In brief

Please join us for a new weekly video series, hosted by Baker McKenzie’s North America Government Enforcement partners Tom Firestone and Jerome Tomas.

This weekly briefing is available on demand and will cover hot topics and current enforcement actions related to white collar crime and criminal investigations in the US and abroad to arm you with the information you need to start your business week.

As one of the largest global law firms, we will call upon our exceptionally deep and broad bench of white collar experts throughout the world and particularly in the commercial hubs of Europe, Asia, Africa and Latin America to join our weekly discussion series.

These briefings will cover:

  • High-profile DOJ case updates and implications
  • SEC enforcement developments 
  • CFTC enforcement developments
  • Other white collar defense industry developments 

9 August 2021

This week’s discussion will cover the following: 

  • SEC brings charges unregistered crypto exchange: In the Matter of Poloniex, LLC
  • The need to keep your auditor at arm’s length — SEC brings auditor independence case for audit bid-related misconduct against accounting firm, it’s partners and the Chief Accounting Officer of public company: In the Matter of Ernst & Young LLP, et al. and In the Matter of William G. Stiehl
  • Accusations against Governor Cuomo: Key Legal Issues
  • New Belarus Sanctions

Video link

Podcast link

3 August 2021

This week’s discussion will cover the following: 

  • New DOJ opinion on Trump tax returns
  • New DOJ policy on subpoenas to new organizations
  • New DOJ memorandum on White House communications
  • SEC Chair Gensler’s Public Statement on Disclosures Required by Chinese Companies Listed In US

Video link 

Podcast link

26 July 2021

This week’s discussion will cover the following:

  • The Importance of Having Up-To-Date Automated Accounting Procedures, Effective Manual Accounting Procedures, and Trained Accounting Staff:  The SEC’s Latest Accounting Case Against Tandy Leather Factory Inc. and its former chief executive officer Shannon Greene.
  • Indictment of Trump Advisor Thomas Barrack
  • Biden Executive Order on Promoting Competition

Video link  

Podcast link

13 July 2021

This week’s discussion will cover the following:

  • Manhattan DA’s Indictment of the Trump Organization and Allen Weisselberg
  • New SEC Enforcement Director – New Jersey Attorney General Gurbir Grewal
  • SEC and federal criminal charges filed arising out of alleged fraudulent scheme to sell “insider trading tips” on the Dark Web- SEC v. Apostolos Trovias

Video link

Podcast link

29 June 2021

This week’s discussion will cover the following: 

  • SEC Cybersecurity Enforcement Sweep:  The SEC Clarifies, Sort Of
  • Latest, and Interesting, Comments By SEC Commissioner on ESG
  • Combating Global Corruption Act of 2021
  • Global Magnitsky Reauthorization Act
  • New Belarus Sanctions 

Video Link

Podcast Link

22 June 2021

This week’s discussion will cover the following: 

  • New Charges in 1MDB Case
  • FARA Reform Proposals
  • Possible New Russia Sanctions  
  • Cyber SEC Enforcement: Latest SEC Disclosure Controls and Procedures Enforcement Case
  • A New SEC Cyber Enforcement Sweep

Video Link

Podcast Link

9 June 2021

This week’s discussion will cover the following: 

  • Potential SEC ESG Disclosure Rulemaking and Materiality:  Commissioners Allison Herren Lee and Elad Roisman Continue to Volley
  • White House strategy statement on corruption and national security
  • Belarus sanctions
  • Bulgaria sanctions
  • Executive Order on Western Balkans

Video Link 

Podcast Link

25 May 2021

This week’s discussion will cover the following: 

  • Insight on Gary Gensler’s SEC Enforcement Agenda: SEC Chair’s Remarks at 2021 FINRA Annual Conference
  • Discussion of Treasury’s Plan to Increase IRS Enforcement and Narrow the Tax Gap
  • Update on Nord Stream 2 Sanctions 

Video link 

18 May 2021

This week’s discussion will cover the following:

  • Russian Response to US Sanctions and Designation of US as an “Unfriendly” Country  
  • Trial of Mayor of Fall River, Massachusetts for Extorting Marijuana Businesses  
  • The Challenges of Fitting Modern Practices into Old Laws: SEC Commissioner Hester Peirce’s Statement Regarding an Index Fund SEC Settlement  
  • SEC’s Continued Slow Embrace of Crypto Assets: Division of Investment Management’s Statement on ETF Holdings of Crypto Assets and Potential Enforcement Implications  to Assets and Potential Enforcement Implications  

Video Link

10 May 2021

This week’s discussion will cover the following:

  • Crypto developments:  SEC Chair Gensler’s Testimony, Dogecoin and Saturday Night Live
  • The “Swiss George Floyd Case”  (for more information about this case, please see this documentary featuring Simon Ntah here

Video Link

3 May 2021

This week’s discussion will cover the following:

  • First Voluntary Self-Disclosure of Sanctions and Export Violations Leads to Settlement between Software Company and DOJ
  • The Sudden Resignation of SEC Enforcement Director Alex Oh:  What is Next For SEC Enforcement?

Video Link

26 April 2021

This week’s discussion will cover the following:

  • New SEC Enforcement Director Alex Oh: What It May Mean For SEC Enforcement
  • DOJ Pattern and Practice Investigation of Minneapolis Police Department

Video Link

19 April 2021

This week’s discussion will cover the following:

  • First guilty plea in Capitol attack cases: What it means for future prosecutions
  • New Russia sanctions: What they do and don’t do, and what could be next
  • Comments by Acting Director of the SEC’s Division of Corporation Finance, “SPACs, IPOs and Liability Risk under the Securities Laws”: What it means for SEC enforcement

Video Link

12 April 2021

This week’s discussion will cover the following:

  • Criminal Antitrust Prosecutions of No Poaching and Wage Fixing Agreements: Perspective of a Leading Antitrust Lawyer.
  • Enforcement perspectives arising out of the SEC’s April 9, 2021 “Risk Alert” relating to ESG products and services offered by investment advisers, registered investment companies and private funds.
  • DOJ Priorities under the Biden Administration: What the Budget Tells Us.

Video Link

30 March 2021

This week’s discussion will cover the following:

  • SEC Enforcement Sweep Looks Into SPAC IPOs
  • New Legal Issues in the Capitol Riot Cases

Video Link

15 March 2021

This week’s discussion will cover the following:

  • DOJ/SEC FCPA priorities
  • Oath Keepers conspiracy case
  • New Russian law to protect officials against corruption charges
  • Does SEC Commissioner Crenshaw’s speech about increased corporate penalties foreshadow a possible retraction of the SEC’s 2006 Statement Concerning Financial Penalties and what we can expect from corporate securities enforcement over the next 4 years?

Video Link

8 March 2021

This week’s discussion will cover the following:

  • This week, Jerome is joined by his partners Amy Greer and Jen Klass and they will dig deep into the enforcement issues presented by the SEC’s “Enforcement Task Force Focused on Climate and ESG Issues” 

Video Link

1 March 2021

This week’s discussion will cover the following:

  • The SEC’s Plan to Dig Into Public Company Climate Change Disclosures: A White Collar Enforcement Perspective
  • Key Takeaways from Merrick Garland Confirmation Hearing
  • Update on Capitol Riot Cases
  • Secretary Blinken Statement on Anticorruption Champions 

Video Link

22 February 2021

This week’s discussion will cover the following:

  • Potential prosecution of former President Trump for incitement of the Capitol attack
  • The SEC’s latest message following the “The Market Events”: trading suspension in In the Matter of SpectraScience, Inc. 
  • New Transparency International Corruption Report
  • The SEC’s ICO enforcement initiative lives on: SEC v. Coinseed, Inc., et al. (S.D.N.Y. 17 February 2021)

Video Link

15 February 2021

This week’s discussion will cover the following:

  • Update on Capitol riot cases
  • The legal definition  of “incitement of insurrection” 
  • Discussion of the reported DOJ and SEC investigations into the retail traders in last month’s market events
  • A reminder on the scope of the US insider trading laws, courtesy of SEC v. Mark Ahn (D. Mass) (also a parallel criminal case was filed)

Video Link

8 February 2021

This week’s discussion will cover the following:

  • An update on the Capitol Riots
  • Consideration of new sanctions on Russia
  • An update on stock market events, including the FINRA notice on broker-dealer “game-style” trading apps 

Video Link

1 February 2021

This week’s discussion will cover the following:

  • Analysis of the Reddit/WallStreetBets-driven stock surges, with a special appearance by Jerome’s 15 year old son, Sam, who has been following the events on Reddit and Discord  
  • Discussion of the Hoskins appeal and the future of the FCPA’s “Agency” theory
  • Update on the Capitol raid prosecutions

Video Link

18 January 2021

This week’s discussion will cover the following:

  • New SEC Enforcement Statute of Limitations and Disgorgement Provisions Contained in the NDAA
  • New AML Whistleblower Bounty Provision in the NDAA
  • Criminal charges against Capitol rioters
  • Julian Assange extradition case

Video Link

4 January 2021

This week’s discussion will cover the following:

  • What criminal statutes might apply to the attack on the Capitol?
    • 18 USC 2383 – Rebellion or Insurrection
    • 18 USC 2384 – Seditious Conspiracy
    • 18 USC 1752 – Restricted Building or Grounds
  • What, if any, criminal statutes might apply to President Trump’s call last week with Georgia Secretary of State?
  • The 25th Amendment — A brief history of the amendment, what the amendment provides for and how it might apply in light of these events.

Video Link

14 December 2020

Video Link

07 December 2020

Video Link

23 November 2020

Video Link

16 November 2020

Video Link

9 November 2020

Video Link

26 October 2020

Video Link

19 October 2020

Video Link

5 October 2020

Video Link

29 September 2020

Video Link

8 September 2020

Video Link

24 August 2020

Video Link

17 August 2020

Video Link

10 August 2020

Video Link

3 August 2020

Video Link

27 July 2020

Video Link

20 July 2020

Video Link

13 July 2020

Video Link

6 July 2020

Video Link

29 June 2020

Video Link

22 June 2020

Video Link

17 June 2020

Video Link

9 June 2020

Video Link

26 May 2020 

Video Link

The post United States: This Week in Government Enforcement (Video Chat) appeared first on Global Compliance News.

Source

In brief

Welcome to Baker McKenzie’s new Labor and Employment video chat series for US employers. Our lawyers will provide quick, practical tips on today’s most pressing issues for US employers navigating the new normal.  The videos complement our blog, The Employer Report, which provides written legal updates and practical insights about the latest labor and employment issues affecting US multinationals, at both the domestic and global level.

Please click below to watch the video chats and be sure to let us know if there are additional topics you’d like us to address.


Speakers: Michael BrewerSusan Eandi and Robin Samuel

Speakers: Paul EvansMichael LeggieriKaitlin Thompson

Speakers: JT CharronJeff MartinoKatelyn Sprague and Billie Wenter

Speakers: Susan EandiElizabeth EbersoleMelissa Allchin and Erik Christenson

Speakers: Susan EandiRobin Samuel and Brian Hengesbaugh

Speakers: William DuganKrissy Katzenstein and Aleesha Fowler

Speakers: Susan Eandi, Emily Harbison and Robin Samuel

Speakers:  Robin SamuelJeffrey Sturgeon and Stephanie Priel

Speaker: Susan Eandi

Speakers: Melissa AllchinRobin Samuel, and Harry Valetk

Speakers:  Susan Eandi, Emily Harbison and Krissy Katzenstein

Speakers: William DuganRobin Samuel and Goli Rahimi

Speakers: Michael Brewer and Teresa Michaud

Speakers: Paul EvansBlair Robinson and Autumn Sharp

Speakers: Elizabeth EbersoleCaroline Pham and Robin Samuel

Speakers: Susan Eandi, Emily Harbison and Robin Samuel

Speakers: Anna Brown, Susan Eandi and Emily Harbison

Speakers: Caroline BurnettBlair RobinsonAutumn Sharp and Jeff Sturgeon

Speakers: Caroline BurnettBlair RobinsonAutumn Sharp and Jeff Sturgeon

Speakers: Caroline Burnett, Lara Grines and Jeff Sturgeon

If you’re looking for guidance related to the pandemic, please check out the below Reopening Playbook video chat series. It covers practical topics like masks in the workplace, expense reimbursement requirements, employee testing and screening and much more.

Reopening Playbook Video Chat Series

Speakers: Elizabeth EbersolePaul Evans and Robin Samuel

Speakers: Susan EandiPaul Evans and Emily Harbison

Speakers: Emily Harbison, Michael Brewer and Robin Samuel

Speakers: Susan Eandi, Emily Harbison and Robin Samuel

Speakers: Emily Harbison, Paul Evans and William Dugan

Speakers: Michael Brewer and Billie Wenter

Speakers: Michael BrewerSusan Eandi and Emily Harbison

Speakers: Bradford NewmanJoseph DengBillie Wenter and Robin Samuel

Speakers: Susan EandiChristopher GuldbergBetsy Morgan and Grant Uhler

Speakers: Paul EvansRobin Samuel and Billie Wenter

Speakers: Michael Brewer, Emily Harbison and Michael Leggieri

Speakers: Michael BrewerPaul EvansJeffrey Sturgeon and Billie Wenter

Speakers: Anne Batter, Emily Harbison and Benjamin Ho

Speakers: Michael BrewerJoe Deng and Susan Eandi

Speakers: Michael LeggieriTeresa Michaud and Billie Wenter

Speakers: Paul Evans, Emily Harbison and Jeffrey Sturgeon

Speakers: William Dugan, Emily Harbison and Brian Hengesbaugh

Speakers: Susan EandiBenjamin HoChristopher Guldberg and Arthur Rooney

Speakers: Melissa AllchinWilliam Dugan and Betsy Morgan

Speakers: Joseph DengRobin Samuel and Amy de La Lama

Speakers: Michael BrewerMark Goodman and Teresa Michaud

Speakers: Susan EandiPaul Evans and Emily Harbison

Speakers: Christopher Guldberg and Benjamin Ho

Speakers: Michael Brewer and Teresa Michaud

The post United States: The Employer Rapport – Quick chats for the US workplace (Video Chat) appeared first on Global Compliance News.

Source

By Leslie Weinstein, Solutions Director, HITRUST

CMMC Overview

The Cybersecurity Maturity Model Certification (CMMC) is a maturity model framework and an acquisition policy initiative launched by the Department of Defense (DoD) in 2019. The CMMC acquisition policy requires DoD prime and subcontractors to undergo a third-party assessment of their implementation of the CMMC framework. Once fully implemented, all DoD prime and subcontractors will be required to undergo a CMMC assessment to win new DoD contracts. At some point in the future, the CMMC will begin to appear in new solicitations as Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7021. However, the CMMC initiative is currently on hold pending the results of an internal DoD assessment, which is expected to be completed later this year.

HITRUST and the CMMC

HITRUST understands that the CMMC initiative impacts our customers. As a company whose main goal is to help organizations prioritize and manage their security and privacy risk and compliance efforts, we are staying informed of the evolving CMMC program. For our customers who adopt the CMMC program, HITRUST will work to make their journey as painless and seamless as possible. HITRUST has already included the CMMC controls in our CSF library of controls, and we offer a CMMC targeted self-assessment so that companies can gauge their own CMMC readiness using the HITRUST MyCSF® tool. As the CMMC program evolves, we will provide updates on how HITRUST will continue to help facilitate our customers’ compliance efforts with the CMMC.

More Background on the CMMC

The CMMC maturity model framework contains five maturity levels, from CMMC Maturity Level 1 up to Maturity Level 5. The CMMC as a policy initiative will require companies to undergo a third-party assessment of their cybersecurity program resulting in a CMMC certification in order to be awarded DoD contracts that contain the CMMC clause. In late 2020, the DoD issued an interim Defense Federal Acquisition Regulation Supplement rule which enables the DoD to begin including the CMMC clause into incrementally more DoD solicitations over the next five years, with all DoD contracts containing the clause by fiscal year 2025. In addition to requiring that prime contractors achieve a CMMC certification, the interim rule also makes it clear that prime contractors will be responsible for ensuring that all their suppliers and vendors who support their DoD contract also attain a CMMC certification at the necessary maturity level to support the contract.

The CMMC Accreditation Body (CMMC-AB), established in January 2020, certifies CMMC assessors, certifies the CMMC third-party assessment organizations (C3PAOs) who employ the CMMC assessors, and is the only organization authorized to grant CMMC certifications recognized by the DoD. As of August 2021, there are only three authorized C3PAOs and 103 provisional assessors. Provisional assessors are authorized to conduct CMMC assessments during the “provisional period” which will end six-months after formal assessor training becomes available. Currently, there are authorized training providers, but no authorized CMMC assessor training courses, nor are there CMMC assessor certification exams available to candidate CMMC assessors. No CMMC assessments resulting in CMMC certification have been completed at this time.

Leadership changes at DoD, coupled with Congressional oversight and internal DoD reviews of the CMMC program, have resulted in a potential delay in the full implementation of the CMMC policy initiative. While the CMMC-AB continues to create new provisional assessors and C3PAOs, Senator Joe Manchin, D-W.Va., during a Senate Armed Services Sub-Committee meeting in May, said that the DoD review will produce “significant” changes to the CMMC. He also said that the DoD would be leading the changes that are still being finalized. There have been no official announcements from DoD regarding what the significant changes to the program might be.

HITRUST will continue to track the situation and take action as necessary.


 

About the Author

Leslie WeinsteinLeslie Weinstein, Solutions Director, HITRUST

Leslie Weinstein is a Major in the Army Reserves and the Solutions Director for HITRUST. As a soldier, Leslie serves in the Army CIO, and at HITRUST Leslie is focused on designing and delivering products to companies in multiple industries that aim to improve their overall cybersecurity posture and to demonstrate cybersecurity compliance. Before joining HITRUST, Leslie helped prepare more than 100 defense contractors for regulatory cybersecurity requirements and developed specialized training to aid in the understanding and adoption of cybersecurity regulations.

The post HITRUST Update for CMMC appeared first on HITRUST Alliance.

Source

Introduction

In early March of this year, a bipartisan group of members of the House Armed Services Committee formed the Defense Critical Supply Chain Task Force (the “Task Force”).  Co-chaired by House Democrat Elissa Slotkin (Michigan) and Republican Mike Gallagher (Wisconsin), the Task Force was formed to address what has been perceived as U.S. overreliance on vulnerable defense supplies manufactured in other countries, such as China.  We previously reported on this on our blog here.  After studying this issue over the past several months, the Task Force released its final report.  This blog post briefly addresses the “extreme supply chain vulnerabilities” that Rep. Gallagher (and the Task Force at large) views as a threat to the U.S. defense supply chain—vulnerabilities which, if left unaddressed, could put the country’s national defense at risk.  This post also highlights the key recommendations proposed by the Task Force in its final report, and offers some insight into how these recommendations, if ultimately adopted into law, could impact corporate supply chains from a compliance standpoint.

Vulnerabilities in U.S. Defense Supply Chain

The Task Force specifically focused on the global, industrial-base supply chain of the Department of Defense (“DoD”), which furnishes parts, materials, systems and services to DoD, and reducing U.S. reliance on foreign suppliers to prevent future shortages.  As such, one of the main products of concern for the Task Force is integrated circuits.  According to the Pentagon’s Fiscal Year 2020 Industrial Capabilities Report released earlier this year, China is projected to dominate global semiconductor production by 2030.  Of further concern for the Task Force is China’s domination of the shipping industry.  Rep. Gallagher reported that as of 2019, China not only operated 70% of the world’s busiest ports, but also built one-third of the world’s ships, 80% of the world’s ship-to-shore cranes, and 90% of the world’s global consumer drones.  This reliance on China for key defense products is concerning for the Task Force in light of growing U.S.-China tensions.  For Rep. Slotkin, the extent of this reliance was highlighted when China-made medical devices were difficult to obtain at the start of the global coronavirus pandemic.

The Task Force’s Recommendations

In its final report, the Task Force proposed six recommendations for inclusion in the annual defense bill.  These recommendations include:

  1. The Pentagon making supply chain security a priority, and Congress requiring DoD to conduct an annual, department-wide risk assessment.
  2. Congress requiring DoD to map out its entire supply chain so that it (Congress) better understands high-risk points.
  3. The Pentagon identifying critical supplies for major programs that come from potential adversaries, and implementing steps to mitigate U.S. reliance on parts from those nations.
  4. DoD establishing a coalition with defense industry partners, educational organizations, career-training agencies, and other federal partners to help grow and raise the profile of domestic manufacturing efforts.
  5. The Pentagon working through the National Technology and Industrial Base (an alliance of national security researchers and manufacturers in the U.S., Canada, the U.K., and Australia) to help coordinate efforts with allies to reduce reliance on potentially hostile governments.
  6. The Pentagon doing everything it can to protect and strengthen the supply chain for rare earth materials, many of which come from China.

What This Could Mean for Your Supply Chain

These recommendations are directed towards U.S. government entities, such as DoD, and thus may not (on their face) appear applicable to corporate supply chains.  However, the recommendations could result in changes in laws, regulations, and policies down the line that increase compliance risks for companies.  For example, the U.S. government could pull a number of tools from its toolbox, including requirements for foreign investment reviews, export controls to restrict China’s access to technology that is critical to these defense supply chains, trade and import measures, and increased regulatory requirements. 

The reports that the Biden Administration issued in June under the America’s Supply Chains Executive Order contained many of these types of recommendations for four key sectors:  (1) semiconductor manufacturing and advanced packaging; (2) large capacity batteries, including electric vehicle batteries; (3) critical minerals and materials; and (4) pharmaceuticals and advanced pharmaceutical ingredients (see our blog post here and subsequent deeper dive blog posts into some of these compliance-related recommendations). There is overlap between the Biden Administration’s efforts under the America’s Supply Chain Executive Order and these defense-specific supply chain efforts coming out of Congress, so it will be important for companies involved in the defense supply chains to continue to monitor both initiatives. 

The post United States: Defense Critical Supply Chain Task Force Issues Final Report appeared first on Global Compliance News.

Source

In the recent flurry of US Government activity related to Xinjiang, one thing is clear: trade compliance risks continue to increase for companies with supply chains that involve Xinjiang. These latest actions add to the expanding list of companies that face import bans, export bans, and sometimes both, in addition to broader measures under consideration in Congress. This blog post summarizes the past month’s developments.  Companies with Xinjiang anywhere in their supply chains should be aware of these risks. It is important to ensure that company functions (e.g., trade compliance, supply chain, vendor procurement, ESG, legal department) are communicating with one another to assess and mitigate these risks holistically. In addition to US trade compliance risks, companies should also consider risks on the Chinese side, including the recently enacted Chinese Anti-Foreign Sanctions Law, which can in some cases raise “conflict of law” and similar concerns. 

June 24:  Actions Targeting the Polysilicon Supply Chain

The White House issued a statement announcing a trio of measures targeting polysilicon supply chains. The White House stated that the United States was “translating” into action commitments made at the recent G7 Summit in Cornwall, United Kingdom to ensure that global supply chains are free from forced labor. Polysilicon is a key component in an estimated 95% of photovoltaic solar panels. It has been reported that as of 2020, five of the top six solar-grade polysilicon companies were headquartered in China, with 45% of the world supply of polysilicon originating from four producers with operations in Xinjiang.[1] The three measures announced on June 24 are:

  • US Customs and Border Protection (CBP) issued a Withhold Release Order (WRO) on silica-based products made by Hoshine Silicon Industry Co., Ltd., a company located in Xinjiang, and its subsidiaries. Personnel at all US ports of entry have been instructed to detain shipments that contain silica-based products made by Hoshine or materials and goods derived from or produced using those silica-based products. CBP has issued six WROs in 2021, raising the total to 49 currently-active WROs.
  • The Bureau of Industry and Security (“BIS”) in the Department of Commerce added five Chinese entities to the Entity List that were determined to have participated in forced labor and other human rights abuses in Xinjiang. It is prohibited for anyone to export, re-export, or in-country transfer commodities, software, or technology (“items“) subject to the Export Administration Regulations (“EAR“) to parties on the Entity List unless a license is obtained by BIS.
  • The Department of Labor updated its “List of Goods Produced by Child Labor or Forced Labor” to include polysilicon produced with forced labor in China. The list identifies goods that the Department of Labor has concluded that it has reason to believe are produced by child labor or forced labor in violation of international standards. Normally, this list is updated every two years. This update is the first time any goods have been added outside of the usual two-year cycle. 

July 12:  More Entity List Additions

BIS added 34 more entities to the Entity List based on a determination that they had been implicated in human rights violations and abuses in Xinjiang. As noted above, it is prohibited to export, reexport, or transfer items subject to the EAR to these parties without a BIS license.

July 13:  US Government Updates Xinjiang Supply Chain Business Advisory

The advisory was first issued in July 1, 2020 by the US Departments of State, Treasury, Commerce, and Homeland Security to caution US businesses about the various compliance risks associated with supply chain links to Xinjiang. Our Sanctions & Export Controls blog published a summary of the advisory in July 2020. The updated advisory was republished by the original four agencies along with the Office of the US Trade Representative and the US Department of Labor. It includes updated information about the US Government’s actions taken in connection with Xinjiang, including a summary of the WROs, Entity List additions, and economic sanctions imposed against parties determined to be involved in allegations of forced labor and other human rights issues in Xinjiang. The updated advisory urges heightened due diligence in line with UN, ILO, and OECD expectations.  

Ongoing:  Congress Moving on Xinjiang-related Legislation

The Uyghur Forced Labor Prevention Act (S. 65) has been moving through the Senate. After approval by the Senate Foreign Relations Committee in late June, on July 14, the bill was passed by voice vote in the Senate. A companion measure (H.R. 1155) has been moving through the House of Representatives and was approved by the House Foreign Affairs Committee in late April. Among other things, this legislation would establish a rebuttable presumption that all labor in Xinjiang is forced labor, in addition to imposing new US Securities and Exchange Commission (“SEC”) disclosure requirements. 

A China policy bill was approved by the House Foreign Affairs Committee on July 15 with further restrictions. The Ensuring American Global Leadership and Engagement (EAGLE) Act (H.R. 3524) contains a provision that would prohibit the importation into the US of goods, wares, articles and merchandise mined, produced or manufactured wholly or in part with forced labor in the Xinjiang region. In addition, if a public company knowingly created or provided technology to create mass population surveillance systems in Xinjiang or built and ran detention facilities in such region, the legislation would require the public company to disclose to the SEC the nature and extent of the activity, the gross revenues and net profits and whether the company intends to continue the activity.

Key Takeaways:

  • There has been a flurry of recent US Government activity that continues to increase the trade compliance risks for companies with supply chains that involve Xinjiang.
  • Companies with Xinjiang anywhere in their supply chains should ensure that company functions (e.g., trade compliance, supply chain, vendor procurement, ESG, legal department) are communicating with one another to assess and mitigate these risks holistically. They should also consider risks on the Chinese side, including the recently enacted Chinese Anti-Foreign Sanctions Law, which can in some cases raise “conflict of law” and similar concerns. 

[1] Xinjiang Supply Chain Business Advisory (July 13, 2021), Annex 4, available at https://www.state.gov/wp-content/uploads/2021/07/Xinjiang-Business-Advistory-13July2021.pdf.

The post United States, China: Recent US Developments Demonstrate Increasing Xinjiang-Related Trade Compliance Risks appeared first on Global Compliance News.

Source

Explore our key resources and stay abreast of market developments and trends in the corporate PPA space.

Key Resources

Insight | Recorded Webinar

Corporate Renewable PPAs: 2021 & Beyond Webinar Series

A webinar series focusing on the global market for corporate PPAs.

Publication

The Rise of Corporate PPAs 2.0

Summarizes the growing trend of corporates entering into renewable power purchase agreements

Insight | Legal Alert

The Corporate Procurement of Power in Sub-Saharan Africa

Explores how businesses can take a more active approach in managing their power supply in sub-Saharan African markets

Publication

Corporate Renewable PPAs: The Collaborative Model

Sets out best practices relevant to structuring and executing a collaborative Corporate PPA

Publication

Green Hedging: A Guide to Structuring Corporate Renewable PPAs

Aims to unpack the opportunities of a corporate PPA within Australia and explore different structures that may be considered

Publication

The Rise of Corporate PPAs

Outlines the economic and environmental advantages of corporate PPAs and examines both standard and synthetic PPA structures

The post International: Corporate PPA Hub appeared first on Global Compliance News.

Source

In July of 2017, Andrew Bailey, the chief executive of the UK Financial Conduct Authority (FCA), announced in a speech that after 2021 the FCA would no longer use its power to compel panel banks to submit rate information used to determine the London Interbank Offered Rate (LIBOR). Mr. Bailey encouraged the market to develop robust alternative reference rates to replace LIBOR.

LIBOR has long been the dominant rate for determining interest payments on adjustable-rate financial products and, although progress is being made, transition from LIBOR (and other interbank offered rates (IBORs)) remains a fundamental issue confronting financial markets. Understanding and planning for the impact on your business is key to a smooth transition. Baker McKenzie is pleased to provide expert guidance on this issue below. Please do get in touch if you’d like to learn more.

The post International: LIBOR Transition Hub appeared first on Global Compliance News.

Source

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The Senate Homeland Security and Governmental Affairs Committee has cited seven federal departments, including Health and Human Services and the Social Security Administration, for failing to establish minimum cybersecurity controls, and for not protecting personally identifiable information. For analysis,  Federal Drive with Tom Temin spoke with senior fellow at the Center for Growth and Opportunity at Utah State University Will Rinehart.

Interview transcript:

Tom Temin: What do you make of this report? It’s a follow-on from what the same committee looked at two years ago, and everybody’s kind of in the same boat with the exception of the Homeland Security Department.

Will Rinehart: Yeah, exactly. With the exception of DHS, it seems that everyone’s in kind of a bad position yet again. So in 2019, there was a push – and really this goes back to 2016, 2015 – to ensure that the data is secured, and to ensure that these big government agencies which have and collect a lot of personally identifiable information on individuals, that they have the best security possible, that they’re doing all the things that they should be doing to ensure that Americans data is secured. It seems that a lot of agencies, unfortunately, are not up to snuff on this one.

Tom Temin: And you’ve been following this issue for quite some time now. And the study cited the fact that they were not up to all of the Federal Information Security Management Act (FISMA) controls. But if an agency is fully compliant with everything FISMA demands, that doesn’t necessarily make it totally cybersecurity.

Will Rinehart: No, I don’t think that we should think that anything is able to be completely secure. This is unfortunately, a constant cat-and-mouse game where bad actors, to be very blunt hackers and people who are nefarious state actors, are trying to access information that these large agencies obviously have. So this back and forth is constantly going to occur, unfortunately. And regardless of what these agencies end up doing, and honestly, they really do need to be compliant, and they need to do a better job of securing this information. But in spite of that, the real problem is that we’re seeing kind of a ramp up in the war. And it’s just going to be very, very difficult for these government agencies, as well as private actors, and even individuals to secure their data and to make sure that they aren’t hacked and that most important data isn’t taken from them.

Tom Temin: The report cites that a couple of years ago, six of the agencies did not have their patches in place, which is about as basic a cybersecurity control as you can get. And all of the eight at that time, which then included Homeland Security, they use software that was no longer supported by the vendor, therefore, there were no patches being issued for it. So as time goes on, it decays and gets more and more vulnerable. What is the essential issue for agencies that are still not with those basic controls?

Will Rinehart: To be very honest, it’s really difficult to maintain the softwares and maintain these code bases once they’re put into place. And so a big part of this is ensuring that you have up-to-date information that’s – up-to-date patches, that’s obviously very, very key. But you also have to have the extra support that goes along with that. And so a lot of the large tech companies, for all of their problems, are very good about constantly maintaining their code base and their data. They spend a lot of money and effort and human effort, labor in order to constantly upgrade the code base and that kind of the back end infrastructure. We’re seeing that is not occurring with these large agencies. I’ve heard a couple cases where some agencies, especially some of the local VA’s are actually still working on technology from the ’60s in the ’70s. So this is a pretty common problem within all government. But it doesn’t just apply to government agencies, we’re also seeing legacy and older companies, old mining companies and even Colonial Pipeline recently has similar sorts of problems where they constantly needing to upgrade and update their back end code. And this is just the constant problem that everyone’s having to chase, because keeping and securing this information is key but it’s also an important part of getting and maintaining a digital online lifestyle.

Tom Temin: We’re speaking with Will Rinehart, senior fellow with the Center for Growth and Opportunity at Utah State University. And of course, the Senate report is kind of a meta report. That is to say it is a gathering of all the inspector general reports of those seven departments. It looks from their survey of the IG reports that there’s failure to communicate. The IG keeps finding these things and the problems keep continuing. Would you say this is a problem of skill, a problem of resources or a problem of just simply making the right effort with the resources they do have?

Will Rinehart: I think it’s a little bit of everything. You don’t want to say just in all-of-the-above answer, but it really is an all-of-the-above answer. There is an issue when it comes to talent, talent especially if government is hugely needed. There’s a lot of openings still for cybersecurity, and IT infrastructure at really all levels of government. There is oftentimes the problem of scope. The leaders who are at the tops of these agencies have a lot that is going on. And it’s huge and important that you have somebody who is driving IT at that level of the agency at the C suite level of an agency and kind of the department level or director level. So that matters as well. So yes, there is this issue of bringing it to the forefront and making sure that it is a part of the agenda. But fundamentally, these things constantly occur. Because it’s really hard to switch over and use new technology, it’s really hard to update stuff. And it really is just you’re trying to change a boat that’s already in the water. And it’s moving really, really quickly. And you’re trying to change it, you know, as you’re actually sailing. So it’s really not an easy thing to do, despite all the IG reports that show that yes, the agencies need to do better.

Tom Temin: Now the six recommendations that the Senate committee made – and we should point out, this is a bipartisan report, both the chairman and the ranking member Sens. Peters and Portman are both behind this report – they’re not really prescriptive in terms of what you should do with cybersecurity. They’re more management recommendations. OMB should develop and require agencies to adopt a risk-based budgeting model, there should be a centrally coordinated approach to governmentwide cybersecurity to ensure accountability. That’s the general tone of these recommendations. That’s all well and good, but that doesn’t get the patches in. So it seems like the agencies really have to do some work at the ground level, even as some sort of a new superstructure for oversight gets established.

Will Rinehart: Yes, those two things I think need to happen at the same time, or at least in parallel that you need to have these upgrades that occur to the agencies. But you also do need better oversight, you need a better way of managing risk, you need a better way of implementing these various standards, the FISMA standards, they need to be compliant with some of the new standards that have been created also by NIST. So all those things are obviously important that the agencies do, but I think that there is at least a sense that they need to accomplish them, however long it may take, and part of what needs to change in order to accomplish all those things. And obviously, there’s a lot of money that was given in the CARES package, there was a lot of money that was given in the last year or so through various agencies to upgrade these systems. But despite all of those things that are occurring, you really still do need a change in the way that leadership approaches these problems. And, part of it is a generational issue, you have some people who have traditionally been at the agencies now for decades, and a lot of them have done very, very, very good work. But this is not the first thing that’s on their mind – security and cybersecurity and privacy of data is not really the first and most important thing on their mind. And as we see this kind of generational transition, I think you’re also going to see very much that occur as well that there’ll be more emphasis placed on security and privacy and data issues, which for better or worse have not well, much for worse, they have not been a central component of agendas, at least in the last decade or so.

Tom Temin: And of course, the report doesn’t talk about the Defense Department. But what’s your sense of how they’re doing because, again, the Defense Department is really all the components and each one is different. And each one for the most part is not accountable to the others – but at some level to the secretary of Defense.

Will Rinehart: For my understanding, the Defense Department has some of the similar issues that we’re seeing with these other agencies. They are obviously doing much better than Social Security Administration and for my understanding, also the VA and pretty much in the same places, obviously, is DHS. But this is a big issue that they’re facing. And the other thing I think is interesting in all of this, and it’s not just, obviously the Defense Department does and engages in certain kinds of technologies that allow them to, as they say, “air gap.” So there’s certain kinds of technologies that they’ve never just going to allow on the internet and allowed to be connected to computer services. Now, that I think is a very separate sort of issue than what we see in fundamentally what’s going on in agencies that are connected to them as well. So as much as the Department of Defense obviously is huge and important, in defense you also see the Justice Department is important because it oftentimes will be a connection between agencies. You’ll see this obviously with the Treasury as well, the Treasury does a lot of filing of paperwork and that sort of thing is also I think, really important as well, that as much as we think that these agencies are siloed and there’s only one thing that’s going on saying the Department of Defense, they’re oftentimes outsourcing services to other agencies like Treasury or any number of other agencies to actually file paperwork. And that is part of this overall conversation, which, until you get really into the nitty gritty details of a singular issue, you don’t really start noticing it. That to me, I think is a really big component as well, that there’s actually a lot more integration between these agencies, than people will appreciate.

Tom Temin: And meantime, we have the Biden administration’s executive order on cybersecurity, which landed with quite a thud heard throughout the bureaucracy. Do you think that will enable more of these controls to get in place, and maybe agencies will start toeing the line with respect to FISMA and getting their patches and all of the basics in line?

Will Rinehart: I think that that will be an important part of all of this. The Biden administration has made cybersecurity a big important part of their agenda. They obviously came out pretty quickly with this cybersecurity executive order. There’s been a lot of interest at the highest levels of the government, at least the highest levels of this administration to push forward and to get more security. Obviously, there was something very similar with the Trump administration, but you don’t see the kind of drumbeat that is occurring currently with the Biden administration that happened with the Trump administration. This is a constant problem, though. And I don’t know that we’re going to see this solved as much as we’re going to see just more interest and probably more money being put into these services. The big question is how do you get benefit out of all that money and that, to me is also a constant problem that we have to attend to, which is how do we get the best bang out of our buck?

Source

In brief

Pressure is mounting on US and multinational employers to require COVID-19 vaccines for employees, as the Delta variant spreads voraciously, spiking infections and hospitalizations across the country and forcing employers to once again shutter worksites or change their workplace safety protocols. But can (and should) employers mandate vaccination?


For help navigating the legal landscape of COVID-19 vaccines and drafting and implementing Return to Work policies that are compliant in each jurisdiction where your company has headcount, please contact your Baker McKenzie employment lawyer.

Vaccine mandates received strong support on Thursday, July 29 when President Biden announced that all civilian federal employees and onsite contractors either must be vaccinated or submit to regular testing, social distancing, mask requirements, and restrictions on travel. The same day, the US Treasury Department released a policy statement directing state and local governments to use funds from the USD 350 billion American Rescue Plan to incentivize vaccines by offering USD 100 to individuals who get vaccinated.

Separately, more than 600 universities have announced mandates for students or employees. And state and local governments have joined in, with California and New York City announcing mandates this week for government employees and certain healthcare workers, and the federal Department of Veterans Affairs announcing that frontline VA health care employees must get vaccinated or face termination.

Large employers are joining the fray, with global technology companies, financial institutions, healthcare systems, retailers, transportation companies and media companies recently announcing that vaccination will be required for everyone in their workplaces.

So can private employers adopt mandatory vaccination policies? What follows is a framework for understanding whether such an approach is permissible both in and outside the US, as well as some of the key considerations for such policies.

Bottom line: in the US, private employers can legally mandate vaccines under federal law, subject to the legal considerations outlined below. State law, however, differs by jurisdiction, with some states authorizing vaccine mandates while at least one has banned them. For illustrative purposes, we discuss California law in the framework below.

As a threshold matter, note that anti-discrimination laws apply to both employees and job applicants, but in different ways when it comes to medical exams and disability-related inquiries. However, because vaccination is not considered to be either a medical exam or a disability related inquiry, the legal analysis for a mandatory vaccination policy is similar for both employees and applicants.

At the federal level, Title VII of the Civil Rights Act of 1964 and the Americans with Disabilities Act (ADA) do not prohibit employers from requiring employees to get vaccinated as a condition of employment, provided that the employer offers accommodations for employees or applicants who cannot get vaccinated due to a sincerely held religious belief or a disability. While the Equal Employment Opportunity Commission (EEOC) has not directly addressed vaccination requirements for job applicants, the agency has approved several similar requirements in the context of COVID-19. For example, EEOC guidance states that federal anti-discrimination laws do not prohibit employers from requiring vaccination or requiring employees to be vaccinated in order to work onsite, as long as the employer allows for accommodation. The guidance also states that employers can condition an offer of employment on an individual’s COVID-19 status, which means employers can withdraw an offer of employment to an individual who tests positive after the conditional offer is made.

The US Department of Justice also has weighed in, issuing a memorandum opinion on 26 July (dated 6 July) confirming that the Food, Drug, and Cosmetic Act does not prohibit “entities” from imposing vaccine mandates even though the only available vaccines for COVID-19 remain subject to Emergency Use Authorizations, and have not be fully licensed by the Food and Drug Administration.

Similarly, in California, the Fair Employment and Housing Act (FEHA) does not prohibit mandatory vaccination, and California Department of Fair Employment and Housing (DFEH) guidance goes a step further and supports vaccination requirements for both employees and applicants. According to the DFEH, an employer may require employees or job applicants to receive an FDA-approved vaccination against COVID-19, as long as the employer does not discriminate against employees or job applicants on the basis of a protected characteristic and provides reasonable accommodations to employees related to objections based on a disability or sincerely held religious beliefs.

Key Legal and Practical Considerations

Although neither federal nor California law prohibits mandatory vaccine policies, they do present some legal risks and considerations worthy of review:

  • State Law Requirements: If a company has locations in different US states, it will need to validate its vaccine policy for compliance with the laws of each state where employees work. Mandates may be illegal in certain states that prohibit discrimination on the basis of an individual’s vaccination status, such as Montana.
  • Accommodating Exceptions: Vaccine mandates must allow for disability and religious accommodations. This means companies must review and validate each accommodation request on a case-by-case basis, deciding whether the accommodation can and should be granted. Unless a company is willing to categorically grant all accommodation requests, the individualized review of exemption requests will require the dedication of considerable internal resources.
  • Disparate Impact: Vaccination requirements may pose a risk of disparate impact discrimination claims. Disparate impact discrimination exists when an employment practice disproportionately excludes a protected group of employees, and either: (i) the policy is not job-related or consistent with business necessity; or (ii) there is a less discriminatory alternative available. Disparate impact discrimination typically is proven through statistics and does not require the existence of a discriminatory motive.

Widely-reported demographic data on vaccination rates (available from the Center for Disease Control’s website here) shows black and Hispanic individuals have lower vaccination rates than other race/ethnicity categories. Both EEOC and California guidance on vaccine mandates state that employers may need to respond to allegations that their vaccine requirement has a disparate impact on — or disproportionately excludes from employment — employees that share certain protected characteristics (e.g., certain racial or ethnic groups).

If a policy is proven to cause a disparate impact, in order to avoid a finding that the policy is unlawfully discriminatory, a company must prove that the policy is job-related and consistent with business necessity. Even if the company meets this burden, an employee can still prove disparate impact discrimination if the employee shows there were other, less discriminatory alternatives that the company could have adopted.

Under current pandemic conditions, companies have a good argument that a vaccination requirement for onsite work is both job-related and consistent with business necessity, for several reasons:

  • The CDC recommends that all people who are age 12 or older get vaccinated as soon as they can, except for the limited group of people with medical contraindications.
  • COVID cases, hospitalizations, and workplace closures are increasing again with the proliferation of new variants, and unvaccinated employees pose a greater risk to workplaces than do vaccinated employees.
  • Vaccines have been proven to be far more effective than other measures against COVID-19, such as COVID testing, face coverings and other PPE, and social distancing.

Implementation Guidelines

In terms of implementing vaccination as a condition of employment in the US, we recommend the following steps:

  • Develop a Policy: As a first step, the employer should determine the rules for its vaccine policy. Will the policy be a strict mandate, or will the company adopt a “test or vaccinate” hybrid? The policy should be written, applied consistently, and allow both the employer and employee flexibility. Most importantly, the policy should clearly explain the exemption and accommodation process for disabilities and religious beliefs.
  • Distribute the Policy: The employer will need to communicate the policy to several groups, including existing employees, new hires, job applicants, and employee representatives. Unionized workforces may require bargaining before a policy is rolled out. Government contractors must consider whether the policy runs afoul of contract requirements or state law limitations on mandates.
  • Obtain Certification of Vaccine Status: Employers should determine if they will require self-certification (attestation) or proof (vaccine card, etc.). Employers should consider the potential application of state and federal privacy laws, such as the California Confidentiality of Medical Information Act or the federal Genetic Information Nondiscrimination Act, and inclusion of any necessary safe harbor notices. Certifications must not require employees to disclose the reasoning for their vaccination status, other medical information, or family medical history.
  • Enforce the Policy: Enforcing a mandatory vaccination policy can take on many forms, but may mean terminating the employment of unvaccinated employees without an approved accommodation, rescinding offers from newly hired employees, or declining to hire job applicants who fail to provide proof of vaccination.

Outside of the US, there are certain regional patterns to heed when building out a vaccination policy.

  • APAC: Generally, in the APAC region, it would be challenging for a company to build a case that it is necessary to be vaccinated in order for employees to perform their roles – although in certain jurisdictions like India, a carefully planned vaccination mandate could be permissible. For the most part, in APAC, governments are not mandating vaccines by law and instead, relying on other precautions to allow employees to safely work at the office (e.g., mask wearing, social distancing, etc.). Penalties in rolling out an unlawful vaccine mandate in APAC can range from monetary (e.g., damages for discrimination in Japan) to criminal (e.g., potential imprisonment of responsible directors / managers in Korea). In any case, in most APAC jurisdictions, the idea of mandating vaccines is currently viewed unfavorably.
  • EMEA: The EU has continued to view vaccine mandates general disfavor – though we are seeing signs that these sentiments may be changing in certain EMEA jurisdictions. For instance, the UK is considering adopting certain mandates for their citizens. Other jurisdictions such as France have warmed to the idea of requiring sanitary passes to attend leisure and cultural venues (but not employer – employee setting). That said, in the current environment, employers cannot build a case that it is necessary to be vaccinated in order for their employees to perform their roles, especially because governments are not mandating vaccinations by law and there are other precautions available to allow employees to safely work at the office (e.g., mask wearing, social distancing, etc.).

There are at least four serious risks to adopting a mandatory approach in EMEA:

  1. Perhaps most significantly, there is risk of criminal penalties (e.g., potential imprisonment of responsible directors / managers in jurisdictions such as France, Germany and Italy).
  2. The risk of discrimination claims in the event of any adverse action taken based on failure to vaccinate.
  3. The risk of negative PR from mandating vaccines since in most countries in the EU, individuals highly prize their right to bodily autonomy and would not view a vaccine mandate by employers favorably.
  4. If an employer terminates employees for refusing to be vaccinated, such employees would likely be entitled to reinstatement (and back pay, penalties and damages), if they challenge the termination.
  • Latin America: Generally speaking, it will be difficult for an employers in the Latin America region to build a case that it is necessary to be mandate vaccinations in order for employees to perform their roles, especially because governments are generally not mandating by law and there are other precautions available to allow employees to safely work at the office (e.g., mask wearing, social-distancing, etc.).

The post United States: Mandating COVID-19 vaccination? Before you act, consider these key issues for US and multinational employers appeared first on Global Compliance News.

Source

In brief

Many employers have chosen dates in the fall for their official office reopenings and have spent many months considering all the complicated factors involved in the post-pandemic workplace.

One time-sensitive topic that may have been overlooked is Form I-9, Employment Eligibility Verification compliance in the context of office reopening.

While U.S. Immigration and Customs Enforcement has allowed some flexibility for U.S. employers over the course of the COVID-19 pandemic, the relaxed rules will no longer apply once employees are routinely and predictably in the office. Without this flexibility, employers must act quickly to (1) update I-9s completed during the pandemic pursuant to ICE’s flexible rules, and (2) put in place or refresh protocols for I-9 completion and maintenance in a workplace that is always changing with shifting post-pandemic norms.


The issuance of post-pandemic I-9 compliance is time sensitive and the failure to act timely will result in higher risk of fines during an investigation. For many employers, this will be a time-consuming and overwhelming task in light of the moving parts and other elements of office reopening. As a result, planning now to ensure I-9 compliance is an absolute necessity.

In this article, we will provide an overview of I-9 requirements and ICE’s I-9 flexibility relating to COVID-19, and propose five steps that all employers should take in advance of office reopening.

Click here to continue reading.

* Original article published in Law360.

The post United States: Key I-9 Compliance Steps To Prepare For Office Reopenings appeared first on Global Compliance News.

Source