Category: Corporate Information and Records Management Policies
New anti-money laundering legislation was included as part of the National Defense Authorization Act (NDAA) enacted by Congress on January 1, 2021 through the override of a presidential veto. The NDAA is a series of federal laws primarily specifying the annual budget and expenditures of the United States Department of Defense. The NDAA for Fiscal Year 2021 includes the expansive Anti-Money Laundering Act of 2020 (AMLA) with the purpose of updating and amending the country’s anti-money laundering laws. It has long been acknowledged that the United States lags behind other developed countries in its safeguards designed to prevent the flow of illicit money—so much so that the Tax Justice Network, an independent institution that indexes countries’ financial secrecy, currently ranks the United States as the second most financially secretive jurisdiction, ranking behind only the Cayman Islands and just ahead of Switzerland1. Together with the AMLA, Congress also enacted the Corporate Transparency Act (CTA), which directs the Treasury Department’s Financial Crimes Enforcement Network (FinCEN) to establish and maintain a national registry of beneficial owners of entities that are deemed “reporting companies.”2 In so acting, Congress stated that bad actors seek to conceal their ownership of business entities through the use of shell companies in order to facilitate illicit activities including money laundering, the financing of terrorism,...
On Wednesday, February 12, the White House released the National Institute of Standards and Technology’s (NIST) Final Cybersecurity Framework: a set of industry best practices and standards to help owners and operators of critical infrastructure develop better cybersecurity programs. It is accompanied by a Roadmap which discusses NIST’s next steps with the Framework and identifies key areas of development, alignment, and collaboration. The Framework stems from President Obama’s February 2013 Executive Order on cybersecurity, previously covered on October 1, 2013. The overall core of the Framework is essentially unchanged from earlier drafts, also previously discussed on October 28, 2013.
The National Institute of Standards and Technology (NIST) has just released its Preliminary Cybersecurity Framework: a set of best practices to help owners and operators of critical infrastructure reduce cybersecurity risks. This voluntary framework provides both private and public-sector organizations with a common language for understanding and managing cybersecurity risks internally and externally. The framework stems from President Obama’s February 2013 Executive Order on cybersecurity, previously covered by this blog. The Final Framework is due to be released in February 2014, following a 45-day public comment period on the Preliminary Framework.
In U.S. v. Hamilton, the United States Court of Appeals for the Fourth Circuit found that a husband who sent messages from his work email account to his wife, yet took no steps to protect the sanctity of those emails, waived the marital communications privilege, thus subjecting the emails to disclosure during discovery. This case serves as an important reminder that employees do not necessarily enjoy an expectation of privacy in the emails they send from their work accounts or while using their employers’ computers.
As we reported in the Gibbons E-Discovery Law Alert in May 2012, “Reg FD” could present a potential pitfall for those that post material non-public information via social media platforms. In early December 2012, that “pitfall” became a reality for Netflix Inc. CEO Reed Hastings. In July 2012 Hastings published on his public Facebook page a 43-word post concerning viewership statistics, including that Netflix subscribers had watched one billion hours of video the previous month.
In Haskins v. First American Title Insurance Co., the United States District Court for the District of New Jersey expanded the reach of a “litigation hold” to include independent agents of a title insurance company. The Court held that once litigation was reasonably anticipated, First American Title Insurance Company (“First American”) had a duty to instruct its independent insurance agents to preserve all potentially relevant documents and to suspend routine destruction of such documents. The ruling in Haskins gives important e-discovery guidance for many companies, as it clarifies that document preservation rules apply to independent agents in addition to a company’s in-house employees.
With the increased use of social media by financial services industry participants, more activity and scrutiny can be expected from financial regulators. This is not to mention the litigation from investors that could arise out of, for example, the misinterpreted or well-meaning post from an advisor that simply did not translate to “less than 140 characters.” It appears that there is a trend (amongst at least the larger financial institutions) that a united and pre-approved voice is best for now.
Delivering non-public material information through Internet-based social media, especially social networking sites such as Facebook, LindedIn, and Twitter, means that this information will first reach only a fraction of the investing public — those who “follow” the company using those platforms. As illustrated by the hypothetical below, this may create a potential “Reg FD” issue for a public company. As we addressed in a previous blog, the SEC has recently issued guidance to investment advisers concerning their use of social media. We have also addressed in a previous blog that FINRA, too, has issued Regulatory Notices which make it clear that member firms are expected to have policies and procedures in place that cover the use of social media by the firm and its associated persons. While direct guidance to public companies on the use of social media to report a company’s material financial matters has yet to issue, this post offers suggestions for avoiding pitfalls in this regard.
Broker-dealers and investment advisors face a variety of legal and compliance ramifications resulting from the expanding use of social media for business purposes. It is now commonplace that an entity or individual in the securities industry will employ a combination of social media platforms including Facebook, Twitter, YouTube and LinkedIn to market and network with their investors and potential investors. For example, an investment advisory firm may establish its own Facebook page where industry-related information may be posted, an investment advisor may “tweet” investment and wealth management strategies, or a registered representative may present his experience, licensures or his own opinions on trending stocks on his LinkedIn page.
An effective and up-to-date set of records management policies may help companies reduce the likelihood of sanctions and other adverse consequences by ensuring records are retained and preserved in accordance with legal requirements, according to Gibbons Director Phillip Duffy; TechLaw Solutions’ Northeast Regional Director Michael Landau; and Inventus LLC Senior Consultant Bryan Melchionda.