Under 42 U.S.C. § 405(h), no plaintiff may bring a claim arising under the Social Security Act under 28 U.S.C. §§ 1331 and 1346 until they have exhausted administrative appeal remedies (the Exhaustion Requirement). The latter provisions provide federal jurisdiction for district courts related to federal questions and contract claims against the United States, respectively. But bankruptcy courts exercise federal jurisdiction under 28 U.S.C. § 1334. Thus, relying on the plain text of section 405(h) in a bankruptcy adversary proceeding, the Fifth Circuit held that bankruptcy courts are not barred from exercising their jurisdiction under section 1334 to hear Social Security claims. Benjamin v. United States (In re Benjamin), No. 18-20185, 2019 WL 3334653 (5th Cir. July 25, 2019). Given that this bar applies to healthcare companies operating in the Medicare Program pursuant to 42 U.S.C. § 1395ii, the In re Benjamin decision is important for healthcare entities filing for bankruptcy protection.
Benjamin’s Adversary Proceeding Against the Social Security Administration in Bankruptcy Court
The SSA determined that it had overpaid Benjamin by nearly $20,000 and was withholding $536 per month from Benjamin’s Social Security check. Benjamin filed for chapter 7 bankruptcy. To demand the return of money that the SSA collected from him, Benjamin initiated an adversary proceeding against the SSA. The bankruptcy court granted the SSA’s motion to dismiss, however, and the district court affirmed. On appeal to the Fifth Circuit, the sole issue was whether the bankruptcy court had jurisdiction to hear Benjamin’s claims.
Circuit Split: 3d/5th/9th Versus 11th
Courts of appeals are split on whether section 405(h) bars bankruptcy jurisdiction under section 1334. When enacted in 1939, section 405(h) referred to 28 U.S.C. § 41, which contained virtually all jurisdiction for federal courts, but Congress later adopted revised language that refers to only two kinds of jurisdiction for federal courts. In a neighboring section to the revised section 405(h), Congress characterized the changes as “technical.”
In addressing bankruptcy jurisdiction in this context, the Eleventh Circuit followed the reasoning of the courts of appeals that have held that the Exhaustion Requirement applies in diversity jurisdiction cases (which arise under 28 U.S.C. § 1332), which is also not expressly mentioned in section 405(h). Fla. Agency for Health Care Admin. v. Bayou Shores SNF, LLC (In re Bayou Shores SNF, LLC), 828 F.3d 1297 (11th Cir. 2016) (citing Midland Psychiatric Assocs. v. United States, 145 F.3d 1000 (8th Cir. 1998); Bodimetric Health Servs., Inc. v. Aetna Life & Casualty, 903 F.2d 480 (7th Cir. 1990)). In Bayou Shores, the Eleventh Circuit explained that it relied on the recodification canon to hold that the Exhaustion Requirement also applies to bankruptcy jurisdiction. Courts will not presume, under this canon, that Congress intended a substantive change without a clear indication otherwise. To that end, the Eleventh Circuit found that Congress did not intend to alter the substantive scope of section 405(h).
Two circuits have more complicated precedent related to the Exhaustion Requirement. The Third Circuit has held that the Exhaustion Requirement applies to diversity jurisdiction, see Nichole Med. Equip. & Supply, Inc. v. TriCenturion, Inc., 694 F.3d 340 (3d Cir. 2012), but does not apply to bankruptcy jurisdiction, see Univ. Med. Ctr. v. Sullivan (In re Univ. Med. Ctr.), 973 F.2d 1065 (3d Cir. 1992) (“Thus we agree with the Ninth Circuit that ‘where there is an independent basis for bankruptcy court jurisdiction, exhaustion of administrative remedies pursuant to other jurisdictional statutes is not required.’”).
The Ninth Circuit has also held that the Exhaustion Requirement applies to diversity jurisdiction, see Kaiser v. Blue Cross of Cal., 347 F.3d 1107 (9th Cir. 2003), but does not apply to bankruptcy jurisdiction, see Sullivan v. Town & Country Home Nursing Servs., Inc. (In re Town & Country Home Nursing Servs., Inc.), 963 F.2d 1146 (9th Cir. 1991). Unlike the Third Circuit, the Ninth Circuit has recognized this inconsistency and explained that it is because bankruptcy jurisdiction is unique. SeeDo Sung Uhm v. Humana, Inc., 620 F.3d 1134 (9th Cir. 2010) (“But upon closer reading, Kaiser and In re Town & Country can be reconciled. In re Town & Country’s reasoning relies almost exclusively on the special status of § 1334’s “broad jurisdictional grant over all matters conceivably having an effect on the bankruptcy estate. . . .” Thus, its reading of 42 U.S.C. § 405(h) can reasonably be understood to apply only to actions brought under § 1334, while not bearing on the relationship between § 405(h) and other jurisdictional provisions such as § 1332.” (citations omitted)).
The Fifth Circuit relied on the plain reading of section 405(h) to reach the conclusion that the Exhaustion Requirement does not apply in bankruptcy courts. The Fifth Circuit concluded that the intent of Congress may be found in places other than a neighboring section in the Statutes at Large. Indeed, the Fifth Circuit contended that the actual words of the new provision are the most obvious source of congressional intent. And given that the statutory text failed to mention a bar against bankruptcy courts from exercising jurisdiction to hear Social Security claims, the Fifth Circuit refused to find that such a bar existed.
Conclusion
The Fifth Circuit joins the Third and Ninth Circuit to deepen the circuit split over whether bankruptcy courts have jurisdiction over Social Security and Medicare claims. For a more in-depth discussion, see Samuel R. Maizel & Michael B. Potere, Killing the Patient to Cure the Disease: Medicare’s Jurisdictional Bar Does Not Apply to Bankruptcy Courts, 32 Emory Bankr. Dev. J. 19 (2015).
After months of speculation, California’s largest utility, Pacific Gas and Electricity Corporation (PG&E), filed for protection under chapter 11 of the U.S. Bankruptcy Code on January 29, 2019. In the papers filed by the debtors, the affidavit in support of the filing, sworn out by Chief Financial Officer Jason P. Wells, aptly captured the reasons the company had given for the exigent filing: “[t]he chapter 11 filings were necessitated by a confluence of factors resulting from the catastrophic and tragic wildfires that occurred in Northern California in 2017 and 2018, and PG&E’s potential liability . . . made it abundantly clear that PG&E could not continue to address . . . claims and potential liabilities in the California state court system, continue to deliver safe and reliable service to its 16 million customers, and remain economically viable.”[1] The estimates for PG&E liability due to the wildfires, as reported by the company to the Securities and Exchange Commission through its January 14, 2019 Form 8-K, could exceed $39 billion.[2] California state fire investigators reported on January 20, 2019, that the devastating Sonoma county 2017 wildfire, known as the Tubbs fire, originated from a private electrical system and not by PG&E.[3] That brief respite was not enough to turn the tide, as a combination of heavy criticism from the public, regulators, the state’s newly sworn in governor, and the specter of liability from the other wildfires that had plagued the utility, buoyed the decision of PG&E to seek bankruptcy protection.
Since the filing, the utility has been connected with devastating fires in Northern California in 2015, 2016, 2017, and 2018, and the 2016 Ghost Ship Fire in Oakland.[4] Federal District Court Judge William Alsup has authority over PG&E, resulting from a 2016 felony jury conviction of the company that arose out of the San Bruno explosion of a PG&E gas pipeline, which killed eight people and destroyed 38 homes.[5] Judge Alsup recently ruled that the utility follow new safety standards in the wildfire mitigation plan submitted by PG&E to state regulators.[6] He had issued an earlier order to show cause requesting that the utility demonstrate why its conditions of probation should not be modified and much stricter standards imposed.[7] Several official committees authorized by 11 U.S.C. § 1102(a) have been appointed in the bankruptcy case,[8] including an official committee of unsecured creditors[9] and an official committee of tort claimants,[10] the latter to protect the rights of the victims of the wildfires.
Equity Holders Unconvinced
Not everyone was enthusiastic about the filing. Hedge fund BlueMountain Capital Management LLC, which holds a significant position in the utility, challenged the company’s decision to file for chapter 11 protection in two very public letters primarily on the grounds that the company was solvent. In the second letter, the hedge fund, which holds up to 11 million shares of the total 528 million PG&E shares, noted that “[y]ou have publicly stated that bankruptcy is in the best interests of all stakeholders. But you have failed to articulate a single cogent reason for why it is beneficial to any stakeholder.”[11] BlueMountain, undeterred by the pending chapter 11 filing, sent a letter to shareholders on January 24, 2019, announcing that it would be putting forth a completely new slate of directors to oust the current board.[12] The fund punctuated its sentiment toward the current PG&E leadership in the letter, stating, “[t]he Current Board has not only failed the Company and its shareholders; it has failed its customers; it has failed its employees; and, it has failed the people of California.” BlueMountain followed up with a March 1, 2019 statement that it selected 13 new board candidates from which it would ask other shareholders to elect as the new PG&E board at the company’s May 21 annual meeting.[14] PG&E has responded by announcing it will put forward five new board members and that the majority of its board would be independent directors by the date of the annual meeting.[15]
California State Government Response
California Governor Gavin Newsom was sworn in to office on January 7, 2019, and was immediately thrown into the PG&E crisis.[16] On February 12, 2019, Governor Newsom created a “strike team” of advisors, including bankruptcy lawyers and financial advisors.[17] The governor has given the strike team 60 days to provide a strategic plan to ensure continued and interrupted service, provide for the victims of the wildfires, protect workers, and protect consumers.[18] In late August 2018, the California legislature passed Senate Bill 901 (SB 901), and Governor Brown signed the bill into law on September 21, 2018.[19] SB 901 was part of a broader proposal that was intended to prevent PG&E’s bankruptcy filing. Although the legislation allowed for several reforms that were designed to alleviate some of the pressure on investor-owned utilities, the biggest and most controversial measure was to eliminate strict liability for utilities for fires caused by the equipment of investor-owned utilities. The elimination of strict liability, known as reverse condemnation, was dropped from the bill. SB 901 was signed with provisions allowing investor-owned utilities like PG&E to file with the California Public Utilities Commission to recover costs retroactively from the 2017 wildfires; establishing a new standard for determining costs that investor-owned utilities can recover beginning in 2019 for wildfire liabilities; and expanding requirements for wildfire mitigation plans. However, these measures were not enough to deter the PG&E decision to file chapter 11. On January 22, 2019, PG&E announced it had secured $5.5 billion in debtor-in-possession financing consisting of a $3.5 billion revolving credit facility, a $1.5 billion term loan, and a $500 million delayed draw term loan facility.[20]
The Star Crossed Universes of Bankruptcy Law and Energy Regulation
In the midst of this crisis, there is a complex intersection of the objectives of the reorganization of the utility and a web of regulators with different, and potentially contravening, policy objectives. PG&E is regulated by both the California Public Utility Commission (CPUC) and the Federal Energy Regulatory Commission (FERC). Many of the state issues revolve around the passing on of the utility’s liability to consumers, as well as particular renewable policy objectives of the State of California. The fight in the bankruptcy court to relieve the debtor of some of its regulatory burden also pits the less stringent standard of the debtors’ business judgment against the standard used by FERC regulators, which determines whether the requested regulatory action is in the public good.
As noted above, one of the biggest state regulatory issues is inverse condemnation. Inverse condemnation is the application of strict liability, imposition of liability for damages, whether the company acted negligently or not, if the utilities equipment causes damage, like the damages resulting from the California wildfires. Thus, if investigators find that a utility’s equipment, such as PG&E’s, was responsible for the havoc wreaked by the wildfires, that liability is passed directly onto consumers in the form of higher rates. This is not the first time consumers have borne the brunt of the utilities’ operations and legal troubles. PG&E previously filed for chapter 11 protection in 2001 due to the energy crisis, and their bankruptcy was the third-largest chapter 11 in U.S. history at the time.[21] PG&E exited chapter 11 three years later,[22] with customers paying higher rates to help repay $13 billion owed to creditors estimated at around $1,300 to $1,700 per customer.[23] SB 901’s mechanism for recovery of the costs of the earlier wildfires is to pass those costs on to customers through bonds. The law does not allow the bonds to be used to address liability post the 2017 wildfires. The camp fire, which killed 86 people, caused damages estimated between $10 billion to $16 billion and surpassed the damages from the 2017 Tubbs Fire, [24]would not be covered by SB 901’s bond relief provisions.[25]
The State of California also has a renewable energy initiative which has impacted PG&E through power purchase agreements and other state policy initiatives. A power purchase agreement (PPA) is a legal contract between an electricity generator (provider) and a power purchaser (buyer, typically a utility or large power buyer/trader). Contractual terms may last anywhere between five and 20 years, during which time the power purchaser buys energy, capacity, and/or ancillary services, from the electricity generator. The debtors have reported that they have PPAs in the aggregate amount of $42 billion.[26] The utility also reported that their PPA obligations are three times the 2017 gross revenues of PG&E and are the total undiscounted future obligations under PPAs approved by the CPUC.[27] The majority of the energy purchase obligations are tied to renewable energy requirements set by the State of California.[28] The debtor has been working with the CPUC to reduce its obligations under various aspects of the state’s regulatory regime, including requirements under the state’s Renewables Portfolio Standard Program, which requires a certain level of renewable energy purchases. [29] The state also requires PG&E to enter into energy storage contracts to further California’s renewable energy policy initiatives, and the utility has financed the construction of thousands of renewable energy generation resources.[30] The debtors have complained that many of the PPAs are at above-market rates and because of the tremendous investment by PG&E in the renewable energy market, their competitors both receive the advantage of lower rates resulting from that investment and PG&E is shut out from the market rates because of the state mandated PPAs.[31] The utility has been working with the CPUC toward relief from the regulator’s requirements in light of its current liabilities and chapter 11 filing.[32]
NextEra Energy, among other renewable energy companies, has several subsidiaries selling renewable power to the debtor and has asserted their rights in both bankruptcy court and through filings with the FERC, beginning with a request on January 18, 2019, to block the utility from amending or rejecting their PPAs with the debtor.[33] On January 25, 2019, the FERC held, “[w]e conclude that this Commission and the bankruptcy courts have concurrent jurisdiction to review and address the disposition of wholesale power contracts sought to be rejected through bankruptcy.”[34] The debtor has filed an adversary proceeding complaint in the bankruptcy court seeking to determine through a declaratory judgment (i) that the bankruptcy court has exclusive jurisdiction over the debtor’s rights to reject certain executory PPAs or other FERC regulated agreements, (ii) that the FERC does not have concurrent, or any, jurisdiction over the PPAs, and (iii) that either the automatic stay under section 362 of the U.S. Bankruptcy Code applies, or that the court enter into a preliminary and then permanent injunction to enjoin any action before the FERC related to the debtor’s ability under the Bankruptcy Code to eliminate their obligations under the PPAs through its power to assume or reject executory contracts under section 365.[35] On February 15, 2019, the FERC filed Defendant Federal Energy Regulatory Commission’s Response In Opposition To Debtors’ Motion for a Preliminary Injunction and Motion to Dismiss in which it strongly reasserted its sole jurisdiction over the debtors’ PPAs.[36] FERC has argued that once a rate, in this case the PPAs, has been approved by the commission, the terms, particularly the rates, are not private contracts, but creatures of the commission’s authority and can only be modified by petitioning FERC.[37] The court has scheduled a hearing on the preliminary injunction for April 10, 2019.[38] This is unlikely to be the last dispute, jurisdictional or otherwise, between the desire of the debtor to reorganize under chapter 11 and the varied constituencies with a keen interest in the fate of the utility.
[1]See Doc. No. 263, p. 3 of 166, Amended Declaration of Jason P. Wells in support of First Day Motions and Related Relief.
[5]See Doc. No. 961, Order to Show Cause, United States of America v. PG&E, No. CR 14-0175 WHA (N.D. Cal. 2019). PG&E was convicted for six felony counts of knowingly and willfully violating safety standards and obstructing an investigation by the National Transportation Security Board.
[6]See Doc. Nos. 975 and 976, Response to Order to Show Cause, United States of America v. PG&E, No. CR 14-0175 WHA (N.D. Cal. 2019).
[7]See Doc. No. 992, Order to Show Cause, United States of America v. PG&E, No. CR 14-0175 WHA (N.D. Cal. 2019).
[8] A motion to appoint a committee of public entities, such as cities and counties, was filed, but the relief requested was denied by the court. See Doc. Nos. 720, 803, 820, 823, and 884.
[9]See Doc. Nos. 409 and 962, Notices of Appointment of Creditors’ Committee Amended Appointment of the Official Committee of Unsecured Creditors.
[10]See Doc. No. 453, Notice Regarding Appointment of the Official Committee of Tort Claimants.
[33] See 166 FERC ¶ 61,049, Order Petition for Declaratory Order and Complaint ¶ No. 1; see also Exelon Corporation, Petition for Declaratory Order and Complaint, Docket No. EL19-36-000 (filed Jan. 22, 2019).
Traditionally, a U.S. patent could only be enforced against activities occurring within the U.S. The globalization of industries and markets over the past 50 years has brought down trade and communication barriers and integrated markets across the world. This has changed many companies from local or regional concerns into global players in the international supply chain. These changes have created conflict with existing U.S. patent law, in some cases allowing companies with infringing products to avoid liability by, for example, manufacturing the infringing product outside of the U.S. U.S. patent law has expanded over the last half century to address these loopholes. Many foreign activities that U.S. patent law traditionally carved out are now subject to liability, and the pace of change appears to be quickening. Although U.S. courts still discuss the traditional presumption against extraterritorial application of patent law,[1] in reality there are many exceptions to this presumption that allow enforcement of U.S. patents for activities occurring outside of the U.S.
Congress has repeatedly revised the patent infringement statute, 35 U.S.C. §271, to address foreign companies trying to skirt U.S. patent laws. For example, in Deepsouth Packing Co. v. Laitram Corp.,[2] the defendant manufactured components of an infringing product in the U.S. and then exported those components outside the U.S. for assembly into the infringing product. Applying the law at the time, the Supreme Court held that the defendant had not infringed the plaintiff’s patent because the assembly and sale of the infringing product occurred outside of the U.S., and it was “not an infringement to make or use a patented product outside of the United States.”[3] Congress enacted §271(f) in 1984 to address this gap by “expand[ing] the definition of infringement to include supplying from the U.S. a patented invention’s components” for assembly outside the U.S.[4] Four years later, Congress added §271(g) to the statute, which expanded liability for infringement for the importation, sale, or use in the United States of a product made abroad by a process patented in the United States. This closed the loophole for method claims of simply off-shoring manufacturing facilities (and then importing the manufactured product) to escape infringement liability. Similarly, in 1996, Congress added liability for the importation into the U.S. of infringing articles to the direct infringement subsection, §271(a).
These amendments can be applied broadly, especially alongside induced infringement under 35 U.S.C. § 271(b). §271(b) provides that “[w]hoever actively induces infringement of a patent shall be liable as an infringer.” For example, not only can a foreign manufacturer be liable for infringement under §271(g) for using a patented product to manufacture an infringing article outside of the U.S. (even if the article is ultimately imported into the U.S. by another entity), but in many cases the foreign manufacturer may also be liable for inducing its customers to import the infringing products under §271(b), even where the manufacturer has no direct link to the U.S. market. In Global-Tech Appliances, Inc. v. SEB S.A., the accused infringer, Pentalpha—located in Hong Kong—purchased one of SEB’s deep fryers in Hong Kong, manufactured its own copies of the fryer, and sold them to customers in Asia. [5] These customers independently imported the fryers into the United States.[6] Pentalpha was found liable for having induced infringement by manufacturing and selling the fryers in Hong Kong for their customers to import into the United States.[7]
The Federal Circuit has held consistently under similar facts. In O2 Micro Int’l Ltd. v. Beyond Innovation Tech. Co., the Court of Appeals of the Federal Circuit affirmed induced infringement by an Asian defendant even though the directly-infringing U.S. sales were made by a customer several rungs down the supply chain.[8] Similarly, in Power Integrations, Inc. v. Fairchild Semiconductor Int’l, Inc., the defendant’s knowledge of the likelihood that the product could be imported into the U.S. by downstream customers was enough to find inducement. In Power Integrations, even though the defendant did not actually know whether its customers were importing the infringing chips into the U.S., the evidence was sufficient to find inducement: designing chips to meet United States energy standards, providing demonstration boards containing the infringing chips to potential U.S. customers, and maintaining a technical support center in the United States.[9] Thus, a foreign business that runs a facially geographically-neutral operation can nevertheless be liable for induced infringement if its activities are directed at least in part to the United States. “[H]ard proof that any individual third-party direct infringer was actually persuaded to infringe” is not required.[10]
The district court opinion in Kaneka Corp. v. SKC Kolon PI, Inc., further illustrates this trend. In Kaneka, there were three degrees of separation between the accused induced infringer and the infringing act. The defendant’s polyimide film was sold to laminate manufacturers (layer 1), who sold laminates to manufacturers of circuit boards (layer 2), who then sold these circuit boards to the final “set-makers,” such as Samsung and LG (layer 3), who incorporated these circuit boards into mobile phones and imported them into the U.S.[11] Inducement was found because the defendant knew its film infringed plaintiff’s patents and that it actively and intentionally sold this film knowing that it would be incorporated into Samsung and LG phones, which would be imported into the United States.[12]
The geographic scope of patent damages has also been steadily expanding. For example, in 2018’s WesternGeco LLC v. ION Geophysical Corp,[13] the issue was whether a patent owner could recover lost foreign profits for infringement under §271(f). The dispute involved two competitors manufacturing sea-floor surveying technology.[14] The defendant manufactured components of its system and shipped them to other companies abroad who would then combine them to create a surveying system that infringed the plaintiff’s patent.[15] The court upheld the lower court award of lost profit damages based, in part, on purely foreign contracts (i.e. contracts for sales of the infringing product outside of the U.S.).[16] Several questions remain unanswered by this case, including whether such damages are limited to infringement under §271(f) and to “lost profits.” These issues are currently on appeal in Power Integrations,[17] where the plaintiffs argue that the analysis of WesternGeco would also permit recovery of damages for direct infringement under § 271(a) and both reasonable royalties as well as lost profits.[18]
With global commerce now being the norm rather than an exception, even purely foreign activities can create significant liability in the U.S. for patent infringement. This long-term trend toward an expansion of liability shows no signs of slowing down. Companies selling products into the international stream of commerce should be aware that significant U.S. liability may exist even where a company has no direct connection with U.S. markets.
[1]See Microsoft Corp. v. AT&T Corp., 550 U.S. 437, 454-455 (2007) (“The presumption that United States law governs domestically but does not rule the world applies with particular force in patent law”); Deepsouth Packing Co. v. Laitram Corp., 406 U.S. 518, 531 (1972) (“Our patent system makes no claim to extraterritorial effect.”).
[17]See, e.g., Power Integrations, Inc. v. Fairchild Semiconductor Intl., No. 19-1246 (Fed. Cir. Dec. 3, 2018).
[18] Power Integrations Opening Brief at 34, Power Integrations, Inc. v. Fairchild Semiconductor Intl., No. 19-1246 (Fed. Cir. Apr. 12, 2019) (Dkt. No. 32.)
Reading poetry, or any fictional text, is a mental dialogue between author and reader. Each of us is free to bring our own life experience and emotional reaction to how we interpret the text. The precise words, the author’s intent, and whether those words exist within the poem or commentary around it matter less than our reactions. Reading the law of the modern regulatory state is fundamentally different. It is not like reading fiction, or even the news, because the legal framework of the regulatory state is about the power of the government over the governed. The legal texts set the limits of the power of those who govern us. The words of the legal framework create the tools by which the three branches of government exercise that power. So, the words matter, the intent matters, and where in the hierarchy of power—and by whom—the words have been written matter. Given that it is about the power of the state, legal reading is constrained by its own norms and principles. It is not ordinary reading.
In today’s world, trained lawyers are not the only readers and interpreters of the legal framework and its legal texts.[1] There are many others with specialized knowledge or expertise who I call “regulatory readers.” The supervisors at the banking agencies are among the most important regulatory readers. In the private sector, one finds them in risk management, compliance, finance, and in policy positions in government and regulatory affairs. For many regulatory readers, interpreting the legal framework is core to their job responsibilities, and in our republic, there have always been citizen readers of the law. All this is as it should be. Yet in the post-New Deal construct, the full nature of the legal framework through which the regulatory state exercises its power has not been made as clear as needed.
It is, in my view, not taught well enough in most law schools with their continued overemphasis on case law. I realize that many top law schools have moved to remedy this problem with first-year courses that teach the post-New Deal administrative state. Years of teaching financial regulation as an adjunct at both Columbia and Harvard as well as training young lawyers at Davis Polk have led me to the view that even the brightest law students have not been given the proper grounding in how the regulatory state really works. The training of regulatory readers is a catch-as-catch-can, haphazard mess in urgent need of improvement.[2] It is fair to question how much training on the legal framework of the regulatory state the resource-constrained banking agencies have been able to give their supervisory staff.[3] Just a comparison of the number of lawyers to the number of examination staff at each of the agencies tells us that deep training on the law, legal interpretation, and the legal framework has not been possible.[4] And yet, since the early 2000s, which ushered in a new era of anti-money laundering compliance, and as accelerated after the financial crisis with its increased emphasis on governance, legal risk, and compliance, supervision has become much more legally infused. In the private sector, some compliance officers initially train as lawyers but may or may not have had training in the regulatory state. Many in compliance and risk officers have had no training at all in the legal framework.
This article aims to demystify the legal framework and legal interpretation for the newly minted, digital-native lawyer and for the curious regulatory reader, using the banking sector as a case study. It begins with a discussion of the legal framework and its hierarchy as it actually exists in the banking sector—not as it may have been taught theoretically in law school for young lawyers or ignored in compliance with law training for regulatory readers. It moves on to a discussion of the traps that await the unwary who rely solely on the banking agency websites for their sources of legal texts. It then seeks to explain why reading legal texts is not as unconstrained as reading poetry and other nonlegal texts. Finally, the article concludes by observing that a deeper understanding of these points is critical as we stand on the cusp of moving from the age of internet searching to the age of augmented machine reasoning in legal interpretation.
The Legal Framework and Its Hierarchy
At the top of the hierarchy is the U.S. Constitution, followed by federal statutes and regulations, as well as applicable state statutes and regulations, agency consent orders, public written guidance, and private written and oral guidance, which may or may not be preempted and which interact with federal law and regulations in complex ways. Each banking organization will have its own policies, some of which go beyond the legal framework. Judicial case law and canons of statutory and regulatory interpretation also must be considered. The graphic below sets out the structure. Although this explanation may be basic to more experienced regulatory lawyers, it is not widely understood by many regulatory readers, and as Chief Justice Strine of the Delaware Supreme Court has noted, not even to some of the younger digital-native lawyers.[6]
One key difference in how this article and the graphic below explain the legal framework and its hierarchy is that they take into account both the formal legal structure (constitutions, statutes, regulations, and case law) and the supervisory structure (agency examinations and guidance, only part of which is public). Law schools classically teach only formal regulation but not supervision.[7] By sharp contrast, the training of examiners, risk professionals, and compliance professionals is overweighted in supervision and guidance and underweighted in statutes, regulations, and case law.
The Legal Framework
When interpreting a legal text, it is critical to know where it sits in the hierarchy. If there is an inconsistency among principles or text, the text higher in the hierarchy wins. The U.S. Constitution trumps a statute, which trumps a regulation, which trumps guidance. The interaction between federal and state law is more complex, especially in the banking context. Of course, the U.S. Constitution always trumps a state law. The interaction of federal and state law, however, will depend upon whether the federal government has decided to preempt or coordinate with state law. In the banking sector, it is every which way.
What happens more often is that the lower-level text must be read in light of the higher-level text. It is a common error in the internet search era to rely on the most detailed text that appears to most precisely answer the question without looking to see where it fits in the hierarchy. No text is an island and should not be read as such. Part of the reason for this misunderstanding is the blessing and curse of our ability to Google up answers. We may think that our search has found the right result because detailed and precise text appears on our screen, but unless we position it within its proper place in the legal framework and check that it is still valid, it is easy to become confused. Digital searching can also sometimes lead to confusion between proposed and final texts. Proposed texts are not binding, although during the time they are proposed they can sometimes influence interpretation. After there is a new final text, however, the proposed text cannot be relied upon.
Statutes, Regulations, and Agency Documents
The U.S. Constitution. The U.S. Constitution, as the highest legal document of our republic, governs everything. It may seem like it does not come up, as a practical matter, in the daily life of legal interpretation and regulatory reading, but it does. For example, under the U.S. Constitution, no federal agency has “inherent powers.” There is no such thing. The U.S. Constitution, as ratified, delegates specified powers to the federal government. Under the separation of powers among the three branches of the federal government, a federal banking agency has only the powers that Congress has delegated to it and no more. These are broad powers, but they are not limitless. Two concrete examples might help. The banking agencies have often asserted in multiple fora their authority to regulate banking organizations for safety and soundness. That power exists but is not part of any “inherent authority,” as has apparently mistakenly been taught to a generation of examiners. Rather, it comes from a Congressional statutory delegation of authority and is limited by the words contained in, and the Congressional intent behind, that authority.[8] Another recent example is the criticism and pushback from some examiners on lobbying by banking organizations. As Vice Chairman for Supervision Quarles expressed in a surprised and shocked response to a Congressional question, such behavior, if it happened, would be a clear violation of First Amendment rights to free speech and to petition the government for the redress of grievances.[9] Both examples illustrate more than anything else flaws in training and education at the agencies, which in many respects may stem from a shortage of lawyers at those agencies as well as a lack of adequate resources given to the legal budget within the agencies.
Federal Statutes and Federal Regulations. Federal statutes and regulations are key to any legal interpretation. Statutes are bound by the limits of the U.S. Constitution. In addition, regulations cannot go beyond the authority granted by the relevant statute and must be interpreted in light of the applicable grounding statute (typically title 12 in the banking context), other applicable statutes (most commonly the Administrative Procedure Act and the Freedom of Information Act, but many others also apply), and any court cases interpreting the regulatory text or similar regulatory text from another context. Many regulations do not repeat the entire statutory text, and both must be mastered and read together in order to interpret a regulation. A good example is Regulation W in which certain defined terms are found only in section 23A or 23B of the Federal Reserve Act, so reading the regulation alone is misleading and incomplete. Regulations are issued under the notice and comment procedures of the Administration Procedure Act and are legally binding upon both the banking agency and the banking organization. Astoundingly, confusion has arisen among some risk and compliance professionals who claim that the “law” is for the lawyers, and “regulations” are for risk and compliance. This confusion is an unintended and unfortunate misunderstanding of the agencies’ admirable use of the simplified phrase “law and regulations.” A more precise, technical wording would be “the Constitution, all applicable statutes whether federal or state, all relevant judicial interpretations, and regulations.” We can all agree that “laws and regulations” is a more elegant and simplified phrase, but it does not change the fact that regulations are part of the law—that is, the legal framework. No one should be confused that regulations are not part of the law or think that they are separate from the hierarchical legal framework.
Federal Consent Orders. Federal consent orders are binding on an individual banking organization and thus form a type of binding contractual obligation that is legally enforceable in a court. Many large banking organizations have at least one active consent order outstanding. Before giving any legal advice to a banking organization, it is necessary to confirm there is no relevant outstanding consent order. Consent orders of one banking organization are not binding on any other banking organization. Remediation plans under a consent order, once accepted by the banking agency, form part of that binding contractual obligation and are typically not public.[10]
Federal Public Written Guidance. There has been much discussion lately about federal public written guidance, which encompasses those public agency writings that are labeled as “guidance” as well as supervisory letters, examinations manuals, and FAQs—essentially any public writing by the regulatory agency staff.[11] Banking organizations, like other regulated entities, actively seek public written guidance. Most guidance is not legally binding and is not enforceable against the agency staff or banking organizations, although in practice, many agency staff and banking organizations have, until recently, treated guidance as if it were binding.[12] Under title 12, there is also an unusual category of “enforceable guidance” or “standards” that are permitted under the statutory safety and soundness authority.[13] The OCC’s risk management guidelines fall into this category.
There has been some confusion by certain regulatory readers asserting that guidance is not part of the legal framework and therefore does not involve legal interpretation. An understanding of the full legal framework shows this view to be deeply mistaken. The interpretation of public written guidance is part of the legal framework even if written by the agencies’ supervisory staffs, and even if it is legally nonbinding. It must be interpreted in light of the Constitution, statutes, regulations, and case law that sit above it and either infuse the interpretation or limit its applicability. Public written guidance is especially sensitive because it is explicitly meant not to apply to all situations at all times. The tyranny of the spreadsheet checklist within most banking organizations has meant that this important fact is easily lost in the realm of project management implementation.[14] It is also the situation, due to constraints of budget, resources, and stature within the agency, that public written guidance, especially the types that are published without notice and comment review, have not been truly vetted by the agency legal staffs. As a result, there is a higher incidence of errors under the legal framework in such guidance.[15] This lack of internal vetting by agency legal staff does not, however, render public written guidance as not part of the overall legal framework.[16]
Federal nonpublic guidance and secret lore. Federal nonpublic guidance and secret lore comes in multiple forms, none of which are legally binding but which nonetheless impact the behavior of banking organizations. Much of this guidance is written, but some of it is oral. Some of this nonpublic guidance applies, like a consent order, only to a single banking organization. For example, examinations, feedback letters, MRAs, and MRIAs are all written and have the imprimatur of having been vetted by the higher levels within the banking agency.[17] Each one of these, however, to the extent it is legally infused, such as supervisory views on whether the banking organization is complying with the legal framework, in practice requires the backdrop of the legal framework of laws, regulations, and public guidance and must be read against those authorities. To complicate matters further, some examinations, consent order feedback letters, and MRAs are done on a horizontal basis across all or a subset of banking organizations.
Banking organizations also receive nonpublic oral guidance, sometimes from individual agency staff. Much but not all of this nonpublic guidance is legally infused. An oral tradition, often called “lore” of how the legal staffs of the banking agencies interpret a certain statute or regulation, often also impacts its interpretation, especially at the Federal Reserve. This lore can change when personnel changes but has traditionally been taken quite seriously by bank regulatory lawyers when it comes from, or is attributed to, the general counsel. An example is the so-called teardown rules created by the Federal Reserve legal staff for the breaking of a controlling influence as an investment is sold. These are not “rules” at all but a series of oral principles, not made public nor written down, but which reflect the views of some legal staff at a moment in time. It is also often the case that individuals in the supervisory staff sometimes engage in interpretations of the legal framework on an oral basis. Nonpublic written guidance must be interpreted in light of the statutes and regulations that govern it. Secret lore and oral guidance that is legally infused has a troublesome placement in the legal framework because the concept of secret law in a democracy is on shaky ground. Moreover, to the extent it comes from individual conversations with individual supervisory staff and is not applied horizontally across multiple banking organizations, it may or may not have been vetted or approved by senior supervisory staff or agency lawyers.[18]
Banking Organization Policies. Banking organizations have many policies. Some of these policies reflect the requirements of the legal framework, but many are designed to go above and beyond the requirements of the legal framework and impose a higher standard. Whether they reflect the legal framework or go beyond it, policies must be interpreted in light of the legal framework and updated when the legal framework changes.
The legal framework and its hierarchy are a core knowledge base in the interpretation of any regulatory text, be it a statute, a court case, a regulation, or other agency document. Without a firm grasp of exactly how it applies in any situation requiring interpretation of the text, an accurate interpretation cannot be certain.
Agency Websites and What Is Law?
Now that the hierarchy of the legal framework has been explained, where and how does one find valid textual sources of the legal framework? This article is too short for an explanation of which statute and regulation sits where and with what agency, especially since many excellent explanations exist.[19] Instead, this article will deal with the use and misuse of banking agency websites, which in today’s world of easy internet access is the first stop for many. As internet use has expanded, the federal banking agencies have expanded the quality and quantity of what they label in simplified English shorthand to be the “laws and regulations” that are posted and updated on their websites. This expansion of website access is deeply admirable and has vastly expanded public access to the legal framework. The author relies upon them with gratitude nearly every day; there are, however, some tricks and traps in relying solely on banking agency websites that can make them either highly misleading or incomplete in some crucial areas.
The first misleading element is the short-hand and lovely simplified phrase, “laws and regulations,” which is widely used on banking agency websites and in consent orders. As noted above, the phrase has led some to mistakenly believe that “regulations” are somehow separate from “law” and that the interpretation of regulations does not involve legal interpretation. Nothing could be further from the truth. Regulations are binding law and part of the legal framework. Those who have come to believe that they are somehow not legal or not law need to change their mindset.
The content of the agency websites has also led to some confusion about what the “law” is that might apply to banking organizations because the websites often do not include the grounding statutes upon which the regulations, guidance, and supervisory letters are based. Only the FDIC to its immense credit posts the federal banking statutes on its website. But the reader must beware that sometimes the statutes are incomplete.[20] The Federal Reserve, the OCC, and the CFPB post only their own regulations, guidance, and supervisory letters but, quite amazingly, skip the foundational banking statutes on which their regulations, guidance, and supervisory letters are grounded. Only the FDIC posts the Administrative Procedure Act and the federal criminal laws applicable to banking organizations on its website. Other applicable federal statutes, or even the fact that they might exist, are absent from the other banking agencies’ websites. None of the federal banking agencies post or refer to the Congressional Review Act or to the recent OMB memorandum.[21] There is an easy fix to this misleading element, which is that the other banking agencies could follow the FDIC’s lead and also include their grounding statutes on their websites, as well as links or references to other applicable federal statutes.
The second misleading element is that the structuring of the topics on the agency websites also lends itself to confusion about the hierarchy of the legal framework. Here are some random examples. On the FDIC website, the statutes are treated as a subtopic of “policy,” and enforcement orders are a subtopic of “examinations.” The Federal Reserve’s website on the Volcker Rule mentions the statute, not the regulations, and the materials under the Volcker Rule topic do not contain a link to either the statutory text or the Federal Reserve’s own implementing regulations of the statutory text.[22] The OCC categorizes its handbook for recovery under the “Laws & Regulations” section of its “Publications” topic when recovery planning comes from guidance, and a handbook cannot be a law or a regulation. The CFPB categorizes rulemaking and enforcement under the topic of “Policy and Compliance.” It is no wonder that young, digital-native lawyers and regulatory readers become confused about the hierarchy of the legal framework.
The third misleading element is that the federal banking agencies’ websites are not updated for statutory changes or judicial decisions that can change the reading of the regulation dramatically. For example, the Economic Growth, Regulatory Relief, and Consumer Protection Act[23] changed the statutory text of the Volcker Rule. The Volcker Rule implementing regulations, even in their newly proposed form, do not take into account any of the statutory changes that are immediately effective. As another example, the CFPB’s website is silent about the developing circuit split around its constitutionality. The OCC website topic on “Legislation of Interest” has not been updated since 2010. The websites are also unclear about when state law might apply.[24] Finally, many older interpretations are still not available on the websites, and it remains necessary to consult with old-fashioned paper files, some of which are nonpublic or quasi-public. Determining when state law is preempted by federal law is driven by case law as well as statutory law and regulations, and is often not made obvious on the agency website.
Some of these misleading elements could be fixed by changes to the websites, but some are harder, indeed very difficult, to change by simple and sustainable improvements to the agency websites. Instead, lawyers and regulatory readers will have to remain alert to the broader context when relying upon agency websites for their work. It is also important to understand that agency websites are not neutral; their mission is to reflect the views of the agency and, just like newspapers, they are slanted in that direction by what they choose to cover and by what they choose not to cover. The agency websites are wonderful tools and destined to get better over time,[25] but as the preceding discussion makes clear, naive internet searching on an agency website or elsewhere cannot be the end of the task. It is still necessary to determine where the text fits within the hierarchy of the legal framework, whether it is still valid, and whether sources outside of the agency websites might also influence the reading.
Legal Reading Is Not Ordinary Reading
The final way in which young, digital-native lawyers and regulatory readers can be tricked is that legal interpretation is not like ordinary reading. The federal banking agency websites do not contain any of the principles of legal interpretation that make the reading of legal texts different from reading nonlegal texts. There is no mention of the canons of statutory or regulatory construction[26] and no mention of the different levels of deference to be paid to different types of agency documents. Many young lawyers and regulatory readers are unaware, for example, that statutes and regulations must be read structurally as a whole; that regulations issued under the Administrative Procedure Act, and some interpretations where the agency has special expertise, get a high level of deference under the judicial Chevron doctrine;[27] but that many other agency documents, such as guidance, FAQs, exam manuals, and supervisory letters are subject to a much lower level of deference under another doctrine, as discussed in more detail below.[28] The agency websites do not contain the basic elements of legal interpretation because no one could have anticipated when they were first created that these websites would become the first stop for those seeking to understand laws, regulations, and guidance. It is a common error of regulatory readers and young lawyers to read from the bottom up—that is, to begin with the guidance, then move to the regulation, and then to the statute. In reality, the reading should be top down, beginning with the statute and then moving to any regulation or guidance. Those who have had no training in the legal framework often mistakenly believe that reading the guidance is sufficient. Although trained lawyers should already know these principles, it is important to communicate the existence of these principles to the many regulator readers using agency websites, and even some lawyers.
The graphic below sets out the many ways in which the reading of a legal text is different from nonlegal text. One begins, of course, with the words and their plain meaning,[29] but it is never quite that easy in the legal framework of the regulatory state, which is not known for its use of plain English. To be sure, many legal interpretations are basic and simple, and the words on the page are enough. Some of these form the large areas of settled law that will, in the next few years, become more and more automated.[30] Examples of clear or settled areas ripe for automation are calculations of the days when reports are due, most of the elements of standard reports, or other repeatable events.[31] There remain, however, many areas of ambiguity, gaps, and unsettled interpretation where there is limited or no plain meaning in the text. The arena of ambiguity is quite large in the regulatory state. For that, ordinary reading is not sufficient; other tools must come into play. For example, what is “material” under the securities laws, and how does that compare to “material” under the living wills regulation? Should the same word be given similar meanings in statutory frameworks with very different goals? What is “reasonable” under “reasonably expected near term demand” under the Volcker Rule? What is “abusive” under unfair, deceptive, or abusive acts and practices (UDAAP) statutes?[32] In these areas, the tools of statutory and regulatory construction, which turn legal interpretation away from ordinary reading, must be used. There are canons of statutory construction, many of which apply in the regulatory context. This article is too short to lay them all out, but they are admirably described in excellent secondary sources.[33] The graphic below sets forth how legal interpretation differs structurally from ordinary reading.
Interpretation of a Legal Text—Not Ordinary Reading
Even language-based plain reading of a legal text, which has had more primacy in recent years than legislative history, is not identical to reading a nonlegal text. The words may be defined in the statute or regulation, or they may be defined elsewhere in other statutes and regulations and not defined in the current statute or regulation.[34] The words may be interpreted differently depending upon whether they are general or specific words, or whether they are words that appear in a list and therefore should be limited by the concepts in the list.[35] Justice Scalia has described textual analysis as “a holistic endeavor. A provision that may seem ambiguous in isolation is often clarified by the remainder of the statutory scheme—because the same terminology is used elsewhere in a context that makes its meaning clear, or because only one of the permissible meanings produces a substantive effect that is compatible with the rest of the law.”[36]
Today, these principles matter more than ever due to the cultural shift toward PowerPoint and similar applications as the dominant tool in business communications, which has led to a cultural split between those who spend their working life reading texts and those who spend their life in PowerPoint.[37] Because most official documents from regulators remain in legal or legally infused text, rather than PowerPoint, a cultural shift must sometimes be made even before engaging with the fact that reading a legal text is not like ordinary reading by the digital native.
Agency interpretations and deference are a key part of the interpretation of any legal text in the legal framework that applies to the banking sector. The banking agencies interpret the statutory text, implement the statutory text through regulations, and apply the statutes and regulations through their guidance, FAQs, supervisory letters, general counsel opinions, secret lore, and supervision. In the administrative state, the agencies have become the most important arbiters of the legal framework in most circumstances. Under various judicial doctrines, different types of agency interpretations benefit from different levels of judicial deference. These principles of deference matter, even when no judge is involved, because they inform how the legal text is read.
Under the Chevron doctrine as currently construed by the Supreme Court, when agency interpretations of statutes are made under a formal process, such as notice-and-comment rulemaking, courts defer to any reasonable agency interpretation of ambiguous statutory language.[38] When interpreting regulations, an agency’s interpretation of its own properly issued regulation is given deference unless it is “plainly erroneous or inconsistent with the regulation.”[39] For agency judgments or decisions made without a formal process, the Skidmore doctrine applies, under which courts give less deference than under Chevron, and the deference to an agency interpretation or decision in a particular case “will depend upon the thoroughness evident in its consideration, the validity of its reasoning, its consistency with earlier and later pronouncements, and all those factors which give it power to persuade.”[40] The judicial concept of different levels of deference explains, in part, why lawyers, risk managers, compliance professionals, and sometimes supervisors can talk past one another when guidance is the topic. For the trained lawyer, guidance is read with a lower level of deference, and it is not binding. For the regulatory reader, using the tools of ordinary reading with the added dollop of the tyranny of the spreadsheet of project management, it becomes literal and binding.
Conclusion
When the author began the practice of law in the late 1980s, statutes, regulations, and judicial opinions were available only in paper format. Agency interpretations were closely held secrets, often available only by FOIA requests that were routinely filed by all of the law firms with a major bank regulatory practice. Commercial, subscription-based databases became available by the mid-1990s to those lawyers at law firms willing to pay for them. Since the invention of the smartphone, however, we have lived in the era of easy internet access. Statutes, regulations, and judicial opinions can be accessed, often free of charge, by anyone from anywhere. The agencies have vastly expanded the information available on their websites, and most formal written guidance is no longer secret.[41] The age of internet access has democratized access to the legal framework so that it is no longer a small elite of regulatory lawyers who guard its gates. The pool of regulatory readers has vastly expanded. At the same time, the legal framework has become more complex, and the role of compliance with law examinations by supervisors has expanded. The rise of operational risk management in banking organizations, including within its purview operational and legal risk, along with the rise of compliance as a division separate from the legal department, have also complicated how banking organizations interpret the legal framework, sometimes leading to multiple competing poles of interpretation within the organization. At its best, the training for young lawyers on the realities of the regulatory legal framework is not core to legal education and at its worst, it is not done. For the regulatory readers, training is haphazard. The problem is exacerbated by professional silos and corporate hierarchies both within the agencies and the banking organizations. The democratization of the age of internet access has brought us many benefits, and the presence of more and better regulatory readers is a welcome development, but the haphazard and chaotic atmosphere of the internet age is not going to serve us well in the coming age of augmented intelligence. We have to get our act together if we are to find a way to appropriately train the natural-language artificial intelligence that will make the practice of law, operational risk management, and compliance work better in the coming digital age.
*Margaret E. Tahyar is a partner in Davis Polk’s Financial Institutions Group. The author wishes to thank all of her many colleagues who have commented on this article, most especially the young, digitally native lawyers and, in particular, Tyler Senackerib, who helped with the research for this piece, and Alba Baze, who helped with the research on a companion article published in January, Margaret E. Tahyar, Are Banking Regulators Special? (Jan. 1, 2018), as well as on a related comment letter to the FDIC. Comment Letter in Response to Request for Information on FDIC Communication and Transparency from Margaret E. Tahyar, Davis Polk & Wardwell LLP (Dec. 4, 2018). This article reflects the views of the author and does not necessarily reflect the views of Davis Polk & Wardwell LLP.
[1] In a companion article to be published later, I will discuss the relationship between trained lawyers and regulatory readers in the agency and corporate setting.
[2] My testimony before the Senate Banking Committee makes some suggestions for better training of the supervisory staff. Guidance, Supervisory Expectations, and the Rule of Law: How Do the Banking Agencies Regulate and Supervise Institutions?: Hearing Before the United States Senate Committee on Banking, Housing, and Urban Affairs (Apr. 30, 2019) (statement of Margaret E. Tahyar).
[3] A recent memo written by two former Federal Reserve staffers has pointed out that training on the legal framework has been delegated to the regions. Richard K. Kim, Patricia A. Robinson & Amanda K. Allexon, Financial Institutions Developments: Revamping the Regulatory Examination Process, Wachtell, Lipton, Rosen & Katz (Nov. 26, 2018).
[4] The banking agencies have long been understood to be monitor- or examiner-dominated in their personnel. Based on research by an academic, some of which is estimated, the Federal Reserve is 95-percent monitor staff, the OCC is 93-percent monitor staff, and the FDIC is 86-percent monitor staff. Rory Van Loo, Regulatory Monitors, 119 Columbia L. Rev. 369, 438–39 (2019). The higher proportion of lawyers at the FDIC is likely linked to its work as the deposit insurer and bank failures. There are simply not enough lawyers at the agencies, in comparison with the supervisory staff, for either deep training to have occurred or for there to be a thick enough pool of talent to deal with the many legally infused questions that must arise in the context of supervisory activities.
[5] The article is meant as a fill-in to some common gaps in the knowledge base of newly minted, digital lawyers and experienced regulatory readers that I have observed in my work as a part-time adjunct professor and regulatory lawyer. It is not meant to be an overall basic training, which is beyond the scope of this short piece.
[6] Leo E. Strine, Jr., Keynote Dialogue: “Old School” Law School’s Continuing Relevance for Business Lawyers in the New Global Economy: How a Renewed Commitment to Old School Rigor and the Law as a Professional and Academic Discipline Can Produce Better Business Lawyers, 17 Chapman L. Rev. 137, 150–51 (2013).
[7] For an excellent academic piece describing the role of supervision in the regulatory state, see Rory Van Loo, Regulatory Monitors, 119 Columbia L. Rev. 369 (2019).
[9]Semi-Annual Testimony on the Federal Reserve’s Supervision and Regulation of the Financial System, 115 Cong. 86 (2018) (statement of Randal K. Quarles, Vice Chairman for Supervision). “Congress shall make no law . . . abridging the freedom of speech . . . or the right of the people . . . to petition the government for a redress of grievances.” U.S. Const. amend. I.
[10] There are also sometimes nonpublic memoranda of understanding, board resolutions, and agreements under section 4(m) of the BHCA that would govern the behavior of a banking organization but which remain confidential supervisory information.
[11] Speeches and papers by individual agency principals or staff or congressional testimony can also inform a legal interpretation but must be treated with caution. They are not legally binding, and they may reflect a political agenda, the need for diplomatic silences in a certain political moment, or may not reflect the views of the agency as a whole, as agency principals and staff so often appropriately tell us. On the other hand, they may indeed reflect a considered legal interpretation. In my years of teaching, one of the clues that law schools are not yet effective in teaching how to interpret the legal framework of the regulatory state is the tendency of law students to be too credulous in their willingness to suspend disbelief around speeches and testimony. Read and interpret with caution.
[12] There are also many open questions at the moment about which guidance is effective if it falls into the category of guidance that ought to have been sent to Congress under the Congressional Review Act but was not.
[14] One side effect of relying too heavily on regulatory readers, combined with checklist spreadsheets, is that banking organizations are sometimes pushed to do more than necessary because the nuances of guidance are lost.
[15]See Semi-Annual Testimony on the Federal Reserve’s Supervision and Regulation of the Financial System, 115 Cong. 86 (2018) (statement of Randal K. Quarles, Vice Chairman for Supervision) (“And with respect to our guidance, I think that we can be [more accountable for guidance] . . . , which sometimes in the past—that is less than the case of the recent past, but sometimes in the past has—has just gone out to the examiners and the banks.”).
[16] This lack of vetting is likely the result of a shortage of lawyers on the staffs of the agencies as compared to their supervisory staffs. See Rory Van Loo, Regulatory Monitors, 119 Columbia L. Rev. 369, 438–39 (2019) (Lawyers make up 7 percent, 14 percent, and 5 percent of the staffs of the OCC, FDIC, and Federal Reserve, respectively).
[17] MRAs are “Matters Requiring Attention,” and MRIAs are “Matters Requiring Immediate Attention.” They are nonpublic supervisory findings that arise from examinations. Some of them will be legally infused (for example, those that arise from compliance-with-law examinations), but many will not be (for example, those that arise from credit quality concerns).
[18] My testimony before the Senate Banking Committee includes further discussion of the increasing scope of guidance and secret lore. Guidance, Supervisory Expectations, and the Rule of Law: How Do the Banking Agencies Regulate and Supervise Institutions?: Hearing Before the United States Senate Committee on Banking, Housing, and Urban Affairs (April 30, 2019) (statement of Margaret E. Tahyar).
[19] The best short treatment in banking law is the American Bar Association published book, The Keys to Banking Law: A Handbook for Lawyers (Second Edition) by Karol K. Sparks, which has a handy key for which statutes and regulations apply to which agency and lists the applicable statutes. Of course, I cannot also help but plug Financial Regulation: Law and Policy (Second Edition 2018), a textbook that I co-wrote with Michael Barr and Howell Jackson. It has been deliberately written for both law students and regulatory readers.
[20] For example, the Volcker rule statute on the FDIC website references some key definitions that appear in other statutes that do not appear on the FDIC website.
[21] Guidance on Compliance with the Congressional Review Act, M-19-14, Office of Management and Budget (April 11, 2019).
[22] The author, having lived through the implementation of the Volcker Rule (statute and regulations, together) is immensely grateful that the Federal Reserve has a separate topic heading on its website for its supervisory guidance under the Volcker Rule and uses it often. Given how the Volcker Rule developed, it is completely understandable. The point here, however, is that the lack of attention to the hierarchy of the legal framework is a structural problem on the agency websites and leads to confusion among regulatory readers and the digitally native lawyers.
[23] The Economic Growth, Regulatory Relief, and Consumer Protection Act of 2018, Pub. L. No. 115-174.
[24] Banking organizations are also subject to state laws in various ways. A state-chartered bank is governed by the state law of its chartering authority, but even national banks are subject to many state laws. State trust law, for example, is embedded into the trust powers of national banks. State law is also applicable under many consumer protection statutes.
[25]See, e.g.,Request for Information on FDIC Communication and Transparency, 83 Fed. Reg. 50,369 (Oct. 5, 2018).
[26] Larry M. Eig, Statutory Interpretation: General Principles and Recent Trends, The Congressional Research Service (Sept. 24, 2014). See also Antonin Scalia & Bryan A. Garner, Reading Law: The Interpretation of Legal Texts (2012); William Eskridge, Legislation and Statutory Interpretation (2007).
[27] Chevron U.S.A., Inc. v. NRDC, 467 U.S. 837 (1984). With changes in the Supreme Court, the Chevron doctrine is coming under question and may change.
[28]See Skidmore v. Swift & Co., 323 U.S. 123 (1994).
[29]See Moskal v. United States, 498 U.S. 103, 108 (1990) (“In determining the scope of a statute, we look first to its language, giving the words used their ordinary meaning” (internal quotations omitted)).
[30] There is also settled law via judicial interpretation where the plain meaning of the text is not enough.
[31] My assertion is not that they are perfectly clear, but that many are clear enough and could soon be automated or partly automated.
[33] Larry M. Eig, Statutory Interpretation: General Principles and Recent Trends, The Congressional Research Service (Sept. 24, 2014). See also, Antonin Scalia & Bryan A. Garner, Reading Law: The Interpretation of Legal Texts (2012); William Eskridge, Legislation and Statutory Interpretation (2007).
[34] The Volcker rule regulations are an example. The concept of “debt previously contracted” appears in the National Bank Act and has a long history of public written interpretation by the OCC and, to a lesser extent, the Federal Reserve. It is not defined in the Volcker Rule regulations. Likewise, the term “investment adviser” appears in the Volcker Rule regulations. It is defined in the 1940 Act, but there is no cross-reference in the Volcker Rule regulations to its similar usage. Another example is the SEC’s proposed rules for segregation of collateral for security-based swaps. Although the proposed regulations for segregation will contain some of the technical segregation requirements, the basic requirements are found only in the Exchange Act, including for example, a reporting requirement that is mentioned nowhere in the proposed regulations.
[35] “Where general words follow an enumeration of specific items, the general words are read as applying only to other items akin to those specifically enumerated.” Harrison v. PPG Indus., Inc., 446 U.S. 578, 588 (1980). For example, if the term “fruit” is defined as “apples, bananas, oranges, or similar foods,” one could reasonably consider pears a fruit that is a “similar food” but not pizza. The question of whether a tomato, which scientists classify as a fruit but most people view as a vegetable, would fall within the “or similar foods” category would depend upon the overall context and intent.
[36] United Savings Ass’n v. Timbers of Inwood Forest Associates, 484 U.S. 365, 371 (1988) (citations omitted).
[37] PowerPoint, with its ability to communicate with visual tools, is a wonderful medium. Davis Polk’s Financial Institutions Group uses it frequently.
[38] Chevron U.S.A., Inc. v. NRDC, 467 U.S. 837 (1984); Christensen v. Harris County, 529 U.S. 576 (2000); United States v. Mead Corp., 533 U.S. 218 (2001).
[39] Auer v. Robbins, 519 U.S. 452, 461 (1997) (quoting Bowles v. Seminole Rock & Sand Co., 325 U.S. 410, 414 (1945)).
[40] Skidmore v. Swift & Co., 323 U.S. 134 (1944).
[41] There still exists a wide realm of secret lore and, as I have argued elsewhere, too wide a realm of confidential supervisory information. Margaret E. Tahyar, Are Banking Regulators Special? (Jan. 1, 2018); see also, Guidance, Supervisory Expectations, and the Rule of Law: How Do the Banking Agencies Regulate and Supervise Institutions?: Hearing Before the United States Senate Committee on Banking, Housing, and Urban Affairs (April 30, 2019) (statement of Margaret E. Tahyar).
The laws impacting cannabis and marijuana-related businesses (MRBs) have been an evolving landscape in both the United States and Canada. The U.S. landscape for MRBs has been difficult to navigate in that there are a number of inconsistencies between federal and state laws that make it increasingly difficult for stakeholders in MRBs to determine what is legal. Twenty-nine states plus the District of Columbia have legalized marijuana for medical purposes; six states have legalized marijuana for recreational use; and Maine and Massachusetts have approved legalization measures that have not yet taken effect.
Under the Controlled Substances Act (CSA), U.S. federal law prohibits the manufacture, possession, or use of marijuana for any purpose, even in states where recreational or medical marijuana sales are legal. The Money Laundering Control Act under U.S. federal law also prohibits knowingly conducting a financial transaction that involves the proceeds of unlawful activity, which includes violations of narcotics laws. However, there is an exclusion from violation of the CSA where the underlying activity is not an offense in the foreign country.
Recent U.S. laws are giving hope to the cannabis industry that the tide in the United States toward MRBs is changing. On December 12, 2018, the U.S. Congress passed the Agriculture Improvement Act of 2018 (also called the Farm Bill). The Farm Bill finally makes a distinction between hemp and other cannabis plants, and makes “industrial hemp” exempt from the CSA, which essentially means hemp is legal with restrictions. The Farm Bill also allows for interstate sales of hemp products. In March 2019, the House Financial Services Committee voted to approve the Secure and Faire Enforcement (SAFE) Banking Act, which has 152 cosponsors, twelve of which are Republicans. The SAFE Act would permit MRBs to access banking services by protecting banks and other financial institutions from federal prosecution when working with MRBs that are operating in compliance with state laws. The law would also provide safe haven for ancillary businesses that work with MRBs from being charged with money laundering and other financial crimes. The next step is for the SAFE Act to go to the U.S. Senate.
Financial institutions in the United States are grappling to obtain a clear understanding of what activities they may currently undertake vis-à-vis marijuana-related businesses. The central question is, what kind of activity by a financial institution would constitute a violation of the CSA and the Money Laundering Control Act? Based on the exclusion from the CSA discussed above, many financial institutions have been able to get comfortable with providing financial services to an MRB located in a jurisdiction where marijuana is legal, where their operations are solely in that country. Even where it is legally permissible, financial institutions often must also deal with certain ethical or reputational risk issues, given the U.S. federal law prohibition and the prohibition under laws around the world.
There are also questions without clear answers around what types of products and services a financial institution can provide a company that derives revenue from an MRB and how far down the chain of suppliers to and service companies for MRBs also may be prohibited from dealing with financial institutions. For example, will a financial institution bank with a state or municipality that derives revenue from marijuana-related businesses, or an accountant who does the taxes of MRBs? Due to this confusing and contradictory environment in the United States, the majority of MRBs have no access to services of financial institutions, such as obtaining loans, opening bank accounts, accepting credit and debit cards, and using electronic payroll services.
In contrast, Canada became the first major world economy to legalize recreational marijuana in October of 2018. The Cannabis Act and accompanying regulations in Canada establish a licensing regime governing cultivation, processing, testing, drug products, and research. There are strict rules governing operations of cannabis businesses in Canada, and each province creates its own regulatory regime governing MRBs. Certain provinces permit privately owned stores and online sales (Saskatchewan and Manitoba); some permit privately owned stores with publicly managed online sales (Alberta, Ontario); others allow both private and publicly owned stores (British Columbia, Newfoundland, Yukon, and Nunavut); and the largest subset permit only publicly owned stores (Quebec, New Brunswick, Nova Scotia, Prince Edward Island, and the Northwest Territories).
Companies in Canada are certainly accessing the financial markets. Canopy Growth Corporation, the world’s largest legal cannabis company by market share and also publicly traded on the New York Stock Exchange, recently closed the second syndicated financing of a cannabis company. Cannabis businesses have grown at record speed as an industry in Canada—Canopy Growth Corporation grew from 700 to 2,700 employees in less than a year. Canopy Growth Corporation also exports overseas, recently obtained a license to produce hemp in New York State, and is moving toward increased international operations.
Businesses in the United States and Canada have varied experiences in starting up and operating MRBs; however, generally there are far less rules and regulations on MRBs in Canada. The operational barriers for MRBs in the United States range from difficulty leasing property to inability to access the banking market to struggling to find investors willing to go into the space given the complicated legal environment, all of which impact growth potential. Fortunately, certain credit unions have opened their doors, and now bank MRBs and, accordingly, some businesses have been able to obtain financing and other traditional banking services. However, the majority of owners of MRBs are forced to operate cash-only businesses, which makes them targets for crime. As a result of all of these factors, some MRBs are going to Canada for investment, and MRBs also understand that they must own properties where they operate their businesses because they cannot risk leasing issues.
MRBs in the United States have been waiting for the financial markets to allow them to access traditional banking services and wider investment options, such as those available in Canada. New laws, such as the Farm Bill and the Safe Act, provide hope that real cannabis reform in the United States may be entering a new era.
The thoughts and opinions in this article do not reflect the any positions taken by MUFG Union Bank, N.A.
Why LLCs Can Be Problematic for Removal Based on Diversity Jurisdiction
When a party wants to remove a case based on federal diversity jurisdiction, 28 U.S.C. § 1332 requires that: (1) the amount in controversy exceeds $75,000; and (2) the parties’ citizenship is completely diverse (i.e., no plaintiff is a citizen of any state where a defendant is a citizen). The party removing a case to federal court has the burden to demonstrate diversity of citizenship.
The burden to prove complete diversity may become complicated when an LLC is a party. To determine the citizenship of an LLC (or other unincorporated entity), a party must look to the citizenship of each member of the LLC. LLC member information and/or citizenship often is not set forth in initial pleadings, however. To make matters more complicated, this information may also not be publicly available. Therefore, a removing party is often faced with the prospect of filing removal papers without complete knowledge of the citizenship and diversity of the other parties, even though it is the removing party’s duty to demonstrate complete diversity.
There are three main steps you can take to demonstrate to the court that you have performed due diligence and attempted to discern the LLC members and their citizenship.
Step 1: Reach Out to Opposing Counsel
When you receive the initial pleadings, and they do not allege LLC members or their citizenship, the first thing you can do is reach out to opposing counsel. You can send a quick e-mail that requests information about each LLC member and their citizenship.
You might not receive a response to this e-mail or might not receive a complete response within the timeframe you have allotted prior to the removal deadline, but this demonstrates to the court that you reached out to opposing counsel and sought this information, and it was not provided to you prior to removal.
Step 2: Research Publicly Available Information
Next, you should conduct a wide search of publicly available information and include a summary of this research in your removal papers. For example, you might be able to locate the Articles of Organization for the LLC. The Articles of Organization might not list the members of the LLC, but you can attach that to an affidavit with your removal papers to demonstrate that you have looked at all the publicly available information you could find and still could not determine the member information.
Step 3: Plead “Upon Information and Belief”
In your removal papers, after the above background research, you can now allege that “upon information and belief,” the LLC members are not citizens of the states in which the removing party is a citizen. Given that it is the removing party’s duty to demonstrate citizenship, and you still do not know the members or their citizenship for certain, this will at least demonstrate to the court that you have done all you could to locate the LLC members’ citizenship prior to removal.
Lastly, this is an area of law that is ever-changing. It is always good to perform an updated search on this issue in case there is a more specific approach preferred in your jurisdiction.
The single member limited liability company (SMLLC) is highly useful but hardly simple. State law and tax treatment render it sometimes “regarded” (but not always) and sometimes disregarded (but not always), all of which lead to some unusual results.
When first authorized about 30 years ago, LLCs, like partnerships, were designed to have two or more members. The “pick your partner” principle of partnership law became part of an LLC’s DNA. This prevents a member, either during lifetime or at death, from forcing an unadmitted and perhaps undesirable member on those who remain or survive. When state statutes were subsequently amended to authorize SMLLCs, followed by the “check the box” regulations, the “pick-your-partner” principle adhered. As noted in the dissent in Olmsted v. FTC, a case involving the rights of a creditor of a sole member, when legislatures amended their LLC statutes to permit SMLLCs, they did not contemplate issues that would arise from application to SMLLCs of statutory sections designed for those with more than one member. The default rule when a sole member dies without providing for that inevitable event is another place where “pick-your-partner” protection is inappropriate.
In both a multimember and SMLLC, when a (or the) member dies, the deceased is dissociated. Without provision in an operating agreement addressing death, the decedent’s interest divides. In a multimember LLC, the economic rights pass to the decedent’s estate, but the decedent’s management rights devolve on the surviving members who are thereby protected from unadmitted heirs participating in management.
Absent provision in an operating agreement, when a sole (or last surviving) member dies, the membership rights also divide with the economic rights passing to the decedent’s estate. Although there are no surviving members to protect, the authority to manage goes into what might be described as a “suspended state.” Uncertainty ensues. The governing statute may provide for a 90 day or other period within which the decedent’s estate may designate a successor member who must then agree to assume that role. If no designation is made and the statutory period expires, the LLC “automatically” dissolves, which may not be a desirable outcome. Meanwhile, the business is like a rudderless ship. Who has the authority to collect the receivables, carry out the LLCs contracts, and deal with employee issues?
Is it reasonable to assume that the decedent’s estate will timely designate a successor to manage the business? The Will must be found, submitted to probate, and perhaps be subject to a Will contest. If there is no Will, uncertainties inherent in the law of intestate succession may arise. In either case, an executor or administrator may not be timely appointed, may not know or be advised of the need to make the designation, or may fail to act timely to designate a person or entity willing to accept the responsibility of a successor member.
The importance of a timely election was illustrated by a case involving a multimember LLC where the operating agreement provided that unless the surviving members elected to continue the LLC within 90 days of a member’s death, the LLC would dissolve. The issue was whether the alleged election to continue had been made timely. If the LLC had dissolved, a member’s judgment creditor would be able to collect from the member or member’s estate, but if the LLC has been timely continued, the judgment creditor would be limited to a charging order against the LLC.
Contrast these issues with what follows the death of a sole shareholder. The shareholder’s entire bundle of rights in the shares pass to the estate. The corporation does not dissolve automatically after a fixed time. There is no doubt what becomes the immediate successor shareholder. If the sole shareholder had been a sole director, the estate can “elect” a new director. If the corporation is governed by a board of directors, the board continues to operate the business subject to the estate’s rights as shareholder.
Some business people form SMLLCs without the benefit of counsel; some engage counsel who are not business lawyers; and some, when advised to adopt an operating agreement to avoid the default rule, are pennywise and pound foolish. Whether the member’s failure to provide for succession results from ignorance or refusal to follow sound advice, there appears to be no reason why the entire bundle of rights in the 100-percent LLC interest held by a sole member, like the entire bundle of rights in all of the corporation’s issued and outstanding shares held by a sole shareholder, should not pass to the estate. The distinction between economic and management rights in the SMLLC is an unnecessary trap for the unwary.
The U.S. Department of the Treasury’s Office of Foreign Asset Control (OFAC) accelerated its enforcement in the first quarter of 2019. OFAC announced 13 penalties or settlements, nearly doubling the count for the entirety of 2018.[1] Although the facts of each resolution are unique, a few key trends and takeaways should be noted.
Training and Oversight at Foreign Subsidiaries Is Critical
Recent resolutions reflect the compliance risk that foreign subsidiaries present, particularly when they are newly acquired. Kollmorgen Corporation’s resolution, for instance, reflects the challenges of integrating foreign subsidiaries into a culture of compliance.[2] In the process of acquiring a Turkish company in 2013, Kollmorgen learned that the company had been conducting business with Iranian entities.[3] Kollmorgen laudably took a number of steps in response to learning this information, including circulating an Iran sanctions memorandum among the subsidiary’s employees, conducting in-person trainings on its Iran sanctions compliance policies, requiring the subsidiary’s management to periodically certify its cessation of prohibited operations, and establishing a whistleblower hotline.[4]
Despite these efforts, the subsidiary continued to engage in business with Iranian entities.[5] To conceal its conduct, the subsidiary’s management repeatedly provided fraudulent certifications, falsified corporate records otherwise evidencing prohibited dealings, and threatened to fire employees refusing to travel to Iran to conduct business on its behalf.[6] Kollmorgen discovered the violations in late 2015 when one of the subsidiary’s employees filed an internal complaint via the company’s whistleblower hotline.[7] Upon learning that the conduct in Iran persisted, Kollmorgen immediately hired outside counsel to investigate and ultimately filed a voluntary self-disclosure with OFAC.[8] Following its investigation, Kollmorgen upgraded its existing compliance program, improving compliance training, implementing preapproval for all foreign after-sales service trips, and requiring the subsidiary to inform major customers of its ban on business with Iranian entities.[9] Kollmorgen terminated responsible management and paid a civil penalty of $13,381 to OFAC.[10]
Kollmorgen illustrates how difficult it can be to institute a culture of compliance at a foreign subsidiary, particularly one that is relatively new to the requirements of U.S. law. Kollmorgen took a number of positive steps at the time of acquisition to promote compliance, but after uncovering violations, it went further by implementing continuous sanctions audits of its subsidiary and reviewing the latter’s customer databases for relationships with sanctioned countries and entities.
Although a company should tailor its compliance program to its unique risks and needs, fundamental elements may include:
providing in-person compliance training delivered in multiple forms;
providing bespoke training for new employees and regular refreshers for current employees;
tasking senior compliance officers and local compliance personnel with identifying unique, on-the-ground risks;
reviewing trade compliance policies and procedures with local compliance managers;
establishing a whistleblower hotline and emphasizing obligations to report any and all violations;
regularly circulating memoranda informing employees of relevant U.S. sanctions and export obligations;
conducting reviews of foreign subsidiaries’ customer databases for business conducted with sanctioned countries or entities;
applying controls blocking sanctioned entities from making orders or requesting services;
requiring foreign subsidiaries’ customers to abide by terms and conditions prohibiting the resale of products, directly or indirectly, to sanctioned countries;
auditing foreign subsidiaries’ transactions; and
requiring foreign subsidiaries’ senior management to certify sanctions compliance.
Know Your Supplier
Although “know your customer” may spring to mind in compliance discussions, “know your supplier” applied with equal force in recent resolutions. Multiple resolutions saw companies penalized for sanctions violations that occurred when companies acquired raw materials or supplies. ZAG IP, LLC’s (ZAG) resolution illustrates this risk.[11] In 2014, ZAG sought to purchase 400,000 metric tons of cement clinker from an Indian supplier.[12] Before shipment, though, the Indian supplier informed ZAG that it had insufficient cement clinker on hand due to technical complications.[13] Looking to mitigate, ZAG’s managing director identified a trading company based in the United Arab Emirates capable of providing alternative Iranian-origin clinker.[14] Relying on this company’s misrepresentation as to the inapplicability of U.S. sanctions, ZAG purchased the clinker, knowing that the goods were produced by an Iranian supplier and shipped from Iran.[15] ZAG ultimately had to pay a civil penalty of $506,250 to settle with OFAC.[16]
Although ZAG involved violations that occurred within a relatively short timeframe, California-based e.l.f. Cosmetics (ELF) suffered from an ongoing supply chain issue.[17] ELF imported 156 shipments of false eyelashes containing North Korean-sourced materials over the course of five years from two China-based suppliers.[18] The shipments totaled $4,427,019.[19] ELF’s compliance program, which focused on quality control rather than sanctions compliance, failed to reveal that 80 percent of the false eyelash kits contained materials from North Korea.[20] Ultimately, ELF paid $996,080 to settle potential civil liability.[21]
Following this settlement, ELF implemented an improved compliance program.[22] Many of the components of its program are listed below, alongside additional elements recommended for all U.S. companies that obtain raw materials or supplies from foreign entities:
implement supply chain audits that verify the country of origin for goods and services used in imported products;
audit payment information related to production materials and review supplier bank statements;
require suppliers to certify compliance with all U.S. export controls and trade sanctions;
provide mandatory training for those who interact with foreign suppliers; and
implement measures to block payments from or to countries subject to U.S. sanctions laws and regulations.
Even an Imperfect Compliance Program Can Limit Exposure
A number of resolutions from the first quarter of 2019 describe violations that occurred despite substantial compliance efforts. These violations do not mean, however, that such efforts were for naught or that companies should not invest in compliance. In some of these resolutions, companies detected illegality relatively soon after it commenced—a result that usually occurs only when some degree of controls are in place. Early detection allows companies to limit the scope of potential violations. The ability to argue that a compliance program was well-founded despite a violation is also important because OFAC can consider the extent of existing compliance programs in determining penalties within a calculated range.
Kollmorgen, whose settlement is described above, serves as a case in point.[23] It adopted numerous pre- and post-acquisition compliance measures intended to ensure that its new subsidiary complied with U.S. sanctions law.[24] Kollmorgen’s efforts were defeated only because employees at its foreign subsidiary intentionally worked toward their circumvention.[25] The scheme was ultimately detected, however, thanks to a whistleblower program that Kollmorgen implemented precisely to address such a situation.[26] When the conduct was discovered, Kollmorgen quickly took steps to try to prevent it from recurring. Kollmorgen terminated responsible management, implemented new compliance training, required preapproval for all foreign after-sales service trips, and obliged its foreign subsidiary to inform its major customers of its ban on any dealings with Iranian entities.[27] The statutory maximum penalty for the violations was $1.5 million, and the base civil penalty would have been $750,000 if OFAC had determined the case to be egregious.[28] Yet OFAC imposed a penalty of just $13,381, citing a number of factors in support of the resolution, including “Kollmorgen’s extensive preventative and remedial conduct.”[29] Resolutions such as this typify the likely material benefit accruing to companies that invest in compliance.
Conclusion
The first quarter of 2019 saw an uptick in the number of enforcement actions, which involved both financial and nonfinancial institutions. Companies should heed OFAC’s renewed enforcement push and analyze the trend lines to determine where enforcement risks lie. These recent resolutions should remind companies to consider the training and oversight necessary to manage employees at foreign subsidiaries, the risk presented by suppliers, and the benefits of a robust compliance program—even when violations occur.
New York State’s Department of Financial Services (DFS) recently unveiled two new divisions with broad enforcement authority focused on consumer protection, financial enforcement, and cybersecurity. Financial service providers should take note as New York and other states continue to shore up their enforcement capabilities.
Consumer Protection and Financial Enforcement
The highly touted Consumer Protection and Financial Enforcement (CPFE) division of the DFS was launched on April 29, 2019. The CPFE’s debut marks the latest DFS action to solidify the department’s position as “a leader in financial services regulation.”
Heralded by Superintendent Linda Lacewell as a “powerhouse,” the CPFE is tasked with broad responsibility, specifically: (1) protecting and educating consumers; (2) combating consumer fraud; (3) ensuring that DFS-regulated entities serve the public in compliance with state and federal law; (4) developing investigative leads and intelligence in the banking, insurance, and financial services arenas, with a particular focus on cybersecurity events; and (5) developing and directing supervisory, regulatory, and enforcement policy regarding financial crimes.
The department created its new mega group by merging its enforcement operation with the division that conducts DFS’s civil and criminal investigations (formerly known as the Financial Frauds and Consumer Protection, or FFCP). The CPFE’s creation follows DFS’s pronouncement last year that it was prepared to step in to “fill voids” in areas where consumer and market protections are rolled back at the federal level. The announcement also follows the news that the Consumer Finance Protection Bureau (CFPB) will adjust its focus from enforcement to “preventing harm.” The CFPB’s shift in approach was announced by Kathleen L. Kraninger during her first policy address as the CFPB’s new director on April 17, 2019. Director Kraninger expressed the “hope that our emphasis on prevention will mean that we need our enforcement tool less often.”
The CPFE division will be headed by Katherine A. Lemire, who is expected to draw on her decade of prosecutorial experience at the federal (Assistant U.S. Attorney in the Southern District of New York) and state (Assistant District Attorney in the New York County District Attorney’s Office) levels. During her time in the Manhattan U.S. Attorney’s office, Ms. Lemire’s work included the prosecution of disgraced political donor Norman Hsu—sentenced to over 24 years in prison—and the corruption conviction of City Council Member Miguel Martinez. Referred to by the NY Daily News as a “legal Howitzer,” Ms. Lemire also served as special counsel to Raymond Kelly, former commissioner of the New York Police Department.
Upon entering the private sector, Ms. Lemire founded an international compliance and investigative services firm. As part of a 2017 roundtable discussion on “How to Conduct Internal Investigations Efficiently and Effectively,” the new CPFE head shared the following insights on effectively working with government investigators to “narrow the scope” of subpoena requests in order to minimize client costs and business disruption:
Remember that prosecutors are people too . . . they can be reasonable. If confronted with a very broad subpoena seeking, for example, a large swath of documents over the course of years, it may make sense to call the prosecutor and find out whether you may narrow the scope of responsive documents. Often, prosecutors will provide specifics regarding the target of the investigation, and work with you to produce documents in a time-efficient manner. Prosecutors typically have investigative priorities, and if you can provide a proposed schedule for document/materials production, they will often work with you so that they can get what they need the most in a rapid fashion. Relatedly, you may be able to spare yourself producing materials that are not within the actual scope of materials needed. While they are the “expert” in the investigation, you are the “expert” in your business—prosecutors may be asking for materials they do not actually need, and with some education from you, you may be able to narrow the scope of the investigation.
The unveiling of its new “mini CFPB” marks yet another recent DFS milestone, highlights of which include over $3billion in fines imposed as a result of investigations into foreign exchange trade rigging and the issuance of “whistleblower” guidance to all DFS-regulated entities. The whistleblower guidance is especially significant in light of the department’s position that “a robust whistleblowing program is an essential element of a comprehensive compliance program for regulated financial service companies.” In addition, although not intended to provide a “one size fits all” model, the guidance sets forth 10 “important principles and practices” of an “effective whistleblowing program”:
Whistleblower reporting channels that are independent, well-publicized, easy to access, and consistent;
Strong protections to guard whistleblower anonymity;
Procedures to identify and manage potential conflicts of interest;
Adequate staff training on how to receive and act upon whistleblower complaints, as well as manage investigations, referrals, and escalations;
Procedures to investigate allegations of wrongdoing;
Procedures to ensure valid complaints are followed-up appropriately;
Protections against whistleblower retaliation;
Confidential process;
Appropriate internal and external oversight of the whistleblowing function;
Culture of top-down support for the whistleblowing function.
Cybersecurity
On May 22, 2019, the department launched a new Cybersecurity division, advertised as the “first of its kind at a banking or insurance regulator,” which will focus on “protecting consumers and industries from cyber threats.” The emergence of DFS’s new Cybersecurity division follows the department’s signature enactment, its 2018 cybersecurity law (23 NYCRR 500) upon which the Federal Trade Commission has “primarily based” its latest proposed information security program requirements. See 16 C.F.R. pt. 314: Standards for Safeguarding Customer Information; Request for Public Comment. The new division’s emergence “builds upon DFS’ nation-leading efforts to protect consumers and financial markers from cyberattacks” and also follows the March 1, 2019 deadline by which all DFS-regulated institutions were required to submit comprehensive risk-based cybersecurity programs for protecting consumers’ private data.
Justin Herring will head the new Cybersecurity division, joining DFS from the New Jersey U.S. Attorney’s Office, where he served as chief of the Cyber Crimes Unit and also worked as a member of the U.S. Attorney’s Economic Crimes Unit. The DFS signaled its intention to continue its efforts to combat cyber crime by “hiring additional experts as necessary,” in addition to utilizing and developing its personnel’s existing subject-matter expertise.
According to the DFS announcement, the role of the new cybersecurity division will be to “enforce the Department’s cybersecurity regulations, advise on cybersecurity examinations, issue guidance on DFS’ cybersecurity regulations, and conduct cyber-related investigations in coordination with the Consumer Protection and Enforcement Division.”
Recently, the Kentucky Supreme Court issued an opinion addressing whether a waiver signed by a parent on behalf of a minor child is enforceable. Restricting its analysis to a situation in which the party seeking the waiver is a for-profit business enterprise, the court answered “no.” In Re: Miller v. House of Boom Kentucky, LLC, ___ S.W.3d ___, No. 2018-SC-000625-CL, 2019 WL 2462697 (Ky. June 13, 2019).
The House of Boom Kentucky, LLC is described as a “for-profit trampoline park” in Louisville. In August 2015, Kathy Miller, on behalf of her 11-year-old daughter E.M. and several of her friends, purchased tickets for House of Boom. Before purchasing those tickets, Kathy agreed to an extensive waiver of any claims that might be made by either herself or her minor children/wards that might arise “as a result of participating in any of the ACTIVITIES in or about the premises.” E.M. was injured at the House of Boom when “another girl jumped off a three-foot ledge and landed on E.M’s ankle, causing it to break.” Kathy Miller then brought suit against House of Boom, and it moved for summary judgment on the basis of the waiver. That action was pending in the Federal District Court for the Western District of Kentucky, and it asked the Kentucky Supreme Court for clarification on Kentucky law as to the validity of the waiver. Specifically, the Kentucky Supreme Court considered:
[W]hether a parent has the authority to sign a pre-injury exculpatory agreement on behalf of her child, thus terminating the child’s potential right to compensation for an injury occurring while participating in activities sponsored by a for-profit company.
The court answered “no.” Reviewing Kentucky law, including a case from 1905, the court found the general rule of Kentucky to be that, absent the appointment as a guardian by the district court, a parent does not in that capacity have the right to on behalf of a minor child waive a minor child’s right to recover for an injury. Rather, although by statute parents have control over the custody, nurturing, and education of their children, those rights have “never abrogated the traditional common law view that parents have no authority to enter into contracts on behalf of their children when dealing with a child’s property rights, prior to being appointed guardian by a district court.”
Shifting the risk to the for-profit venture, the Kentucky Supreme Court wrote that:
A commercial entity has the ability to purchase insurance and spread the cost between its customers. It also has the ability to train its employees and inspect the business for unsafe conditions. A child has no similar ability to protect himself from the negligence of others within the confines of a commercial establishment.
The court went on to note that, if a waiver were enforceable, the venture would have little incentive to take all reasonable safety precautions.
The court went out of its way to note that its opinion is restricted to for-profit ventures. In a footnote, it observed, “While a slight majority of jurisdictions support enforceability in the context of a non-profit recreational activity, non-profits and volunteer youth sports raise different public policy concerns which we need not address in this opinion today.” As such, although this opinion is not directly applicable to nonprofit ventures, the court has not indicated whether and to what degree it would, with respect to those activities, adopt a different rule.
Those running entertainment and other venues will still want to seek injury waivers. There is nothing about this decision that limits the effectiveness of a waiver executed by an adult. Likewise, the waiver may cut off certain claims that a parent might make in connection with a child’s injury. Just be aware that a waiver executed on behalf of a child will not be effective to protect against all claims.
Connect with a global network of over 30,000 business law professionals
