrative settlement agreements: the EPA will not seek penalties for noncompliance with basic reporting requirements provided such failure was occasioned by COVID-19. Businesses should continue to use notice provisions set forth in agreements to keep the EPA apprised of their compliance efforts.

Regulated parties must document the basis for a claim that the pandemic prevented it from conducting the routine monitoring and reporting. These case-by-case determinations will be made after the pandemic is over and the EPA reserves its right to disagree that any asserted noncompliance was caused by the pandemic.

The temporary policy does not excuse exceedances of pollutant limitations in permits, regulations or statues due to COVID-19. Regulated entities are expected to comply. The temporary policy does not affect businesses’ responsibility to prevent and respond to spills or releases, or to criminal violations. However, the temporary policy contemplates that the EPA’s response to compliance will be determined in light of the circumstances created by the public health emergency, provided that the facility contacts the EPA or their state agency as soon as possible.

Businesses that may encounter challenges complying with environmental laws and regulations as a result of COVID-19, due to workforce or resource issues, for example, should review the temporary policy carefully to determine whether it may apply.

As usual, states maintain parallel authority to enforce many environmental laws, and any exemptions allowed by the EPA may not be respected by state agencies. The Wisconsin Department of Natural Resources (DNR), in particular, has issued its own process for case-by-case determinations of flexibility from regulatory burdens. Regulated entities are encouraged to work with their DNR contact to discuss compliance assistance if COVID-19 justifies the assistance sought.

1Learn more about the FCA and COVID-19 through our recent article entitled Managing and mitigating the risk of qui tam actions in the wake of COVID-19.

Copyright © 2020 Godfrey & Kahn S.C.

For more on governmental actions on COVID-19, see the National Law Review Coronavirus News section.

COVID-19 Update: Don’t Be a Target: What Business Should Know about State Attorney General Reactions to COVID-19

In any time of crisis, there is heightened risk for fraud and scams. While United States Attorney General Barr has warned of scams and other illegal acts on the federal level,1 it is with the state Attorneys General (“AGs”) where the rubber hits the road in enforcing social distancing orders, investigating companies for alleged price gouging, continuing ongoing investigations, and overseeing lending relief efforts. As the economy begins to reopen on a state-by-state and sector-by-sector basis, companies must be vigilant in protecting themselves from the next wave of scrutiny by state AGs.

During normal times, state AGs rely upon their state’s Consumer Protection Act and Unfair or Deceptive Acts or Practices (UDAP) statutes to fight against perceived fraud. During the COVID-19 crisis, state AGs have taken the additional step of issuing Civil Investigative Demands, mostly focused on the issue of price gouging, or an instance in which a company allegedly inflates prices above a perceived acceptable level based not solely on supply and demand, but also on leveraging, in this case, the COVID-19 pandemic to the detriment of the consumer. Allegations of price gouging often appear during or immediately following natural disasters, an example of which would be heightened prices for essential products such as generators and flashlights in historically hard-hit areas such as Florida or New Orleans during the Atlantic hurricane season. In the current environment, state AGs across the country are each receiving literally hundreds of consumer complaints alleging that companies are similarly raising prices on necessities.2 Online platforms for third-party sellers are particularly vulnerable to state AGs in this environment, with most people sheltering in place and fulfilling the majority of their purchasing needs through online retail. In fact, 33 state AGs sent a letter to Amazon.com, Inc., Facebook, Inc., Craigslist, Inc. and eBay Inc. to request enhanced procedures to protect against price gouging on their respective platforms.3 Ironically, companies such as Facebook, Google, Navient, and others that have been targeted by state AGs, often on extremely flimsy legal grounds, are now being asked by those same regulators to continue their efforts to step up to assist in this pandemic. And those companies, and so many others, are doing just that.

However, there are indeed some bad actors. In one well-publicized example, two Tennessee men hoarded over 17,000 bottles of hand sanitizer with the intent to sell them for up to $70 per bottle and was immediately met by an expedited investigation by Tennessee AG Herbert Slatery.4 Other examples have abounded: Massachusetts AG Maura Healey unilaterally expanded her state’s price gouging regulations, which had previously been limited to gasoline and petroleum products, to include “all goods or services necessary for the health, safety or welfare of the public”;5 New York AG Letitia James sent cease and desist letters to merchants that were allegedly engaging in price gouging related to the sale of hand sanitizer and disinfectant;6 New Jersey AG Gurbir Grewal has sent over 80 cease and desist letters after receiving more than 600 complaints of COVID-19-related price gouging and other related consumer protection violations;7 Florida AG Ashley Moody activated a “Price gouging Hotline” and opened an investigation into third-party sellers accused of price gouging on essential goods through accounts on Amazon;8 and finally, 20 state AGs have implored 3M Company to create a database and accounting of the distribution and pricing of 3M’s N95 respirator masks, including urging 3M to publish its policies prohibiting price gouging.

Businesses that remain open should be mindful of the additional steps taken to ensure compliance with social distancing regulations. For example, Vermont AG T.J. Donovan issued a directive for law enforcement outlining guidance for the enforcement of the state’s COVID-19 Executive Order that, among other things, extended authority to the state Department of Public Safety to inspect the premises and records of any employer to ensure compliance with the Executive Order.9 Other state AGs are enforcing their states’ Executive Orders with similar diligence: New York AG James ordered over 70 medical transportation companies to stop providing group rides;10 Michigan AG Dana Nessel sent a letter to home improvement store Menards in the wake of reports that the retailer had engaged in business practices that would endanger consumers and employees contrary to the Executive Order issued by Michigan Governor Gretchen Whitmer;11 and Delaware law enforcement officials even issued cease and desist orders to a barber shop and a tobacco shop.12

As the economy begins to incrementally ‘reopen’ in the weeks and months to come, companies should document every step taken to protect their customers and employees as well as the rationale underlying those measures. The far-reaching effects of the COVID-19 pandemic are unlikely to subside until a vaccine becomes publicly available. Thus, state AGs are likely to continue to probe companies aggressively about safety measures taken to protect their customers and employees; adherence to government policies and interpretative guidance; their definition of essential employees; and whether the company contributed to the spread of the virus.

State AGs are the top law enforcement officers in their states and will continue to act to protect their citizens during, and long after, the COVID-19 crisis is over. Industry should be on the lookout for measures taken by state AGs to identify and prosecute fraud and perceived price gouging during the COVID-19 pandemic, and should comply with laws and Executive Orders as diligently as possible. What constitutes the requisite compliance with social distancing – both now and as the economy begins to reopen – and what constitutes an essential service are often somewhat subjective and may require the consult of counsel. Cadwalader’s state AG practice is regularly in close communication with state AG offices and is well-positioned to provide guidance to clients that may be in receipt of an inquiry from a state AG, and we stand ready to continue to assist clients as they navigate the implications of the COVID-19 pandemic.

1   https://www.justice.gov/opa/pr/attorney-general-william-p-barr-urges-american-public-report-covid-19-fraud

https://www.cadwalader.com/state-attorney-general-insider/index.php?nid=6&eid=34

3  https://www.attorneygeneral.gov/wp-content/uploads/2020/03/03_25_2020_Multistate-letter.pdf

4   On April 21, 2020, Tennessee AG Slatery announced that a settlement had been reached with the two men to resolve allegations of price gouging; all supplies were surrendered to a nonprofit organization in Tennessee and a portion of the supplies were distributed to officials in Kentucky, and the two men were prohibited from selling emergency or medical supplies grossly in excess of the price generally charged during any declared state of abnormal economic disruption related to the COVID-19 pandemic.

5  https://www.mass.gov/news/ag-healey-issues-emergency-regulation-prohibiting-price gouging-of-critical-goods-and-services

6  https://ag.ny.gov/press-release/2020/ag-james-price gouging-will-not-be-tolerated

7  https://www.njconsumeraffairs.gov/News/Pages/03172020.aspx

8   http://www.myfloridalegal.com/newsrel.nsf/newsreleases/A32615BF3942B33E8525854300514289?Open&

9  https://www.attorneygeneral.gov/wp-content/uploads/2020/03/03_25_2020_Multistate-letter.pdf

10  https://ag.ny.gov/press-release/2020/attorney-general-james-orders-78-transport-providers-immediately-stop-endangering

11  https://www.michigan.gov/coronavirus/0,9753,7-406-98158-523976–,00.html

12 https://www.delawarepublic.org/post/delaware-flagging-non-essential-businesses-open-during-shutdown

© Copyright 2020 Cadwalader, Wickersham & Taft LLP

For more on AG’s Enforcement Activities around COVID-19 Fraud see the National Law Review Coronavirus News section.

SEC Emphasizes Anti-Fraud Protections During COVID-19 Pandemic

On March 23, 2020, the co-directors of the Division of Enforcement of the U.S. Securities and Exchange Commission (SEC) issued a statement regarding market integrity during the COVID-19 pandemic[1].  Specifically, the statement serves to remind public companies of their obligations to maintain disclosure controls and procedures regarding material nonpublic information. The SEC has worked to accommodate disclosure filing deadlines due to the extenuating circumstances. This nonpublic information may be even more valuable now than during times of regular business operations. Because of this, the statement explains, public disclosures that normally occur through filings may be delayed[2], which could give rise to the potential to abuse the nonpublic information due the extended filing period.

The obligation to maintain the confidentiality of nonpublic information, giving rise to what is commonly called “insider trading”, has been heightened recently with allegations that some members of Congress may have sold stocks after early briefings on the business impact of COVID-19. This is not the only time in recent history where members of government have been accused of profiting based on classified or nonpublic briefings. As a result, the SEC has emphasized its commitment to robust investigation and enforcement of its rules and regulations.

It is important to note that the antifraud provisions of securities laws and regulations apply not only to publicly-held companies, but also privately-held “exempt” securities offerings. Additionally, this covers not just equity (stock or partnership/LLC ownership) but debt securities offerings as well. Private companies offering securities during this time of economic uncertainty need to ensure that any disclosures made to potential investors are straightforward and truthful. The SEC has broad investigative powers to investigate false or misleading statements made by private issuers of securities. This applies to statements made orally or in writing and to omission of material information from communications relating to offerings (in addition to the making of false or misleading statements). Keep in mind that the SEC’s antifraud rules carry steep civil and criminal penalties for violation of these rules.

Entrepreneurship and start-up activity has recently been growing at a healthy pace, and there is no doubt that the challenges presented by COVID-19 will spur new start-ups and economic activity relating to the pandemic in a variety of market sectors, from medical and consumer devices to services. At the same time, the pandemic will also present challenges to many existing early stage business ventures. During this extraordinary time, businesses should be careful to check the validity and accuracy of information disclosed to potential investors. We will continue to work with clients to ensure that accurate and complete material information is disclosed to investors.

________________________

[1] https://www.sec.gov/news/public-statement/statement-enforcement-co-direc….

[2] https://www.sec.gov/rules/other/2020/34-88318.pdf.

© 2020 Davis|Kuelthau, s.c. All Rights Reserved

Mitigating Payment Fraud Risks

For businesses that thrive on person-to-person transactions, cash is quickly being replaced by cards, as well as tap-to-pay systems, mobile wallets and QR-based payment systems. These technologies will continue to dominate the market in the near future, but the long-term future of the payment card industry will likely be shaped by the impact of blockchain and artificial intelligence. These developments will eventually also impact risk management, marketing and financial planning, as they present opportunities for serious risks, including fraud. Hence, it is imperative for risk management professionals to plan for these short- and long-term changes in the industry.

Strong risk monitoring requires proactively assessing threats and planning mitigation measures to minimize risk impact on the company or organization. To help mitigate payment fraud risks, businesses can take the following steps:

Train your Employees Regularly

The more regularly you train your employees, the more likely are they to spot suspicious behavior, no matter what payment technology the business uses. Repeated and regular trainings are essential because employees tend to forget what they have learned with time. These training workshops should teach the workers to never accept damaged cards from customers, confirm customer identities, and never enter a card number manually.

Use Contactless and EMV-Enabled Terminals

As payment technology changes, businesses must evaluate what options are safest and least prone to fraud. Currently, businesses should use EMV (short for Europay, Mastercard and Visa), which involves chips embedded into payment cards—a significant step in making transactions safer. The introduction and adoption of EMV-enabled secure terminals, particularly when using PIN and EMV security together, has helped merchants and customers prevent fraudulent transactions.

Contactless smartcards such as chip and magnetic stripe cards use contactless payment, which can present another secure way to process transactions. Most EMV terminals are also enabled with contactless payment. At such terminals, a fast and secure transaction is possible using Near Field Communication (NFC) or Radio-Frequency Identification (RFID) via smartcard or smartphone. If a merchant chooses to use contactless payment without PIN, they can put a limit to the amount spent on each contactless transaction to further minimize risk.

Beware Uncommon Transactions

Transactions that involve unusually large purchases could be a sign of potential fraud. Businesses should examine such transactions closely and confirm the identity of the customer. Similarly, if several purchases are made with a card in a short timeframe, it could indicate that the card was stolen and being used by someone other than the owner.

Maintain Online Security

As merchants and consumers shift to contactless and EMV-enabled point of sale terminals, risk has shifted towards online transactions. To mitigate this risk, it is important for online businesses to use the Address Verification Service (AVS), which verifies that the billing information matches the one registered with the card issuer. Vendors should also ask for Card Verification Value 2 (CVV2) to verify that the user has the card in hand when placing the order. Another important check is to put a limit on an IP address for the number of cards it can use for online transactions.

Prevent Employee Fraud

Employee fraud is always a major concern for risk management professionals.  Businesses should remember to keep an eye on credit card activity, particularly returns, as employee theft often shows up in fake discounts or returns. Companies should create alerts that set limits on returns at stores and notify management any time those limits are exceeded.

 

Risk Management Magazine and Risk Management Monitor. Copyright 2020 Risk and Insurance Management Society, Inc. All rights reserved.

LinkedIn Petitions Circuit Court for En Banc Review of hiQ Scraping Decision

On October 11, 2019, LinkedIn Corp. (“LinkedIn”) filed a petition for rehearing en banc of the Ninth Circuit’s blockbuster decision in hiQ Labs, Inc. v. LinkedIn Corp., No. 17-16783 (9th Cir. Sept. 9, 2019). The crucial question before the original panel concerned the scope of Computer Fraud and Abuse Act (CFAA) liability to unwanted web scraping of publicly available social media profile data and whether once hiQ Labs, Inc. (“hiQ”), a data analytics firm, received LinkedIn’s cease-and-desist letter demanding it stop scraping public profiles, any further scraping of such data was “without authorization” within the meaning of the CFAA. The appeals court affirmed the lower court’s order granting a preliminary injunction barring LinkedIn from blocking hiQ from accessing and scraping publicly available LinkedIn member profiles to create competing business analytic products. Most notably, the Ninth Circuit held that hiQ had shown a likelihood of success on the merits in its claim that when a computer network generally permits public access to its data, a user’s accessing that publicly available data will not constitute access “without authorization” under the CFAA.

In its petition for en banc rehearing, LinkedIn advanced several arguments, including:

  • The hiQ decision conflicts with the Ninth Circuit Power Ventures precedent, where the appeals court held that a commercial entity that accesses a website after permission has been explicitly revoked can, under certain circumstances, be civilly liable under the CFAA. Power Ventures involved Facebook user data protected by password (that users initially allowed a data aggregator permission to access). LinkedIn argued that the hiQ court’s logic in distinguishing Power Ventures was flawed and that the manner in which a user classifies his or her profile data should have no bearing on a website owner’s right to protect its physical servers from trespass.

“Power Ventures thus holds that computer owners can deny authorization to access their physical servers within the meaning of the CFAA, even when users have authorized access to data stored on the owner’s servers. […] Nothing about a data owner’s decision to place her data on a website changes LinkedIn’s independent right to regulate who can access its website servers.”

  • The language of the CFAA should not be read to allow for “authorization” to be assumed (and unable to be revoked) for publicly available website data, either under Ninth Circuit precedent or under the CFAA-related case law of other circuits.

“Nothing in the CFAA’s text or the definition of ‘authorization’ that the panel employed—“[o]fficial permission to do something; sanction or warrant,” suggests that enabling websites to be publicly viewable is not ‘authorization’ that can be revoked.”

  • The privacy interests enunciated by LinkedIn on behalf of its users is “of exceptional importance,” and the court discounted the fact that hiQ is “unaccountable” and has no contractual relationship with LinkedIn users, such that hiQ could conceivably share the scraped data or aggregate it with other data.

“Instead of recognizing that LinkedIn members share their information on LinkedIn with the expectation that it will be viewed by a particular audience (human beings) in a particular way (by visiting their pages)—and that it will be subject to LinkedIn’s sophisticated technical measures designed to block automated requests—the panel assumed that LinkedIn members expect that their data will be ‘accessed by others, including for commercial purposes,’ even purposes antithetical to their privacy setting selections. That conclusion is fundamentally wrong.

Both website operators and open internet advocates will be watching closely to see if the full Ninth Circuit decides to rehear the appeal, given the importance of the CFAA issue and the prevalence of data scraping of publicly available website content. We will keep a close watch on developments.

© 2019 Proskauer Rose LLP.

Payment Processor Held Accountable by FTC

The Federal Trade Commission and the Ohio attorney general recently initiated legal action against a payment processor arising from alleged activities that enabled its customers to defraud consumers.

According to the FTC, the defendants generated and processed remotely created payment orders (“RCPOs”) or checks that allowed unscrupulous merchants, including deceptive telemarketing schemes, to withdraw money from their victims’ bank accounts.

The FTC’s Telemarketing Sales Rules specifically prohibits the use of RCPOs in connection with telemarketing sales.  RCPOs are created by the processor and result in debits to consumers’ bank accounts without a signature.

“To execute their payment processing scheme, Defendants open business checking accounts under various assumed names with banks and credit unions, the majority of which are local institutions,” according to the complaint.  Within the last five years, the defendants opened at least 60 business checking accounts at 25 different financial institutions, mainly in Texas and Wisconsin, to enable their activity, the regulators said. “Defendants often misrepresent to the financial institution the type of business for which they open the account, and routinely fail to disclose the real reason for which they open the account—processing consumer payments for third-party merchants via RCPOs.  Red flags about Defendants’ practices have led at least 15 financial institutions to close accounts opened by Defendants.  When that happens, Defendants typically open new accounts with different financial institutions.  ”

According to the Ohio AG and FTC lawyers, the defendants specifically market their RCPO payment processing service to high risk merchants.  The complaint also alleges that the defendants are aware that some of their largest merchant- clients sell their products or services through telemarketing.

The FTC and Ohio AG also allege that the defendants violated the TSR by charging consumers advance fees before providing any debt relief service, failing to identify timely and clearly the seller of the purported service in telemarketing calls, and failing to pay to access the FTC’s National Do Not Call Registry.

The Ohio AG previously had previously filed suit against the defendants for similar violations.

According to the FTC CID attorneys, the telemarketing operations that defendants supported included, among others, student debt relief schemes, and a credit interest reduction scheme.  The FTC and Ohio allege that using RCPOs, the defendants have withdrawn more than $13 million from accounts of victims of these telemarketing operations since January 2016.

“The FTC will continue to pursue such schemes aggressively, and hold accountable payment processors that are complicit in the illegal conduct,” FTC lawyer Andrew Smith said in a statement about the case.

The complaint alleges violations of the FTC Act and Ohio state law, and seeks injunctive relief plus disgorgement of alleged ill-gotten gains.

At the same time, the FTC and state of Ohio filed another enforcement action against one of the processor’s biggest clients based in Canada and the Dominican Republic.

Federal and state regulators have evidenced a willingness to both go after merchants that engage in unfair and deceptive practices that are injurious to consumers, as well as the payment processors that enable merchants to engage in such conduct.

© 2019 Hinch Newman LLP

Fore more FTC finance enforcement actions, see the National Law Review Financial Institutions & Banking law page.