As private equity funds (PE funds) face increased scrutiny for their environmental, social, and governance (ESG) practices, it is increasingly important for PE funds to consider ESG factors in their investment decisions and operation of portfolio companies. This article discusses the trend of integrating of ESG considerations into M&A deals.

A focus on ESG can be a competitive advantage for target companies, PE funds, and other strategic acquirers. It assists PE funds and portfolio companies in creating value, mitigating risk, and becoming more resilient. Consideration of ESG factors in M&A transactions is undeniably rising. Failing to account for critical ESG elements can negatively impact a business and undermine its success.

PE funds are displaying a heightened level of selectivity in light of the evolving ESG landscape. According to the results of PwC’s 2021 Global PE Responsible Investment Survey,^[i] 37% of respondents reported declining investment opportunities based on environmental, social, and governance considerations.

To ensure that ESG factors are effectively considered in M&A transactions, PE funds should conduct ESG-focused due diligence, allocate ESG risks in the transaction agreement, and perform post-closing ESG integration. This article explores the growing importance of ESG in M&A and provides guidance on how to integrate ESG considerations into the deal-making process.

Drivers of ESG Importance

Financial Implications

The business landscape is undergoing significant transformation, as consumer consciousness, spending habits, employee demands, regulatory environments, and industry perspectives have all shifted towards ESG considerations. The growing impact of climate change on the operations and value of companies has prompted a significant shift in investment, as ESG trends continue to gain traction. Natural disasters, which have caused an estimated $280 billion in losses in 2021 alone,^[ii] have made the risks associated with ESG all the more tangible and quantifiable, affecting M&A activities. In addition, businesses must also consider the impact of ESG on financing, as poor ESG ratings and performance can restrict access to capital. Lenders and institutional investors have made it clear that prioritizing ESG is now a must for businesses, or they risk losing access to funding. The United Nations–supported Principles for Responsible Investment (UNPRI) is an example of a growing group of investor signatories incorporating ESG issues into their investment analysis, promoting responsible investment. UNPRI consists of approximately 3,800 asset owners and investment managers with nearly $121 trillion in assets under management.^[iii]

Regulatory Compliance

Across jurisdictions, the ESG regulatory landscape is steadily evolving. Regulators along with other oversight bodies have been expending resources to monitor and create rules and guidance on ESG matters. The US Securities and Exchange Commission (SEC) is evaluating current disclosure practices of climate-related risks and has proposed rule^[iv] changes that would require registrants to include certain climate-related disclosures in their registration statements and periodic reports, including information about climate-related risks that are reasonably likely to have a material impact on business, operations, and financial condition, and certain climate-related financial statement metrics. PE funds should not only consider impending changes to regulations but should also consider “soft” laws such as standards, recommendations, and codes of practice. ESG factors will be a key consideration for both the buyer and target, as various regulatory bodies continue to bring additional ESG rules and regulations into force.

Demands of LPs

Limited partners (LPs) are frequently demanding that PE funds asses investment opportunities from an ESG lens and ensure that any portfolio companies are evaluated using ESG metrics. A recent survey^[v] conducted by Bain & Company and the Institutional Limited Partners Association found that 80% of surveyed LPs expect to ramp up requests to their general partners for ESG reporting during the next three years. It is common for LPs and other stakeholders, such as lenders, to require the PE funds to provide non-regulatory reports on ESG matters. As such, a PE fund should ensure that it has established and implemented an effective ESG framework for any investment decision. Once the acquisition is complete, it should also establish effective ESG policies and procedures, including setting ESG metrics and targets, for each portfolio company. In doing so, a PE fund can not only avoid potential liability relating to ESG issues, but also attract new investees, as portfolio companies that can establish that they continually address ESG issues have an opportunity to create value.

Reputational Risk

Shareholders and investors are becoming increasingly attuned to ESG issues. By directing their investments to companies with comprehensive and established ESG disclosures, shareholders and investors globally are a key driving force behind growing ESG disclosure. Since ESG factors overlap with core corporate values, failure to address ESG issues may have a disproportionately negative reputational impact on a business. When considering a transaction, PE funds should understand all ESG matters associated with the transaction, evaluate how to mitigate any reputational risks, and ensure that processes are in place to monitor the business’s reporting method.

ESG Considerations

ESG Due Diligence

PE funds should consider broadening the scope of their due diligence to include performing targeted ESG investigations. ESG due diligence will look different for each transaction and will depend on the nature and type of business the target is conducting and the relevant operating jurisdictions. Due diligence should go beyond a routine examination of organizational performance and consider wide-ranging impacts and dependencies across the global value chain.

The due diligence process must integrate ESG into each stage of the deal and should inform the PE fund of any potential impact of the merger or acquisition on its sustainability strategy and the long-term value of the combined entity. Red flag checks may include assessing the future fitness of the target and relevant assets and media scans to understand any major ESG-related risks. Due diligence should identify any human rights violations, corruption, environmental degradation, privacy breaches, data breaches, harassment, workplace misconduct, workplace diversity issues, gender inequity, greenhouse gas emissions, and previous instances of non-compliance, as well as the target’s ESG ratings, the use of ESG standards, and the target’s level of community engagement. This will identify potential liabilities or cultural concerns that can be investigated further. Other due diligence considerations may also flag physical and transitional risks associated with climate change. Because ESG due diligence covers such a broad scope, PE funds should consider engaging experts in different areas to review their respective ESG findings with other experts to capture a comprehensive and interdisciplinary view of ESG risks.

Targeted ESG due diligence will assist buyers in identifying ESG risks that may influence a target’s price and overall deal structure. Once fully cognizant of the potential liabilities and risks of a transaction, companies may mitigate ESG risk through the transaction agreement.

Transaction Agreement

M&A transaction agreements, such as share purchase agreements and asset purchase agreements, are already reflecting the growing importance of ESG factors. Since the beginning of the COVID-19 pandemic, the majority of M&A agreements adopted provisions for COVID-19 in material adverse effect clauses and interim operating covenants. COVID-19 tested the resilience of corporations globally, and has shown investors that ESG matters now more than ever.

Through ESG diligence, a PE fund can understand the potential risks and pitfalls that relate to the target’s operations and industry. The PE fund can then look to address any ESG risks in the transaction agreement through specific indemnities, targeted representations and warranties addressing ESG matters, or through various pre-closing conditions or post-closing covenants of the sellers. The transaction agreement will typically contain customary representations and warranties relating to the various aspects of the operations of the business and the regulatory environment in which it operates. These customary representations and warranties may address several ESG factors. Yet, these representations and warranties should be reviewed and revised in light of specific regulations or codes of conduct that apply to the operations of the business and any ESG factors. PE funds should therefore consider and look to negotiate the inclusion of applicable ESG representations, which may include “MeToo” representations requiring targets to disclose misconduct allegations, compliance with specific codes or principles that the target has voluntarily complied with, or compliance with recommendations of applicable codes of conduct or guidelines issued by oversight bodies.

For ESG risks that are identified in diligence, PE funds should consider the materiality of these identified risks and consider how these issues can be addressed. The purchase agreement should be tailored to suit the needs of each transaction. Depending on the issue identified, the vendors may be able to address the concerns pre-closing. This could include adding provisions such as special pre-closing covenants requiring detailed reporting and disclosure of any new ESG issues that may arise.

If the issue cannot be addressed pre-closing, such as non-compliance with ESG-related regulations, the buyer may wish to negotiate a reduction in the purchase price to reflect the risk assumed. In addition, the buyer may wish to consider a specific indemnity to address the risk for known ESG issues and holdback of a portion of the purchase price that the purchaser can set off against any losses it incurs due to the issues identified. The parties may also look to restructure the transaction to assist in mitigating the risk.

Post-Closing Matters

Post-closing, the buyer should establish procedures to ensure continuous review of ESG factors relating to the operation of the portfolio company. This will include addressing and managing issues identified during the acquisition, but also continuously monitoring the company for ongoing ESG considerations. The PE fund should confirm that the portfolio company has qualified management and an effective board of directors with knowledge and experience to provide effective oversight of the portfolio company, including ESG matters.

Board Matters

PE funds should ensure that the board of the directors of the portfolio company has policies and processes in place to ensure that it understands how ESG issues may impact the company. In developing ESG risk management policies and procedures, the portfolio company and the board of directors should establish an appropriate governance structure and allocate the roles and responsibilities of directors and different board committees. The designation of specific roles ensures that each party knows who is responsible for certain tasks.

A robust ESG risk management framework within a company is integral to the overall culture and success of portfolio company. ESG procedures and policies will look different for each company depending on its industry and the type of business, but generally, an ESG risk management system should:

1. promptly identify material ESG risks;
2. implement appropriate ESG risk management strategies that align with the company’s business strategies and ESG risk profile;
3. integrate ESG risk and risk management into corporate strategy and business decision-making; and
4. properly document and communicate necessary information on ESG risks to applicable parties such as employees, shareholders, and senior executives.

To properly manage ESG risk, the risk must first be identified; to identify risks, companies must develop reporting procedures to gather high-quality ESG data. To maintain consistency among different data sets, companies should aim to have a standard process and create central repositories or reference sets for recording ESG data. Ideally, having automatic processes to record data when possible as opposed to manually adding data would minimize errors in data sets.

Conclusion

As companies, investors, and limited partners are becoming increasingly conscious of social and environmental factors, it is critical to evaluate investment opportunities through an ESG lens. For the foreseeable future, ESG-assessed M&A will be an important tool to generate growth and provide companies with a competitive edge. It will also be crucial in establishing stakeholder trust. For PE funds, decisive steps are needed in risk reduction and long-term value generation. PE funds that take initiative and embrace ESG in M&A will be better positioned to achieve sustainable growth and adapt to constantly evolving expectations.

[i] Global Private Equity Responsible Investment Survey (2021), PwC.

[ii] Hurricanes, cold waves, tornadoes: Weather disasters in USA dominate natural disaster losses in 2021 (2022), Munich Re.

[iii] About the PRI (last accessed May 22, 2023), Principles for Responsible Investment.

[iv] The Enhancement and Standardization of Climate-Related Disclosures for Investors, Release Nos. 33-11042; 34-94478 (2022), US Securities and Exchange Commission.

[v] Limited Partners and Private Equity Firms Embrace ESG (2022), Bain & Company.

In 2023, the European Union and Ukraine will enter treaty relations under the 2019 Hague Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters (the “Convention” or the “Hague Judgments Convention”).^[1] In announcing this news, the EU Council confirmed that there are no “fundamental obstacles” to prevent the EU from entering treaty relations with Ukraine under the Convention. As of September 1, 2023, the two government states will recognize each other’s civil and commercial judgments—thus limiting the “myriad of substantive, procedural, and practical hurdles” that parties may face when seeking recognition and enforcement of their judgments in foreign jurisdictions.^[2]

This agreement between the EU and Ukraine is an important step towards greater recognition of the Hague Judgments Convention, an international treaty that commits contracting states to recognize and enforce judgments in civil or commercial matters. The Convention applies to both monetary and non-monetary judgments that a court may render in civil or commercial matters. While its scope is broad, the Convention specifically excludes subjects viewed as fundamental to state sovereignty or public policy (e.g., criminal, revenue, customs, or administrative matters) and other areas that are subject to various treaty regimes or where the rules vary more significantly across jurisdictions (e.g., family disputes, intellectual property, antitrust, defamation, privacy, or armed forces matters).^[3]

The portability and enforcement of foreign judgments is important to any person or company that does business internationally. In this area, predictability is key.^[4] There exists a general presumption that foreign judgments will be recognized and enforced, and a refusal may create inefficient and uncertain litigation results. Countries may seek to recognize and enforce each other’s judgments for a myriad of reasons—including efficiency, access to justice, and comity.^[5] The current state of recognition and enforcement varies from country to country and court to court, creating confusion and inefficiency. Further ratification of the Hague Judgments Convention may ease some of that burden.

Procedure to Ratify the Hague Judgments Convention

With the EU and Ukraine ratifying the Convention, it will go into effect between these two states later this year. Several steps must take place before a treaty like the Hague Judgments Convention is effective:

• First, the states negotiate the treaty’s terms at a conference. The Hague Judgments Convention was negotiated during and concluded at the Hague Conference on Privacy and International Law on July 2, 2019.
• Second, a treaty opens for signature for a certain time following the conference. The Hague Judgments Convention has been open for signature since 2019, and in addition to the EU and Ukraine, five countries have signed—Costa Rica, Israel, the Russian Federation, the United States, and Uruguay.
• Third, signatory states may choose to ratify the treaty. A signature is not binding unless the state endorses that signature by ratification. Each foreign state has its own ratification procedure. On August 29, 2022, the EU became the first party to ratify the Hague Judgments Convention, and shortly thereafter, Ukraine became the second. The other signatories (including the United States) have yet to ratify the Convention.
• Fourth, with two contracting parties (the EU and Ukraine), the Convention is binding between those foreign states and enters into force on September 1, 2023, one year after the first two states completed ratification.^[6]

Ratification in the United States—Is It Possible? And How Would It Help American Individuals and Companies?

The United States signed the Hague Judgments Convention on March 2, 2022, but has yet to ratify it. Were it to happen, ratification would be a two-step process: the Senate formally gives its advice and consent, which empowers the president to ratify the treaty.^[7] US ratification could create a straightforward path for the recognition of US judgments abroad.^[8] Wider ratification could also provide a natural counterpart to the widely adopted New York Convention of 1958, which provides recognition and enforcement of arbitral awards across international borders.^[9]

As of June 2023, there exists no federal law governing the recognition of foreign judgments in the United States,^[10] and recognition and enforcement of judgments remain questions of state law.^[11] Most US states model their approach to recognizing foreign judgments on the Uniform Foreign Money-Judgments Recognition Act of 1962 and the Uniform Foreign-Country Money Judgments Recognition Act of 2005. US courts are liberal in recognizing foreign judgments, and typically do so unless there are specific mandatory or discretionary grounds to decline recognition.^[12] Grounds to deny recognition include, but are not limited to: doubt about the foreign court’s integrity, lack of due process rendering procedures fundamentally unfair, or judgment by fraud.

The Hague Judgments Convention Could Simplify Enforcement and Recognition of US Judgments Abroad

Because US law is generally receptive to the recognition and enforcement of foreign judgments, the Hague Judgments Convention would not drastically change the procedure for enforcement and recognition of foreign judgments in the US.^[13] For example, if a prevailing party seeks to collect on a Zimbabwean judgment in the US, there is a presumption in US courts that the Zimbabwean judgment should be recognized and enforced, absent any grounds to deny recognition. There are still procedural hurdles and costs the prevailing party will incur. The Hague Judgments Convention could make the enforcement and recognition process more efficient in the US by creating a single framework to replace the myriad of state court procedures.

The story may change for those individuals and companies seeking enforcement and recognition of US judgments abroad. Currently, there are significant differences among governments’ legal systems that can create confusion and inconsistent results. If, for example, a party obtains a judgment in a US court and seeks its recognition and enforcement against a party with assets in Zimbabwe, the party would need to consider carefully how to petition the courts in Zimbabwe and enforce the judgment against those Zimbabwean assets. There may or may not be a similar presumption to recognize and enforce that US judgment in Zimbabwe. The process and likelihood of success may change entirely if the judgment needs to be enforced against assets in a country other than Zimbabwe. The dearth of reliable information about and lack of consistency in the procedure for recognition and enforcement among foreign states complicates what could be a straightforward step following litigation in the selected forum.^[14]

The Hague Judgments Convention may considerably simplify the current process. Article 5(1) of the Hague Judgments Convention presents thirteen bases of recognition and enforcement. If any of these bases are met, a judgment is eligible for recognition and enforcement. These bases include, among others, ensuring:

1. Domicile – the judgment debtor is habitually resident and/or holds their principal place of business in the foreign forum.
2. Consent – the judgment debtor consented to the foreign court’s jurisdiction.
3. Waiver – the judgment debtor waived any jurisdictional objections by arguing the merits in the forum state without contesting jurisdiction.
4. Real Property – the judgment implicates the lease on property within the foreign court’s jurisdiction.

Article 7 presents the bases that disqualify a judgment from recognition. These include, among others:

1. Service – the judgment debtor was not notified with sufficient time to arrange for a defense.
2. Fraud – the judgment was obtained by fraud.
3. Public Policy – recognition of the judgment would be manifestly incompatible with the foreign state’s public policy.
4. Procedural Fairness – the proceedings that produced the judgment were not compatible with fundamental procedural fairness in the foreign state.
5. Inconsistent Judgment – the judgment is inconsistent with an earlier judgment from the foreign court.

The Secretary General of the Hague Conference has called the Hague Judgments Convention a “gamechanger for cross-border dispute settlement,” as well as “an apex stone for global efforts to improve real and effective access to justice.”^[15] If ratified by the United States and other foreign states, the Convention could provide litigants with a uniform path for recognizing and enforcing foreign civil judgments worldwide. Before even filing a case, litigants could look to the Convention to guide them on where and how to seek enforcement of an ultimate award. The Convention would obviate the current need to obtain local counsel and tiptoe through idiosyncrasies in foreign jurisdictions to determine enforceability. There is comfort, especially for cross-border litigants seeking to enforce their US judgments abroad, in the predictability that a widely ratified Convention could bring.

Concerns Remain about Ratification of the Hague Judgments Convention

The beauty of the Convention’s simplicity may also lead to a cut-and-dry application, thus limiting the nuanced discretion that courts may take in choosing to enforce a foreign judgment. Applying the Hague Judgments Convention’s simple framework, courts worldwide may find themselves obligated to recognize what they perceive as a corrupted judgment if it does not fall into the narrow grounds that Article 7 provides for nonrecognition.^[16]

Unless countries feel the benefit to their corporate and individual citizens outweighs any possible concerns, there will be hesitance to ratify the Hague Judgments Convention. A prime example of hesitancy in the ratification context is the Hague Convention of Choice of Court Agreement (“COCA”), which has been called the “litigation counterpart” to the New York Convention.^[17] COCA provides, among other things, that when parties have agreed to resolve their disputes in a specific court, (1) the signatory states must abstain from asserting jurisdiction over the matter; and (2) a judgment rendered by that chosen court will be enforced in all signatory states.^[18] Like the Hague Judgments Convention and the Singapore Convention, the United States has signed COCA, but considerations of whether to implement it at the state or federal level have delayed ratification.^[19] There is significant opposition to COCA’s ratification, with the dissenters arguing that COCA would dilute essential protections that the New York Convention provides, including those for party autonomy and procedural fairness.^[20] Unless there is movement on either side, that impasse appears to have delayed COCA’s ratification indefinitely.

We might not see a major change in how foreign judgments are recognized and enforced by US courts if the US were to ratify the Hague Judgments Convention. For individuals and entities who want their judgments recognized internationally, however, ratification could allow greater portability of US judgments abroad. This benefit would be of significant interest to parties engaged in international trade agreements and other cross-border disputes that may require enforcing a judgment abroad.

Without further ratification of the Hague Judgments Convention, the status quo for recognition and enforcement of judgments remains—with all of its benefits and limitations. Moreover, until the Hague Judgments Convention sees further ratification, it is likely that international arbitration will remain a preferred method for resolving cross-border disputes. This is in part because the New York Convention allows easy portability for recognition and enforcement of those arbitral awards, thus allowing international arbitration awards to be enforceable in nearly every jurisdiction worldwide.

1. Council of the European Union Press Release, The EU and Ukraine will recognise and enforce each other’s court decisions (Apr. 24, 2023); see also European Commission, Proposal for a Council Decision on the Accession by the European Union to the Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, COM (2021) 388 (July 16, 2021) (recommending accession to the Convention so as to ensure the circulation of foreign judgments beyond the EU area and to increase “growth in international trade and foreign investment and the mobility of citizens around the world”). ↑

2. Sarah E. Coco, Note, The Value of a New Judgments Convention for U.S. Litigants, 94 N.Y.U. L. Rev. 1209, 1212–13 (2019) (“Although it is difficult to assess the scope of the problem of non-recognition, a survey by the American Bar Association found that litigants seeking to get U.S. judgments recognized abroad face ‘a myriad of substantive, procedural, and practical hurdles.’”) (quoting Comm. on Foreign & Comparative Law, Survey on Foreign Recognition of U.S. Money Judgments, 56 Rec. Ass’n B. City N.Y. 378, 410 (2001)). ↑

3. Convention on the Recognition and Enforcement of Foreign Judgments in Civil or Commercial Matters, July 2, 2019 (hereinafter “Convention”), at art. 1(2) and 2. ↑

4. See Boris Kozolchyk, The “Best Practices” Approach to the Uniformity of International Commercial Law: The UCP 500 and the NAFTA Implementation Experience, 13 Ariz J. Int’l & Comp. L. 443, 452 (1996) (“Free trade, especially in large volume cross border transactions, presupposes a high degree of uniformity and standardization of commercial law and practice.”). ↑

5. See, e.g., Arthur T. Von Mehren & Donald T. Trautman, Recognition of Foreign Adjudications: A Survey and a Suggested Approach, 81 Harv. L. Rev. 1601, 1603 (1968) (noting “desire to avoid the duplication of effort and consequent waste involved in reconsidering a matter that has already been litigated”); William S. Dodge, International Comity in American Law, 115 Colum. L. Rev. 2071, 2089 (2015) (noting that “[c]omity [has] served . . . as the basis for recognizing foreign judgments”); Christopher A. Whytock, Transnational Access to Justice, 38 Berkeley J. Int’l L. 154, 168–69 (2020) (arguing that failures to enforce foreign judgments can produce access-to-justice gaps). ↑

6. Convention at art. 29. ↑

7. U.S. Const. art. II, § 1 (stating the president “shall have Power, by and with the Advice and Consent of the Senate, to make Treaties, provided two-thirds of the Senators present concur.”). ↑

8. Sarah E. Coco, Note, The Value of a New Judgments Convention for U.S. Litigants, 94 N.Y.U. L. Rev. 1209, 1212–13 (2019). ↑

9. Article 2(3) of the Hague Judgments Convention categorically excludes arbitration proceedings, which the New York Convention addresses. Officially known as the Convention on the Recognition and Enforcement of Foreign Arbitral Awards, the New York Convention has been recognized as one of the most successful international conventions. The Singapore Convention, were it to be ratified, seeks to do for mediation what the New York Convention did for arbitration—it would create a system for recognition and enforcement of mediated settlement agreements without requiring a new litigation or arbitration action. See United Nations Convention on International Settlement Agreements Resulting from Mediation, opened for signature Aug. 7, 2019 (adopted Dec. 20, 2018) (the “Singapore Convention”). The Singapore Convention opened for signature on August 7, 2019. As with the Hague Judgments Convention, the United States has been a signatory to the Singapore Convention since 2019, but has yet to ratify it. Eight countries have ratified the Singapore Convention: Belarus, Ecuador, Fiji, Honduras, Qatar, Saudi Arabia, Singapore, and Turkey. ↑

10. In 2006, the American Law Institute released a proposed federal statute for recognizing and enforcing foreign judgments, but to date, no federal law has been adopted. See Recognition and Enf’t of Foreign Judgments: Analysis and Proposed Fed. Statute (Am. L. Inst. 2006). Notably, the U.S. Constitution’s Full Faith and Credit Clause (guaranteeing that “Full Faith and Credit shall be given in each State to the public Acts, Records, and judicial Proceedings of every other State”) applies between the various U.S. states, but not to recognition and enforcement of foreign judgments. ↑

11. Restatement (Fourth) of Foreign Relations Law of the United States pt. iv, ch. 8, intro. note (Am. L. Inst. 2018) (“Customary international law imposes no obligation on states to give effect to the judgments of other states. Instead, domestic law and treaty regimes typically govern recognition and enforcement.”). ↑

12. See generally Louise Ellen Teitz, Another Hague Judgments Convention? Bucking the Past to Provide for the Future, 29 Duke J. Comp. & Int’l L. 491 (2019) (reviewing the Convention’s negotiations history); see also Hilton v. Guyot, 159 U.S. 113 (1895) ((stating the general rule that “the merits of the case should not, in an action brought in this country upon the [foreign] judgment, be tried afresh, as on a new trial or an appeal, upon the mere assertion of the party that the judgment was erroneous in law or in fact”); Ronald A. Brand, The Continuing Evolution of U.S. Judgments Recognition Law, 55 Colum. J. Transnat’l. L. 277, 282 (2017) (describing the legacy of Hilton as a U.S. regime that is “very receptive” to recognizing foreign judgments). ↑

13. See Brand, supra note 12, at 282 (noting “[Hilton] is the foundation for a system that is very receptive to the recognition and enforcement of foreign judgments. The Hilton legacy is the application of the doctrine of comity to the recognition of foreign judgments–showing respect for, and giving effect to, the decisions of foreign courts.”); see also Samuel P. Baumgartner & Christopher A. Whytock, Enforcement of Judgments, Systematic Calibration, and the Global Law Market 23 Theoretical Inquiries L. 119 (2022) . ↑

14. See Baumgartner, supra note 13, at 126 (“Even if choice-of-law and forum selection clauses are reliably enforced, the effectiveness of the resulting dispute resolution outcomes will be uncertain unless the parties can expect those outcomes to be enforceable. If the defendant lacks assets in the selected forum, the parties’ expectations will depend on whether a different state where the defendant does have assets would enforce the judgment against those assets. Other things being equal, parties would have weaker incentives to select the law and courts of a given state if they do not expect a resulting judgment to be enforceable. Those expectations depend, in turn, on the rules governing the enforcement of foreign judgments.”). ↑

15. Hague Conference on Private International Law, Gamechanger for Cross-Border Litigation in Civil and Commercial Matters to be Finalized in the Hague (June 18, 2019) (quoting the Secretary General of the Hague Conference). ↑

16. Diana A.A. Reisman, Breaking Bad: Fail-Safes to the Hague Judgments Convention, 109 Geo L.J. 879, 906 (2021) (“Prudence dictates that before adhering to the Judgments Convention, the United States explore fail-safes under international law should the judicial integrity of a co-contracting state fall below a minimum standard.”). ↑

17. See Glenn P. Hendrix, Memorandum of the American Bar Association Section of International Law Working Group on the Implementation of the Hague Convention on Choice of Court Agreements, 49 Int’l Law. 255, 256 (2016). ↑

18. See Hague Convention on Choice of Court Agreements, art. 6, 8(2). ↑

19. See Hendrix, supra note 17, at 255 (noting “The Convention enjoys universal support in the United States, but its transmittal to the Senate for advice and consent to ratification has been held up by disagreements over whether it should be implemented by federal law or by a combination of federal and state law.”). ↑

20. See Gary B. Born, Why States Should Not Ratify, and Should Instead Denounce, the Hague Choice-of-Court Agreements Convention, Part I (June 16, 2021); Part II (June 17, 2021); and Part III (June 18, 2021), Kluwer Arbitration Blog (noting that “notwithstanding a valid choice-of-court agreement, there is no justification for recognizing judgments from courts whose integrity and independence are suspect.”). ↑

As an equivalent of the value of transaction test in some jurisdictions, the Turkish Competition Authority (“TCA”) applies a special threshold for concentrations involving technology undertakings. In other words, concentrations that involve technology undertakings are treated differently with regards to the Turkey-related turnover threshold, which determines whether a transaction must be authorized by the TCA. The usual threshold for Turkey-related turnover is irrelevant if you are regarded as a a technology undertaking under Turkish merger control rules. This special local threshold exception aims at catching a greater number of transactions in the digital/high-tech markets, with a view to preventing acquisitions of innovative companies to eliminate them as a possible source of future competition (“killer acquisitions”). We have already witnessed the practical application of this turnover exception threshold in several cases, e.g., the Twitter deal as a result of which Elon Musk faced a gunjumping fine in Turkey for failing to notify and obtain approval from the TCA. The case underlines that the notification requirement is also applicable to foreign-to-foreign transactions to the extent that the merger control thresholds are met and irrespective of nexus with Turkey. In this short article we provide what you should know about merger control thresholds in Turkey, particularly if you may be qualified as a technology undertaking by the TCA.

Thresholds in General: Legal Framework

The notification procedure and time frame of merger control in Turkey are broadly aligned with the corresponding procedure and time frame in the EU. The Turkish Competition Law requires prior notification to the TCA of transactions that involve a change of control on a lasting basis and that meet certain financial thresholds regarding the turnover of the parties to the transaction.^[1] As stated in Article 7 of the TCA’s Communiqué No. 2010/4 (Merger Communique),^[2] a concentration is notifiable in Turkey where:

• the aggregate turnover of the transaction parties in Turkey exceeds TRY 750 million (approx. EUR 35.6 million), and the turnover of at least two of the transaction parties each in Turkey exceeds TRY 250 million (approx. EUR 11.9 million); or
• either the turnover in Turkey of (i) the acquired assets or businesses in acquisitions, or (ii) any of the transaction parties in mergers, exceeds TRY 250 million (approx. EUR 11.9 million), and the worldwide turnover of at least one of the other parties to the transaction exceeds TRY 3 billion (approx. EUR 142.6 million).

According to Article 7(2) of the Merger Communique, the Turkey-related turnover threshold of TRY 250 million prescribed in Article 7(1) shall not apply to concentrations with technology undertakings as their target if the technology undertakings either operate or conduct research and development activities in the Turkish market, or provide services to Turkish users.

Understanding Technology Undertakings: Case Law

The Merger Communique defines technology undertakings as undertakings that have activities in the areas of digital platforms, software and game software, financial technologies, biotechnology, pharmacology, agriculture chemicals and health technologies, or assets related thereto. ^[3] The definition is rather broad. To understand it better, the TCA has issued several decisions demonstrating its interpretation of the technology undertaking exception.

The TCA examined concentrations that did not meet the notification thresholds, but it analyzed the activities of the targets to see if they could be qualified as technology undertakings.

Citrix/TIBCO^[4] was the first decision applying the technology undertaking exemption. Both companies were active in the development of software, and hence there were no doubts as to the application of the technology undertaking exemption.

In Cinven Capital/International Financial^[5] the TCA recognized using digital platforms as being active in the software market. In particular, the target was active in providing savings and investment products through life insurance packages to individual investors. The company’s Turkish turnover was mainly derived from the sales by a third-party distributor since the undertaking did not have any subsidiaries or affiliates in Turkey. The target was considered a technology undertaking as it provided services to its customers with digital access via digital platforms in the life insurance sector in Turkey.

However, in Nielsen/Brookfield,^[6] the target was not viewed as a technology undertaking, even though the target used software as a tool in providing other services. It utilized data analytics tools to provide insights about market conditions and customer trends to their customers.

Providing software services and wifi solutions qualified the target as a tecnology undertaking in Providence/Airties.^[7]

Producing application programming interfaces and ready-to-use pharmaceuticals was viewed as falling within the scope of the technology undertaking definition in the Astorg/Corden^[8] case. Similarly, in Groupe Bruxelles/Affidea,^[9] the TCA also considered sales of diagnostic imaging devices as technology undertaking activities in the biotechnology sector.

In CD&R-TPG/Covetrus^[10] the TCA classified the target’s activities in the pharmaceuticals for animals and software sector as “health technology” and “pharmacology,” and as a result, the concentration was covered by the technology undertaking exemption.

In Berkshire Hathaway,^[11]the technology undertaking threshold was applicable since the target (Alleghany Corporation) was active in the market of financial technologies, i.e., it developed software to manage systems of property and casualty reinsurance and sold those to third parties. The exception applied here even though the activities of the target company were carried out in geographical markets other than Turkey. The main takeaway of this decision is that if the target of the transaction is a technology undertaking anywhere in the world and generates turnover in Turkey by any other means (not necessarily in the areas that constitute a technology undertaking), the concentration shall be assessed in the light of the special technology undertaking threshold.

The Berkshire reasoning is also seen in the Twitter^[12] gun-jumping case. Twitter is a digital/online platform that was recognised by the TCA as a technology undertaking, and hence subject to the threshold exception. Thus, there was no need to check Twitter’s (target) turnover in Turkey for the thresholds analysis. The only threshold that needed to be met for the Twitter deal was on the buyer side (globally TRY 3 billion [approx. EUR 142.6 million] for 2022). Companies controlled by Elon Musk were deemed a single economic unit, and it was concluded that the buyer side notification threshold was met; thus, the Twitter deal was indeed notifiable.

Conclusion

Concentrations involving technology undertakings are placed under a special focus/threshold in Turkey as of May 2022, with a view to catching all concentrations in the digital/high-tech markets and preventing killer acquisitions. While the technology undertaking exception from the turnover threshold for notification is different from the “value of transaction test” adopted by Turkey’s peers in the EU, Germany, and Austria, it may be viewed as a unique Turkish equivalent of that test, or at least it is expected to bring about the same results from its application.

The advantage of this rule is that it enables the TCA to assess concentrations of promising start-ups that operate in Turkey and are likely to cause competition disruptions in the digital markets irrespective of the lack of significant turnover of those start-ups. However, since the definition of the technology undertaking provided in the Merger Communique is not exhaustive and rather vague, it may be broadened at the discretion of the TCA, covering various sectors to catch as many transactions as possible. There is not enough existing case law yet to eliminate uncertanties in how to classify activities under the categories listed in the Merger Communique, all of which brings more legal uncertainty and transaction costs for businesses.

Following the Berkshire case, if the target generates turnover in Turkey by any means, it is highly recommended the target’s activities in other jurisdictions be assessed carefully to verify if those fall under the technology undertaking definition, and to notify the concentration to the TCA in case there is a slight probability of that. It seems that there will be more merger caseload and increased scrutiny in the technology markets in the upcoming years.

Dr. Fevzi Toksoy and Bahadir Balki are the Managing Partners at ACTECON; Hanna Stakheyeva is Of Counsel at ACTECON and an Assistant Professor at Bogazici University, Istanbul, Turkey.

1. These thresholds are applicable as of 4 May 2022. Calculated with an exchange rate of EUR 1 = TRY 21.03, in accordance with the applicable European Central Bank rate as of 11 April 2023. ↑

2. Communiqué No. 2010/4 Concerning the Mergers and Acquisitions Calling for the Authorization of the Competition Board. ↑

3. Article 4(1)(e) of the Merger Communique. ↑

4. Decision No 22-21/344-149 dated 12 May 2022 in relation to a concentration by way of creating a joint venture with the companies Citrix and TIBCO, which were under the sole control of Vista Equity Partners Management, LLC. ↑

5. Decision No 22-23/372-157 dated 18 May 2022 in relation to concentration by way of acquisition of sole control over International Financial Group Limited by Cinven Capital Management General Partner Limited. ↑

6. Decision No 22-24/395-BD dated 26 May 2022 in relation to concentration by way of acquisition of indirect joint control over Nielsen Holdings plc by funds and/or investment instruments. ↑

7. Decision No 22-25/403-167 dated 2 June 2022 in relation to concentration by way of acquisition of sole control over Airties Kablosuz İletişim San. ve Dış Tic. A.Ş. ↑

8. Decision No 22-25/398-164 dated 2 June 2022. ↑

9. Decision No 22-27/431-176 dated 16 June 2022. ↑

10. Decision No 22-32/512-209 dated 7 July 2022 regarding concentration by way of acquisition of joint control over Covetrus Inc. ↑

11. Decision No 22-42/625-261 dated 15 September 2022 in relation to indirect acquisition of Alleghany Corporation by Berkshire Hathaway Inc. The company generated turnover in Turkey through an affiliate that operates in the field of design, production, and service solutions for the trailer, private transport, and mobilized business markets. None of the target’s activities in Turkey were considered as falling within the scope of the technology undertaking definition. ↑

12. “The Examination about the Acquisition of the Sole Control of Twitter Inc. by Elon R. Musk” dated 6 March 2023. ↑

The United States Supreme Court’s fractured ruling in Mallory v. Norfolk Southern addressed personal jurisdiction under a Pennsylvania law that required out-of-state corporations to consent to jurisdiction for “any cause of action” as part of registering to do business in the Commonwealth. Other commentators have covered varying aspects and implications of the case, but we write to highlight that the opinion should not be read to limit the ability of Delaware corporations to use exclusive forum provisions to govern internal corporate claims.^[1]

As background, the plaintiff in Mallory was a freight car mechanic and a citizen of Virginia. He sued his former employer, Norfolk Southern, in Pennsylvania, even though the injuries for which he sought workers’ compensation allegedly occurred in Ohio and Virginia, and Norfolk Southern was incorporated and had its principal place of business in Virginia. Norfolk Southern had prevailed in the Pennsylvania Supreme Court on its argument that the Commonwealth’s registration statute violated the Fourteenth Amendment’s Due Process Clause, and Mallory appealed to the Supreme Court. Five justices of the U.S. Supreme Court voted to reverse that decision and concluded that the Due Process Clause did not prohibit a state from requiring an out-of-state corporation to consent to personal jurisdiction as part of registering to do business. But Justice Alito joined only portions of Justice Gorsuch’s plurality decision and concurred based on the assumption “that the Constitution allows a State to impose such a registration requirement.” Given that assumption and the dormant commerce clause discussion in Justice Alito’s concurrence, the remanded case may eventually return to the Supreme Court on other grounds.

Much of the reaction to Mallory has been to portray the ruling as a setback for corporations that permits them to be hailed into plaintiff-friendly venues throughout the country. To start, this misses what the Supreme Court justices agreed on: the statutory scheme in Pennsylvania is not one that exists in most states.

But even assuming laws like Pennsylvania’s sweep the nation and are upheld against future constitutional challenges, the impact of the ruling can be mitigated in the realm of stockholder and derivative corporate litigation, given the ability to adopt exclusive forum provisions for internal corporate claims. Admittedly, Mallory did not involve an internal corporate dispute. But assuming the plaintiff was a stockholder rather than an injured employee, it should play out as follows. The stockholder files suit in Pennsylvania state court. The corporation moves to dismiss based on the exclusive forum provision in its charter or bylaws. The stockholder’s argument would need to be that the corporation’s registration to do business in Pennsylvania, and agreement to be subject to suit there for “any cause of action,” would trump the corporation’s exclusive forum provision. But they have a problem. As a stockholder, they too are committed to litigate in the designated forum.^[2] Existing precedent does not elevate general jurisdiction above the parties’ agreed-upon forum, as courts enforce exclusive forum provisions even if the corporation is unquestionably subject to general jurisdiction in that state’s courts.^[3] The result should thus be the corporation prevailing on its motion to dismiss, and the stockholder refiling in the designated forum.

All of this is to say that Mallory should not impact where stockholder and derivative litigation occurs. Mallory simply highlights the need for corporations to adopt exclusive forum provisions to ensure consistency and predictability in the forum for any internal corporate disputes.^[4]

Myron T. Steele is senior counsel in the Corporate Litigation Group of Potter Anderson & Corroon LLP. He is the former Chief Justice of the Supreme Court of Delaware. Nicholas D. Mozal is counsel in the Corporate Litigation Group of Potter Anderson & Corroon LLP. The views expressed by the authors are not necessarily the views of Potter Anderson & Corroon LLP or any of its clients.

1. 8 Del. C. § 115. ↑

2. See Boilermakers Loc. 154 Ret. Fund v. Chevron Corp., 73 A.3d 934, 939 (Del. Ch. 2013) (“As our Supreme Court has made clear, the bylaws of a Delaware corporation constitute part of a binding broader contract among the directors, officers, and stockholders formed within the statutory framework of the DGCL.”). ↑

3. See City of Providence v. First Citizens BancShares, Inc., 99 A.3d 229, 231 (Del. Ch. 2014) (holding Delaware corporation could enforce provision requiring suit to be brought in North Carolina); Wong v. Restoration Robotics, Inc., 78 Cal. App. 5th 48, 57 (2022) (enforcing federal forum provision in bylaws of Delaware corporation governing claims under Securities Act of 1933 and stating stockholder could not press such claims against corporation headquartered in California in California state court). ↑

4. Although a current split exists between the Seventh and Ninth Circuits as to the reach of such provisions for certain claims and the Supreme Court may eventually weigh in on that question, compare Lee v. Fisher, No. 21-15923 (9th Cir. June 1, 2023) with Seafarers Pension Plan v. Bradway, 23 F.4th 714, 717 (7th Cir. 2022), there is no reason to think the current scheme will be entirely upended. ↑

The Board of Governors of the Federal Reserve System (Fed), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC) (collectively, the Agencies) issued the long-awaited final Interagency Guidance On Third-Party Relationships: Risk Management (Final Guidance) on June 6, 2023. The Final Guidance replaces the disparate set of guidance and FAQs separately issued by the Agencies over the years, thereby bringing greater consistency to supervisory expectations for banks in managing risks arising from their business relationships with service providers, contract counterparties, and other third parties.

The Final Guidance will be of particular interest to fintech companies, especially those that partner with or are looking to partner with banks. The Final Guidance explicitly calls out bank-fintech partnerships as within its purview, underscoring the potential risks raised by partnerships that involve novel or complex structures, as well as arrangements where the fintech company rather than the bank serves as the main point of contact for interactions with the end user (such as certain banking-as-a-service models).

Fintech companies that currently partner with banks, or are seeking to, should pay close attention to the Final Guidance, as it is now the definitive source of guidance on supervisory expectations and also a sign of greater supervisory scrutiny on such partnerships. Small banks, which many fintech companies tend to partner with, will likely find the new guidance challenging to implement. In a rare dissenting statement, Federal Reserve Governor Bowman predicted that more resources will be needed to “ensure that small banks understand and can effectively use the guidance to inform their third-party risk management processes.” The Final Guidance notes that the Agencies plan to, but have not yet, developed these additional resources to assist community banks and other smaller banks. Consequently, fintech companies looking to partner with banks, especially small banks, should be prepared for a more rigorous and potentially drawn-out diligence process with their potential bank partner, as well as ongoing monitoring.

Overview of the Final Guidance

Banking organizations are required to operate in a safe and sound manner and in compliance with applicable regulations, whether their activities are performed internally or outsourced to a third party. Operating in a safe and sound manner requires a bank to establish risk management practices governing its activities, including risks arising from its third-party relationships. The Final Guidance provides sound risk management principles that banks can use when developing and implementing risk management practices to assess and manage risks associated with third-party relationships.

The Final Guidance is striking in its expansive scope. It broadly defines third-party relationships, encompassing any business arrangement between a banking organization and another entity, whether the arrangement is formalized by contract or otherwise established. Included in the scope of third-party relationships are:

• outsourced services,
• the use of independent consultants,
• referral arrangements,
• merchant payment processing services,
• services provided by affiliates and subsidiaries, and
• joint ventures.

Importantly, the Final Guidance emphasizes that a bank’s use of such third parties does not diminish or remove its responsibilities to meet those requirements and ensure compliance with applicable regulations, such as those related to consumer protection and financial crimes. In issuing the Final Guidance, the Agencies sought to promote consistency in supervisory approaches to third-party risk management by replacing each agency’s existing guidance on the topic,^[1] each of which is rescinded and replaced by the Final Guidance.

Key Considerations for Fintech Companies

The Final Guidance lays out a risk management framework that outlines a series of essential steps for banking organizations that partner with fintech companies, including engaging in sufficient planning, conducting due diligence for third-party selection, negotiating contracts, monitoring on an ongoing basis, and, if necessary, effecting efficient termination. The Final Guidance also details a set of best practices for governance of third-party risk management, including oversight and accountability, independent reviews, and documentation and reporting.

Fintech companies seeking to enter into partnerships with banks should take note of the following key areas in the Final Guidance:

1. Heightened due diligence requirements

The Final Guidance calls for the scope and degree of a bank’s due diligence to align with the level of risk and complexity of the third-party relationship. Fintech companies should pay particular attention to this requirement, as the Final Guidance states that greater operational or technological complexity leads to increased risk. It is likely that a fintech company that is preparing to partner with a bank will have to undergo more thorough and rigorous due diligence with the bank. If the fintech companies will perform higher-risk activities, including critical activities, the Final Guidance calls for more comprehensive diligence.

The Final Guidance sets forth a wide range of topics that, as part of its due diligence, a banking organization should consider about a third party:

• strategies and goals;
• legal and regulatory compliance;
• financial condition;
• business experience;
• the qualification and backgrounds of key personnel and other human resources considerations of a third party;
• risk management;
• information security;
• management of information systems;
• operational resilience;
• incident reporting and management process;
• physical security;
• reliance on subcontractors;
• insurance coverage; and
• contractual arrangements with other parties.

2. Contract negotiation

The Final Guidance stresses the importance of contract negotiation for banks when entering into third-party arrangements. While a fintech company may initially seek to offer its own standard contract or form provisions, a bank may try to seek modifications, resulting in a more involved and drawn-out negotiation than a fintech might expect to encounter with other entities. Fintech companies should therefore expect greater attention from banks than their typical transaction counterparties in the following commercial terms, on the basis of the Final Guidance:

• nature and scope of the arrangement;
• performance measures or benchmarks;
• responsibilities for providing, receiving, and retaining information;
• the right to audit and require remediation;
• responsibility for compliance with applicable laws and regulations;
• cost and compensation;
• ownership and license;
• confidentiality and integrity;
• operational resilience and business continuity;
• indemnification and limits on liability;
• insurance;
• dispute resolutions and customer complaints;
• subcontracting;
• foreign-based third parties;
• default and termination; and
• regulatory supervision.

Moreover, the Final Guidance states that if a contract is unacceptable for a bank, the bank may consider other approaches, such as looking to bring the activity in-house or looking to other third parties. Accordingly, it will be important for fintech companies negotiating with banks to ensure that they are adequately protecting their own interests and, at the same time, address where appropriate the many areas of focus that their bank counterparty is now expected to scrutinize. For additional insights into strategic approaches to contracting for fintech companies, please see a recent article the co-authors have written separately discussing “Financial Infrastructure as a Service: Top Legal Considerations for Innovators.”

3. Ongoing monitoring

The Final Guidance also requires banks to engage in ongoing monitoring throughout the duration of a third-party relationship, commensurate with the level of risk and complexity of the relationship and the activity performed by the third party. Fintech companies should expect the following examples of typical monitoring activities from their bank partner:

• review of reports regarding their performance and the effectiveness of their controls;
• periodic visits and meetings with their representatives to discuss performance and operational issues; and
• regular testing of the bank’s controls that manage risks from its third-party relationships, particularly when supporting higher-risk activities, including critical activities (in certain circumstances, based on risk, a bank may also perform direct testing of the third party’s own controls).

Awareness of the areas of supervisory sensitivity will be critical to a fintech company’s success in partnering with a bank to deliver banking services.

Additional Considerations

The Agencies declined to establish any “safe harbors” in the Final Guidance, even for small banks. Rather, key to the third-party risk management framework—as contemplated under the Final Guidance—is the need for banks to tailor their risk management practices commensurate to their size, complexity, risk profile, and the nature of their third-party relationships. This tailored approach acknowledges the variety among different third-party relationships and the unique challenges that arise from such relationships. However, given the breadth of the Final Guidance, this tailoring may be easier said than done, particularly for community banks.

With respect to supervisory exams of a bank’s third-party risk management, the Final Guidance noted that supervision will also be tailored based on the degree of risk and the complexity associated with the bank’s activities and its third-party relationships. While the Final Guidance focuses on bank responsibility for third-party arrangements, it also recognizes that in certain circumstances, an agency may examine the functions or operations that a third party performs on behalf of a banking organization, allowing the Agencies the flexibility needed to address the unique challenges faced by the range of banking organizations and their various types of third-party relationships. In these cases, the agency may address violations of laws and regulations through corrective measures, including enforcement actions, to address unsafe practices by the third party.

Takeaway

Small banks in particular are likely to face challenges in implementing the Final Guidance and some degree of uncertainty in meeting supervisory expectations, which may translate to more challenging contract negotiation dynamics for fintech companies and greater hesitation by banks to enter into innovative arrangements. As bank-fintech partnerships increase in their complexity and incorporate novel strategies or technologies, the Agencies will require banks to step up their risk management, which their fintech partners will need to address.

1. SR Letter 13–19/CA Letter 13–21, “Guidance on Managing Outsourcing Risk” (December 5, 2013, updated February 26, 2021); FIL–44–2008, “Guidance for Managing Third-Party Risk” (June 6, 2008); OCC Bulletin 2013–29, “Third-Party Relationships: Risk Management Guidance,” and OCC Bulletin 2020–10, “Third-Party Relationships: Frequently Asked Questions to Supplement OCC Bulletin 2013–29.” ↑

The furthest- and widest-reaching federal business entity law ever enacted, the Corporate Transparency Act (“CTA” or “Act”)^[1] will impact an estimated 32.6 million current businesses, with its implementation going into effect on January 1, 2024. An estimated additional five million newly formed businesses will also be swept under the CTA’s purview each subsequent year.^[2] However, many business owners, investors, and advisers are unaware of the CTA and its looming deadline, and when they learn of it, they are often taken aback by its scope (and even its mere existence). Now is the time to review the CTA’s requirements and get prepared before the law goes into effect at the beginning of next year.

CTA Overview

The CTA requires certain businesses (including privately held and nonprofit entities) to report direct and indirect, human, beneficial ownership, control, and service provider information to the Financial Crimes Enforcement Network (“FinCEN”) of the U.S. Department of Treasury.^[3] This information will be used by federal, state, local, and tribal law enforcement authorities to streamline their investigations, bypassing the “shell game” historically posed by multiple levels of business entity ownership and affiliation.^[4]

Covered Businesses

The CTA impacts “reporting companies,” which include corporations, limited liability companies, limited partnerships, business trusts, and other “similar entities”^[5] that are created or registered by the filing of a document with a secretary of state or a similar Indian tribal office.^[6] There is no “grandfathering” of previously formed entities: the CTA will sweep in all business entities in existence on January 1, 2024. Exempted from the CTA’s reporting regime are specified excluded entities, which generally include heavily regulated business entities or large operating companies. However, the vast majority of private businesses and many nonprofit businesses will be swept up in required compliance.

Reportable Information and Owners

The information to be reported to FinCEN (“beneficial owner information,” or “BOI”) is certain personal identifying information (“PII”), which includes (1) full legal name, (2) date of birth, (3) residential (or sometimes business) physical commercial street address, and (4) an image of an acceptable government-issued ID (e.g., a U.S. passport or state-issued driver’s license) that includes both an ID number and the person’s photograph.^[7] This reported information must be kept current and accurate with FinCEN by the reporting company on an ongoing basis.

This information will need to be reported for persons who have “substantial control” over the business or who own, directly or indirectly, 25 percent or more of the equity in the business (each a beneficial owner). Every business will have at least one person to report, regardless of its ownership structure. In many instances, informed business decisions will need to be made as to who constitutes reportable beneficial owners.

For reporting companies formed on or after January 1, 2024, the same PII must also be reported for “company applicants” (i.e., incorporators and organizers), including those who directed the formation filing. This reported information is only reported as of the reporting company’s formation and is not required to be updated with FinCEN thereafter.

Mechanics and Timing of Filings

Filings will be made through an electronic interface with the online Beneficial Ownership Secure System (“BOSS”).

Businesses in existence on January 1, 2024, will have one year to file their initial report—but file an initial report they must do, even if they subsequently dissolve or otherwise alter their structure in a manner to become compliant with a CTA exemption. Businesses formed on or after January 1, 2024, will have thirty days from formation to file their initial report with FinCEN.

Any change to the status quo of a business in existence on January 1, 2024, will need to be reported as a separate amendment filing, delivered with the initial “as of January 1, 2024” report filing required to be made on or before December 31, 2024. Businesses formed on or after January 1, 2024, will have thirty days to file a correction or change to any information previously reported.

Penalties

There are steep, escalating fines ($500 per day up to $10,000 per violation) and possible jail time (up to two years) for those failing to timely and properly comply with the CTA’s requirements.^[8]

It bears noting that failure to timely file a required initial report could result in up to a $10,000 fine but that subsequent events that would necessitate an amendment to such required but missing filing, had the initial report been made, would also cause penalties to accrue—meaning that a failure to file an initial report may result in aggregate fines accruing well in excess of $10,000 prior to an initial notification of violation from FinCEN to the reporting company. Also, the intent of the reporting company and its agent with regard to noncompliance will be a factor in FinCEN’s assessment of possible criminal penalties.

Bearing this in mind, the remainder of this article is an appeal to the better angels of our character—as well as a direct rebuttal of initial impulses expressed by many upon first learning of the CTA.

CTA Denial

“I am a sophisticated business owner, and I have never heard of this.”

The enactment of the CTA in 2021 came as a shock to many (to some, a much later aftershock). However, the CTA’s intent—to end the position of the United States as a haven for “shell” companies used in the commission of money laundering, terrorist financing, financial and tax fraud, and other domestic and international illicit activity and corrupt practices—was present in proposed federal legislation for decades.

The CTA marks a seismic shift in the legal landscape for businesses operating in the United States. Prior to the CTA, entity beneficial owner disclosure was solely (if at all) the purview of state or tribal law. Now it is a focus and purview of federal law enforcement agencies.

The CTA has largely flown under the radar to date, but it is now time to become educated on the actions that may be taken prior to the CTA’s January 1, 2024, implementation date, and after. The Act’s impact on and implications for businesses, particularly small businesses, are complicated and difficult to succinctly communicate, and the CTA has not received widespread mass media attention. In fact, federal lawmakers and industry groups have decried the lack of CTA public education undertaken by FinCEN to date.

Many professional advisers and business professionals have been caught off guard by this fundamental change in business entity law, now taking on a federal facet for the first time. Those that are aware have, by and large, taken a wait-and-see approach to either advising their clients and business associates or evaluating their own compliance profile. This is because much of the mechanics of compliance remains elusive. The ability for businesses to begin directly interfacing with FinCEN on filing and compliance continues to be in the future, giving those persons “in the know” little to offer as current action items—causing many to defer sounding the alarm bell until more is known from FinCEN. However, the wait must end, as there is limited and dwindling time remaining to take action before the window of opportunity closes at the end of 2023.

“I have a small business. The Corporate Transparency Act only applies to large businesses.”

The CTA’s impact on small businesses is counterintuitive to many business owners, who erroneously believe that their business is “too small” to be within FinCEN’s sights and the CTA’s purview. Quite the opposite: A business’s small size is precisely why such a business must comply with the Act! The Act is designed to cast a broad net to “catch” a small niche of nefarious actors hiding behind the “corporate veil.”

Unfortunately, the vast majority of business entities that now must comply with the CTA, including most small businesses, are unwitting and innocent bycatch in the CTA’s net. This is because they will not be able to meet the criteria to be a large operating company that is expressly excluded from CTA compliance. The CTA’s “large operating company” exception is an exception to the CTA’s reporting requirements for businesses that meet all three of the following criteria:

1. The business must have a commercial, physical street address in the United States.
2. The business must have twenty-one or more full-time employees (excluding full-time equivalent employees, part-time employees, independent contractors, and leased employees).
3. The business must have filed a prior year’s federal income tax return demonstrating more than $5 million in annual, U.S.-only, gross receipts or sales.

All home-based businesses, and those with only a virtual (online) presence, will not meet the physical street address part of this three-part test. In addition, by necessity, every business entity formed on or after January 1, 2024, will not initially qualify for this exclusion because such business entities will not have the prior year’s tax return necessary to establish the gross revenue part of the test. The same will be true of virtually all business entities formed between January 1, 2023, and December 31, 2023. Further, many large portfolios of business entities will likely not meet this exception because employees of the portfolio’s operations are typically consolidated into one, or a few, of the portfolio’s business entities, with the remaining business entities not having employees, thus failing the employee prong of the test. Under FinCEN’s BOI Final Rule,^[9] employee head count may not be attributed across affiliated entities for purposes of meeting the employee count threshold—each business entity must stand alone in this respect.

“My industry’s lobbyists would never allow such a law to get passed.”

Lobbyists had staved off attempts to implement the CTA, and its predecessor bills, for decades. However, in December 2020, the U.S. Congress, majority-controlled by Republican lawmakers in both the House and the Senate, passed the CTA as part of the 2021 National Defense Authorization Act—which then-President Donald Trump vetoed^[10] (his sole veto during his term of office). On January 1, 2021, Congress, by a two-thirds vote in both the House and Senate, overrode Trump’s veto and passed the CTA into law.

Since the CTA’s adoption, the political landscape has changed. President Joe Biden and a Democratic-controlled Senate now hold office through at least 2024. A change of party control, if any, of the presidency or the Senate will not take effect until mid-January 2025—and control of the House may then also be uncertain. By that time, all existing business entities will have been required to file their initial CTA report into the BOSS, and a full year of newly formed entities will also have been required to comply with the CTA. In short, hopes of a conservative government sea change, with an overturning of the CTA, doesn’t account for the Act’s conservative lawmaker origins or the political cycle timing between now and the Act’s January 1, 2024, implementation.

Hope for a legislative repeal or delay in the implementation of the CTA likely ended with the recent passage of the bipartisan Fiscal Responsibility Act of 2023 ( “debt ceiling bill”),^[11] which lacked provisions pertaining to the CTA. In mid-June 2023, subsequent to the passage of the debt ceiling bill, the Accountability Through Confirmation Act and the Protecting Small Business Information Act were each introduced in the House Financial Services Committee by Committee Chairman Patrick McHenry (R-NC). These bills are intended to effectively delay the date that the BOI reporting requirements go into effect and to “reform” FinCEN with requirements intended to increase transparency and accountability within the agency, while protecting individuals’ privacy and businesses’ sensitive information in the BOSS reporting regime. It bears noting that Representative McHenry was also the sponsor of the debt ceiling bill. With the current gridlock in Congress, these new bills seem unlikely to move beyond the House or to become laws.

Further, the Biden administration has shown no indication of delaying the CTA’s implementation, with the U.S. Department of Treasury and FinCEN expressing publicly, and repeatedly, that implementation of the CTA by the end of 2023 is a top priority. The stated goals of the CTA—combating the use of “shell” companies in the commission of money laundering, terrorist financing, financial and tax fraud, and other domestic and international illicit activity and corrupt practices—appear to align with the administration’s agenda. In other matters, the administration has shown a proclivity to support initiatives to reign in business rather than favor it.

The CTA mandated that FinCEN promulgate regulations under the CTA prior to January 1, 2022. On December 7, 2021, FinCEN published a proposed rule related to BOI under the CTA, with a public comment period extending through February 7, 2022. In response to this notice of proposed rulemaking (NPRM), FinCEN received over 240 formal comments, with submissions coming from a broad array of individuals and organizations, including members of Congress, government officials, groups representing small-business interests, corporate transparency advocacy groups, the financial industry and trade associations representing their members, law enforcement representatives, and other interested groups and individuals. In addition to these formal responses to the NPRM, FinCEN also received, accepted, and considered many additional comments and inquiries from the public. The extensive, thorough, detailed, and pointed feedback, often in direct opposition to the proposed implementation of the Act and to specific components of the Act, was considered, weighed, and utilized by FinCEN in its adoption of the CTA BOI Final Rule, issued on September 30, 2022. FinCEN went to great length in the Final Rule to describe, with specificity, the extreme vetting on each point in the Final Rule. That Final Rule, with limited exceptions, stayed true to the CTA and the proposed rule initially proposed. FinCEN did not exercise its discretion to expand the list or scope of the enumerated reporting company exceptions (in spite of numerous pleas to do so), nor did it show any reluctance to, or anticipate delay in, implementing the CTA. Based on this process, the implementation of compliance and enforcement of the CTA’s reporting obligations will most certainly begin January 1, 2024. Hopes that a “white knight” will ride in to thwart the CTA, or that a delay or elimination of this reporting obligation implementation would occur, were vanquished last year (in 2022) and confirmed by the CTA’s omission from the bipartisan debt ceiling bill.

“That can’t be constitutional.”

A lone small business advocacy group, National Small Business United (affiliated with the National Small Business Association), has filed suit against the U.S. Department of Treasury and FinCEN contesting the constitutionality of Congress’s actions in passing the CTA into law, as well as the CTA’s implementation by FinCEN. Three other advocacy groups (Transparency International U.S., Financial Accountability & Corporate Transparency Coalition, and Main Street Alliance) jointly authored an amicus brief in support of the government’s position and the CTA. This case remains in an early stage of pleadings.^[12] Pending the outcome of this case, the constitutionality of the CTA will be affirmed or better defined.

“I just won’t report.”

Statements similar to the foregoing are uttered by a shocking number of business owners with whom I speak about the CTA and its reach, application, and exposure. However, there are a number of factors uniquely associated with the CTA, its origins, and its implementation that make its enforcement and your possible noncompliance exceptionally problematic. Chief among these, at least for individuals,^[13] is that their refusal will be conspicuously noted on a reporting company’s filing with FinCEN. A checkbox is included on the BOI reporting questionnaire: “(check if you are unable to obtain any required information on one or more Beneficial Owners).” Once checked, this conspicuous omission will be a red flag to FinCEN, and other law enforcement agencies, for initial or further investigation.

Further, the Internal Revenue Service (“IRS”) recently announced its taxpayer enforcement initiatives, which include plans to hire nearly 87,000 new employees and invest $80 billion over the coming years^[14] to improve tax enforcement and customer service, with more than one-third of the new hires being enforcement staff. The agency also plans to hire more data scientists to complement traditional tax attorneys and revenue agents in using new data analytics technology to identify audit targets. FinCEN’s BOSS database, created under the CTA, will likely be a key component to such data analytics technology and will provide an inexpensive, efficient investigative tool and corroborating (or “red flag”) source of taxpayer information for the IRS. The IRS initiatives’ stated aims are to close the “tax gap” between taxes owed and those paid, and to rebuild the IRS’s audit capabilities and computer technology. The IRS’s stated goals also include expanding enforcement for taxpayers with complex tax filings and high-dollar noncompliance, including high-income and high-wealth individuals, complex partnerships, and large corporations.^[15]

Hopes that the CTA is nothing more than another pro forma survey data collection initiative by the government are naïve and misguided. FinCEN’s BOSS database will be a critical point of diligence for investigation by federal government agencies. Your business entity’s conspicuous absence from the BOSS database, or your personal omission from a reporting company’s CTA filing, will most certainly be discovered—and will spearhead other federal investigations into you and your business practices.

“If I get caught, I’ll just pay the fine.”

The CTA provides for civil fines of $500 per day, up to $10,000, per violation of the Act. The Act also provides for a criminal penalty of up to two years’ imprisonment for CTA violations. It is important to note that the fine is per violation—not simply for violating the Act. The Act has requirements for filing report corrections and amendments based on changing circumstances, and CTA violations will likely involve multiple instances of noncompliance before FinCEN comes knocking on your door. Each reporting obligation also has a very short window (thirty calendar days) within which to make the required filing, making inadvertent violations of the CTA highly likely. Further, with only twenty days needed to reach the maximum fine of $10,000 per violation, many violations will likely come with the maximum $10,000 price tag.

These factors, in combination, could cause a simple act of not reporting to turn into the accrual of tens of thousands of dollars, or even hundreds of thousands of dollars, in fines by the time FinCEN identifies the violation and pursues collection. This will be particularly true in the first year of implementation, when 32.6 million reporting companies are projected to require reporting, with five million additional reporting companies being added each year thereafter.

Also, did I mention prison time? Noncompliance could be a costly proposition—far in excess of an initial $10,000 price tag.

“CTA responsibilities do not implicate fiduciary duties.”

Persons with “substantial control” over a reporting company under the CTA not only will be required to disclose their own PII as “beneficial owners” of the reporting company but will also, in many instances, owe fiduciary duties to the reporting company as well as to the (other) owners of the reporting company to properly comply with the CTA. Any decision by a reporting company’s management not to report under the CTA, or to partially report or to inaccurately report, will directly implicate actionable duties owed to the reporting company, its owners, and possibly third parties. Further, such actions may constitute “for cause” termination events with respect to such “substantial control” person, as the act or omission may constitute gross negligence, willful misconduct, fraud, material misrepresentation, or an illegal act with respect to the reporting company. A “substantial control” person’s evasion of the law could also implicate denial or cancellation of the reporting company’s directors and officers (D&O) insurance coverage for the event in question, and expose the individual to uncovered personal liability for the action in question. Further, grievous failure to comply with the CTA could result in imposition of a criminal sentence of up to two years in federal prison for the offending individual.

Under most states’ business statutes, the concept of fiduciary duties is prevalent and applies to the behavior of officers, managers, directors, and other governing and management parties to the business entity itself and, in some instances, to the owners of the business entity directly. Principal among the fiduciary duties is the “duty of care.” The duty of care requires that a person act with the prudence that a reasonable person in similar circumstances would use. If a person’s actions do not meet this standard of care, then the acts are considered negligent and may result in actionable damages enforceable against the individual. However, a fiduciary may discharge the duty of care by exerting appropriate diligence and informed consideration with respect to the action in question. Further, in most instances, a fiduciary may discharge its duty of care on a subject by hiring a professional adviser that the fiduciary reasonably believes has the necessary experience and expertise to advise on the subject and by relying on such advice in making the business decision. Thus, “substantial control” persons may insulate themselves against duty-of-care claims by retaining legal counsel to evaluate and advise on the reporting business decisions in question. Further, to the extent that a waiver of fiduciary duties is permitted by the applicable state and included in the applicable business entity’s charter documents, such waiver will not extend to the fiduciary duty of good faith, which could be implicated by a failure to file a CTA report.

Conclusion

The Corporate Transparency Act is a seismic shift in the beneficial owner reporting regimes in the United States, disturbing long-established norms. Beginning January 1, 2024, tens of millions of unwitting and innocent U.S. business entities, and their beneficial owners, will become bycatch in FinCEN’s dragnet designed to catch nefarious actors hiding behind the “corporate veil.” Whether you like it, hate it, or are indifferent, the CTA has been thoroughly vetted and is here to stay. Compliance is both mandatory and advisable. Just as anonymity in the business entity structure has been pierced by the CTA, so has anonymity in the Act’s compliance, with various touch points and red flags aiding in FinCEN’s ultimate enforcement regime, including FinCEN’s discovery of those choosing not to comply.

1. National Defense Authorization Act for Fiscal Year 2021, tit. LXIV, §§ 6401–6403. ↑

2. See 31 C.F.R. § 1010.380 (2022). ↑

3. National Defense Authorization Act for Fiscal Year 2021, tit. LXIV, § 6403. ↑

4. See 31 C.F.R. § 1010.380. ↑

5. For example, limited liability partnerships, limited liability limited partnerships, decentralized autonomous organizations (“DAOs”), and other entities created through filings with a secretary of state or tribal authority. ↑

6. 31 U.S.C. § 5336 (a)(11)(A) (2021). ↑

7. 31 C.F.R. § 1010.380(g) (“Reporting violations. It shall be unlawful for any person to willfully provide, or attempt to provide, false or fraudulent beneficial ownership information, including a false or fraudulent identifying photograph or document, to FinCEN in accordance with this section.” (emphasis added)). ↑

8. 31 U.S.C. §§ 5336(h)(1), 5336(h)(3)(A). ↑

9. Beneficial Ownership Information Reporting Requirements, 87 Fed. Reg. 59,498 (Sept. 30, 2022). ↑

10. Searches across case law databases for litigation containing the phrase Corporate Transparency Act resulted in only one case found: Trump v. Deutsche Bank AG, 943 F.3d 627, n.55 (2019). ↑

11. H.R. 3746, 118th Cong. (2023) became Pub. L. No. 118-5 (2023). ↑

12. Nat’l Small Bus. United v. Yellen, No. 5:22-cv-01448-LCB (N.D. Ala. 2022). ↑

13. It bears noting that the person responsible for a reporting company’s CTA filing, in some instances, may not be a “beneficial owner” of the business entity, or only one of several “beneficial owners,” and will likely make the filing (even over potential objections) to avoid personal culpability. The willingness of one person to violate the law, problematic on its face, also implicates the rights and risk profile of other persons associated with the reporting company. The other implicated individuals in the business organization may not share this risk tolerance. ↑

14. Note that section 251 of the debt ceiling bill, Pub. L. No. 118-5 (2023), rescinded $1,389,525,000 of IRS earmarked funding. ↑

15. See Beware, the IRS Is Coming: More IRS Audits to Focus on High-Net Worth Individuals and Passthrough Entities, Polsinelli (Apr. 18, 2023). ↑

At this point, almost every business operates some of its information technology (“IT”) assets in the cloud. Cloud‑based IT resources may be infrastructure (supplementing or replacing on‑site data centers and communications systems), platforms, or applications. Also, essential, enterprise‑level applications are now commonly licensed as subscription services maintained by third parties. Many of these third-party services also operate on IT infrastructure sourced from a cloud provider.

Moves to the cloud are multifaceted and multidisciplinary. Lawyers have an important role advising their clients about the legal rights and obligations in the tangle of licensing arrangements inherent in cloud computing. Determining the sources of those rights and obligations can, itself, be a challenge.

This project focuses on the essential steps for determining the legal rights and obligations attendant to operating in the cloud and provides practical tools to assist business lawyers. The project’s contributors are members of the Business Law Section’s Cyberspace Law Committee.

The initial toolkit includes six tools:

• One tool, using one significant cloud service provider as an example, assists lawyers navigating the first step in analyzing legal rights and obligations for cloud environments—that is, finding the applicable legal terms for review and discussion.
• A matrix illustrates “shared responsibility” as that concept appears in provisions of cloud service agreements from two major providers.
• A brief Business Law Today article by our Committee colleague, Lisa Lifshitz, offers Seven Tips for Better Technology Services Agreements.
• The toolkit also offers a checklist of issues to consider when an organization licenses data and a data life cycle checklist to assist with data management strategy.
• A glossary rounds out the initial work product. The glossary is intended to be an open and continuing work in progress. We welcome reader contributions.

The toolkit will also include a resource focusing on the substance of cloud licensing. The forthcoming tool describes contract terms typical for software and cloud services, highlighting, in particular, subject matter that might be prioritized for attention when opportunities for negotiation are limited.

The Lawyer’s Role: More Counselor than Drafter

A lawyer representing the purchaser/licensee in a cloud transaction will almost always be reviewing vendor contracts, not drafting or modifying purchaser/licensee forms. Opportunities for negotiation are limited by bargaining power, the cadence of business operations and IT development, and the volume of material and services that may be necessary or useful to complete the client’s IT effort. In this circumstance, lawyers add value by issue-spotting and helping the business team assess and contextualize risk reflected in the vendor’s legal terms and service descriptions.

Coordination of Relevant Stakeholders

Lawyers are also often well positioned to identify the right decision makers—or at least the appropriate subject matter domains—and facilitate work across stakeholder groups to understand and manage rights and obligations buried in the fine print of cloud contracts.^[1] Establishing and managing online environments and services involve information security (a discipline not entirely the focus of IT architects, engineers, and developers), budget and finance, procurement, compliance and risk, and data management and privacy—each doing its part to support a business team’s advancement of the client organization’s objectives.

The dynamic of coordinating stakeholder input is not new, of course. But lawyers should understand whether processes and controls that the client has in place to bring relevant stakeholders together will operate effectively when technology and services are procured through cloud service providers. Cloud marketplaces make shopping easier and more accessible to more people in an organization. Enabling more people to source material in an online store speeds access to technology components and solutions. Absent proper controls, however, solutions delivered on time with the right functionality may come without adequate attention to budget, security, and other risk considerations.

The following is a rudimentary example: Assume a developer is deploying a new application in an existing cloud environment. The developer enables logging functionality consistent with the organization’s security and operations policies for logging. The logging function can be enabled for no charge, but storage fees will accrue for keeping the log files. The project budget, focused on development and deployment, includes the initial application cost and subscription fees for a term. The budget does not anticipate the incremental cost of storage as log files are retained. What does the organization do when the storage fees begin to accumulate? Turn off logging? (Not likely.) Revise its budget for the ongoing cost?

How could the lawyer have helped the client organization in this illustration? First, the lawyer would have sought out and read the applicable contract. In doing so, the lawyer would probably have found references in the documentation saying that storage is separate. Or, more generally, the lawyer could have reminded the technology team to include colleagues whose role in the design and procurement process is to calculate the cost of ongoing operations and maintenance consistent with security policies and business requirements.

A lawyer engaged early in a project or business process development can work with the organization’s IT department to build review of product documentation into the design process. With proper guidance, a nonlawyer on the project team could be tasked to review documentation for key details—technical, operational, budget, legal red flags—and facilitate communication among relevant stakeholders.

Not a full-time technology lawyer? Business and commercial lawyers with the occasional technology matter in their portfolio add value when they spot issues and raise questions for the technology and business teams to consider. “What’s going on here?” can be a useful flag and does not require the lawyer to be a technology expert. Business lawyers understand that terms drafted by the other side have a thumb on the scale favoring the drafter. (And technology licenses sometimes read like the drafter put an elephant on the scale in the drafter’s favor.) Even when there is no practical likelihood that the organization will be able to negotiate more favorable terms, “What’s going on here?” gives the organization a prompt to consider potential risks, strategies to mitigate risk, and the feasibility of taking a different approach to avoid the risk.

Contracting through a Marketplace Feature

Incorporating cloud-based procurement into an organization’s operations requires a basic understanding of how software, services, and content may be procured from cloud service providers through their “marketplace” features. Organizations need to understand each marketplace through which they source products, material, and services and take appropriate steps to bring marketplace transactions into controls for procurement, contracting, security, and other risk management. Cloud providers have developed account management tools and access controls. It is up to client organizations to take appropriate steps to configure those tools, actively monitor customer portals and notices (and respond as appropriate), and keep account structures and access controls current.

The legal terms for cloud marketplaces and the products, material, and services offered in them are long, winding, and overlapping. They are also subject to provider-instituted changes that can affect ongoing services. Navigating cloud services and the marketplace tries the patience of the most diligent and patient lawyer. Lawyers should anticipate spending some time learning to navigate the legal terms of their clients’ cloud providers. The toolkit includes one paper illustrating contract navigation for the cloud marketplace of one significant service provider.

Lawyers should also keep in mind that cloud marketplaces are not the only channel to acquire software, services, or content for cloud-based systems. Cloud-based information technology may be procured under enterprise agreements with infrastructure or platform providers. Organizations may also engage third parties to manage their information technology. Those managed service providers may build out systems, including applications and storage, in cloud environments or using cloud-based platforms. Many enterprise-wide applications are now provided as a service, for example, office applications like Microsoft 365® and relationship management systems like Salesforce. Organizations may also bring their own software and content to a cloud environment. Managing proprietary and personal information has to be a consideration in reviewing the legal terms for any cloud-based arrangement.

A comprehensive review of procuring software, services, and content for cloud-based systems is beyond the current scope of this project. To start, we aim to contribute some basics that generalist business lawyers will find useful.

The Toolkit: A Dynamic Project

We expect each of the initial tools to evolve over time with feedback from readers and future collaborators. We also recognize opportunities to expand the toolkit with pieces highlighting sector‑specific issues, for example, education, health care, financial services, and service features (such as artificial intelligence components). We welcome volunteers and contributors to the project.

To offer feedback or contact the Toolkit Project coordinators, please email the project’s virtual mailbox at [email protected].

1. This project does not purport to be a comprehensive study of cloud computing for lawyers. For additional background about cloud computing, refer to these other ABA publications: Cloud 3.0: Drafting and Negotiating Cloud Computing Agreements (Lisa R. Lifshitz & John A. Rothchild eds., 2019); and H. Ward Classen, The Practical Guide to Software Licensing and Cloud Computing (7th ed. 2020). ↑

Pro bono work is about more than giving back to the community or meeting a lawyer’s professional obligation to do so. For law firms, it can also make good business sense, prompting a positive domino effect for themselves, the clients they serve, and minority- and women-owned business enterprises (M/WBEs) striving for success in their communities.

Indeed, legal services are a major expense for many small businesses, including M/WBEs. Further, legal services for small businesses can span areas ranging from corporate, employment, and real estate to intellectual property, data privacy and security, and other practice areas in which owners may not even be aware they need assistance. Considering both this reality and the American Bar Association’s Model Rule 6.1 noting that “every lawyer has a professional responsibility to provide legal services to those unable to pay,” it is incumbent on law firms to assist small businesses—particularly those owned by women and minorities, who continue to face systemic challenges in securing loans and other funding and accessing critical services to launch and grow their operations. Equally important for law firms to understand is that providing pro bono services can be beneficial to their own operations, with the potential for pro bono M/WBE clients to become future billable clients. In providing pro bono corporate counseling to early-stage, scalable M/WBEs (for example, preparing for and helping them acquire seed and venture capital investments), law firms eliminate an economic barrier for such businesses. In the event these M/WBEs receive such capital financing, they would likely have the appropriate amount of funding to scale their businesses and possibly become future billable clients of the law firms that initially provided pro bono legal services to them.

Pro bono legal services for small businesses have been especially valuable in the wake of the COVID-19 pandemic, with countless startups and even established small businesses struggling to stay afloat. In 2020, our firm (Gibbons P.C.) was approached by a nonprofit, the Institute for Entrepreneurial Leadership (IFEL), to partner on one of its new initiatives, “Small Businesses Need Us” (SBNU), created to provide free legal counsel and other business services to M/WBEs impacted by the pandemic. Gibbons attorneys have since donated hundreds of hours to SBNU to clients ranging from a STEM enrichment program for students, to an event management company, to a life and business empowerment coach.

Our partnership with IFEL has been so successful that IFEL has since become a billable client of the firm. The organization devotes much of its effort to connecting small businesses with investors and other financing channels—an essential endeavor, given the World Economic Forum report that, in 2021, “Black woman start-up founders received just 0.34% percent of the total venture capital spent in the U.S.”^[1] IFEL is in the process of purchasing a for-profit group of diverse women angel investors, with Gibbons as its legal counsel.

One of IFEL’s business cohorts is OneKIN, a fintech company that builds software solutions to help small businesses compete in the digital landscape. Gibbons has assisted OneKIN for the past two years through IFEL’s SBNU program. Our pro bono work for OneKIN involved restructuring its ownership and cleaning up its capitalization table, as well as negotiating the buyout of certain founders. Since we began our engagement with OneKIN, the company has been accepted into MasterCard’s Start Path Program, designed to accelerate companies and set them up for future Mastercard acquisition. Gibbons continues to provide pro bono legal services to OneKIN by (i) reviewing/drafting a MasterCard accelerator agreement; (ii) drafting an Intellectual Property Assignment Agreement between founders of the company; and (iii) reviewing a Statement of Work and Master Services Agreement for product sales overseas. OneKIN now has plans to expand its business with the launch of an AI-powered livestream shopping app and has positioned itself to become a billable client of the firm.

During the COVID pandemic, Gibbons also partnered with the African American Chamber of Commerce of New Jersey (AACCNJ) and its M/WBE members. With many small businesses, M/WBEs in particular, finding it difficult to secure Paycheck Protection Program (PPP) loans during the initial phase of the pandemic, Gibbons connected the AACCNJ with one of our longtime clients—New Jersey Community Capital, a large, regional, community development financial institution—in order for the two organizations to partner for a joint venture called the Equitable Small Business Initiative (ESBI). ESBI is well-supported by large financial institutions, enabling it to facilitate access to critical capital by New Jersey’s Black business enterprises and provide them with hands-on, customized support and pandemic relief loans. After Gibbons structured this joint venture, the AACCNJ not only became a billable client of the firm, but also asked the firm to partner on the AACCNJ Pro Bono Alliance, a joint initiative whereby Gibbons supports AACCNJ member companies, on a pro bono basis, in launching, sustaining, or advancing their businesses.

While certain types of pro bono matters have the potential to become billable matters for law firms, pro bono work can also attract other clients or individuals who look for firms with a demonstrated commitment to pro bono representation. Pro bono work can generate cost savings as well, through its inherent offering of critical training and professional development to attorneys, particularly associates. Attorneys who provide pro bono services gain a valuable, firsthand view of the tangible ways their knowledge and experience are assisting small businesses, which leads to better client service overall. Gibbons regularly holds pro bono clinics for its attorneys, with incentives for reaching a certain numbers of hours per year.

Here at Gibbons, our philosophy is “doing good while doing well.” Without a doubt, establishing and building pro bono relationships has been both rewarding and profitable. Pro bono work should be an economic incentive for all law firms, one that can lead to a win for all parties involved.

1. World Economic Forum, “Black women lack access to VC funding. Here’s what we can do.” March 27, 2023. ↑

With SPAC IPOs virtually gone but SPAC mergers (aka de-SPACs) continuing at a steady pace since the beginning of the year, the questions around getting a deal done boil down to the following:

• How and where can companies get financing now that the PIPE (private investment in public equity) market has dried up?
• How long will it really take to get the deal closed, now that target companies are not easy to come by and every deal seems to need an extension?
• How can the current litigation and regulatory risks be avoided, or at least minimized?

In this article, we’ll focus on the third question, examining how the litigation and regulatory risk for SPACs has shifted since our 2022 year-end report.

SPAC Litigation by the Numbers

Through June 15, 2023, five SPAC-related securities class actions (SCAs) have been filed so far this year. That is not a high number. With 33 total SCAs filed in 2021 and 24 in 2022, we are at a slower pace for securities class actions this year than in the previous two years.

Filed SPAC/de-SPAC Securities Class Actions.

Examining the data between January 1, 2021, and June 15, 2023, it takes, on average, 12.82 months after the merger (aka de-SPAC) for an SCA to be filed. Except for a handful of cases, most lawsuits are filed after the de-SPAC has been completed. Considering that there were 199 de-SPACs in 2021, 102 in 2022, and 35 as of June 15, 2023, the downward progression of the number of SCAs this year tied to the downward progression of de-SPACs is not surprising. But that downward progression is somewhat deceptive.

Number of Suits vs. Number of Closed de-SPACs.

Direct Cases Picking Up Steam in Delaware

What the SCA data does not show is the growing number of direct-action breach of fiduciary duty suits being brought in Delaware. These suits are a progeny of the MultiPlan case in which the Delaware Chancery Court denied the defendants’ motion to dismiss. The parties subsequently settled for $33.75 million in November 2022, and no one in the SPAC world was surprised to see plaintiffs in other cases, including at least three so far in 2023, take a similar route.

Direct cases like MultiPlan and a few news-making examples below are easier to bring because, unlike derivative cases, they do not need to go through an extra step of satisfying demand futility requirements. It is no wonder then that, spurred by several denials of the defendants’ motions to dismiss and an easier procedural hurdle, plaintiffs’ attorneys are trading their SCA strategies for direct fiduciary suits against Delaware SPACs.

Examples of Direct Breach of Fiduciary Duty Suits

Source: Woodruff Sawyer

From the perspective of directors and officers (D&O) insurance coverage, claims from direct suits, while typically indemnifiable, are not covered by “Side A only” D&O coverage. Many SPAC D&O insurance programs are structured as traditional “ABC” programs that would offer coverage for claims coming out of a direct suit. However, some SPAC teams, as a cost-saving alternative at the peak of the SPAC craze in 2021, when D&O insurance prices were astronomical, chose to structure their programs as Side A only. To the extent that a SPAC purchased a Side A–only policy and the lawsuit is determined, like in MultiPlan, to be a direct one, there may be no D&O insurance response for a settlement (outside of a corporate bankruptcy).

Whose Money Is It Anyway?

Another interesting trend continuing this year is the series of termination fee cases. In the first of these, the FAST Acquisition Corp. lawsuit from August 2022, the plaintiff investors objected to the SPAC team keeping the entire termination fee it had negotiated without sharing it with its investors. Other similar suits, with a few examples noted below, followed shortly after.

Examples of Termination Fee Suits.

The interesting element of these suits is that they would likely not have been filed had the SPAC team been able to complete a subsequent acquisition. But because the SPAC team failed to do so and had liquidated instead, the plaintiff investors naturally were not pleased to have been left out of the so-called termination spoils.

Considering the recent spike in liquidations as presented in the graph below, it is likely we will see more of these termination fee cases as more SPACs continue to liquidate—that is, unless the SPAC teams take note of this development and start approaching the apportionment of the termination fee differently.

SPAC Liquidations.

SPAC Wins

Not all SPAC-related cases came out on the side of the plaintiffs. There are several notable and interesting SPAC “wins”—decisions that went in the defendant’s favor. A few examples are:

• Diamond Eagle Acquisition Corp/DraftKings: In January 2023, the United States District Court for the Southern District of New York (SDNY) granted the defendants’ motion to dismiss this SCA. The court held that the plaintiffs’ suit relied entirely on a short seller report with unknown sources, the claims in which were not adequately supported by independent research. As a result, plaintiffs failed to sufficiently allege that (1) any violations or material misstatements were made by the defendants and (2) any defendant acted with scienter as required under the law.

As a side note, about 35% of all SPAC-related securities lawsuits involve allegations from a previously published short-seller report.

• Churchill Capital Acquisition Corporation IV/Lucid Motors: In January 2023, the Northern District of California granted the dismissal of the SCA on the grounds that the plaintiffs failed to plead materiality because they had no reason to know in early 2021 that the SPAC would merge with Lucid, as the parties were not engaged in merger discussions.
• CarLotz: In March 2023, the SDNY dismissed the SCA assertion against CarLotz and certain directors and officers for plaintiffs’ lack of standing related to allegations of pre-merger statements. The court held that the investor plaintiffs failed to allege that they purchased shares traceable to the registration for the merger transaction.

Settlements

Let’s turn from lawsuits to settlements. There have been very few publicly disclosed settlements, so it is difficult to draw conclusions about trends. The ones that made the news are listed in the graph below.

Of particular interest are the amounts of some of those settlements that were covered by D&O insurance policies. Insurance coverage information is rarely publicly available, so it is possible, and even likely, that other settlements noted in the chart were also at least partially backed by D&O insurance payouts.

Litigation Settlements.

It’s worth remembering that outside of the actual settlement amounts, the defendants also had to pay substantial attorney fees. When deciding on the limit of a D&O policy, it’s worth factoring in the potential costs of the attorney fees, which will be due whether the lawsuit ends up being frivolous or ultimately gets dismissed.

Regulatory Enforcement Actions

Regulatory enforcement actions and investigations are, of course, the other piece of the risk puzzle. With the Securities and Exchange Commission (SEC) taking an openly hostile stance towards SPACs, many of us expected to see a barrage of SPAC-related investigations and enforcement actions. That expectation continues to be unrealized. While rumors are that the SEC is quite busy launching SPAC-related investigations, only several have been publicly reported, and we have seen only a handful of enforcements. Here are some examples that made the headlines:

Regulatory Enforcement Settlements and Fines.

Some additional details on the settlements and fines listed above are as follows:

• Gordon: Administrative charges settled against CEO in January 2019 for $100,000. The SEC charged Benjamin Gordon, the former CEO of Cambridge Capital Acquisition Corporation, a SPAC, with failing to conduct appropriate due diligence to ensure that the SPAC’s shareholders voting on the merger were provided with accurate information concerning the target’s business prospects.
• Momentus: Settlement total of $8.04 million in July 2021. The SEC alleged that Momentus and the founder misled Stable Road, the SPAC with which it planned to merge, about its technology and national security issues and that Stable Road had failed to perform its due diligence to identify those issues.
• Nikola: Settlement total of $125 million in December 2021. The enforcement was preceded by a short seller report and an SCA and centered around misleading statements about Nikola’s products, technical advancements, and commercial prospects.
• Perceptive Advisors: Settlement of $1.5 million in September 2022. This case was the SEC’s first enforcement action against an investment adviser. The SEC charged the adviser with violating the Investment Advisers Act in connection with its involvement with SPACs.
• Morgenthau: Forfeiture of $5.1 million, restitution of $5.1 million, and 36 months in prison for the SPAC’s former CFO in April 2023. In January 2023, the SEC brought fraud charges against Cooper J. Morgenthau, the former CFO of African Gold Acquisition Corp., a SPAC. The charges revolved around Morgenthau orchestrating a scheme in which he stole more than $5 million from the company and from investors in two other SPACs that he incorporated.
• Corvex: Settlement of $1 million in April 2023. The SEC charged investment adviser Corvex Management LP with failing to disclose conflicts of interest regarding its personnel’s ownership of sponsors of several SPACs into which Corvex advised its clients to invest. Corvex also agreed to a cease-and-desist order and a censure.

Update on the D&O Insurance Market and Rates

Market Conditions

The above data and trends have real implications on the risk and risk mitigation decisions that SPAC sponsors, their target companies, investors, and deal teams make. Higher risk of litigation or enforcement, for example, yields lower availability of D&O insurance coverage and higher premiums. Overall insurance market trends also dictate the kind of coverage and costs a team should expect.

As we noted at the end of 2022, the impossibly hard SPAC D&O market started to turn. In just a few months since the beginning of the year, we witnessed one of the fastest adjustments in the wider public company D&O market ever recorded.

Many new insurers have joined the ranks and now, with an oversupply of insurance capacity and very few IPOs, insurers are competing for public D&O new and renewal business, driving rates and retentions down for almost all companies. Mature public companies are experiencing significant rate relief, and newly public companies are seeing significant rate decreases due to higher starting premiums.

What This Market Means for SPAC D&O Insurance Rates

The pressure on carriers in the overall public D&O insurance market is good news for SPACs. We are seeing more carriers interested or willing to take a second look at SPAC tails, extensions, and new go-forward programs. Competition is driving premiums down. Self-insured retention benchmarks are also dropping. More carriers are willing to be flexible on the structuring of the coverage.

However, the likelihood of a SPAC-related company getting sued continues to be higher than that of a traditional IPO or a mature public company. Carriers are continuing to keep a very close eye on each new court decision and enforcement action. For example, a recent decision from Delaware led to many carriers being unwilling to renegotiate tail pricing on the SPAC IPO policy or imposing coverage exclusions. Many are still wary of granting long extensions or reducing premium pricing on those extensions.

Our Predictions

As we predicted at the end of 2022, SPACs have enjoyed a period of reasonable D&O insurance pricing so far in 2023, and that will likely continue into 2024. However, SPAC teams and their target companies will need to make some program restructuring decisions (with the help of their insurance brokers) to adjust for the new trends in the direct fiduciary duty cases and other court decisions as they affect D&O carriers’ obligations.

An earlier version of this article appeared in the Woodruff Sawyer SPAC Notebook.

In June 2022, the Canadian Parliament enacted amendments to the Competition Act (the Act) intended to prohibit agreements between unaffiliated employers to fix wages or terms or conditions of employment (Wage-Fixing Agreements) or not to solicit or hire each other’s employees (No-Poaching Agreements).

The amendments come into force on June 23, 2023, as subsection 45(1.1) of the criminal conspiracy provision in section 45 of the Act.

Once this occurs, any new Wage-Fixing Agreements or No-Poaching Agreements will be per se unlawful and expose the parties to those agreements to significant criminal penalties (i.e., prison sentences of up to fourteen years and/or fines with no statutory limit), as well as to potential civil liability, including by way of class actions for damages.

On January 18, 2023, the Canadian Competition Bureau (the Bureau), the law enforcement agency that administers and enforces the Act, released draft guidelines for public consultation describing its intended approach to enforcing the new criminal prohibitions (the Draft Guidelines).

On May 30, 2023, the Bureau published its final wage-fixing and no-poaching enforcement guidelines (the Final Guidelines). As detailed below, while the Final Guidelines are hardly a model of transparency or clarity, they provide the business community with some comfort with respect to the scope and application of the new prohibitions.

Final Enforcement Guidelines

The key takeaways for business lawyers and their clients from the Final Guidelines are these:

• “Wage-Fixing” Is a Misnomer: The wage-fixing prohibition deals with more than just salaries and wages, also making it an offense for unaffiliated employers to enter into agreements to fix, maintain, decrease, or control “terms and conditions of employment.”
• “One Way” No-Poaching Agreements Not Prohibited: The no-poaching prohibition applies only to agreements between unaffiliated employers that are reciprocal or mutual in nature.
• Reasonable Clauses in Certain Categories of Business Agreements or Arrangements Should (Generally) Not Raise Concerns: The Final Guidelines confirm that the Bureau will “generally not” pursue a criminal investigation with respect to wage-fixing and no-poaching clauses that are ancillary to merger transactions, joint ventures, strategic alliances, franchise agreements, or staffing or IT service contracts, unless the wage-fixing or no-poaching clause in question is “clearly broader than necessary in terms of duration or affected employees, or where the business agreement or arrangement is a sham.” While the Final Guidelines offer some comfort, it is clear from certain statements in the Final Guidelines that the Bureau is prepared to second-guess the parties’ business judgement regarding the reasonable necessity of a given restraint and to take enforcement action to the extent that the Bureau concludes that an impugned restraint is “clearly” broader than reasonably necessary.
• Ancillary Restraints Defence May be Available: Outside of the categories of business agreements and arrangements enumerated above, the so-called “ancillary restraints defence” will be available in any case where the parties to the impugned Wage-Fixing Agreement or No-Poaching Agreement (the Restraint) can show that:
  1. the Restraint is ancillary to, or flows from, a broader or separate agreement that includes the same parties;
  2. the Restraint is directly related to and reasonably necessary for achieving the objective of the broader or separate agreement referred to in (a) above; and
  3. the broader or separate agreement referred to in (a) above, when considered without the Restraint, does not violate subsection 45(1.1).

• New and Ongoing Agreements Captured: The new prohibitions will only apply to new agreements entered into on or after June 23, 2023, except where the parties to agreements entered into before that date engage in conduct that reaffirms or implements those older agreements. Usefully, the Final Guidelines clarify that “at least two parties must reaffirm or implement the restraint for the Bureau to establish the […] consensus or ‘meeting of the minds’” required to ground liability.

  Accordingly, existing agreements need not be formally terminated in order to avoid criminal liability under the Act, but employers should be careful to avoid any conduct that could be seen as reaffirming or giving effect to agreements that precede June 23, 2023. The Final Guidelines also suggest that “employers may wish to update pre-existing company records and agreements, as they arise in the ordinary course, to ensure they accurately reflect its policies and intentions, and avoid unnecessary confusion.”

  Employers should also be mindful that they can be found liable even if their “agreement” was informal, verbal only, or entirely unspoken (e.g., a “wink” or a “nod”). Moreover, the existence of an “agreement” can be established based on circumstantial evidence, with or without direct evidence of communication between or among the alleged parties to it.

  We recommend that clients review all existing agreements with wage-fixing and no-poaching provisions with counsel in order to ensure that existing practices comply with the new prohibitions.

• Employers Need Not Be Competitors: The new prohibitions apply to Wage-Fixing Agreements and No-Poaching Agreements between unaffiliated employers but do not apply to such agreements between affiliated employers.^[1] By way of example, the Bureau states that agreements between two or more corporate entities that are controlled by the same parent company do not violate the new prohibitions.

  The new prohibitions apply regardless of whether unaffiliated employers are competitors in the supply of a product (although the Bureau notes that it will prioritize its enforcement on Wage-Fixing Agreements and No-Poaching Agreements between employers that would otherwise compete in the purchase of labor).

• “Employer” Broadly Defined: The definition of “employer” is broad and includes directors and officers, as well as agents or employees, such as human resources professionals. As a result, corporations may be vulnerable to liability if an offending agreement is entered into between an officer of one corporation and a director of the other, for example.
• “Employee” Relationship to Be Evaluated on Case-by-Case Basis: Whether an individual is characterized as an “employee” for the purposes of the new prohibitions will be evaluated on a case-by-case basis and will depend on the laws and circumstances under which the relationship with that “employee” or “independent contractor” was entered into. Accordingly, the common law tests on whether a person is properly characterized as an employee or independent contractor may be relevant in considering whether the new prohibitions apply. The Final Guidelines include a reminder to employers that “depending on applicable legislation, their relationship with independent contractors could evolve over time. For example, if an employer treats an independent contractor as an employee, the business contract between them could transform into an employment relationship.”
• Conscious Parallelism Not Prohibited: “Conscious parallelism” on its own will not be a violation of subsection 45(1.1). According to the Bureau, “conscious parallelism” occurs “when a business acts independently with awareness of the likely response of its competitors or in response to the conduct of its competitors.” However, the Bureau also cautions that parallel conduct coupled with facilitating practices (for example, sharing commercially sensitive employment information, such as employment terms) may be sufficient to prove that an illegal agreement was concluded.

Implications of the New No-Poaching and Wage-Fixing Prohibitions for Business Lawyers and Their Clients

1) No-Poaching Agreements

In section 2.2 of the Final Guidelines, the Bureau confirms that the no-poaching prohibition is limited to instances where unaffiliated employers agree not to poach “each other’s” employees. Therefore, as noted above, agreements must be reciprocal or mutual in nature in order to violate the no-poaching prohibition. “One-sided” or “one-way” agreements, where only one party agrees not to poach another’s employees, will not be an offense.

Importantly, this means that customary one-sided no-poaching/non-solicitation clauses in confidentiality and non-disclosure agreements commonly used in the diligence phase of merger transactions, joint ventures, and strategic alliances will not be subject to enforcement action by the Bureau. It bears noting, however, that the Bureau’s interpretation of the Act is not binding on the courts, and private plaintiffs (including class action plaintiffs’ lawyers) may still seek to bring damages claims with respect to one-way agreements. In this regard, the Final Guidelines note that “[t]he courts are responsible for the final interpretation of the law.”

Further, the Bureau cautions that “separate agreements between two or more employers that result in reciprocating promises not to poach each other’s employees” may trigger liability.

2) Wage-Fixing Agreements

The new prohibitions also criminalize so-called “wage-fixing.” As noted above, the prohibition makes it an offense for unaffiliated employers to enter into agreements to fix, maintain, decrease, or control not only wages and salaries but also “terms and conditions of employment.”

In its Draft Guidelines, the Bureau specified that “‘terms and conditions’ include the responsibilities, benefits and policies associated with a job. This may include job descriptions, allowances such as per diem and mileage reimbursements, non-monetary compensation, working hours, location and non-compete clauses, or other directives that may restrict an individual’s job opportunities” but then unhelpfully undercut this guidance by adding that “[t]he Bureau’s enforcement generally is limited to those ‘terms and conditions’ that could affect a person’s decision to enter into or remain in an employment contract” (emphasis added). Despite extensive criticism of the overbreadth and unhelpfulness of this guidance, no clarification was provided in the Final Guidelines.

Wages, salaries, and other terms and conditions of employment should therefore be treated as competitively sensitive information (CSI) in M&A diligence processes and in developing and implementing appropriate safeguards against the disclosure of CSI in the context of joint ventures, strategic alliances, and other commercial collaborations. Guidance should be sought in advance of providing due diligence information in order to ensure that CSI is not disclosed and that only “clean teams” gain access to CSI.

In the preface to the Final Guidelines, the Bureau states that it “may revisit these Guidelines in the future in light of experience, changing circumstances and legal developments.” As time passes and experience with the new prohibitions grows, one may hope that the Bureau will indeed revisit its enforcement approach vis-à-vis merger transactions, joint ventures, strategic alliances, franchise agreements, and staffing and IT service contracts and, consistent with the economic and procompetitive benefits generated by such business agreements and arrangements, will limit the application of the no-poaching and wage-fixing prohibitions exclusively to circumstances where the broader (or separate) agreement between the parties is a sham.

1. Under subsection 2(2) of the Act, affiliation is defined with reference to control. When two employers are controlled by the same parent company or individual, they are said to be affiliated. ↑