By Dominic Boamah, Ph.D., Director, Office of Research & Analysis, HITRUST

The information security threat landscape is constantly changing. As the technologies and tools that organizations rely on to protect sensitive data and support their business missions evolve, information protection programs must be well-positioned to change and adapt. The HITRUST Threat Catalog is one of the many ways that HITRUST helps our community of partners stay prepared by ensuring the continued effectiveness of the HITRUST CSF.

HITRUST Releases New Version of HITRUST Threat Catalogue

The HITRUST Threat Catalogue provides a systematic reference that identifies and defines InfoSec threats and maps them by name and number to HITRUST CSF control references based on control specifications and/or control requirements.

“We do an annual risk assessment, and we were having a hard time finding guidance until we came across the HITRUST Threat Catalogue.”
Dr. Claude Council, Senior Manager of Cybersecurity at Shriners Hospitals for Children International

Word Art
The HITRUST Threat Catalogue provides an excellent reference guide to help organizations evaluate and map how effectively and comprehensively their implemented control specifications meet the risk management needs of their environment. This disciplined approach to identify and implement appropriate controls allows organizations to further tailor their information program and mitigate risk by proactively recognizing and anticipating threats.

Why the HITRUST Threat Catalogue is Unique

Beginning in 2016, HITRUST invested years compiling a comprehensive set of threats at a level consistent with the controls in the HITRUST CSF framework used to address them. With significant input, comments, and observations from industry working groups, when HITRUST first developed the Threat Catalogue, our goal was to develop a comprehensive list of reasonably-anticipated cyber security threats and map those to controls in the HITRUST CSF.

The intent was and still is to cover a wide range of threats including: cyber threats, physical threats, logical threats, organizational threats, and environmental threats. In addition to mapping specific threats to HITRUST CSF controls, the Catalogue also combines and provides mapping to threats included in other frameworks, such as the National Institute of Standards and Technology (NIST) Special Publication 800-30, the European Network and Information Security Agency (ENISA) Threat Taxonomy, ISO, and other Authoritative Sources.

Provides Additional Ways to Mitigate Ransomware Threats

Using new guidelines from the Cybersecurity and Infrastructure Security Agency (CISA) and other reputable industry sources, the newest version of the HITRUST Threat Catalogue updates the list of HITRUST CSF controls to help better address the types of ransomware attacks organizations currently experience. In addition to identifying controls around secure data backup and restoration, the Catalogue also provides mappings to incident response, decision-support, and other risk mitigation controls.
image of Threat Catalogue steps

Advantages of Using the Threat Catalogue

The HITRUST Threat Catalogue is a FREE resource to add visibility and assist in optimizing information risk management and compliance programs. Download Here.

Key Benefits:
Further Leverage the HITRUST CSF. Provides a comprehensive view of how best to use HITRUST CSF control requirements to address existing and emerging threats so your organization gets the most possible value from the CSF framework.

Risk Analysis. The Threat Catalogue helps organizations ease the burden of analyzing and managing security and privacy risk by mapping threats directly to the controls in the HITRUST CSF framework. “At Shriners Hospitals, we do an annual Risk Assessment, and we were having a hard time finding guidance until we came across the HITRUST Threat Catalogue,” said Dr. Claude Council, Senior Manager of Cybersecurity at Shriners Hospitals for Children International. “The beauty of the Catalogue is that it comes with instructions and a spread sheet as deliverables, which we can use as a framework to conduct an assessment tying threats to relevant controls [in the CSF]. The Catalogue did a good job of pointing us in the right direction and it was the only thing I could find that allowed us to pursue our threat assessment in the way that we wanted to.”

Executive Buy-In. There are very few sources that break down information security into easy-to-understand concepts. The HITRUST Threat Catalogue enumerates and defines common information security threats in a relevant and actionable context that helps executive leadership grasp how unaddressed threats can lead to real-world business, financial, and social consequences. Using the Threat Catalogue to support risk analysis across the organization can help inform decision-makers of the need for strong information protection so they become supportive and enthusiastic participants in wanting information risk management programs to succeed.

HITRUST Threat Catalogue Components

Threat Catalogue assets include 3 separate documents:

  • Introductory Overview
  • Enumerated Threat List
  • Threat Catalogue spreadsheet

Summary

Regardless of organizational size or sector, using the HITRUST Threat Catalogue for guidance to evaluate HITRUST CSF controls optimizes efficiency to:

  • Use the HITRUST CSF framework effectively
  • Conduct targeted risk analyses
  • Consume threat intelligence

New Risk Catalogue Underway

Building on content and concepts in the current Threat Catalogue, HITRUST has an important Risk Catalogue initiative underway that will significantly change how threat information can be leveraged by HITRUST Organizations. These changes include:

  • Updating the enumerated threats and definitions based on industry feedback and ongoing changes in the threat environment;
  • Mapping threats at the HITRUST CSF control requirement level to provide additional granularity;
  • Assigning attributes to HITRUST CSF control requirements that convey how they address related threats;
  • Relating threats and HITRUST CSF control requirements to relevant elements in the MITRE ATT&CK framework to support integration of active threat intelligence; and
  • Providing additional information needed to help organizations estimate their financial exposure to specific threats such as ransomware, evaluate the cost benefit of remediating specific control deficiencies, and other types of quasi-quantitative residual risk analysis.

If you would like to participate in an active industry working group to contribute your thoughts and expertise to the upcoming HITRUST Risk Catalogue, please submit your candidacy via our Working Group Sign-up page.

Download HITRUST Threat Catalogue

To Learn More About the HITRUST Threat Catalogue, Review Frequently Asked Questions (FAQs)

Follow HITRUST on Twitter.
Follow HITRUST on LinkedIn.


 

About the Author

Dominic BoamahDominic Boamah, Ph.D., Director, Office of Research and Analysis, HITRUST

Dr. Boamah has been in the Cybersecurity/IT industry for the past two decades; and has dedicated the past seven years to cybersecurity risk management. He has worked with different organizations, in different industries, on their cybersecurity risk management programs. He previously served as the head of Cybersecurity/IT programs at the University of Fairfax in Roanoke, VA, and Lindenwood University in St. Charles, MO. At HITRUST, Dr. Boamah is currently engaged in the enumeration of threat-based Mobile Application Environment (MAE) related controls. In addition, he will be leading the industry working group to further develop the HITRUST Threat Catalogue into a Risk Catalogue.

 

The post Updated HITRUST Threat Catalogue Includes Ransomware Mapping appeared first on HITRUST Alliance.

Source

var config_3782325 = {“options”:{“theme”:”hbidc_default”},”extensions”:[],”episode”:{“media”:{“mp3″:”https://dts.podtrac.com/redirect.mp3/pdst.fm/e/chrt.fm/track/E2G895/aw.noxsolutions.com/launchpod/federal-drive/mp3/113021_VanLandingham_web_wq7o_fc3d0fad.mp3?awCollectionId=1146&awEpisodeId=0db2196e-42a7-449f-8534-6082fc3d0fad&awNetwork=322″},”coverUrl”:”https://federalnewsnetwork.com/wp-content/uploads/2018/12/FD1500-150×150.jpg”,”title”:”Data management emerges as a top performance challenge for Health and Human Services”,”description”:”[hbidcpodcast podcastid='3782325′]nnBest listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Driveu2019s daily audio interviews on Apple Podcastsu00a0oru00a0PodcastOne.u00a0nnAs it does every year, the Department of Health and Human Services Office of Inspector General publishes the top management and performance challenges facing the department. This year, the IG found that HHS faces significant challenges when it comes to data, managing it and using it. With details, the senior counselor to the OIG, Andrew VanLandingham, joinedu00a0Federal Drive with Tom Temin.nnInterview transcript:n

Tom Temin: Mr. VanLandingham, good to have you on.nnAndrew VanLandingham:u00a0Thanks, Tom, appreciate the opportunity to talk about this important document.nnTom Temin: And looking at the data challenges with HHS, which I guess were kind of made worse by the amount of data they had to ingest in the pandemic response, you found that the challenges fall into two basic buckets – tell us what those were.nnAndrew VanLandingham:u00a0Yeah, I think at the end of the day that the way to sum up the broad challenge of use and protection of data at HHS is best highlighted by the sort of dual challenge they face during the pandemic. On one hand, in order to have a good public health response, HHS needs to be able to share its data with a range of partners, other federal agencies, state and local public health departments, and American citizens. But at the same time, they also need to protect its data. And I think as everyone who listens to your show knows, cybersecurity is a chief challenge at the federal government, and really, the country faces when protecting from adversarial attacks that have just been growing really over the last 18 months during the pandemic.nnTom Temin: And I want to get to that one second, let's talk about the first issue which is sharing the data. And in some sense, that's part of a perhaps larger set of issues with respect to being able to make the proper decisions based on data, which as you know, is law and policy for the federal government under the DATA Act and other things. And so it sounds like it just got worse, because of the volume and the number of decisions that had to be made. Would that be a fair way to put it?nnAndrew VanLandingham:u00a0Yeah, I think it definitely got more complex, I think is the way I would frame it for HHS. I mean, certainly COVID is an unprecedented challenge for HHS, who's the primary federal agency that has to deal with pandemic response. But through the Food Drug Administration, the National Institutes of Health, but also other agencies that folks may not know a lot about, like the administration for public response [ASPR], that helps lead across federal agencies in response, they need to be able to share data with their partners across a range of issues, right – hospital capacity, lab testing – and those are all key things that the public health response needs in order to be effective, regardless of what level you're looking at. And so if folks remember, last year, HHS quickly stood up HHS Protect, to sort of solve an issue that they saw where they weren't be able to get public health data quickly from hospitals especially. And so this is, I think, a good example that then the top management challenge that we referenced, where the intention was great, HHS knew it needed to improve its ability to both ingest and share data and HHS protect was the solution. The problem was trying to stand up a massive database for hospital public health reporting, during the middle of a pandemic does pose some issues. And then a survey we did a few 100 hospitals across the country. One consistent theme we heard at OIG was just the burden of data reporting that put on hospitals during the middle of a pandemic, while they're struggling to just treat patients and then also adapt to the changing public health reporting requirements. It just shows the magnitude of the problem that the department faced really beginning last year.nnTom Temin: And which component of the department was responsible for this? Because you've got some really big elements, you've got CMS. I'm assuming it's CDC, and not NIH. Am I correct?nnAndrew VanLandingham:u00a0Actually, this is pretty interesting, Tom. For HHS Protect, the chief information officer of HHS was actually the lead component in building HHS Protect. Now it was just announced, I believe, a few weeks ago by the department that that is going to be moving back to CDC. I think the other thing to point out is the HHS Protect system wasn't the only way HHS was getting public health data in its door, and then reporting out to its partners. Like you said, CMS does have some responsibility in collaboration with CDC to get nursing home data, CMS reports on that. And then laboratory data from state and public health labs and from private labs mainly goes to the CDC. So again, another challenge that we point out is this siloed approach to public health data reporting within the department does pose issues. The department's collecting data from multiple different entities in multiple different ways. And it makes it hard to stitch it together in a cohesive manner so that we're providing clear, consistent public health data to folks. It really is a heavy burden, heavy left for the department.nnTom Temin: We're speaking with Andrew VanLandingham. He is the senior counselor to the Office of Inspector General at Health and Human Services. And this was not a traditional audit report in the way the OIG normally operates. So did you have recommendations for them on this front? Or how does that all work?nnAndrew VanLandingham: This, as you mentioned at the outset, is an annual document that we put out. And it's part of the department's annual financial statement. And really unlike our audit reports, or studies that are specific to one program or one issue, this top management challenge document looks broadly across the department at key issues that face a range of the operating divisions or staff divisions as we call them in HHS and crosses programs. And so as your listeners are looking at, well what are the big challenges across HHS, our top management challenges document really hits on key issues that don't just affect CMS and NIH and FDA. But really the entire operations of the department – things like health equity, obviously a key issue on front of mine for a lot of folks. That's not just something for Medicare and Medicaid to address .That's across a range of programs. The department has a lot of different levers to pull to address that challenge obviously will take a lot of work from folks. But it's also things like financial integrity. HHS – obviously with CMS – it's a large chunk of federal expenditures, in terms of the health care services, but HHS is also the largest grant-making agency in the government and the second largest contracting agency. So we're talking about $2.8 trillion worth of expenditures alone in fiscal year 2021. And that's a giant lift for any department for any entity to manage correctly. And we know that there are a lot of financial integrity issues, the department has made progress on, but a lot of risks that they still face moving forward, like the Medicaid and proper payment rate being over 20%. There's a lot in this document that I think folks will find useful, again, that crosses HHS, in a way that our audits and studies and evaluations still really gives a broad lens a good bigger contextual perspective.nnTom Temin: And getting back to the data protection side of the issue in that challenge five – let's call it the data challenge – is HHS performing at least as well as average with respect to cybersecurity of its data? Or do they need some work, do you think?nnAndrew VanLandingham:u00a0Well, the top management challenge document doesn't actually grade HHS. Our [Federal Information Security Management Act] or annual FISMA work does look at that. And our FISMA work has found that HHS has made some progress on cybersecurity front, but has some room to improve as well. Here, I think it's important to point out this complexity, again, of the cybersecurity challenge facing HHS. On one hand, we know because of the pandemic, HHS has been targeted specifically because of the important role they play in the response. But at the same time, the government is really doing its best to try and improve cybersecurity across all agencies, right? The president issued an executive order earlier this year, that really is a significant step forward, improving cybersecurity across the federal government, and just implementing those provisions. As folks at the Department of Homeland Security and the specific agency [Cybersecurity and Infrastructure Security Agency] work to implement that, HHS is going to really have to change its culture and organizational setup for cybersecurity to meet the spirit of that executive order. It's going to be a heavy lift moving forward, but they could have huge positive impacts for improving the cybersecurity of the department.nnTom Temin: And when you deliver that kind of message to management that you've got to change your whole culture around something and you really got to get up to speed. How do they take it?nnAndrew VanLandingham:u00a0I think the department leadership sees this document as a useful tool to again, look broadly across the agencies, right? So often we look at a problem in terms of it's a Medicare problem or an NIH problem. But something like cybersecurity really does benefit from looking at it from a whole department perspective. And so I think they see this document as a good roadmap and call to action that can really drive interest prioritization, that things that you need to really make change at that level on that scale. And so something like cybersecurity, which has traditionally been siloed within each octave, each major agency within HHS basically has its own CIO, which is a great model. But that just means that at the end of the day, they're all making individual choices around improving cybersecurity. And I think that's where we're seeing some of the risk pop up. And so as the federal government writ large takes measures to really improve cybersecurity sort of the rising tide lifts all boats, making sure that everyone across HHS is responsible is something that the departmental leadership is really going to have in their sites to do. And so I think that they use this document as a way to really understand it from a level that most audits, most evaluation don't necessarily get at. It's useful in that sort of perspective.nnTom Temin: And with respect to the difficulty of that platform for collecting data stood up early in the pandemic. Did you also talk to some of the external stakeholders? That is the large medical institutions that had to do the reporting to give you kind of full sense of the insight there?nnAndrew VanLandingham:u00a0Yeah, absolutely. I think as I mentioned, we did a survey of a few 100 hospital systems, talking to our administrators, trying to really understand a range of challenges related to the pandemic. And one thing that was brought up quite frequently was this idea of the burden of reporting data and the number of changes that they had to address. I think, as we can all imagine, it's not simply flipping a switch and all of a sudden the data flows. A lot of this required changing their electronic health record systems to support reporting, working with their IT vendors to make that happen, all while balancing the demands of responding to a pandemic. And so it was a really good insights, I think, for us to understand the sort of long term planning that's needed to respond to a public health emergency. Again, something else that's addressing our top management challenges, this idea that the department can have the systems ready to go or at least plans in place to stand up the systems for future pandemics so that that burden is not reduced to something that hospitals and others need to change in the midst of responding to the pandemic. But it's something that can be stood up in advance and understood in advance to ease that burden, prove that data collection and ultimately improve the sort of transparency and accountability around not just pandemic response, but also public health emergency response, too.nnTom Temin: Yeah, so really, I would think any agency would want to read this, because in some ways, these cross-agency boundaries, these are universal issues. Just a quick question, does data collection from industry, does that have to go through Paperwork Reduction Act considerations?nnAndrew VanLandingham:u00a0It depends, right, depends on exactly what the department is asking the industry to do. So there's no universal yes, that there are some regulatory hurdles, certainly to collecting information from industry like the Paperwork Reduction Act. But there are certain exceptions the department can get around using that. But to your point, there is a larger federal data strategy that OMB issued just a few weeks ago. I think it shows a great linear progression of not only HHS seemed to do, but a lot of federal governments. And really, it starts with getting the basics right, getting governance right, getting the sort of infrastructure around data right. And it's the stuff that doesn't make headlines. And it's not the stuff that you testify to Congress about. But things like data governance and infrastructure are the sort of singles and doubles that the government needs to hit in order to make significant progress in improving both data collection, but also data publication and transparency. And there are certain pockets, even within HHS that have made strides. CMS has done a lot to make its data more available to both providers and to its patients. And so using those sort of nuts and bolts approaches, at least initially, will help us eventually get to an era where the federal government can better leverage artificial intelligence and machine learning, because that data is more consistent, more standardized, more accessible, and those sorts of technologies really need those large, standardized datasets to work best. And making progress now on those nuts and bolts issues will help make sure that by 2030, the federal government is really making progress on advanced use of data.nnTom Temin: And as a baseball fan, I like your singles and doubles analogy. That's how you score runs in the long run. Andrew VanLandingham is senior counselor to the Office of Inspector General at the Department of Health and Human Services. Thanks so much for joining me.nnAndrew VanLandingham: Thanks Tom, appreciate the opportunity.

“}};

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne

As it does every year, the Department of Health and Human Services Office of Inspector General publishes the top management and performance challenges facing the department. This year, the IG found that HHS faces significant challenges when it comes to data, managing it and using it. With details, the senior counselor to the OIG, Andrew VanLandingham, joined Federal Drive with Tom Temin.

Interview transcript:

Tom Temin: Mr. VanLandingham, good to have you on.

Andrew VanLandingham: Thanks, Tom, appreciate the opportunity to talk about this important document.

Tom Temin: And looking at the data challenges with HHS, which I guess were kind of made worse by the amount of data they had to ingest in the pandemic response, you found that the challenges fall into two basic buckets – tell us what those were.

Andrew VanLandingham: Yeah, I think at the end of the day that the way to sum up the broad challenge of use and protection of data at HHS is best highlighted by the sort of dual challenge they face during the pandemic. On one hand, in order to have a good public health response, HHS needs to be able to share its data with a range of partners, other federal agencies, state and local public health departments, and American citizens. But at the same time, they also need to protect its data. And I think as everyone who listens to your show knows, cybersecurity is a chief challenge at the federal government, and really, the country faces when protecting from adversarial attacks that have just been growing really over the last 18 months during the pandemic.

Tom Temin: And I want to get to that one second, let’s talk about the first issue which is sharing the data. And in some sense, that’s part of a perhaps larger set of issues with respect to being able to make the proper decisions based on data, which as you know, is law and policy for the federal government under the DATA Act and other things. And so it sounds like it just got worse, because of the volume and the number of decisions that had to be made. Would that be a fair way to put it?

Andrew VanLandingham: Yeah, I think it definitely got more complex, I think is the way I would frame it for HHS. I mean, certainly COVID is an unprecedented challenge for HHS, who’s the primary federal agency that has to deal with pandemic response. But through the Food Drug Administration, the National Institutes of Health, but also other agencies that folks may not know a lot about, like the administration for public response [ASPR], that helps lead across federal agencies in response, they need to be able to share data with their partners across a range of issues, right – hospital capacity, lab testing – and those are all key things that the public health response needs in order to be effective, regardless of what level you’re looking at. And so if folks remember, last year, HHS quickly stood up HHS Protect, to sort of solve an issue that they saw where they weren’t be able to get public health data quickly from hospitals especially. And so this is, I think, a good example that then the top management challenge that we referenced, where the intention was great, HHS knew it needed to improve its ability to both ingest and share data and HHS protect was the solution. The problem was trying to stand up a massive database for hospital public health reporting, during the middle of a pandemic does pose some issues. And then a survey we did a few 100 hospitals across the country. One consistent theme we heard at OIG was just the burden of data reporting that put on hospitals during the middle of a pandemic, while they’re struggling to just treat patients and then also adapt to the changing public health reporting requirements. It just shows the magnitude of the problem that the department faced really beginning last year.

Tom Temin: And which component of the department was responsible for this? Because you’ve got some really big elements, you’ve got CMS. I’m assuming it’s CDC, and not NIH. Am I correct?

Andrew VanLandingham: Actually, this is pretty interesting, Tom. For HHS Protect, the chief information officer of HHS was actually the lead component in building HHS Protect. Now it was just announced, I believe, a few weeks ago by the department that that is going to be moving back to CDC. I think the other thing to point out is the HHS Protect system wasn’t the only way HHS was getting public health data in its door, and then reporting out to its partners. Like you said, CMS does have some responsibility in collaboration with CDC to get nursing home data, CMS reports on that. And then laboratory data from state and public health labs and from private labs mainly goes to the CDC. So again, another challenge that we point out is this siloed approach to public health data reporting within the department does pose issues. The department’s collecting data from multiple different entities in multiple different ways. And it makes it hard to stitch it together in a cohesive manner so that we’re providing clear, consistent public health data to folks. It really is a heavy burden, heavy left for the department.

Tom Temin: We’re speaking with Andrew VanLandingham. He is the senior counselor to the Office of Inspector General at Health and Human Services. And this was not a traditional audit report in the way the OIG normally operates. So did you have recommendations for them on this front? Or how does that all work?

Andrew VanLandingham: This, as you mentioned at the outset, is an annual document that we put out. And it’s part of the department’s annual financial statement. And really unlike our audit reports, or studies that are specific to one program or one issue, this top management challenge document looks broadly across the department at key issues that face a range of the operating divisions or staff divisions as we call them in HHS and crosses programs. And so as your listeners are looking at, well what are the big challenges across HHS, our top management challenges document really hits on key issues that don’t just affect CMS and NIH and FDA. But really the entire operations of the department – things like health equity, obviously a key issue on front of mine for a lot of folks. That’s not just something for Medicare and Medicaid to address .That’s across a range of programs. The department has a lot of different levers to pull to address that challenge obviously will take a lot of work from folks. But it’s also things like financial integrity. HHS – obviously with CMS – it’s a large chunk of federal expenditures, in terms of the health care services, but HHS is also the largest grant-making agency in the government and the second largest contracting agency. So we’re talking about $2.8 trillion worth of expenditures alone in fiscal year 2021. And that’s a giant lift for any department for any entity to manage correctly. And we know that there are a lot of financial integrity issues, the department has made progress on, but a lot of risks that they still face moving forward, like the Medicaid and proper payment rate being over 20%. There’s a lot in this document that I think folks will find useful, again, that crosses HHS, in a way that our audits and studies and evaluations still really gives a broad lens a good bigger contextual perspective.

Tom Temin: And getting back to the data protection side of the issue in that challenge five – let’s call it the data challenge – is HHS performing at least as well as average with respect to cybersecurity of its data? Or do they need some work, do you think?

Andrew VanLandingham: Well, the top management challenge document doesn’t actually grade HHS. Our [Federal Information Security Management Act] or annual FISMA work does look at that. And our FISMA work has found that HHS has made some progress on cybersecurity front, but has some room to improve as well. Here, I think it’s important to point out this complexity, again, of the cybersecurity challenge facing HHS. On one hand, we know because of the pandemic, HHS has been targeted specifically because of the important role they play in the response. But at the same time, the government is really doing its best to try and improve cybersecurity across all agencies, right? The president issued an executive order earlier this year, that really is a significant step forward, improving cybersecurity across the federal government, and just implementing those provisions. As folks at the Department of Homeland Security and the specific agency [Cybersecurity and Infrastructure Security Agency] work to implement that, HHS is going to really have to change its culture and organizational setup for cybersecurity to meet the spirit of that executive order. It’s going to be a heavy lift moving forward, but they could have huge positive impacts for improving the cybersecurity of the department.

Tom Temin: And when you deliver that kind of message to management that you’ve got to change your whole culture around something and you really got to get up to speed. How do they take it?

Andrew VanLandingham: I think the department leadership sees this document as a useful tool to again, look broadly across the agencies, right? So often we look at a problem in terms of it’s a Medicare problem or an NIH problem. But something like cybersecurity really does benefit from looking at it from a whole department perspective. And so I think they see this document as a good roadmap and call to action that can really drive interest prioritization, that things that you need to really make change at that level on that scale. And so something like cybersecurity, which has traditionally been siloed within each octave, each major agency within HHS basically has its own CIO, which is a great model. But that just means that at the end of the day, they’re all making individual choices around improving cybersecurity. And I think that’s where we’re seeing some of the risk pop up. And so as the federal government writ large takes measures to really improve cybersecurity sort of the rising tide lifts all boats, making sure that everyone across HHS is responsible is something that the departmental leadership is really going to have in their sites to do. And so I think that they use this document as a way to really understand it from a level that most audits, most evaluation don’t necessarily get at. It’s useful in that sort of perspective.

Tom Temin: And with respect to the difficulty of that platform for collecting data stood up early in the pandemic. Did you also talk to some of the external stakeholders? That is the large medical institutions that had to do the reporting to give you kind of full sense of the insight there?

Andrew VanLandingham: Yeah, absolutely. I think as I mentioned, we did a survey of a few 100 hospital systems, talking to our administrators, trying to really understand a range of challenges related to the pandemic. And one thing that was brought up quite frequently was this idea of the burden of reporting data and the number of changes that they had to address. I think, as we can all imagine, it’s not simply flipping a switch and all of a sudden the data flows. A lot of this required changing their electronic health record systems to support reporting, working with their IT vendors to make that happen, all while balancing the demands of responding to a pandemic. And so it was a really good insights, I think, for us to understand the sort of long term planning that’s needed to respond to a public health emergency. Again, something else that’s addressing our top management challenges, this idea that the department can have the systems ready to go or at least plans in place to stand up the systems for future pandemics so that that burden is not reduced to something that hospitals and others need to change in the midst of responding to the pandemic. But it’s something that can be stood up in advance and understood in advance to ease that burden, prove that data collection and ultimately improve the sort of transparency and accountability around not just pandemic response, but also public health emergency response, too.

Tom Temin: Yeah, so really, I would think any agency would want to read this, because in some ways, these cross-agency boundaries, these are universal issues. Just a quick question, does data collection from industry, does that have to go through Paperwork Reduction Act considerations?

Andrew VanLandingham: It depends, right, depends on exactly what the department is asking the industry to do. So there’s no universal yes, that there are some regulatory hurdles, certainly to collecting information from industry like the Paperwork Reduction Act. But there are certain exceptions the department can get around using that. But to your point, there is a larger federal data strategy that OMB issued just a few weeks ago. I think it shows a great linear progression of not only HHS seemed to do, but a lot of federal governments. And really, it starts with getting the basics right, getting governance right, getting the sort of infrastructure around data right. And it’s the stuff that doesn’t make headlines. And it’s not the stuff that you testify to Congress about. But things like data governance and infrastructure are the sort of singles and doubles that the government needs to hit in order to make significant progress in improving both data collection, but also data publication and transparency. And there are certain pockets, even within HHS that have made strides. CMS has done a lot to make its data more available to both providers and to its patients. And so using those sort of nuts and bolts approaches, at least initially, will help us eventually get to an era where the federal government can better leverage artificial intelligence and machine learning, because that data is more consistent, more standardized, more accessible, and those sorts of technologies really need those large, standardized datasets to work best. And making progress now on those nuts and bolts issues will help make sure that by 2030, the federal government is really making progress on advanced use of data.

Tom Temin: And as a baseball fan, I like your singles and doubles analogy. That’s how you score runs in the long run. Andrew VanLandingham is senior counselor to the Office of Inspector General at the Department of Health and Human Services. Thanks so much for joining me.

Andrew VanLandingham: Thanks Tom, appreciate the opportunity.

Source

In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments 
  • CFTC enforcement developments
  • Other white collar defense industry developments 

22 November 2021

This week’s discussion will cover the following: 

  • Update on Elizabeth Holmes trial
  • Update on Belarus Sanctions
  • FinCEN Notice on Environmental Crimes  
  • Insights on SEC Enforcement – SEC Enforcement’s FY21 report and the NYU Pollack Center for Law & Business and Cornerstone Research report on SEC Corporate Enforcement

Video link

Podcast link

15 November 2021 

This week’s discussion will cover the following: 

  • New Cambodia Sanctions
  • Steve Bannon Indictment

Video link

Podcast link

8 November 2021 

This week’s discussion will cover the following: 

  • Deputy Attorney General Lisa Monaco on corporate enforcement priorities under the Biden Administration
  • The Consumer Financial Protection Bureau (CFPB) is targeting big tech 
    • What do they want and why do they want it?
    • How should tech firms prepare, whether they receive a request from CFPB or not?

Video link

Podcast link

1 November 2021

This week’s discussion will cover the following: 

  • Managing Allegations of Workplace Wrongdoing: Independent Investigator’s Report on Chicago Blackhawks Allegations of Sexual Misconduct

Video link

Podcast link

25 October 2021 

This week’s discussion will cover the following: 

  • Tether Holdings CFTC Crypto Settlement: Reminder that the CFTC is asserting a prominent role in the regulation and enforcement of cryptocurrencies. 
  • SEC Report on January 2021 Market Frenzy: “Staff Report on Equity and Options Market Structure Conditions in Early 2021”
  • Will DOJ Prosecute Steve Bannon for Contempt?

Video link

Podcast link

18 October

This week’s discussion will cover the following: 

  • January 6 Commission and possible prosecution of Steve Bannon for contempt.
  • SEC Enforcement Director Grewal’s speech on appropriate approaches to compliance, proactive enforcement, electronic message retention/production, cooperation, and civil penalties.

Video link

Podcast link

27 September 2021

This week’s discussion will cover the following: 

  • CFTC v. HDR GLOBAL TRADING LIMITED, ET AL
  • Motion to Dismiss Unregistered Crypto Exchange Claims
  • Control Person Liability Runs Into “Minimum Contacts”   
  • House Committee on January 6 Attack Subpoenas Trump Advisors

Video link

Podcast link

20 September 2021

This week’s discussion will cover the following: 

  • Details Behind The SEC Whistleblower Award That Pushed the Program Over $1 Billion in Whistleblower Payouts
  • SEC v. DAYAKAR R. MALLU – Tipper-Tippee Insider Trading Case – SEC Investigation Tactics and Trends
  • Indictment of lawyer by Trump-appointed Special Counsel for lying to the FBI in Russia investigation.

Video link

Podcast link

14 September 2021

This week’s discussion will cover the Elizabeth Holmes Theranos trial. 

Video link

Podcast link

30 August 2021

This week’s discussion will cover the following: 

  • Organized crime charges in new elder abuse case
  • Novel SEC Insider Trading Action — Shadow Trading — SEC v. Matthew Panuwa
  • Quick blurb on 18 year old and under crackdown on video game playing in China
  • SEC v. MANISH LACHWANI – The SEC’s Enforcement Focus on Unicorns

Video link

Podcast link

23 August 2021 

This week’s discussion will cover the following: 

  • Special Inspector General for Afghanistan Reconstruction (SIGAR) Report on Lessons of Corruption in Afghanistan
  • Novel SEC Insider Trading Action — Shadow Trading — SEC v. Matthew Panuwa

Video link 

Podcast link

9 August 2021

This week’s discussion will cover the following: 

  • SEC brings charges unregistered crypto exchange: In the Matter of Poloniex, LLC
  • The need to keep your auditor at arm’s length — SEC brings auditor independence case for audit bid-related misconduct against accounting firm, it’s partners and the Chief Accounting Officer of public company: In the Matter of Ernst & Young LLP, et al. and In the Matter of William G. Stiehl
  • Accusations against Governor Cuomo: Key Legal Issues
  • New Belarus Sanctions

Video link

Podcast link

3 August 2021

This week’s discussion will cover the following: 

  • New DOJ opinion on Trump tax returns
  • New DOJ policy on subpoenas to new organizations
  • New DOJ memorandum on White House communications
  • SEC Chair Gensler’s Public Statement on Disclosures Required by Chinese Companies Listed In US

Video link 

Podcast link

26 July 2021

This week’s discussion will cover the following:

  • The Importance of Having Up-To-Date Automated Accounting Procedures, Effective Manual Accounting Procedures, and Trained Accounting Staff:  The SEC’s Latest Accounting Case Against Tandy Leather Factory Inc. and its former chief executive officer Shannon Greene.
  • Indictment of Trump Advisor Thomas Barrack
  • Biden Executive Order on Promoting Competition

Video link  

Podcast link

13 July 2021

This week’s discussion will cover the following:

  • Manhattan DA’s Indictment of the Trump Organization and Allen Weisselberg
  • New SEC Enforcement Director – New Jersey Attorney General Gurbir Grewal
  • SEC and federal criminal charges filed arising out of alleged fraudulent scheme to sell “insider trading tips” on the Dark Web- SEC v. Apostolos Trovias

Video link

Podcast link

29 June 2021

This week’s discussion will cover the following: 

  • SEC Cybersecurity Enforcement Sweep:  The SEC Clarifies, Sort Of
  • Latest, and Interesting, Comments By SEC Commissioner on ESG
  • Combating Global Corruption Act of 2021
  • Global Magnitsky Reauthorization Act
  • New Belarus Sanctions 

Video Link

Podcast Link

22 June 2021

This week’s discussion will cover the following: 

  • New Charges in 1MDB Case
  • FARA Reform Proposals
  • Possible New Russia Sanctions  
  • Cyber SEC Enforcement: Latest SEC Disclosure Controls and Procedures Enforcement Case
  • A New SEC Cyber Enforcement Sweep

Video Link

Podcast Link

9 June 2021

This week’s discussion will cover the following: 

  • Potential SEC ESG Disclosure Rulemaking and Materiality:  Commissioners Allison Herren Lee and Elad Roisman Continue to Volley
  • White House strategy statement on corruption and national security
  • Belarus sanctions
  • Bulgaria sanctions
  • Executive Order on Western Balkans

Video Link 

Podcast Link

25 May 2021

This week’s discussion will cover the following: 

  • Insight on Gary Gensler’s SEC Enforcement Agenda: SEC Chair’s Remarks at 2021 FINRA Annual Conference
  • Discussion of Treasury’s Plan to Increase IRS Enforcement and Narrow the Tax Gap
  • Update on Nord Stream 2 Sanctions 

Video link 

18 May 2021

This week’s discussion will cover the following:

  • Russian Response to US Sanctions and Designation of US as an “Unfriendly” Country  
  • Trial of Mayor of Fall River, Massachusetts for Extorting Marijuana Businesses  
  • The Challenges of Fitting Modern Practices into Old Laws: SEC Commissioner Hester Peirce’s Statement Regarding an Index Fund SEC Settlement  
  • SEC’s Continued Slow Embrace of Crypto Assets: Division of Investment Management’s Statement on ETF Holdings of Crypto Assets and Potential Enforcement Implications  to Assets and Potential Enforcement Implications  

Video Link

10 May 2021

This week’s discussion will cover the following:

  • Crypto developments:  SEC Chair Gensler’s Testimony, Dogecoin and Saturday Night Live
  • The “Swiss George Floyd Case”  (for more information about this case, please see this documentary featuring Simon Ntah here

Video Link

3 May 2021

This week’s discussion will cover the following:

  • First Voluntary Self-Disclosure of Sanctions and Export Violations Leads to Settlement between Software Company and DOJ
  • The Sudden Resignation of SEC Enforcement Director Alex Oh:  What is Next For SEC Enforcement?

Video Link

26 April 2021

This week’s discussion will cover the following:

  • New SEC Enforcement Director Alex Oh: What It May Mean For SEC Enforcement
  • DOJ Pattern and Practice Investigation of Minneapolis Police Department

Video Link

19 April 2021

This week’s discussion will cover the following:

  • First guilty plea in Capitol attack cases: What it means for future prosecutions
  • New Russia sanctions: What they do and don’t do, and what could be next
  • Comments by Acting Director of the SEC’s Division of Corporation Finance, “SPACs, IPOs and Liability Risk under the Securities Laws”: What it means for SEC enforcement

Video Link

12 April 2021

This week’s discussion will cover the following:

  • Criminal Antitrust Prosecutions of No Poaching and Wage Fixing Agreements: Perspective of a Leading Antitrust Lawyer.
  • Enforcement perspectives arising out of the SEC’s April 9, 2021 “Risk Alert” relating to ESG products and services offered by investment advisers, registered investment companies and private funds.
  • DOJ Priorities under the Biden Administration: What the Budget Tells Us.

Video Link

30 March 2021

This week’s discussion will cover the following:

  • SEC Enforcement Sweep Looks Into SPAC IPOs
  • New Legal Issues in the Capitol Riot Cases

Video Link

15 March 2021

This week’s discussion will cover the following:

  • DOJ/SEC FCPA priorities
  • Oath Keepers conspiracy case
  • New Russian law to protect officials against corruption charges
  • Does SEC Commissioner Crenshaw’s speech about increased corporate penalties foreshadow a possible retraction of the SEC’s 2006 Statement Concerning Financial Penalties and what we can expect from corporate securities enforcement over the next 4 years?

Video Link

8 March 2021

This week’s discussion will cover the following:

  • This week, Jerome is joined by his partners Amy Greer and Jen Klass and they will dig deep into the enforcement issues presented by the SEC’s “Enforcement Task Force Focused on Climate and ESG Issues” 

Video Link

1 March 2021

This week’s discussion will cover the following:

  • The SEC’s Plan to Dig Into Public Company Climate Change Disclosures: A White Collar Enforcement Perspective
  • Key Takeaways from Merrick Garland Confirmation Hearing
  • Update on Capitol Riot Cases
  • Secretary Blinken Statement on Anticorruption Champions 

Video Link

22 February 2021

This week’s discussion will cover the following:

  • Potential prosecution of former President Trump for incitement of the Capitol attack
  • The SEC’s latest message following the “The Market Events”: trading suspension in In the Matter of SpectraScience, Inc. 
  • New Transparency International Corruption Report
  • The SEC’s ICO enforcement initiative lives on: SEC v. Coinseed, Inc., et al. (S.D.N.Y. 17 February 2021)

Video Link

15 February 2021

This week’s discussion will cover the following:

  • Update on Capitol riot cases
  • The legal definition  of “incitement of insurrection” 
  • Discussion of the reported DOJ and SEC investigations into the retail traders in last month’s market events
  • A reminder on the scope of the US insider trading laws, courtesy of SEC v. Mark Ahn (D. Mass) (also a parallel criminal case was filed)

Video Link

8 February 2021

This week’s discussion will cover the following:

  • An update on the Capitol Riots
  • Consideration of new sanctions on Russia
  • An update on stock market events, including the FINRA notice on broker-dealer “game-style” trading apps 

Video Link

1 February 2021

This week’s discussion will cover the following:

  • Analysis of the Reddit/WallStreetBets-driven stock surges, with a special appearance by Jerome’s 15 year old son, Sam, who has been following the events on Reddit and Discord  
  • Discussion of the Hoskins appeal and the future of the FCPA’s “Agency” theory
  • Update on the Capitol raid prosecutions

Video Link

18 January 2021

This week’s discussion will cover the following:

  • New SEC Enforcement Statute of Limitations and Disgorgement Provisions Contained in the NDAA
  • New AML Whistleblower Bounty Provision in the NDAA
  • Criminal charges against Capitol rioters
  • Julian Assange extradition case

Video Link

4 January 2021

This week’s discussion will cover the following:

  • What criminal statutes might apply to the attack on the Capitol?
    • 18 USC 2383 – Rebellion or Insurrection
    • 18 USC 2384 – Seditious Conspiracy
    • 18 USC 1752 – Restricted Building or Grounds
  • What, if any, criminal statutes might apply to President Trump’s call last week with Georgia Secretary of State?
  • The 25th Amendment — A brief history of the amendment, what the amendment provides for and how it might apply in light of these events.

Video Link

14 December 2020

Video Link

07 December 2020

Video Link

23 November 2020

Video Link

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020 

Video Link

The post United States: This Week in Government Enforcement (Video Chat) appeared first on Global Compliance News.

Source

On November 3, 2021, the Commerce Department’s Bureau of Industry and Security (“BIS”) issued a final rule (“Final Rule”) adding the following four entities to the Department of Commerce Bureau of Industry and Security (“BIS”) Entity List: Candiru (Israel), NSO Group (Israel), Computer Security Initiative Consultancy PTE (Singapore), and Positive Technologies (Russia). The addition of the four entities comes after the October 21, 2021 publication of an interim rule by BIS establishing controls on the export, re-export, and in-country transfers of items that may be used for malicious cyber activities and is part of the ongoing effort by the Biden-Harris Administration to combat the use of digital tools for repression.  

According to the Final Rule, Candiru and NSO Group were added to the Entity List for developing and supplying spyware to foreign governments in order to maliciously target government officials, embassy workers, business people, journalists, activities and academics. Computer Security Initiative Consultancy PTE and Positive Technologies were added to the Entity List for the misuse and trafficking of cyber tools used to gain unauthorized access to information systems and posing a threat to the privacy and security of individuals and organizations worldwide.  A license will be required from BIS to export, reexport, or transfer (in-country) to or through these parties any items subject to the Export Administration Regulations (“EAR”), subject to a policy of denial.

The post US Government Adds Four Entities on the Department of Commerce Bureau of Industry and Security Entity List for Malicious Cyber Activities appeared first on Global Compliance News.

Source

On October 26, 2021, the Department of Commerce’s Bureau of Industry and Security (“BIS”) published an advance notice of proposed rulemaking (“ANPRM”) seeking public comments concerning the identification of certain neuro “brain-computer interface” (BCI) technology as an emerging technology and the potential imposition of export controls on such technology. Comments are due no later than December 10, 2021.

BCI technology was identified by BIS back in a November 2018 ANPRM as part of a representative list of emerging technologies that are essential to US national security and that are currently subject to no or very limited controls under existing US export control regimes. The latest ANPRM summarises comments received at that time regarding potential controls on BCI Technology. For more details about the 2018 ANPRM, please see our prior blog post.

BCI technology is defined in the latest ANPRM as including, inter alia, neural-controlled interfaces, mind-machine interfaces, direct neural interfaces, and brain-machine interfaces that could be used in commercial, medical, and military applications. BCIs acquire brain signals, analyze them, and translate them into commands that can be used to control external devices.  BCI technology can be used in medical fields to replace or restore useful function in persons affected by neuromuscular disorders, as an interaction tool for multimedia, entertainment and other fields, and also has potential military use to enhance capabilities of human soldiers.

BIS is seeking comments on the potential uses of BCI technology, especially its impact on US national security, and on how to establish effective and appropriate export controls on BCI technology that balance the interest of protecting US national security while minimizing the impact on legitimate commercial and scientific applications of this technology. BIS is particularly interested in understanding the following issues:  

  • The necessary international standards for BCI technology;
  • The development status of BCI technology in the United States compared to other countries;
  • The status of BIC technology’s commercial application in foreign countries;
  • Whether the current development stage of BIC technology allows for commercial production and use;
  • The development status of non-invasive brain signal sensors and related software;
  • The potential impact of export controls on BCI technology on US technological leadership;
  • The potential interaction between the development of other emerging technologies (e.g., AI technologies) and the development of BCI technology;
  • The potential ethical or policy issues resulting from the use of BCI technology;
  • The potential benefits and risks resulting from the application of BCI technology;
  • The potential advantages and disadvantages of using BCI chips/sensors and related software for specific applications;
  • Whether certain BIC technologies are significantly more vulnerable to cybersecurity threats;
  • The potential vulnerability of transmitted BCI data to hacking or manipulation;
  • Which aspects of BIS technology would require monitoring by the US Government;
  • What USG policies and regulations or industry standards need to be established before the broad commercial application of the BCI technology; and
  • Whether export controls on BCI technology should be implemented multilaterally or unilaterally.

BIS also encourages comments that address issues raised by comments in response to the 2018 ANPRM and any other BCI technology topics that are relevant to the export controls of such technology.

BIS is accepting comments to the ANPRM by email (PublicComments@bis.doc.gov) and via the Federal eRulemaking Portal until December 10, 2021. Companies whose business involves BIC technology are strongly encouraged to submit detailed comments to BIS to help shape how this technology may be controlled going forward.

Baker McKenzie would be happy to assist interested companies in preparing and submitting public comments in response to the ANPRM.

Separately, on October 5, 2021, BIS published a Final Rule amending the Export Administration Regulations to add new controls under ECCN 2D352 and 2E001 on certain emerging technology genetic sequencing software, specifically nucleic acid assembler and synthesizer software, and related technology capable of designing and building functional genetic elements from digital sequence data. Such software can be used to generate pathogens and toxins without the need to acquire controlled genetic elements and organisms and thus has potential use for biological weapons purposes. This Final Rule implements changes agreed at the May 2021 multilateral Australia Group plenary. Such software now requires a license for chemical and biological weapons (CB) and anti-terrorism (AT) reasons to certain countries. These controls are already in effect as of October 5, 2021.

The post United States: BIS Announces Review of Potential Controls on Brain-Computer Interface Technology and Seeks Public Comment, Expands Controls on Certain Biological Equipment Software and Technology appeared first on Global Compliance News.

Source

Background on Lawsuit

On November 2, the United States District Court for the District of Columbia dismissed the suit brought by a class of child laborers who mine cobalt in the Democratic Republic of Congo (“DRC”) against several US tech companies under the Trafficking Victims Protection Reauthorization Act (“TVPRA”) and several common law based causes of action.  TVPRA allows victims of human trafficking and certain other crimes such as forced labor to bring civil claims against those who knowingly benefitted from these crimes.  Here, the complaint was based on two alleged TVPRA violations: forced labor and trafficking with respect to peonage, slavery, involuntary servitude, or forced labor.  The complaint alleged that defendants knowingly benefitted from the lithium-ion batteries produced with the cobalt mined by the plaintiffs who were forced to work in dangerous conditions that resulted in numerous injuries.   The complaint also contained broad allegations that the US tech industry’s increased demand for lithium-ion batteries resulted in a new wave “of brutal exploitation” in the DRC, one “fueled by greed, corruption and indifference to a population of powerless, starving Congolese people.”

The Decision

The court held that the plaintiffs did not have standing to bring their claims because they did not adequately identify the defendants’ conduct as the cause of the injury they suffered.  The court noted that plaintiffs did not assert that Defendants employed any plaintiff.  Neither did the plaintiffs allege that defendants owned or operated any of the cobalt mines where plaintiffs worked.  Therefore, while acknowledging the harm to Plaintiffs, the court stated that “it takes many analytical leaps to say that the end-purchasers of a fungible metal are responsible for the conditions in which that metal might or might not have been mined, especially when that mining took place thousands of miles away and flowed through many independent companies” before reaching the defendants.  The court stated that plaintiffs would have to, at a minimum, assert specific facts to prove each Defendant’s role in the causal chain.

Additionally, the court noted that even if it had jurisdiction over the claims, the plaintiffs did not plead facts sufficient to show that defendants violated the TVPRA.  To recover under Section 1595 (the provision that allows for civil recovery under the TVPRA), one must show that defendants “knowingly benefit[ted]” from “participation in a venture” which violated the TVPRA and which the defendants knew or should have known engaged in such a violation.  The court concluded that a global supply chain is not a venture, and thus plaintiffs did not present enough facts from which it could be inferred that defendants were part of “some cobalt-gathering venture.”  Further, the court noted that the plaintiffs’ allegations showed that their decision to start a career in cobalt-mining was due to economic necessity and not coercion on the part of defendants, and in any case, Section 1595 of the TVPRA would not apply because there is no clear indication from its language that it has extraterritorial reach.

Lastly, the court noted that in addition to failing to specify the state law governing the common law claims of unjust enrichment, negligent supervision, and intentional infliction of emotional distress, the plaintiffs also did not adequately plead facts to prove, among other things, any connection between defendants and the plaintiffs or their injuries under general tort law principles.

Implications of the Decision for Corporations

The decision is a victory for the tech companies.  It demonstrates the difficulties that potential plaintiffs could face with establishing standing.  While in this case, the court stated that Section 1595 of the TVPRA may not be applied extraterritorially as a matter of statutory interpretation, this statement is dicta.  Other district courts have reached the opposite conclusion.  For example, in a California case related to alleged forced labor in Thai seafood factories that supplied the seafood to a US manufacturer, the court refused to dismiss the complaint and held that Section 1595 applies extraterritorially.  However, there, the defendants included the entire supply chain — the US manufacturer, the companies that ran the Thai factories, and the company that transported the seafood to the US.  Therefore, contrary to the DC district court’s finding, the California court found that the plaintiffs’ allegation that defendants were a part of a “joint venture” was sufficient to survive the motion to dismiss.  At the same time, in its ruling on the motion for summary judgment, the court refused to “expand the reach of extraterritorial jurisdiction to offenses wholly occurring in foreign countries, exclusively involving foreign victims, and that were perpetrated by foreign offenders who never set foot in the United States.”  Therefore, had the facts of the case brought by the child laborers from the DRC been different (i.e., had there been more of a connection between the mines and the defendants, or had there been evidence that the defendants knew of the problematic labor practices), the DC district court may have also decided in favor of extraterritorial application of Section 1595.  Companies with global supply chains should therefore continue to monitor and oversee compliance with applicable laws and regulations, including those which prohibit involvement in human rights abuses. 

The post US Court Dismissed Cobalt Mining Forced Labor Lawsuit Against Tech Companies appeared first on Global Compliance News.

Source

On 31 October 2021, the EU and US issued a joint statement announcing that they had reached an agreement to end their dispute over steel and aluminium tariffs. This agreement removes the US “Section 232” tariffs on imports of EU steel and aluminium, imposed during the Trump administration, whilst the EU has agreed to suspend additional duties imposed on US goods in retaliation. Both sides have also agreed to suspend disputes initiated against each other at the WTO in relation to the tariffs.

The deal ends a prolonged stand-off between the EU and US that began following the US’s introduction of tariffs for imports of steel (25% tariff) and aluminium (10% tariff) in 2018. In response, the EU introduced retaliatory tariffs on US-manufactured whiskey, motor boats and motorcycles. The EU and US had been in negotiations since the start of the Biden administration to settle the trade dispute and (absent this agreement) the EU had planned to increase its tariffs again this December.

As part of the deal, the US has agreed to remove tariffs on the above EU exports, effective from 1 January 2022, through a tariff-rate quota (“TRQ”) system. Under the TRQ arrangement, “historically-based” volumes of EU steel and aluminium imports will enter the US tariff free:

  • For EU steel imports to the US, a total annual quota of 3.3 million metric tonnes, covering 54 product categories (see Annex 1), will be set and allocated on an EU member state basis in line with historical import values from 2015 to 2017. In order to be eligible for duty-free treatment, steel imports must have been “melted and poured” in the EU in accordance with US requirements.
  • For EU aluminium imports to the US, a total annual quota of (i) 18,000 metric tonnes for unwrought aluminium (covering two product categories) and (ii) 366,000 metrics tonnes for wrought aluminium (covering 14 product categories) will be set (see Annex 2). The import volumes will also be allocated on an EU member state basis in line with historical import values from 2018 to 2019, with the exception of foil (HS code 7607), where 2021 annualized data will be used.  

In parallel, the EU and US have also agreed to begin discussions on an arrangement (the “Global Arrangement on Sustainable Steel and Aluminium”) intended to facilitate the decarbonising of the steel and aluminium industries and to address “overcapacity in these industries caused by non-market practices in some economies”. The US and EU will now create a technical working group to develop a joint methodology and share relevant information for evaluating emissions connected with traded steel and aluminium.

Additionally, the US announced that it would be commencing a separate consultation with the UK for it to join the US / EU arrangement. It is possible this may result in similar relief from US steel and aluminium tariffs for British exporters, though currently these still remain in place. The US has also announced that a similar consultation will commence with Japan.   

The post EU/US: EU and US reach deal on steel and aluminum tariffs appeared first on Global Compliance News.

Source

In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments 
  • CFTC enforcement developments
  • Other white collar defense industry developments 

15 November 2021 

This week’s discussion will cover the following: 

  • New Cambodia Sanctions
  • Steve Bannon Indictment

Video link

Podcast link

8 November 2021 

This week’s discussion will cover the following: 

  • Deputy Attorney General Lisa Monaco on corporate enforcement priorities under the Biden Administration
  • The Consumer Financial Protection Bureau (CFPB) is targeting big tech 
    1. What do they want and why do they want it?
    2. How should tech firms prepare, whether they receive a request from CFPB or not?

Video link

Podcast link

1 November 2021

This week’s discussion will cover the following: 

  • Managing Allegations of Workplace Wrongdoing: Independent Investigator’s Report on Chicago Blackhawks Allegations of Sexual Misconduct

Video link

Podcast link

25 October 2021 

This week’s discussion will cover the following: 

  • Tether Holdings CFTC Crypto Settlement: Reminder that the CFTC is asserting a prominent role in the regulation and enforcement of cryptocurrencies. 
  • SEC Report on January 2021 Market Frenzy: “Staff Report on Equity and Options Market Structure Conditions in Early 2021”
  • Will DOJ Prosecute Steve Bannon for Contempt?

Video link

Podcast link

18 October 2021

This week’s discussion will cover the following: 

  • 6 January Commission and possible prosecution of Steve Bannon for contempt.
  • SEC Enforcement Director Grewal’s speech on appropriate approaches to compliance, proactive enforcement, electronic message retention/production, cooperation, and civil penalties.

Video link

Podcast link

27 September 2021

This week’s discussion will cover the following: 

  • CFTC v. HDR GLOBAL TRADING LIMITED, ET AL
  • Motion to Dismiss Unregistered Crypto Exchange Claims
  • Control Person Liability Runs Into “Minimum Contacts”   
  • House Committee on January 6 Attack Subpoenas Trump Advisors

Video link

Podcast link

20 September 2021

This week’s discussion will cover the following: 

  • Details Behind The SEC Whistleblower Award That Pushed the Program Over $1 Billion in Whistleblower Payouts
  • SEC v. DAYAKAR R. MALLU – Tipper-Tippee Insider Trading Case – SEC Investigation Tactics and Trends
  • Indictment of lawyer by Trump-appointed Special Counsel for lying to the FBI in Russia investigation.

Video link

Podcast link

14 September 2021

This week’s discussion will cover the Elizabeth Holmes Theranos trial. 

Video link

Podcast link

30 August 2021

This week’s discussion will cover the following: 

  • Organized crime charges in new elder abuse case
  • Novel SEC Insider Trading Action — Shadow Trading — SEC v. Matthew Panuwa
  • Quick blurb on 18 year old and under crackdown on video game playing in China
  • SEC v. MANISH LACHWANI – The SEC’s Enforcement Focus on Unicorns

Video link

Podcast link

23 August 2021 

This week’s discussion will cover the following: 

  • Special Inspector General for Afghanistan Reconstruction (SIGAR) Report on Lessons of Corruption in Afghanistan
  • Novel SEC Insider Trading Action — Shadow Trading — SEC v. Matthew Panuwa

Video link 

Podcast link

9 August 2021

This week’s discussion will cover the following: 

  • SEC brings charges unregistered crypto exchange: In the Matter of Poloniex, LLC
  • The need to keep your auditor at arm’s length — SEC brings auditor independence case for audit bid-related misconduct against accounting firm, it’s partners and the Chief Accounting Officer of public company: In the Matter of Ernst & Young LLP, et al. and In the Matter of William G. Stiehl
  • Accusations against Governor Cuomo: Key Legal Issues
  • New Belarus Sanctions

Video link

Podcast link

3 August 2021

This week’s discussion will cover the following: 

  • New DOJ opinion on Trump tax returns
  • New DOJ policy on subpoenas to new organizations
  • New DOJ memorandum on White House communications
  • SEC Chair Gensler’s Public Statement on Disclosures Required by Chinese Companies Listed In US

Video link 

Podcast link

26 July 2021

This week’s discussion will cover the following:

  • The Importance of Having Up-To-Date Automated Accounting Procedures, Effective Manual Accounting Procedures, and Trained Accounting Staff:  The SEC’s Latest Accounting Case Against Tandy Leather Factory Inc. and its former chief executive officer Shannon Greene.
  • Indictment of Trump Advisor Thomas Barrack
  • Biden Executive Order on Promoting Competition

Video link  

Podcast link

13 July 2021

This week’s discussion will cover the following:

  • Manhattan DA’s Indictment of the Trump Organization and Allen Weisselberg
  • New SEC Enforcement Director – New Jersey Attorney General Gurbir Grewal
  • SEC and federal criminal charges filed arising out of alleged fraudulent scheme to sell “insider trading tips” on the Dark Web- SEC v. Apostolos Trovias

Video link

Podcast link

29 June 2021

This week’s discussion will cover the following: 

  • SEC Cybersecurity Enforcement Sweep:  The SEC Clarifies, Sort Of
  • Latest, and Interesting, Comments By SEC Commissioner on ESG
  • Combating Global Corruption Act of 2021
  • Global Magnitsky Reauthorization Act
  • New Belarus Sanctions 

Video Link

Podcast Link

22 June 2021

This week’s discussion will cover the following: 

  • New Charges in 1MDB Case
  • FARA Reform Proposals
  • Possible New Russia Sanctions  
  • Cyber SEC Enforcement: Latest SEC Disclosure Controls and Procedures Enforcement Case
  • A New SEC Cyber Enforcement Sweep

Video Link

Podcast Link

9 June 2021

This week’s discussion will cover the following: 

  • Potential SEC ESG Disclosure Rulemaking and Materiality:  Commissioners Allison Herren Lee and Elad Roisman Continue to Volley
  • White House strategy statement on corruption and national security
  • Belarus sanctions
  • Bulgaria sanctions
  • Executive Order on Western Balkans

Video Link 

Podcast Link

25 May 2021

This week’s discussion will cover the following: 

  • Insight on Gary Gensler’s SEC Enforcement Agenda: SEC Chair’s Remarks at 2021 FINRA Annual Conference
  • Discussion of Treasury’s Plan to Increase IRS Enforcement and Narrow the Tax Gap
  • Update on Nord Stream 2 Sanctions 

Video link 

18 May 2021

This week’s discussion will cover the following:

  • Russian Response to US Sanctions and Designation of US as an “Unfriendly” Country  
  • Trial of Mayor of Fall River, Massachusetts for Extorting Marijuana Businesses  
  • The Challenges of Fitting Modern Practices into Old Laws: SEC Commissioner Hester Peirce’s Statement Regarding an Index Fund SEC Settlement  
  • SEC’s Continued Slow Embrace of Crypto Assets: Division of Investment Management’s Statement on ETF Holdings of Crypto Assets and Potential Enforcement Implications  to Assets and Potential Enforcement Implications  

Video Link

10 May 2021

This week’s discussion will cover the following:

  • Crypto developments:  SEC Chair Gensler’s Testimony, Dogecoin and Saturday Night Live
  • The “Swiss George Floyd Case”  (for more information about this case, please see this documentary featuring Simon Ntah here

Video Link

3 May 2021

This week’s discussion will cover the following:

  • First Voluntary Self-Disclosure of Sanctions and Export Violations Leads to Settlement between Software Company and DOJ
  • The Sudden Resignation of SEC Enforcement Director Alex Oh:  What is Next For SEC Enforcement?

Video Link

26 April 2021

This week’s discussion will cover the following:

  • New SEC Enforcement Director Alex Oh: What It May Mean For SEC Enforcement
  • DOJ Pattern and Practice Investigation of Minneapolis Police Department

Video Link

19 April 2021

This week’s discussion will cover the following:

  • First guilty plea in Capitol attack cases: What it means for future prosecutions
  • New Russia sanctions: What they do and don’t do, and what could be next
  • Comments by Acting Director of the SEC’s Division of Corporation Finance, “SPACs, IPOs and Liability Risk under the Securities Laws”: What it means for SEC enforcement

Video Link

12 April 2021

This week’s discussion will cover the following:

  • Criminal Antitrust Prosecutions of No Poaching and Wage Fixing Agreements: Perspective of a Leading Antitrust Lawyer.
  • Enforcement perspectives arising out of the SEC’s April 9, 2021 “Risk Alert” relating to ESG products and services offered by investment advisers, registered investment companies and private funds.
  • DOJ Priorities under the Biden Administration: What the Budget Tells Us.

Video Link

30 March 2021

This week’s discussion will cover the following:

  • SEC Enforcement Sweep Looks Into SPAC IPOs
  • New Legal Issues in the Capitol Riot Cases

Video Link

15 March 2021

This week’s discussion will cover the following:

  • DOJ/SEC FCPA priorities
  • Oath Keepers conspiracy case
  • New Russian law to protect officials against corruption charges
  • Does SEC Commissioner Crenshaw’s speech about increased corporate penalties foreshadow a possible retraction of the SEC’s 2006 Statement Concerning Financial Penalties and what we can expect from corporate securities enforcement over the next 4 years?

Video Link

8 March 2021

This week’s discussion will cover the following:

  • This week, Jerome is joined by his partners Amy Greer and Jen Klass and they will dig deep into the enforcement issues presented by the SEC’s “Enforcement Task Force Focused on Climate and ESG Issues” 

Video Link

1 March 2021

This week’s discussion will cover the following:

  • The SEC’s Plan to Dig Into Public Company Climate Change Disclosures: A White Collar Enforcement Perspective
  • Key Takeaways from Merrick Garland Confirmation Hearing
  • Update on Capitol Riot Cases
  • Secretary Blinken Statement on Anticorruption Champions 

Video Link

22 February 2021

This week’s discussion will cover the following:

  • Potential prosecution of former President Trump for incitement of the Capitol attack
  • The SEC’s latest message following the “The Market Events”: trading suspension in In the Matter of SpectraScience, Inc. 
  • New Transparency International Corruption Report
  • The SEC’s ICO enforcement initiative lives on: SEC v. Coinseed, Inc., et al. (S.D.N.Y. 17 February 2021)

Video Link

15 February 2021

This week’s discussion will cover the following:

  • Update on Capitol riot cases
  • The legal definition  of “incitement of insurrection” 
  • Discussion of the reported DOJ and SEC investigations into the retail traders in last month’s market events
  • A reminder on the scope of the US insider trading laws, courtesy of SEC v. Mark Ahn (D. Mass) (also a parallel criminal case was filed)

Video Link

8 February 2021

This week’s discussion will cover the following:

  • An update on the Capitol Riots
  • Consideration of new sanctions on Russia
  • An update on stock market events, including the FINRA notice on broker-dealer “game-style” trading apps 

Video Link

1 February 2021

This week’s discussion will cover the following:

  • Analysis of the Reddit/WallStreetBets-driven stock surges, with a special appearance by Jerome’s 15 year old son, Sam, who has been following the events on Reddit and Discord  
  • Discussion of the Hoskins appeal and the future of the FCPA’s “Agency” theory
  • Update on the Capitol raid prosecutions

Video Link

18 January 2021

This week’s discussion will cover the following:

  • New SEC Enforcement Statute of Limitations and Disgorgement Provisions Contained in the NDAA
  • New AML Whistleblower Bounty Provision in the NDAA
  • Criminal charges against Capitol rioters
  • Julian Assange extradition case

Video Link

4 January 2021

This week’s discussion will cover the following:

  • What criminal statutes might apply to the attack on the Capitol?
    • 18 USC 2383 – Rebellion or Insurrection
    • 18 USC 2384 – Seditious Conspiracy
    • 18 USC 1752 – Restricted Building or Grounds
  • What, if any, criminal statutes might apply to President Trump’s call last week with Georgia Secretary of State?
  • The 25th Amendment — A brief history of the amendment, what the amendment provides for and how it might apply in light of these events.

Video Link

14 December 2020

Video Link

07 December 2020

Video Link

23 November 2020

Video Link

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020 

Video Link

The post United States: This Week in Government Enforcement (Video Chat) appeared first on Global Compliance News.

Source

In brief

In November, the United States announced that Ethiopia, Guinea and Mali would be terminated from the African Growth and Opportunity Act (AGOA) trade preference program, unless they took urgent action to meet eligibility criteria by 1 January 2022. An unconstitutional change in governments in Guinea and Mali and human rights violations in Ethiopia, due to conflict in the country, were given as the reasons for the termination. AGOA eligibility requirements include, among other things, that countries must follow the rule of law and implement economic policies that reduce poverty and combat corruption and bribery. Countries must also protect internationally recognized human and worker rights, and must not engage in activities that undermine national security interests.


In depth

On 2 November 2021, US President Joe Biden announced that three African countries would be terminated from the African Growth and Opportunity Act (AGOA) trade preference program, unless they took urgent action to meet statutory eligibility criteria by 1 January 2022. The three countries listed were Guinea, Mali and Ethiopia. The US administration cited unconstitutional changes in governments in Guinea and Mali and human rights violations in Ethiopia, due to conflict in the country, as reasons for the termination. The statement announced the intention to provide all three countries with a clear benchmark and pathway towards reinstatement so that valued trading partnerships could be resumed.

AGOA eligibility criteria is reviewed annually to ensure that countries qualify to continue to receive the benefits of the trade preference scheme. Requirements for eligibility include, among other things, that countries must be making substantial progress in establishing a market-based economy, as well as following the rule of law and implementing economic policies that reduce poverty and combat corruption and bribery. Countries must also protect internationally recognized worker rights, and must not engage in activities that undermine US foreign policy or national security interests. Countries must not be found to have committed gross human rights violations.

If countries are not making progress with AGOA eligibility requirements, they may be terminated as beneficiaries of the trade preference scheme. Alternatively, the US administration may withdraw or suspend the duty-free treatment of products for a particular country to facilitate compliance with AGOA.

The most recent statistics available, from 2019, indicate that US trade with all three of these countries is not balanced in terms of its reciprocity. According to the Office of the US Trade Representative, Ethiopia was the 84th largest goods trading partner with the US in 2019. In this year, goods exported from Ethiopia to the US were valued at USD 1 billion, and goods imported from the US into Ethiopia were valued at USD 572 million. The US goods trade surplus with Ethiopia was USD 442 million in 2019. In the same year, Guinea was the 161st largest goods trading partner with the US. Goods exported from the US into Guinea amounted to USD 128 million and US goods imported into Guinea totaled USD 9 million. The US goods trade surplus with Guinea was USD 119 million in 2019. Mali was the 178th largest goods trading partner with the US in 2019. Goods exported from Mali to the US totaled USD 68 million and goods imported from the US into Mali totaled US 5 million. The US goods trade surplus with Mali was USD 63 million in 2019.

The US administration recently announced the renewal of its Prosper Africa Initiative, with a message that it would reinvigorate reciprocal trade between Africa and the US. The initiative focuses on improving trade and investment between the US and Africa in sectors such as infrastructure, energy and climate solutions, healthcare and technology.  The Biden Administration is reportedly also supportive of the African Continental Free Trade Area agreement (AfCFTA) – a continent-wide free trade agreement.

The non-reciprocal AGOA, which allows duty- and quota-free exports from eligible African countries into the US, is due to expire in 2025. It was thought that it might be replaced with new, reciprocal trade agreements between the US and African countries that follow the free trade policies of the AfCFTA agreement, as well as the more reciprocal trade relationships promoted as part of the Prosper Africa initiative. However, it appears that adherence to the strict statutory obligations of AGOA membership might continue to be implemented as an effective governance tool, ensuring that AGOA eligibility requirements, which include commitments to constitutionality, the rule of law and human rights, are closely followed in every country that wishes to benefit from duty free trade with the United States. Whether this will change in 2025 and be replaced with more reciprocal trade agreements remains to be seen.

Related article

Africa: US announces renewed Prosper Africa trade initiative

The post Africa: African Growth and Opportunity Act eligibility requirements under review in three African countries appeared first on Global Compliance News.

Source

In brief

Noncitizen travelers can pack their bags. With certain requirements, noncitizen travelers will be allowed to travel to the US as of November 8, 2021, under President Biden’s Proclamation on Advancing the Safe Resumption of Global Travel During the COVID-19 Pandemic. The new rules, which focus on the vaccination status of noncitizen travelers, replace the country specific restrictions that have been in place since March 2020. The proclamation also contains limited exceptions within the proclamation for noncitizen travelers who have not been vaccinated.

Critically, nonimmigrant visa holders always require US visa stamps to reenter the United States. Although the travel restrictions will be lifted for vaccinated travelers as described below, the US Consulates and Embassies remain closed for routine visa processing – meaning that travelers should expect long backlogs when scheduling visa stamping appointments. This could be a damper on travel for many foreign national visa-holders who have been “stuck” in the United States over the course of the pandemic and are looking to travel home during the holidays.


Contents

  1. Who is able to enter the US under the proclamation?
  2. When do the new rules take effect?
  3. Key takeaways
  4. What rules must noncitizens who have an exemption follow?
  5. What actions should my company take?

Who is able to enter the US under the proclamation?

Noncitizen travelers who have received a COVID-19 vaccine authorized or approved by the traveler’s country of nationality (as determined by the Director of the Centers for Disease Control and Prevention (CDC) in consultation with the Secretary of State) will not be restricted from entering the US. The traveler will still be required to provide proof of a negative pre-departure COVID-19 test within three days before travel, and follow appropriate precautionary measures during travel, as determined by the Director of the CDC. Despite this relaxation in COVID-related travel restrictions, noncitizen travelers must still have the appropriate immigration documentation to enter the US. The proclamation does not apply to US citizens, US nationals, US lawful permanent residents, immigrants and air crew members.

When do the new rules take effect?

The new rules will take effect at 12:01 am EST on November 8, 2021. However, the proclamation specifies that the new rules will not apply to noncitizens aboard a flight scheduled to arrive in the US that departed prior to 12:01 am EST on November 8, 2021, so noncitizen travelers heading to the US should check their departure time and which rules apply.

Key takeaways

The new rules apply to all noncitizens. There are a number of exemptions to the vaccine requirement, including for individuals who have a medical condition prohibiting vaccination, for individuals from countries that do not have sufficient access to vaccines, and for humanitarian and/or emergency reasons. In addition, vaccination is not required for children under 18 years of age, and pre-travel testing is not required for children under two. 

Like the prior rules, there is an exemption for noncitizens or a group of noncitizens whose entry would be in the national interest, as determined by the Secretary of State, the Secretary of Transportation, the Secretary of Homeland Security, or their designees.

Importantly, the US Consulates and Embassies around the world remain closed for routine visa processing. This means that backlogs for appointments spanning several months are likely, and “expedited” or “emergency” requests may be necessary for individuals seeking to travel and obtain visa appointments over the holiday months.

What rules must noncitizens who have an exemption follow?

The proclamation outlines specific requirements unvaccinated noncitizens who are exempted or receive an exemption must follow while they are in the US, including that they may need to agree to become fully vaccinated against COVID-19 within 60 days of arriving in the US, and provide proof of having arranged to become fully vaccinated against COVID-19 after arriving in the US if their stay is longer than 60 days. In addition, noncitizens must agree to comply with applicable public health precautions established by the Director of the CDC, which currently includes proof of a negative pre-departure COVID-19 test within one day before travel and may include proof of having arranged to self-quarantine or self-isolate after arriving in the US.

What actions should my company take?

  • Discuss the scope and specifics of the proclamation with your employees. Many noncitizens will likely be excited by these changes given the pent-up demand for international travel, but your employees should understand how the rules apply to them before they plan their travel.
  • Consider a Town Hall to discuss travel planning. We have held Town Hall presentations throughout COVID with many of our clients and find that these provide an efficient format to share valuable information and have an interactive discussion with employees. Please contact your Baker McKenzie attorney to discuss this option.
  • If your company plans to have employees travel to the US, speak with counsel to safeguard against issues that may arise before your company plans employee travel.
  • Encourage your employees who want to travel internationally to monitor their visa expiration and the availability of visa interviews in their home country should they need to obtain a new visa stamp before return to the US. Make sure your employees have US Consular appointments booked for visa stamping before booking or embarking on travel or have ESTA authorization if their travel is within the scope of ESTA. In the event that international travel becomes necessary for an employee regardless of their visa stamp’s validity, please contact your Baker McKenzie Global Immigration and Mobility attorney well in advance of their planned travel dates to avoid a lengthy absence abroad.

We are here to help!

The post United States: At long last, as of November 8, the United States will reopen for international travel – but that is only the first step of the travel process for many travelers appeared first on Global Compliance News.

Source