Diversity, equity, and inclusion (DE&I) is ever evolving, and the right answer on many DE&I issues is not always immediately evident. People have questions that they may or may not be afraid to ask. “Dear Alex,” a new column created by the ABA Business Law Section’s Diversity, Equity, and Inclusion Committee, is the reader’s chance to ask all about DE&I anonymously. Think of it like the old “Dear Abby” columns, but for DE&I. In each column, the Dear Alex team will answer a question related to DE&I. These questions can be interpersonal, like how to respectfully address a colleague who is transitioning from one gender to another, or even professional, like how to convince senior partners at your firm that investing in DE&I can be a competitive advantage. If you’ve ever had a DE&I question that you have been afraid or otherwise unable to ask, now is your chance to ask “Alex.” Questions can be submitted at the form linked here.

***

Dear Alex,

Another associate at my firm told me that he’s transitioning. He’s the first trans person I’ve met, and I do not want to accidentally offend him. How do I approach this?

Sincerely,

Cis and Confused

Dear Cis and Confused,

Your coworker confiding in you is indicative of the trust between you two.

To respectfully approach this, we recommend a follow-up with your coworker over coffee, lunch, or whatever makes sense for your working relationship. Thank them for being open and trusting you. They might’ve chosen new ways to identify themselves, so ask what pronouns and name they prefer you use when referring to them privately and publicly. Ask how private this matter is. You may be the first person at the firm they’ve told, and you never want to out someone without their explicit prior consent; their transition is not your story to tell. Finally, ask what else you can do to support them. Moving forward, honor their wishes and continue business as usual. Be mindful that as your coworker continues their journey, they may change their name, pronouns, or gender presentation one or more times. They’re exploring their identity. It is your job to affirm them at every step.

Transitioning can involve different things for different people, and, importantly, there is no “correct” way. One aspect is internal transition, which is the understanding your coworker did to realize their identity. Another is social transition, or the “coming out” aspect of your coworker changing how they present themselves to others, which may involve changing their name and pronouns. Transitioning can also involve legal processes, such as updating documents with a chosen name, and gender-affirming medical care. But, as we noted, there is no one way to transition. Your coworker may never change their name or pronouns but may change the way they dress. They may choose some types of medical care but not others. All means of transitioning or not are valid, and choosing one type of transition but not another doesn’t make them any less trans.

Importantly, it is up to your coworker to share with you, if they want, any details about their transition. They do not have to tell you, and you should respect their privacy and boundaries.

We want to circle back to pronouns. We noted that your coworker’s pronouns may change as they explore their identity. We’ve been referring to your coworker using “they,” and you used “he” in your question. We aren’t certain if “he” is your coworker’s old pronoun or new since they just came out to you. When unsure, we at Dear Alex opt for gender-neutral pronouns. The follow-up conversation we recommend will allow for the dialogue between you and your coworker and a chance to learn what pronouns to use with your coworker moving forward.

We think a discussion of pronouns may help. As an initial point, people whose gender matches the one they were assigned at birth are referred to as “cisgender,” and like everyone, they have particular sets of pronouns they are or are not comfortable using. For example, if you’re a cisgender man (i.e., you grew up being called a boy, felt affirmed by and comfortable with that, and still identify as a man today), you likely use the pronouns he/him/his. Trans people may switch from one set of gendered pronouns to another (e.g., he/him/his to she/her/hers). On the other hand, they might opt for gender-neutral pronouns like they/them/theirs^[1] or xe/xem/xyr.

For both trans and cis people, using the correct pronouns is the only respectful thing to do; for your trans colleague, it’s far from the only way to show you support them, but it’s a starting point. But what if you accidentally use the wrong pronouns or “misgender” them? It can happen, and the important thing is to give a quick apology using your coworker’s correct name and/or pronouns and then, throughout the rest of the conversation, use their correct name and/or pronouns. Don’t ask for forgiveness or get emotional—then you’re making it about you and not them. By correcting yourself and striving to correctly identify them, it will show them the effort you’re making. If your coworker pulls you aside and explains a mistake you made, thank them for telling you, apologize briefly, say you’ll do better, and then do better. Remember when a trans person tells you that you made a mistake, they’re saying, “I value our relationship despite mistakes you might’ve made. My correcting you is a way to preserve it.”

We gave you lots of information. Thankfully, it boils down to this: when your trans coworker tells you how to respect them, do what they ask. We’re excited for you both and hope this information will help you do right by your coworker.

Sincerely,

Alex

Dear Alex,

My company just hosted a great information session on neurodiversity. I learned a lot, and I now suspect one of my colleagues might have a neurodivergent condition. How do I ask them about it?

Sincerely,

I just want everyone to feel supported

Dear Supporter,

The answer to your question is very simple: you don’t. Neurodivergent conditions like autism and Tourette’s syndrome are, at the end of the day, medical diagnoses. There is no respectful way to ask a colleague if they have a medical condition, and that is none of your business, no matter your intention. The best way you can support your colleague is to continue being kind and respectful. If your colleague does have a neurodivergent condition, they might decide to tell you at some point. It is their choice.

If you are a manager and suspect one of your direct reports may be neurodivergent, it is still their choice whether to tell you. In the meantime, be a good manager—someone your team can trust and come to when they have an issue. Make it clear to your reports that you are on their side and that they can come to you about anything, substantive or otherwise. Create that environment for them. Then, if a neurodivergent direct report or colleague feels like you need to know about their condition, they’ll tell you and let you know how you can specifically support them.

We understand this may not be the answer you were hoping for, but it’s the correct one. Some of us here at Dear Alex are neurodivergent and have had our boundaries crossed, and we hope this helps you to avoid such a scenario.

Sincerely,

Alex

Dear Alex contributors from the BLS Diversity, Equity, and Inclusion Committee rotate and include David Burick and Michael Sabella, among others.

1. We aren’t going to get into a grammatical discussion of the singular “they,” as it has been in use in written English for over 600 years (see, e.g., the works of William Shakespeare and Geoffrey Chaucer). ↑

Corporate counsel and other business attorneys may be most familiar with insurance companies in the context of a specific coverage issue or filing a claim. The CFO, risk manager, and others of similar training are often the ones assigned to explore the nuances of the financial aspects of renewing insurance coverage and negotiating with various brokers and prospective insurance carriers. Therefore, a business attorney asked to assist in the formation of a new entity in the corporate family—a licensed insurance company no less—may feel at a bit of a loss as to how to proceed. This article provides an introduction to the formation of a captive insurance company for business attorneys.

Captive Insurance Companies: The Basics

A captive insurance company is, at its center, an insurance company. It assumes risks from a policyholder and becomes responsible for paying out claims and other costs in accordance with the contract of insurance. In exchange, it receives a premium payment. What makes a captive insurance company unique is that its policyholder is usually also its owner. This makes a captive a formalized form of self-insurance. However, unlike regular self-insurance, where funds are stored on the company’s balance sheet, a captive holds its accounts separately from the parent.

The motivation to form a captive can include a necessity to streamline the company’s balance sheet so that held reserves don’t look like the management is just sitting on cash. A captive insurance company can potentially write independently verifiable contracts of insurance, which may be statutorily or contractually required. In certain cases, a captive can write a contract of insurance to a related third party. This can ultimately generate third-party income for the captive insurance company itself.

A captive insurance company is established by forming a company in one of the over thirty US states or territories, or one of many foreign countries such as Bermuda or the Cayman Islands, that authorize the formation of captive insurance companies. The new entity is then licensed by that domicile’s insurance regulator as an insurance company once all local requirements have been met.

Early in the formation process, the prospective captive owner will obtain a feasibility study that will explore the risks to be insured and make recommendations on the appropriateness of a captive, possible lines of insurance coverage and their relation to existing traditional commercial insurance coverage, and estimates on premiums and overhead expenses. This study is typically led either by a full-service insurance broker or an independent captive manager, with input from other experts such as risk management professionals, accountants, actuaries, and attorneys.

Typically, prospective captive owners will have specific risk exposures in mind before considering forming a captive. Volatile high-severity but low-frequency risks such as extreme weather events, cyber-attacks, or key product liability risks are but several types of risk that may be good candidates to partially or fully cover in a captive insurance program. It can be very difficult to obtain insurance coverage for these risks in the traditional commercial marketplace.

Risks for Starting a Captive

A company seeking to self-insure through a captive must consider all scenarios. An ill-timed adverse event may place both the captive and its parent company in dire circumstances. A new captive will not start out with ample capital on hand to deal with one or more serious casualties; in fact, it may take many years for a captive to build up such capital.

Taxation Issues

Any insurance company, from the perspective of the Internal Revenue Service (IRS), basically collects premiums on one day and holds them for an indeterminate time until they are paid as a claim; used toward overhead; or, in most circumstances, held as taxable income.

The IRS has for more than a decade highlighted potential risks of unlawful tax evasion through the use of captives. A poorly designed captive and one not carefully monitored can bring down significant tax penalties for both itself and its parent.

Certain captive insurance companies, electing a provision under I.R.C. § 831(b) as long as their premiums don’t exceed $2.65 million in 2023, will not pay any tax on any underwriting income but also will not gain any deduction if there is an underwriting loss. The problem with this “micro-captive insurance company” arrangement, from the IRS’s perspective, is that if the insurer-owned insurance company could all but guarantee that no claims would be filed, the taxpayer could defer its tax obligations indefinitely. Aggressive captive insurance promoters can entice business owners with the prospect of substantial indefinite tax deferral utilizing an 831(b) election. Businesses can then fall into the difficult circumstances outlined in Avrahami v. Commissioner, 149 T.C. 144 (2017), where the U.S. Tax Court found that the taxpayer’s wholly owned captive was not bona fide insurance, disallowing deductions for premiums paid into the captive and imposing substantial penalties.

Properly designed captives avoid forcing captive owners to take aggressive tax positions. However, the IRS has been less than clear in providing guidelines to aid business owners who legitimately desire to efficiently use a captive for risk management and risk financing purposes. It is essential for corporate attorneys to temper the enthusiasm of business owners for taking overly aggressive tax positions that may end up doing long-term harm. Corporate attorneys should further encourage business owners to make reasoned decisions about a captive insurance program after receiving quality, independent tax, legal, and accounting advice.

Solutions for Problematic Situations

A captive insurance company can provide a unique solution to what would otherwise be an intractable problem. For example, a corporate acquisition may be at an impasse over the status of a preexisting lawsuit against the target company. A captive insurance company may be able to write a specialty line of insurance, ride out the issue at hand, and help facilitate the transaction.

Public companies also can look to a captive to help facilitate a self-insurance strategy. Businesses that value steady and predictable earnings and expenses sometimes shy away from self-insurance solutions where large, expected losses incurred at inconvenient times can wreck an otherwise attractive balance sheet. By transferring those risks to a captive insurance company, the business can appropriately and steadily account for the costs associated with that risk.

Captive insurance can be an effective risk management and risk financing tool. Companies can use a captive to reap the benefit of better-than-peer risk mitigation efforts. Captives can help smooth out the peaks and valleys of a company’s balance sheet. As captive insurance becomes more regularly utilized by businesses large and small, corporate attorneys are increasingly likely to be called upon to opine on the merits of a captive insurance program. Helping a company form a captive for the right reasons and utilizing best business practices can provide a real long-term benefit.

This article is based on a CLE program that took place during the ABA Business Law Section’s 2022 Hybrid Annual Meeting. To learn more about this topic, view the program as on-demand CLE, free for members.

In 2015, Forbes published a report that ranked Grand Rapids, Michigan, fifty-first out of fifty-two markets in the United States where African Americans were doing the best economically. In other words, Grand Rapids^[1] was the second worst market in the country for African Americans to experience economic prosperity.^[2] Eric K. Foster has cited this report as one of the key catalysts for the formation of Rende Progress Capital (RPC), a Community Development Financial Institution (CDFI) committed to racial equity in lending and economic prosperity.

After connecting through the W.K. Kellogg Foundation Fellows program, Foster and co-founder Cuong Q. Huynh launched RPC in 2018 to support “Excluded Entrepreneurs of Color”^[3] with small business loans and business technical support. During the four-plus years following its formation, a period overlapping with the worst of the public health and economic havoc of the COVID-19 pandemic, RPC made more than forty loans in both its Standard/Growth Loan Product and the RACE4Progress COVID Loan to companies owned by Excluded Entrepreneurs of Color. Most of those companies remain in business and are actually growing despite the challenges of the last several years. Underscoring the funding gap that RPC seeks to close, 70% of the enterprises in its loan portfolio are owned by entrepreneurs who had never secured a business loan from any source of debt financing prior to working with RPC.

Miller Johnson is a Michigan-based law firm, with more than 125 attorneys working from offices in Grand Rapids, Kalamazoo, and Detroit. In late 2020 and early 2021, RPC and Miller Johnson developed a pro bono legal services offering for RPC borrowers. The guiding principle of this offering has been for RPC borrowers to receive pro bono legal services, and for Miller Johnson attorneys to provide those services, in substantially the same way that non–pro bono clients interact with their counsel. For example, RPC and Miller Johnson intentionally omitted any kind of hard billable hours cap on client services, and the core team of attorneys working on these matters represented all of the essential competencies of a full-service, mid-size law firm (e.g., corporate, employment, real estate, intellectual property, tax, and so on). Importantly, the team of attorneys working with RPC’s borrowers was also diverse in race and other characteristics. Miller Johnson also modified its timekeeping and accounting systems so timekeepers (including all paralegals, associates, and partners) would receive billable credit (both hours and “phantom” revenue) based on their time commitment and value added to this program.

In the following Q&A, Eric K. Foster (EKF) shares with Erik R. Daly (ERD) of Miller Johnson some of his insights in forming RPC, the choice of a CDFI structure, and making the most of community partnerships, with an emphasis on pro bono legal services offerings.^[4]

* * * * * *

ERD: Did you consider structures for funding Excluded Entrepreneurs besides a CDFI? Why did you ultimately decide to form a CDFI instead of another option?

EKF: In forming RPC, we knew our structure needed to match the market we sought to serve. A CDFI loan fund made more sense for our target communities of “Excluded Entrepreneurs of Color” than, say, a venture capital approach, which would have taken ownership away from our entrepreneur customers. We could have pursued a fintech model, but the costs of the technology platform would have been prohibitive at the time. We also would not have had the same level of engagement or trust with the communities of color with which we wanted to work.

A bank would have been too expensive due to regulatory costs and would have been misaligned with our objectives. The CDFI structure allowed for more consideration of subjective criteria in the funding process. It also helps potential customers to understand barriers and access technical assistance better. That said, a CDFI may sound like a simple “capital in, capital out model,” but it is more challenging than it may initially appear. What makes it challenging is also what makes it rewarding, though.

ERD: How did you define the “Excluded Entrepreneur of Color” concept? Were any of the decisions impacted by using a CDFI structure?

EKF: From day one, everything about setting up our racial equity loan fund was focused on “disinvested communities”—particularly at the time of founding in West Michigan. The target market was never in question. The specific terminology developed alongside the structuring in our pre-launch phase.

In market research, the word “excluded” came up very frequently as a barrier to small business financing in our region. Many target customers expressed an experience of “exclusion” from their local economy, funding opportunities, and the marketplace in general. One person stated they felt “isolated from capitalism.” So, our community’s needs pointed us toward a CDFI, not the other way around.

ERD: Can you discuss your approach to partnering with various community organizations to launch and sustain RPC (e.g., funders, directors, advisors)?

EKF: Three philosophical principles drive our approach to partnerships.

First, a partner must demonstrate an understanding of and practiced ability to embrace racial equity (as opposed to “mere” diversity and inclusion). That means all partners (capital or non-capital) must demonstrate an embrace of racial equity. By “racial equity,” we mean “arriving at a condition where one’s racial identity—in a statistical sense—no longer determines how one fares in life.” We partner with those who practice or demonstrably take efforts to understand racial equity, as so defined. We have declined partnerships with organizations that reject this definition of racial equity or that have undertaken no efforts to better understand racial inequity in our communities.

Second, there must be a non-superficial reason for the partnership. We are not interested in working with people who only want to do so for marketing or goodwill reasons. There needs to be a motivating reason beyond public relations. Capital partners need to help grow and sustain returns for investors through operational support or otherwise. Non-capital partners need to be able to provide social capital or in-kind services that would otherwise be a large expense and/or inaccessible for the communities we serve.

Third, we use a partnership agreement to create alignment and understanding across specified key areas of partnership. The partnership agreement helps make sure everybody is aligned in RPC’s racial equity definition and ensures clarity and transparency in a number of critical areas, such as the diversity of our partner’s project/engagement team, racial equity training, nondiscriminatory practices, and related issues. The partnership agreement also helps RPC and its partner define mutual goals and periodically assess how well the arrangement is proceeding.

ERD: What types of attributes do you look for in partners, advisors, and board members?

EKF: First, it is important to reemphasize that racial equity and diversity, equity, and inclusion (DE&I) are distinct tactical goals. So, we may partner with those on the DE&I journey even if they have not yet achieved or fully embraced our definition of racial equity. At a minimum, though, our partners must understand the concept of racial equity, since this will allow them to begin to appreciate where our customers are situated in the broader economic and social environment. Second, they need to have a certain level of understanding and empathy as a basis for engagement with our customers. The ability to listen to clients without making assumptions is critical.

For advisors and board members, we seek out exemplars in the practice of racial equity and/or evidence of willingness to learn about and implement racial equity practices. Of course, we also require proficient knowledge and expertise, together with real world applications in the areas of business, finance, economics, and/or investments. There is absolutely no “tokenism.” There are plenty of extremely competent professionals who qualify as potential advisors and board members. For our loan committee, we require a majority of the members to be people who are representative of our target markets.

ERD: Relatedly, can you discuss your process for achieving alignment with partner organizations through written agreements? As a legal partner, we found the partnership agreement process very helpful in ensuring mission and values alignment.

EKF: Our partnership agreement helps ensure alignment between organizations based on the process of responding to the questions and prompts and, as importantly, discussing those responses. Unfortunately, we have declined to partner with some organizations that did not have any genuine reflective experience or understanding to achieve basic concepts of DE&I, let alone an understanding or embrace of racial equity ideas. Some responses demonstrated a lack of cultural competencies. We have even turned away potential capital partners, and some capital partners have decided against partnering, because of our unequivocal stance on Excluded Entrepreneurs of Color and definition of racial equity. Some were not ready to agree with the notion that certain communities had been denied capital based on racial criteria.

ERD: Do you expect or require your borrowers to clear certain legal hurdles before qualifying for a loan?

EKF: Yes, we require all borrowers to have properly formed their business entities with appropriate governing documents and federal tax ID numbers (EINs). Our Race for Progress loans are also flexible enough for us to consider other factors for those individuals with non-legal status, such as certain immigrants. We also require proof of appropriate and sufficient insurance. While insurance is not necessarily required at the early stage of a business, there needs to be a very good explanation or compelling reason why no insurance needs to be in place at that time. Much of the remaining information required is financial.

ERD: Did your borrowers ask RPC for advice on legal issues or referrals for legal counsel before RPC and Miller Johnson partnered on the pro bono legal service program? Do you know if they were receiving legal advice at all?

EKF: Prior to our partnership with Miller Johnson, RPC did not get many specific requests for referrals for the broader suite of services that a law firm is able to offer. Sometimes, there would be a reactive issue that a borrower brought up, such as contract or collections disputes with customers. For example, timeliness of payment on invoices may be different and also other lessons learned on contract terms. However, borrowers often expressed legal issues as “frustrations,” rather than legitimate grievances that somebody could help them respond to or for which they could obtain a remedy.

During the first two years of the pandemic, we also received a number of inquiries and questions about COVID-related issues, such as small business grants, loans (PPP and EIDL), and state/local regulations.

ERD: What factors were/are important to RPC in establishing and sustaining a legal services partner for your borrowers/customers?

EKF: A key benefit of partnership has been providing a constructive forum for our borrowers to discuss their businesses with professionals who maintain confidence, identify risks and opportunities, and take action zealously to advance their interests. Putting issues out on the table as legal issues—as opposed to simply frustrations—opened up conversations and opportunities for confidentiality, attorney-client privilege, and other topics. Most borrowers were expressing frustration, but not really accessing legal advice outside of the minimum hurdles we require to obtain a loan. It’s very likely that some borrowers would have just tried to persist through a legal issue rather than pursue a legal ally and advocate.

Also, working with pro bono clients in the same fashion as billable clients was a very important factor. For example, working with a borrower/client on cross-disciplinary issues and identifying, not just legal challenges, but opportunities proactively, has been a big benefit to our borrowers. Some “pre-packaged” or standardized legal services can be helpful very early on, but customizing the client relationship and thinking about the client as a longer-term relationship was an important distinction.

ERD: What issues did you observe in your borrowers accessing COVID-related loans, grants, and other financial assistance in the 2020–2022 timeframe?

EKF: Many borrowers (or potential borrowers) came to RPC for our COVID relief loan product, which we call the “Race for Progress COVID Relief Loan.” Our community partners encouraged us to provide this loan product, especially for those businesses that were unable to take full advantage of PPP loans and/or employee retention tax credits. RPC was also able to provide a longer-term financial foundation and partnership as opposed to a one-off grant or tax credit.

Tragically, we also saw authentic business harm and intimate stories of very difficult choices between personal and family health issues and supporting businesses financially. Specifically, we saw businesses having to choose between investing in their commercial survival versus providing financial support to family members (or survivors of those lost to COVID).

ERD: Has the COVID experience significantly impacted your approach to lending and/or technical support?

EKF: We provided some new loan products, as mentioned previously, but also now provide different technical support. To that end, during the COVID experience, we observed more tangibly the latent risks that businesses face. We are still seeing the impacts of COVID on general economic conditions, as our borrowers continue to dig out and recover. We try to be patient and creative in offering workout plans with those borrowers hit hardest.

ERD: You hold a stakeholder conference at least once a year. Can you describe the goals of the stakeholder summit?

EKF: The main goals are providing transparency in our progress toward stated goals and accountability toward mutually agreed upon desired outcomes. The summits are also opportunities to solicit dialogue among RPC and our stakeholders to explore new ideas and opportunities. We try to create a shared space for the community of partners to collaborate and share best practices.

ERD: Do you have any advice to share with other CDFIs or law firms thinking of forming partnerships to provide pro bono support to CDFI borrowers?

EKF: For CDFIs, I would say, “Do it!” Referring borrowers to law firm partners helps manage the latent risk factors I mentioned earlier. These partnerships also enhance borrowers’ social capital and open up opportunities for firms to provide technical assistance about legal service providers. Even though the pro bono relationship may not last indefinitely, participation can help our borrowers become savvier about using lawyers in the future.

At a recent CDFI conference, during a seminar on “best practices” for risk management, we shared our experience working with your pro bono program. Our peers’ eyes opened wide. We realized and shared with our colleagues that it is beneficial to both the borrower and to the CDFI itself to form these partnerships. It’s not just a “nice thing” for your borrowers to be able to access but can enhance the CDFI’s revenue and manage risk in the long term. It’s also a great way for law firms, such as Miller Johnson, to make sure they are consciously thinking about “blind spots” in their communities and working toward racial justice and racial equity.

This article is related to a CLE program that took place during the ABA Business Law Section’s 2023 Hybrid Spring Meeting. All CLE programs were recorded live and will be available to view free for Business Law Section members.

1. Grand Rapids, Michigan, is located in Western Michigan. Detroit is approximately 160 miles east of Grand Rapids, and Chicago is roughly 180 miles southwest. Other Michigan locations within a roughly one-hour drive from Grand Rapids include Lansing, Kalamazoo, Muskegon, Grand Haven, and Holland (among others). ↑

2. Other “Rust Belt” cities toward the bottom of this 2015 list included Milwaukee, WI; Cincinnati, OH; Pittsburgh, PA; and Cleveland, OH. Worth noting, though, is that a number of prosperous West Coast hubs (at least, prosperous for some people) were also included in the bottom half of the list, including San Francisco-Oakland, CA; Los Angeles, CA; and Seattle, WA. ↑

3. RPC defines “Excluded Entrepreneurs” to encompass “African-American, Asian, Latino, Native American, and Immigrant business owners facing racial bias and exclusion in some traditional lending.” ↑

4. Following is the Mission Statement created jointly by the core team of Miller Johnson attorneys that worked with Rende Progress Capital to launch this pro bono legal services partnership: “Our mission is to provide high caliber, no cost pro bono legal services and value to Michigan’s African-American, Asian, Hispanic/Latino, Native American and Immigrant business owners of color through professional services with a personal touch, while seeking opportunities to engage and network with Excluded Entrepreneurs for mutual growth, ally ship and opportunity.” ↑

The responsibility to create diverse and inclusive environments is part of a business’s success.^[1] Not only is it a moral obligation, but also it brings a range of benefits. This responsibility can also be seen as part of a business’s adherence to the rule of law, particularly when connected to its legal obligations to avoid discrimination. Further, the rule of law is enhanced by including many perspectives in the legal system. For an enterprise to reflect its customers and employees, it must include people with disabilities.

People with disabilities represent 27.2 percent of people living in the United States according to a November 2018 report of the US Census Bureau, and yet employers have much to do to improve their inclusion in organizations, the economy, and our societies.^[2]

The legal profession is no exception to this: it needs to do a better job of employing and including all professionals with disabilities. In fact, as Michelle DeVos of Holland & Knight wrote in an October 2020 piece about the need to break down more barriers for attorneys with disabilities, “The legal profession is one of the least diverse professions in the nation.”

The National Association for Law Placement (NALP) published research in December 2022 indicating that law firms consisted only of 1.2% of lawyers with disabilities in 2021. The NALP piece also notes that law school graduates with disabilities were more likely to hold some other marginalized identities.^[3] As it’s Pride Month, it’s worth noting that graduates with disabilities from the Class of 2021 were more than twice as likely to identify as LGBTQ compared to the class overall; people with disabilities can experience the workplace and discrimination in it differently depending on other aspects of their identities. In its 2019 Report on Diversity in U.S. Law Firms, NALP also reported: “Just under half of one percent of partners (0.46%) self-reported as having a disability in 2019, down slightly from 0.52% in 2018.”^[4]

Employing people with disabilities is a rule of law issue. The World Justice Project’s Rule of Law Index, which evaluates the rule of law in countries around the world on an annual basis, includes absence of employment discrimination within its measurements. As part of evaluating whether the rule of law in a country is strong enough to deliver fundamental human rights, sub-factor 4.1, “Equal treatment and absence of discrimination,” measures “whether individuals are free from discrimination… with respect to public services, employment, court proceedings, and the justice system.”

Hiring people with disabilities is not only the right thing to do from a moral and rule of law standpoint, but it can also provide a range of benefits to the enterprise. First, hiring people with disabilities can improve an employer’s reputation and public image. In today’s society, consumers are increasingly looking for providers that are committed to diversity and inclusion, and hiring people with disabilities can help the employer stand out positively.

Second, hiring people with disabilities can bring a unique perspective and set of skills to the organization. People with disabilities often have to overcome challenges and develop creative solutions. They may also have expertise in areas related to disability law, such as special education or accessibility laws. Accordingly, they are excellent members of a legal team that is focused on offering creative solutions and can have a piece of deep knowledge about problems the project can face.

Third, hiring people with disabilities can help an employer comply with various laws. For example, the Americans with Disabilities Act (ADA) requires employers to provide reasonable accommodations to employees with disabilities, and the failure to do so can result in legal consequences. By hiring and appropriately providing accommodations to people with disabilities, an employer can proactively meet one aspect of its obligations under the ADA and avoid potential legal issues. The ADA served as inspiration for the later framework developed by Mexico and other countries in enacting the United Nations’ Convention on Rights of Persons with Disabilities (CRPD).

The work to be inclusive and equitable doesn’t stop at hiring. One international investment bank includes employees and allies of people with disabilities by creating an employee resource group. (Notably, one of the group’s founders, Meg Cimino, is an American lawyer who has spoken to the American Bar Association Business Law Section.)

Further, the UK government recently funded a report through its organization DRILL (Disability Research on Independent Living & Learning) to learn more about career experiences of disabled people in the legal profession. It shows that lawyers with disabilities face bias and makes detailed recommendations to employers and the profession at large to address issues in hiring and in the workplace. Even though the recommendations were made in the UK context, they would also help employers in other jurisdictions. In one example, the recommendations supported efforts by professional associations to support lawyers with disabilities through organizations like the ABA Commission on Disability Rights in the United States. (In one illustration of the support businesses can have for disability inclusion when working with professional organizations, the ABA partnered with a major international business to support law students with disabilities through a summer internship program.)

Employers internationally should ensure disability is part of their DEI efforts. Consideration of ability status belongs alongside thoughtful attention to race, gender, sexual orientation, and religion in both social and corporate legal environments. As part of that, not only organizations’ work environments but also their digital offerings, websites, and mobile apps should be accessible to and usable for people of all abilities. As the AccessAbility Works podcast says, in addition to “the value of true inclusion,” “maximizing the full use and functionality of digital platforms and technologies makes good business sense.”

To hire effectively and support people with disabilities (whether employees or customers), employers should take a few fundamental steps. First, they should make sure their physical space is accessible, with features such as ramps and accessible bathrooms. They should also provide any necessary accommodations, such as assistive technology or modified work schedules. Additionally, employers should provide training to their staff on disability awareness and inclusion. This can help ensure that people with disabilities are treated with respect and given the support they need to thrive.

In conclusion, hiring people with disabilities is not only the right thing to do, but it can also bring a range of benefits to an employer. By creating an inclusive and diverse work environment, a business can improve its reputation, bring unique perspectives and skills to its team, and comply with the law.

Employers can play a key role in promoting inclusion, diversity, equity, and access (IDEA) in their organizations and creating a more inclusive legal profession. All employers need to prioritize the hiring, retention, and promotion of people with disabilities to create a more diverse and inclusive workplace.

1. Note that the term employer follows the broad practice of the American Bar Association Business Law Section and does not refer to the work environment. The work environment can be a government entity, a company, a nonprofit organization, a law firm, etc. ↑

2. See also the US Census Bureau’s webpage collecting data and publications related to disability. ↑

3. Earlier NALP publications on attorneys with disabilities can be found within NALP’s Research & Statistics resources. ↑

4. Table 11 in the report (“Lawyers with Disabilities — 2019,” page 30) provides more details. ↑

Introduction

The floating lien is a cornerstone of commercial finance. Whether it be retail merchants, grocery stores, or auto dealers, this security device underpins the transactions through which most businesses manage and fund their operations. The primary assets encumbered by a floating lien are a business’s inventory and accounts receivable, as they constitute the “immediate core of a commercial debtor’s enterprise.”^[1] Indeed, a significant motivation behind the eventual drafting of Article 9 of the Uniform Commercial Code was a desire both to explicitly allow and also to simplify the creation of a floating security interest capable of encumbering all present and after-acquired personal property of a debtor to secure all present and future obligations owed to a secured creditor.

As almost everyone is now aware, the Uniform Commercial Code was recently amended (henceforth, the 2022 UCC Amendments) to take into account emerging technologies, such as certain kinds of digital assets. Specifically, the new Article 12 creates the concept of a controllable electronic record (CER), creates the associated notion of control, and provides a regime under which a purchaser can acquire these digital assets free from competing claims or defenses (the so-called take free rules). Coextensively, amended provisions of Article 9 provide that CERs can be used as collateral, that a security interest in these assets can be perfected both by filing and control, and that security interests in CERs perfected by control have priority over those perfected by filing. In this article, we explain how the new 2022 UCC Amendments can be used to create a floating lien—not just over traditional tangible goods and their related receivables, but also over CERs.

The NFTs Market

Imagine a firm that is in the business of “minting” and selling non-fungible tokens (NFTs), such as Dapper Labs or Yuga Labs. Though there is no universally accepted definition of NFTs, they can be broadly described as digital assets that are uniquely identifiable and one of a kind within a specific system. NFTs are widespread in distributed ledger technology (DLT) networks, such as Ethereum, Solana, Avalanche, and many others.

NFTs have found broad adoption in a variety of business endeavors. The prevailing use case for NFTs is associated with the concept of tokenization.^[2] This is the process whereby a person creates an NFT and asserts that it represents specific tangible or intangible property, such as a painting, a rare car, a digital image, or an ownership interest in a company. Alternatively, the NFT can be presented as entitling its holder with the right to receive a service, such as access to a concert or other event. In principle, the innovative commercial proposition is that the NFT acts as unique digital indicator and identifier for property or services to which it is purportedly linked.

There are presently two primary models for tokenizations: intermediated and disintermediated.^[3]

Intermediated Tokenization

Intermediated tokenization is prevalent in the high-volume, low-value NFT market. Under this model, individuals create and sell NFTs relying on online platforms such as Rarible, SuperRare, Foundation, or Mintable. It’s a process that involves several steps, which can be delineated as described below.

First, an individual establishes an account on a minting platform and links it to the individual’s digital wallet, enabling the transmission and receipt of funds for NFT minting and subsequent sales. Leveraging the interface of the minting platform, the individual uploads a digital image, text, or musical composition that purportedly will be linked to the individual’s soon-to-be-minted NFT. At this stage, the individual also selects a preferred method of monetizing the NFT, typically via a direct sale or an auction.

Second, the platform executes two core functions: minting the NFT and generating a dedicated web page devoted to this token. To accomplish the former, the minting platform typically relies on a smart contract^[4] executed on a DLT network of choice. The web page showcases the uploaded content—i.e., the digital image, text, or music—alongside any other information provided by the individual creating the NFT.

Third, both the minting platform and the NFT originator actively endeavor to attract prospective purchasers through various means, including targeted advertising via social media and other relevant channels. Once a buyer emerges, the minting platform assumes the role of an intermediary, facilitating payment processing and effectuating the transfer of the NFT. The material execution of this final step might differ depending on the technological structure adopted by the platform.

In most cases, the NFT will be transferred to a wallet cryptographically controlled by the buyer. Alternatively, the NFT might remain in an omnibus wallet controlled by the platform if both the creator and buyer of the NFT have accounts on the platform itself. This is not dissimilar to how banks manage fund transfers when counterparties both have accounts at that institution.

Disintermediated Tokenization

The other tokenization model is disintermediated. This approach has been utilized by notable artists and corporate issuers—including Pak^[5] (Merger NFT), Beeple^[6] (Everydays: the First 5000 days), Yuga Labs^[7] (Bored Apes), and Dapper Labs^[8] (Top Shot)—particularly in high-value NFT transactions. Under this model, the issuer directly mints the NFT by executing a smart contract either on a major public DLT system, such as Ethereum, or a private one under its control, such as Dapper Labs’ Flow Blockchain. Subsequently, each NFT is associated with a specific asset, typically a creative work in digital format such as an image, video, or music file. The connection between each NFT and its corresponding creative work usually involves storing the relevant digital content on internet-connected servers and then hyperlinking each NFT to a specific creative work.^[9]

Once minted, the NFTs are offered to the buying public either by the issuer or through specialized intermediaries, including renowned auction houses such as Christie’s, Sotheby’s, and Phillips.^[10] In addition to the NFT itself, the issuer may offer supplementary services or accompanying assets. For example, regarding the Bored Apes NFT collection, Yuga Labs granted the original purchasers and subsequent buyers a worldwide license to utilize the images connected to their token.^[11] However, it is noteworthy that artists such as Beeple have successfully auctioned their NFTs while neither granting to purchasers a license to the specific creative work in question nor transferring the relevant copyrights.^[12]

With that background, let us focus on the disintermediated tokenization model. For corporate issuers utilizing this approach, NFTs may very well be the principal means by which they generate earnings. The question then becomes this: how might a lender go about obtaining a floating lien over this crypto inventory?

Crypto Inventory Financing

Assume that a corporate issuer of NFTs wishes to use these digital items as collateral. These businesses hold NFTs out for sale. In a practical sense, these assets are the issuer’s inventory. Under Article 9, however, inventory is a defined term that only encompasses “goods” and other tangible movables held out by a person for sale or to be furnished as a service.^[13] As NFTs are intangible personal property, Article 9 classifies them as general intangibles.^[14] As we explain below, the 2022 UCC Amendments reshape the regime to create a floating lien over crypto inventory.

NFTs as Controllable Electronic Records

The 2022 UCC Amendments create a new collateral subcategory under the UCC’s definition of general intangible: the controllable electronic record (CER).^[15]

A CER is “information that is stored in an electronic or other medium and is retrievable in perceivable form” and that is susceptible to control. Importantly, the definition is based on the ability to take control of the record.^[16] Control entails satisfaction of a three-part test: the person claiming control must have the power to (i) enjoy “substantially all the benefit” of the CER, (ii) prevent others from enjoying “substantially all the benefit,” and (iii) transfer control to another.^[17] Lastly, the person claiming such control must be able to demonstrate to a third person that all three parts of the test are met.^[18]

As generally implemented in prominent DLT networks, such as Ethereum, Solana, and Avalanche, NFTs meet the definition of a CER. In these systems, NFTs are data entries stored in a distributed database and, thus, constitute “information that is stored in an electronic or other medium and is retrievable in perceivable form” in the eyes of the UCC. Moreover, the cryptographic infrastructure implemented in DLT networks enables a person to have dominion over and dispose of NFTs in a manner that satisfies the “control” requirements. For example, on Ethereum, a person can control an NFT thanks to the public/private key cryptography adopted by this network. Through their private key, an individual has the power to interact with an NFT, enjoying all of its benefits (whatever those might be), and to prevent all others from interfering. This same technology also enables that individual to completely divest themselves of those powers by transferring them to someone else. Finally, public/private key cryptography also enables an individual to identify themselves as being in control of a determinate NFT through their digital signature.^[19]

Creating and Perfecting a Floating Lien over Crypto Inventory

Creation

The 2022 UCC Amendments forge a new framework for taking security in CERs, including crypto inventory. Regarding attachment, prospective secured lenders have two avenues when using crypto inventory as collateral.

First, as CERs are a subset of general intangibles, a security interest that is enforceable between the parties can be created with a “signed” agreement that adequately describes the collateral.^[20] Notably, the 2022 UCC Amendments have moved past the word authenticated. For NFTs, a clause stating that the collateral comprises “all debtor’s present and future general intangibles” or “all debtor’s present and future CERs” would be effective; there would also be no obstacle to a narrower description focused on the tokens in question, such as “all NFTs minted by the debtor,” and possibly also specifying the relevant DLT network, smart contract, and cryptographic identifiers.

The second avenue to create a security interest in crypto inventory leverages the concept of control. Dispensing with the requirement of a signed security agreement, the 2022 UCC Amendments provide that a security agreement can be created between a debtor and creditor if “the collateral is . . . controllable electronic records . . . and the secured party has control under Section . . . [12-105] . . . pursuant to the debtor’s security agreement.” Extending to CERs the rules previously available for deposit accounts, electronic chattel paper, investment property, and letter-of-credit rights, the 2022 UCC Amendments recognize that taking control of CERs adequately evidences what collateral the parties objectively intended to encumber.

Perfection

The 2022 UCC Amendments also introduce a novel regime for the perfection of security interests in CERs that further cements the prominent role of control. As with all types of collateral,^[21] a creditor can perfect a security interest in crypto inventory by filing a financing statement in the relevant registry, just as it could before the new rules came into effect.^[22] However, the 2022 UCC Amendments also provide that a creditor can perfect a security interest in CERs by taking control of these assets.^[23] A creditor can also obtain control through a third party who acknowledges that it has or will obtain control on the creditor’s behalf.^[24]

For example, a creditor could perfect a security interest in an NFT by having the debtor transfer the NFT to the creditor. This can occur by associating the NFT on the relevant blockchain with the creditor’s public key, rather than the debtor’s key. Other methods are also available, such as using specific NFT metadata configurations or escrow-like software structures (often referred to as multisignature smart contracts) that require the creditor to consent using its own private cryptographic key prior to the NFT being transferred by the debtor. The broad, functional character and flexibility of the notion of control is one of the most significant value-adds of the standards-based framework erected by the 2022 UCC Amendments: it allows parties to deploy whatever technology might be available at a given point in time to achieve control. This approach reflects the explicit intent of the UCC drafters to be technologically neutral and to accommodate future types of CERs.

Lien Priority and “Take Free” Considerations

Crypto financiers will likely want to achieve perfection by control for yet two more reasons.

First, the 2022 UCC Amendments introduce a non-temporal priority rule to rank competing security interests over CERs. Specifically, a secured creditor who perfects by control “has priority over conflicting security interests held by a secured party that does not have control.”^[25] Adopting the same approach historically adopted by the UCC for the priority regime applicable to deposit accounts and investment property, the 2022 UCC Amendments recognize a preference for secured creditors who have direct dominion over the encumbered collateral.

The second reason why crypto financiers will want to take control of encumbered CERs stems from the “take free” regime introduced by the 2022 UCC Amendments for these assets.^[26] Under these rules, a person who acquires a CER for value, in good faith and without notice of any conflicting property claims, is deemed a “qualifying purchaser” and, as such, takes it free from any preexisting property claims.^[27] The 2022 UCC Amendments draw heavily from the UCC Article 3 provisions for negotiable instruments, and these provisions have the effect of making CERs negotiable.^[28] It follows that if a secured creditor obtained a security interest in CER inventory and only perfected by filing, that creditor would be at risk of the debtor disposing of the collateral and transferring control to a qualifying purchaser that would take it free from any competing claim.

The Mechanics of Controlling Crypto Inventory

With that foundation, now consider how a floating lien under Articles 9 and 12 could be achieved over all of a debtor’s crypto inventory. Recall that our debtor is a corporate issuer of NFTs who routinely creates and then sells NFTs to the public. Attachment could be achieved through a security agreement describing the collateral as either the debtor’s general intangibles (taking a broad approach) or all of the debtor’s NFTs in a determinate DLT network (being more specific). The security agreement could also include an after-acquired property clause so as to encumber preexisting NFTs and those that would be minted in the future, as well as a present and future indebtedness clause when describing the secured obligation.

As to perfection, the creditor should file in the relevant registry but also take control of the collateral. There are a few different ways control could be achieved, but here we describe the two simplest ways. The corporate issuer and the creditor would agree that all newly minted NFTs should be immediately associated with the creditor’s public cryptographic keys on the relevant blockchain—not those of the debtor. In other words, all new NFTs should be held in the creditor’s digital wallet, not the debtor’s. Alternatively, the creditor and the debtor could agree that all newly minted NFTs should be held through a multisig smart contract that would be directly or indirectly governed by the secured creditor, in a manner that satisfies the statutory requirements for control.

This transactional structure would create a floating lien over all of the debtor’s crypto inventory. Whenever the debtor desires to sell an NFT, the creditor would have to approve the transfer. In turn, the debtor would transfer to the creditor whatever portion of the funds received from the sale that the parties had agreed to. This arrangement would, of course, involve some monitoring costs, but such expenses would be significantly lower than those associated with traditional inventory financing (i.e., tangible personal property). Typically, a creditor with security in inventory has to arrange for inspectors that examine the state, quantity, and quality of the collateral; the premises where it is held; the manner in which it is offered to the public; and many other similar matters. By contrast, a creditor who has taken security in crypto inventory and perfected by control would only have to approve of any sale of the assets in question and surveil that the debtor does not secretly mint NFTs without duly transferring control. Finally, any minting of an NFT by the debtor that does not immediately appear in the creditor’s digital wallet or in the designated multisig smart contract should be deemed an event of default in the security agreement.

Conclusion

In constructing the transaction as we describe here, the creditor would have created a floating lien on digital assets of the debtor—specifically, crypto assets in the form of NFTs—using UCC Articles 12 and 9. The lien would both float and provide preferential priority through control. For more on this topic and the transactional structure we set forth above, see our essay Floating Liens Over Crypto-in-Commerce, forthcoming in the Indiana Law Journal.^[29]

Christopher K. Odinet is the Josephine R. Witte Professor of Law and an affiliate professor of finance at the University of Iowa. Andrea Tosato is an associate professor in commercial law at the University of Nottingham (United Kingdom) and a visiting associate professor at the University of Pennsylvania Carey Law School. Jordan Jenquin is a rising 3L at the University of Iowa College of Law and a 2023 summer associate at Sidley Austin LLP in Chicago, Illinois.

1. 3 Commercial Asset-Based Financing § 18:1 (2023 ed.). ↑

2. Juliet Moringiello & Christopher K. Odinet, The Property Law of Tokens, 74 Fla. L. Rev. 607, 609 (2022). ↑

3. Christopher K. Odinet & Andrea Tosato, The Intersection of NFTs and Structured Finance, B.U. L. Rev. (forthcoming 2023) (manuscript at 5–6). ↑

4. Nick Szabo, Smart Contracts: Building Blocks for Digital Markets (1996). ↑

5. Merge by Pak, Nifty Gateway (last visited Feb. 6, 2023). ↑

6. Beeple (last visited Feb. 6, 2023). ↑

7. Yuga Labs (last visited Feb. 6, 2023). ↑

8. Dapper Labs (last visited Feb. 6, 2023). ↑

9. Joshua A.T. Fairfield, Tokenized: The Law of Non-Fungible Tokens and Unique Digital Property, 97 Ind. L.J. 1261, 1296 (2022). ↑

10. NFT Art Auction Department, Sotheby’s (last visited Feb. 6, 2023); Christie’s NFT, Christie’s (last visited Feb. 6, 2023). ↑

11. See Juliet M. Moringiello & Christopher K. Odinet, NFTs in Commercial Transactions, in Cambridge Handbook on Emerging Issues at the Intersection of Commercial Law and Technology (Nancy Kim & Stacy-Ann Elvy eds., forthcoming 2023). ↑

12. Taylor Locke, Millionaire Artist Beeple: This is the Very Important Thing ‘I Think People Don’t Understand’ About Buying NFTs, CNBC (Mar. 29, 2021). ↑

13. U.C.C. § 9-102(a)(44), (48). ↑

14. Id. § 9-102(a)(42). ↑

15. Id. § 12-102(a)(1). ↑

16. Id. § 12-105(a). ↑

17. Id. § 12-105(a)(1)(A), (B). ↑

18. Id. § 12-105(a)(2). ↑

19. Understanding Digital Signatures, Cybersec. & Infrastructure Sec. Agency (Feb. 1, 2021). ↑

20. U.C.C. § 9-203. ↑

21. Note the exception of a security interest in money, which can only be perfected by possession. See id. § 9-313(a). ↑

22. Id. § 9-312(a). ↑

23. Id. § 9-314(a). ↑

24. Id. § 9-307. ↑

25. Id. § 9-326A. ↑

26. Id. § 9-317(h). ↑

27. Id. §§ 9-317(h), 12-102(a)(2), 12-104(e). ↑

28. Edwin Smith & Steven O. Weise, The Proposed 2022 Amendments to the Uniform Commercial Code: Digital Assets, Bus. L. Today (Mar. 25, 2023). ↑

29. Christopher K. Odinet & Andrea Tosato, Floating Liens over Crypto-in-Commerce, Ind. L.J. (forthcoming). ↑

The American Bar Association Business Law Section is proud of its library of quality legal titles that serve the business law community. However, there are a handful of BLS titles that are true “classics”—that is, they are the go-to sources for the legal practitioner; they strengthen their branding with each new edition; and they sell in the thousands.

A prime example of a “classic” is A Manual of Style for Contract Drafting, Fifth Edition by Kenneth A. Adams.

“The fifth edition was published in February 2023,” said Collin Cooper, chair of the BLS Publications Board. “Sales usually drop off with each new edition of a legal text, yet with each new edition of MSCD, its sales have exceeded sales of the previous edition. Based on the first three months, it looks like that will apply to the fifth edition, too.”

There is a simple reason for the book’s success: Each new edition has been a worthy upgrade.

“The fifth edition, weighing in at 667 pages, contains 70 pages of new material, and the rest of the text reflects many adjustments,” said Cooper. “Ken remains without equal as an authority on the building blocks of contract language. No one writes on his subject as extensively or with as much originality and scholarship.”

To understand the value of this book, featured below is the section on the words “setoff” and “offset.” This brand-new content explains why readers eagerly anticipate the publication of a new Manual of Style edition.

***

SETOFF, OFFSET

13.763 The nouns setoff and offset mean the same thing; so do the corresponding verbs. Pick whichever noun you prefer and stick with it, be consistent in how you spell it, and use the corresponding verb.

13.764 Black’s Law Dictionary gives as a definition of the noun setoff “A debtor’s right to reduce the amount of a debt by any sum the creditor owes the debtor; the counterbalancing sum owed by the creditor.” It’s easy to find the variant spellings set-off and set off, but use setoff.

13.765 The noun offset is used in the United States to mean the same thing. Garner’s Dictionary of Legal Usage, at 631, says the noun offset “is perfectly acceptable in American legal writing.” See, e.g., Citizens Bank of Maryland v. Strumpf, 516 U.S. 16, 18 (1995) (“The right of setoff (also called ‘offset’) allows entities that owe each other money to apply their mutual debts against each other … .”).

13.766 Garner’s Dictionary of Legal Usage, at 812, says the verb form of setoff “is written as two words—e.g.: ‘on the other hand, a subsequent agreement between the parties to set-off [read set off] a claim of the buyer in satisfaction of part of the purchase price may satisfy the statute.’”

13.767 Regarding use of offset as a verb, Garner’s Dictionary of Legal Usage, at 631, waffles in saying that it “might be considered inferior to set off, although it cannot rightly be condemned as an error.” An example offered in Garner’s Dictionary of Legal Usage is “The division of property was, or will be, approximately equal and the two amounts would offset each other.” Welsh v. Welsh, 869 S.W.2d 802 (Mo. Ct. App. 1994). If the noun offset is acceptable in the United States, it would be precious to object to the verb offset. Searches of to set off and to offset on the U.S. Securities and Exchange Commission’s EDGAR system suggest that the verbs set off and offset are used about as often.

The marketing team wants to use ChatGPT to generate marketing collateral. Yet, the law department worries about copyrighted content used to train the model forming the basis of an intellectual property lawsuit and inadvertently “giving” OpenAI the right to use certain protected content. Underwriting wants to let artificial intelligence (“AI”) tools “underwrite” insurance policies, but the compliance team worries about the computer application “learning” to discriminate. Business planning professionals wish to extend the life of relevant information, but European Union (“EU”) privacy lawyers say that will run afoul of the General Data Protection Regulation (“GDPR”).

One person’s hot is another person’s cold. One person’s trash is another person’s treasure. You get the idea. And that idea has taken center stage in the world of corporate information. At a time when professionals across industries and fields who are using AI want as much information as possible to predict business trends, for example, information security risk mitigation militates in favor of retaining less information for shorter periods: “AI is heavily reliant on large quantities of data, and without proper controls, data can be corrupted.”^[1] Furthermore, “[a]ddressing privacy concerns while leveraging large datasets is also a challenge.”^[2] While business folks want to keep content in collaboration environments forever for future reference, privacy and security professionals push back on growing the information footprint because more information creates greater privacy risk and more data to protect.

We live in interesting times, in which one side of the business wants to keep all information forever and another wants it gone yesterday. And there are myriad other perspectives between the two extremes, depending on your job within the company. So how do businesses navigate and negotiate an ever-increasingly competitive and conflicting information-intensive business environment?

No one wants to peer into a volcano, especially one that could blow at any time. Yet, a lawyer’s job is, in part, helping the lawyer’s company or clients navigate the risks and potential liabilities of our new, ever-expanding information economy. Further, most large companies today have a host of complex and competing information needs and requirements that scream for legal guidance, whether the lawyers know it or not. And as corporations’ information assets grow in volume and value, these issues won’t go away anytime soon.

In this article, we will provide five steps for lawyers and others with information management obligations to more effectively manage their corporation’s information footprint, negotiate competing and conflicting business and regulatory requirements, and simplify the rules to help harness the value of information while making sure that companies comply with the expanding information volumes and the laws and regulations that mandate how information must be managed.

Step 1: Size Up Your Information Footprint

Understand What Your Business Does for a Living

To figure out how best to address the expanding universe of information, it is first essential to understand the company’s mission as that will inform what data it has and the laws and regulations guiding its management. In other words, the first step should be to assess what information a company has, what obligations exist with that information, how long to retain it for legal or business reasons, who should have access to it, etc.

While the executives of all companies generally understand what business activities they are engaged in, they rely on their leadership team to help them understand all the different business initiatives, relationships, contractual obligations, projects, and potential sources of revenue and risks across their company. This activity details how the organization accomplishes its mission and the information needed for execution. After all, it is essential to understand how the organization creates information and what information it creates, as well as when it needs it given its business activities, in order to manage the information footprint.

Understand How Activities Are Conducted

Given today’s complex technologies such as AI, IoT (“Internet of Things”) devices, pixel tags, etc., and the new ways that business is conducted, the task of identifying how business activities are conducted is challenging. The way that many businesses function or carry out their business activities has changed in recent years.

Third parties may now be in the “care, custody, control” of “your” information, and contracts may dictate that they can package it up and resell the information or not. The fact that a third party is creating and utilizing your company information may create new information security and privacy challenges that may need to be addressed via both contract and technology. Furthermore, the application of IoT devices means that a third-party smartish piece of technology is grabbing and transmitting data behind the scenes, perhaps without the company’s knowledge—which may be to the company’s detriment.

There are many ways to glean a deeper insight into company business activities to understand how they are conducted. It might be helpful to analyze the company’s annual report, external website, marketing materials, operational processes, workflows, and standard operating procedures (“SOPs”) and talk to the corporate secretary about external partnerships, collaborations, or joint ventures involving the company. Reviewing the company’s annual reports, financial statements, and corporate filings may disclose new sources of revenue, among other things. Additionally, interviews or surveys with key stakeholders can be beneficial to provide a deeper understanding of the various company initiatives and activities. For example, a recent conversation with a client’s general counsel unearthed a new business direction of packaging biometric data and selling it as a revenue stream.

Key business and legal stakeholders might not be aware that a particular business initiative is underway, but they need to be aware in order to properly assess the risk and liability. Advancing such initiatives without proper management and liability assessment can explode in the face of executives and impact company valuations and the court of public opinion. And these types of initiatives are part of the new corporate information volcano that can create seismic ripples through the business.

Inventory Information Assets

For every business activity, there is informational output. That informational output may be a record or a non-record. It may or may not contain a specific class of data, such as biometric data, personally identifiable information (“PII”), trade secrets, intellectual property, Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) data (protected health information (“PHI”)), or other sensitive data types.

For every record and specific data category, myriad laws and regulations will dictate how that information can be used, shared, stored, retained, and managed throughout its life cycle. Additionally, for each, there will be business folks who will only sometimes agree with the laws and regulations because those laws and regulations don’t allow them to garner the total value of the information.

For every non-record, rules should dictate how long to retain the information and when to dispose of it. For many corporations, a large percentage of their data doesn’t rise to a record level, and the noise it causes can be costly. Additionally, non-records can pose the same risk to the corporation as a record because they can contain sensitive information that could be damaging if exposed.

Regardless of whether something is a record or a non-record, getting a handle on the company’s information footprint is essential. Unsurprisingly, most companies need to know what information they have, where to locate it, and who has access to it. Information sprawl happens because more systems create information, more applications use information, and more employees access the information. Outsourced data warehouses collect data from many sources and combine them for insights. IoT devices collect and transmit data, and more third parties utilize or create company information on your behalf. What action can you take?

Conduct and document an inventory of supporting information assets created, used, sold, shared, relied upon, and received for each business activity identified. The inventory should determine where the information is stored; who has access to it; who has responsibility for it; what actions people take with it, e.g., selling or sharing the data; and what data classification (e.g., PII, PHI) and security classification (e.g., confidential, restricted) apply. This inventory will help inform the next step of knowing what laws and regulations must be considered. The greater the understanding of the information footprint, the more effective your program will be.

Step 2: Unearth and Understand Regulatory, Governance, and Business Requirements

Collect All Laws and Regulations That Impact the Business

Once you have compiled a comprehensive list of the company’s business activities and inventoried the types of information generated, used, sold, shared, relied upon, and received, you can then research the relevant laws, regulations, and industry rules that govern the management, protection, transmission, retention, and disposal of each category of the information. For most large businesses today, there will likely be hundreds, if not thousands, of laws and regulations that apply to the various types of information used by the business in the various jurisdictions in which the company does business. It’s key to look outside of the jurisdiction of incorporation to find all of the laws and regulations required to get information management right.

For each business activity, the company should document all jurisdictions that apply to it. This is often called a business profile. For example, product manufacturers should document the countries and states with manufacturing facilities. Later in the process, jurisdictions will inform what laws and regulations will apply based on where the organization performs certain business activities. Many laws and regulations that impact manufacturing facilities will be at a state or country level, so there is no need to include states or countries without manufacturing facilities. Similarly, if, as discussed above, the company is engaging in new activities—such as selling data as a revenue stream, implementing customer interactions, using sensors on products, conducting AI activities, exploring blockchain and cryptocurrency activities, handling privacy and biometric data, developing virtual and augmented reality technologies, or building autonomous products—those activities will dictate the laws and jurisdictions that must be considered.

Understand Business Needs

As the company evaluates and collects all of the legal requirements with which it must comply, assessing its business needs for the various types of information across the enterprise is also beneficial. This step is where the company should methodically collect the need for each data category and how long a particular business unit needs it. This step should involve “governance” business stakeholders such as privacy, records management, legal, cybersecurity, and other teams as necessary.

During this phase, it will become evident that different business units within the company will have different information needs. The marketing department may want ten years of past sales to unearth trends to improve future forecasting of raw materials for next year’s products. However, EU privacy staff may feel that the organization should only retain that information for a short time. This conflict can be solved by agreeing upon a period of time to retain the personal data, when it should be anonymized, and when the anonymized information needs to be disposed of. (We will return to this conflict issue in the next section.) In any event, creating a useful dashboard of inputs so that the company can see how information is being used and by whom will be very useful in determining the final company rules to manage information assets better.

Step 3: Harmonize Governance and Legal Requirements

As was alluded to in the previous section, gathering all the legal, regulatory, and governance requirements and various business needs related to each category of information helps the company develop rules that address all the inputs. One caveat: Making sausage is ugly. But developing information policy for large companies can make sausage making look attractive and seem easy. Given information volumes and the disparate uses of information in today’s corporate information ecosystem, making sense of and harmonizing the many inputs can be challenging.

Consider how different the EU privacy policy is from how Arkansas privacy laws expect organizations to manage PII. Or consider how contract retention requirements vary from state to state. Now add all the types of information, all the legal requirements in all the relevant jurisdictions (state, federal, foreign, etc.), and the business needs for the data. Now make a policy that addresses all the inputs.

Corporations that operate in a global environment must comply with legal and governance requirements across multiple jurisdictions. Corporations must take a harmonized approach to information governance, developing policies and procedures consistent across all jurisdictions unless there is a unique situation that doesn’t allow for it. As one such example, China’s laws for certain categories of information require permanent data retention. The company may carve out Chinese retention rules from the “harmonized” company-wide rules in such a case.

One often-used approach to harmonizing legal requirements in the privacy context is to gather all the high-level requirements of the various privacy laws and regulations from the various jurisdictions and develop a policy incorporating the letter and the spirit of the multiple requirements into one policy directive. Again, it is complex, but it is essential as the list of legal requirements mandating how organizations must manage information grows yearly.

To deal with the ever-evolving information legal landscape and advancing business practices, companies should have a process in place to monitor changes to ensure that they stay current with laws and regulations and business activities. As an example, a company could form a governance body made up of legal, governance, compliance, business, and operations representatives tasked with the responsibility of advancing the initiative.

Step 4: Simplify Rules for Employees and Technology

Corporations should develop clear policies, procedures, and rules that are easy for employees and technology to understand and follow. One way to simplify is to create one set of standard policies and procedures that can apply across the organization.

Recently, a company asked Kahn Consulting to harmonize the company’s multiple privacy and security directives. There were many competing directives, and the organization didn’t clarify the guidance as to which policies applied to each business unit. The employees didn’t follow any policies because they couldn’t determine which ones applied to their work.

Employees don’t have time to figure out what policy to follow, so make it brain-dead simple. In addition to fewer policy documents, the company should strive for shorter directives without complex legal language that may confuse the average employee. Furthermore, the simplification process will help technology seamlessly apply the rule without employee intervention (see Step 5). Employees have enough to worry about in their daily work without having to stop to consider legal policies. Also, technology is better and faster at applying rules to information at an application level, behind the scenes, so build a compliance process to let employees focus on their day job.

Additionally, organizations should eliminate rules that create complexity in their understanding and application. For example, applying “event triggers” to start the retention clock can create a challenge to determine when the clock begins to run on retention. Therefore, it can make applying the rule to relevant records nearly impossible. So, if you can get rid of complex rules, do it.

Finally, build “imperfect” rules that work with your technology rather than creating “perfect” rules that can’t realistically apply to actual business processes. In other words, strive for reasonable rules that work given technological realities and the company’s needs.

Step 5: Automate Policies and Procedures

Corporations can further simplify information governance by automating the application of company policy directives related to ownership, access, privacy, security, retention, disposition, litigation response, and other governance tasks. Advances in AI and machine learning give organizations the horsepower needed for such automation.

This approach means using technology to enforce policies and procedures rather than expecting employees to do the heavy lifting. For example, corporations can use automated data classification tools to classify data according to its sensitivity level. This automation can help ensure that sensitive data is protected appropriately and can reduce the risk of a damaging security event. Automate wherever possible, and use technology that makes your company rules workable, given the application’s functionality.

Conclusion

Managing information in today’s complex information ecosystem is a monumental challenge. One bad hack and the resulting information security breach could be that seismic event impacting valuation and reputation that every lawyer, privacy and compliance officer, and C-suite executive prays will not happen on their watch. Effective information governance is essential for corporations to protect their valuable information assets and comply with legal and regulatory requirements. And that starts with understanding what business activities a company performs, what information a company has, what obligations exist for each class of information, how long to retain the information for legal or business reasons, what management governance rules apply to it, who should have access to it, and where it is stored. Companies will be well served by thinking outside the volcano and anticipating the potential liability and risk associated with the explosion of information and the transformation regarding how business is done. This is a process, not a project, and lawyers and other stakeholders must be engaged in an ongoing basis. The information ecosystem is organically growing and expanding, and vigilance is necessary to stay on top of it.

1. AI in Capital Markets, RBC Capital Markets (last visited May 27, 2023). ↑

2. Id. ↑

As marketplaces have become digital and more technology platforms are integrating payment solutions into the customer experience, there has been increased interest among technology companies in potentially becoming money transmitters or partnering with regulated financial institutions^[1] (directly or indirectly) to embed payment solutions within their platforms or apps.

A company could embed payments into its software and user interface to combine transaction processing in a seamless, cohesive experience for its customers. For example, an online marketplace connecting lessors and renters could add new payments functionality. Embedding payment functionality in this way could serve as an additional revenue stream by offering payment services as an “add-on” or “value-add” service. This model stands in contrast to one where a company primarily engages in the business of payments, with payments services as a primary source of revenue, such as offering a peer-to-peer money transfer app.

Companies that wish to add payments functionality into their offerings should not add the payment rail first and think about regulatory compliance later. Platforms and marketplaces that rush to offer payment rails without first assessing the legal ramifications may find themselves subject to an enforcement action by a federal or state regulator, dropped by a strategic partner, or realizing too late that the resources needed to add payment functionality far exceeded their expectations or potential returns. Considering regulatory compliance too late, or not at all, could deter future investors, or derail a promising IPO, merger, or acquisition.

Drawing from our experience, below are key considerations for companies to strategically approach the threshold legal and business questions around offering embedded payments solutions, with a focus on the impact to the product’s design, necessary compliance resources, and potential revenue.

Regulatory Compliant Strategies to Embedding Payments

There are different ways to offer payment services and various legal and business considerations companies should think about when considering embedding payments functionality, consistent with regulatory compliance.

Top of mind, at the federal and state level, are money transmitter laws. Generally, a “money transmitter” is a person that accepts value from one person and transmits that value to another person or to another location by any means. In other words, money transmitters are persons who facilitate the transfer of value (fiat or crypto assets) between two consumers, a consumer and a business (or vice versa), or between businesses. A company that is licensed as a money transmitter with all relevant states and registered as a money services business (MSB^[2]) with the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) is able to sit directly in the “flow of funds” or receive value in an account that it owns or controls from one person, and transmit that value to another person or to another location on behalf of the sender. 

There are different approaches to embedding payments in compliance with applicable laws and regulations, including the following: 

1. the money transmission licensure model, in which the business obtains relevant state licenses and registers as an MSB;^[3] 
2. the partnership model, whereby a company contracts directly with a regulated financial institution to provide payment services (a variation, the banking-as-a-service API model, is where a company directly contracts with a technology company that already has a direct relationship with a regulated financial institution, such as a bank, to provide payment services); and
3. the risk-based model, whereby a company relies on an exemption from money transmission licensure and MSB registration to provide payment services on its own.

The optimal approach varies by company, depending on the company’s business goals, risk appetite, and resources for regulatory compliance, among other important considerations. The following chart is an example of how these different considerations may point in favor of one approach over another. 

The Licensure Path

Becoming a regulated money transmitter—registering as an MSB and obtaining state money transmitter licenses—is no small matter. While registering with FinCEN as an MSB is a fairly simple and straightforward process, state licensure is very time-consuming and cumbersome, and can be very expensive.

The general purpose of the state money transmission application process is to make sure the applicant has the financial capability, management, and business model in place to successfully operate a money transmission business. Among other requirements, state-level money transmitter applicants are required to submit a business plan, have a surety bond, undergo criminal background checks and fingerprinting, provide financial statements, and meet minimum net worth requirements.

If a company wants to offer money transmission services nationwide, the company must obtain a license in each state and coordinate the licensure process with state regulators. Every state has its own money transmission application, but many states have joined the Multistate MSB Licensing Agreement Program (MMLAP). With MMLAP, the multi-state money transmission application process is more streamlined and coordinated by a single state. The MMLAP application process consists of two phases: (1) review of the general license application requirements applicable to MMLAP participating states by a single state regulator and (2) review of state-specific license application information by other states in which the applicant is seeking money transmission licensure. Generally, the licensure process for a single state may take between six months and one year. If a company plans to go to market in the relative short term, the application processing time may ultimately be the deciding factor against licensure. 

Beyond obtaining initial state licenses and registering with FinCEN, licensed and registered money transmitters have important ongoing federal and state regulatory obligations. At the federal level, the purpose of money transmission laws is to combat money laundering and terrorist financing. Money transmitters registered with FinCEN are required to implement and maintain an anti-money laundering (AML) program, report suspicious and large transactions to FinCEN, and comply with recordkeeping and other AML requirements.

In contrast to the purpose of federal money transmission laws, in a large majority of states, the purpose of money transmission laws is generally consumer protection. State-licensed money transmitters are subject to ongoing supervision, such as examination by the state regulator, and quarterly and annual reporting. Oftentimes this requires at least one individual or, in many cases, multiple individuals to be responsible for creating and overseeing the company’s regulatory obligations. 

As with other regulatory licensure regimes, there are exemptions from MSB registration and money transmission licensure. However, the exemptions are not uniform and vary from federal to state, and state to state. For example, a company may be exempt from federal MSB registration, but not state licensure. Or, a company may be exempt from licensure in one state, but not in another. If a company ultimately decides to rely on an exemption, the company should consult with outside counsel to understand the legal risk of relying on that exemption.

The Partnership Path

While the money transmission licensure process may be long and cumbersome, that does not necessarily mean that the partnership path is less resource intensive. First, the company must find a partner that is willing to offer its services based on the company’s business model. Each regulated financial institution has its own risk appetite, and a company’s business model may simply be too risky for the regulated financial institution. Further, the commercial partnership agreement negotiating process takes time, and, depending on the partner, there is no guarantee that it will be faster than obtaining state money transmission licensure.

In addition, generally speaking, a company that pursues the partnership path will lose some autonomy. While a company that partners with a regulated financial institution may avoid some direct regulatory scrutiny, the regulated financial institution is subject to federal and/or state oversight and may be liable for the activities of its partner. This means that the company will face constraints and scrutiny from its regulated financial institution partner over its platform and services offered, such as customer on-boarding. Similarly, if the regulated financial institution is not willing to provide a payment service to a certain customer or class of customers, then the company likely cannot offer the service to those customers through its partnership.

The partnership model may also impose additional onboarding or marketing restrictions on a company. Some of these restrictions may arise from the regulated financial institution partner’s own regulatory and risk-management obligations. For example, if the regulated financial institution partner requires certain information to be collected from all customers during on-boarding, it may contractually require the company to collect that information. Similarly, the regulated financial institution may contractually require the company to seek its approval for all marketing materials before they are disseminated, or that certain information or other terms are included in the company’s terms of service or user agreement.

For these and other reasons, partnering with a regulated financial institution does not necessarily guarantee a lighter regulatory burden. Oftentimes, in fact, the regulated financial institution will pass down some of its regulatory compliance obligations to the company. For example, the regulated financial institution may require the company to develop compliance policies that are subject to approval by the regulated financial institution, and implement those compliance policies. Alternatively, the regulated financial institution may provide the company with its compliance policies and require the company to adopt and implement them. Depending on the company’s business model, this may result in multiple compliance policies that must be created or adopted, and followed and managed. Similar to the licensure model, this may require an individual, or multiple individuals, to oversee the company’s contractually required compliance burden. As it relates to compliance risk, the primary difference between the licensure path and the partnership path is the shifting from regulatory risk to contractual risk.

There are also potential financial drawbacks to the partnership model. In the partnership model, the regulated financial institution will usually take a percentage of each transaction it processes. Further, there may be mandatory minimum usage requirements. While these are both business points subject to contractual negotiation, bargaining power is a huge limiting factor on a company’s ability to negotiate such terms. If a company is a small start-up, a larger regulated financial institution partner may not be willing to budge on the usage commitments or the percentage of each transaction that the regulated financial institution partner retains, i.e., its fees for providing the service.

Takeaway

Regulatory compliance should be a primary consideration in the development of embedded payments functionality. Whether regulatory compliance sits with the company as a regulated financial institution (the licensure model), or through its contractual relationship with a regulated financial institution (the partnership model), understanding payments regulatory compliance and the accompanying legal framework on the front-end may ultimately improve business performance, time to market, and strategic relationships.

This article discusses only a few threshold business and legal considerations and risks associated with embedded payments. Companies that plan to enter the payments space should consider, with experienced legal counsel, all of the legal and business considerations before applying for licensure or partnering with a payment service provider.

1. As used in this article, the term “regulated financial institution” means a financial institution that is registered, licensed, and/or authorized by the appropriate federal and/or state regulator to perform payments services. ↑

2. A “money transmitter” is a type of MSB. ↑

3. As previously mentioned, a “money transmitter” is a type of MSB. ↑

In a recent decision of the Delaware Court of Chancery, the reader is fortunate to be taken on a “tour” by Vice Chancellor J. Travis Laster “through traditional fiduciary law, the DGCL, Delaware corporate law, and Delaware’s support for private ordering” as he examined the validity of a consequential stockholder-level agreement.^[1] Ultimately, after carefully scrutinizing the facts and circumstances present, Vice Chancellor Laster found that the Covenant (as defined below), although not facially invalid or unreasonable based on the facts and circumstances of this particular case, to the extent it seeks to prevent the assertion of a claim for intentional breach of fiduciary to be invalid because of policy limitations on contracting.

The facts of New Enterprise Associates 14, L.P., et al. v. Rich, et al., involve Fugue, Inc. (the “Company”), a Delaware corporation founded in 2012 whose business is providing its clients with tools to build, deploy, and maintain a cloud infrastructure security platform. Josh Stella (“Stella”) served as the Company’s Chief Executive Officer during the time in question. In 2013, the Company conducted an offering of its series seed preferred stock, with Core Capital Partners III, L.P. (“Core Capital”), a plaintiff, serving as the lead investor in that series seed offering. Core Capital is an investment fund sponsored by a venture capital firm based in Washington, D.C. In 2014, New Enterprise Associates 14, L.P. and two affiliates, all sophisticated VC funds (these VC funds, together with Core Capital, are referred to herein as the “Funds”), invested in the Company by purchasing preferred stock—ultimately investing approximately $39 million after multiple financing rounds. Each of the Funds was also entitled to appoint one member of the Board. By 2020, the Funds had been invested in the Company for six to seven years, so their investments in the Company were starting to get “long in the tooth” for VC funds. The Funds therefore urged Stella to seek a liquidity event. Toward the end of March 2021, Stella informed the Company’s Board of Directors (the “Board”) of the inability to locate a buyer of the Company, advised the Board that the Company needed capital, and recommended that the Company engage in a recapitalization transaction as a remedy. The Board authorized Stella to proceed.

As the Funds had no interest investing additional capital in the Company, the Company management finally advised the Board and existing stockholders that the only option available was for the Company to engage in a recapitalization to be led by George Rich (“Rich”). Rich and his investor group would only commit, however, on the following conditions (this arrangement is referred to herein as the “Recapitalization”): (i) the holders of all existing preferred stock had to agree to an exchange of those shares for shares of the Company’s common stock; (ii) Rich and his fellow investors had to receive a new class of preferred stock, with preferential rights; and (iii) the Funds and other significant investors had to execute a voting agreement (the “Voting Agreement”) containing, among other provisions, a drag-along right, giving majority investors (i.e., Rich and his group) the ability to sell the Company to a third party and force the minority investors (i.e., the stockholders before the Recapitalization) to sell their ownership interest as well, without the need for consent from the minority investors, in a qualifying transaction. More significantly, the Voting Agreement also included a covenant from each signatory thereto not to sue Rich or his affiliates over a drag-along sale, including the assertion of any claims for their breach of a fiduciary duty (the “Covenant”). The drag-along right would be triggered if the Board and holders of a majority of the shares of the new class of preferred stock (held by Rich and his investors) approved a transaction that satisfied eight specified criteria (typical of drag-along rights—see the model form of Right of First Refusal and Co-Sale Agreement sponsored by the National Venture Capital Association [the “NVCA”] on its website^[2]). If those conditions were met, then the signatories to the Voting Agreement were forced to participate in that sale transaction (the “Drag-Along Sale”).

Although the Funds declined to participate in the Recapitalization, they did accept Rich’s terms by executing the Voting Agreement, together with the other investors in the Recapitalization and some existing stockholders. Rich and his investor group then invested roughly $8 million in the Company and acquired newly issued shares of Series A-1 Preferred Stock (the “Series A-1 Preferred Stock”) through two affiliated entities, one of which was designated as the “Lead Investor” for the Recapitalization. Rich controlled both vehicles indirectly through a holding company. Following the Recapitalization, the Board was composed of five members, who were Stella, two independent directors carried over from the Board in existence prior to the Recapitalization, and two representatives of the holders of Series A-1 Preferred Stock: Rich, as the designee of the Lead Investor, and David Rutchik (“Rutchik”).

By mid-July 2021, the two independent directors resigned from the Board after unsuccessful discussions with a potential buyer, leaving Stella, Rich, and Rutchik serving as the remaining members of the Board. The following week, the three-member Board: (i) authorized the Company to issue a second tranche of (almost four million) shares of Series A-1 Preferred Stock to nine buyers, which included the Rich group and Rutchik; and (ii) agreed to amend the transaction documents for the Recapitalization so that the issuance of the second tranche of additional shares was included as part of the original offer and sale of Series A-1 Preferred Stock conducted under the Recapitalization. The importance of this second action is the benefit conferred on the buyers, who would now “acquire the shares at the same price and on the same terms that Rich had extracted in April 2021 when the Company was low on cash and had no alternatives.” Further compounding things, on July 29, 2021, the three-member Board approved grants of stock options and, although the vast majority of them went to employees, each member of the Board also received a large stock option grant. Thus, the issuance of this second tranche of Series A-1 Preferred Stock under these circumstances, as well as the grants of options to the Board members (together, the “Interested Transactions”), the Funds argued, “were obvious instances of self-dealing on terms that appear facially unfair to the Company and highly beneficial to Rich and his confederates” and clear breaches of the duty of loyalty owed to the Company and its stockholders.

Further, during this same time the Company was holding discussions with a potential buyer. After several months of negotiations, the Board informed the stockholders that there was an “agreement in principle” to sell the Company for $120 million in cash. On February 12, 2022, the Company sent to the Funds a draft merger agreement with a joinder agreement and voting form, approving such merger, and told them that “they were obligated to sign the joinder agreement and voting form.” § 1.2 of the joinder agreement contained a release from each signatory thereto for any and all claims against the Company, the directors, and their associates and affiliates. The Funds agreed to do so if Rich and Rutchik would attest that they had not had any communications with the buyer about a potential transaction before the Recapitalization. Rich and Rutchik would only agree to sign substantially narrower affirmations, culminating in the Funds’ refusal to vote in favor of the merger or sign the accompanying joinder. On February 17, 2022, the Company announced the execution of, and the consummation of the closing of the transactions contemplated under, the merger agreement. On May 9, 2022, the Funds sued the directors for breach of fiduciary duties in connection with the drag-along sale. Vice Chancellor noted that the “gist” of the Funds’ claims is that “the Drag-Along Sale (i) failed to provide any consideration for derivative claims relating to the Interested Transactions and (ii) conferred a unique benefit on Rich, Rutchik, Stella, and their affiliates by extinguishing the standing of sell-side stockholders to pursue those claims.” As a consequence, the Funds asserted that the Drag-Along Sale was an interested transaction subject to the entire fairness test, a test the defendants could not satisfy. The defendants moved to dismiss the complaint, arguing that the Covenant foreclosed the Funds’ claims.

Vice Chancellor Laster’s legal analysis in this case was thorough and extensive, first focusing on the facial validity of the Covenant. He examined arguments supporting a finding of the Covenant to be facially invalid (e.g., extent to which parties can waive breaches of fiduciary duties in Delaware corporations) and arguments supporting a finding of the Covenant not to be facially invalid (e.g., ability under law to tailor fiduciary obligations), and noted early in the decision that the “argument against facial invalidity takes longer to unspool.”

In unspooling that argument, the Vice Chancellor reviewed the differences between covenants not to sue versus releases, and whether any public policy limitations could be placed on them; specifically, reviewing Illinois law, New York law, and Delaware law on this issue. He also noted the clear language of the agreements and the terms to which the Funds had agreed, and the bargained-for exchange that induced Rich to be the lead investor and invest, along with his fellow investors, roughly $8 million in the Company in the Recapitalization. The Court of Chancery additionally noted that the Covenant is similar to a provision found (in its most expansive form) in the model form of Voting Agreement sponsored by the NVCA. He examined the ability to contractually tailor fiduciary duties as well as what tailoring was statutorily authorized—specifically, §§ 102(a)(3), 102(b)(7), 122(17), 141(a), 145, 327, and 367 of the DGCL—and concluded that §§ 327 and 367 demonstrate that some loyalty claims can be limited under Delaware law, which indicates that the Covenant is not facially invalid. Vice Chancellor Laster found that Delaware corporate law does permit more fiduciary tailoring “than is commonly understood” to be permitted.

The Vice Chancellor also examined the ability to tailor fiduciary duties under common law and considered Delaware’s contractarian approach (i.e., allowing parties to business entities an opportunity to craft the limits of their obligations). After noting and acknowledging Delaware’s respect for private ordering, the judge compared the leeway permissible in stockholder-level arrangements versus the stricter requirements found in charter documents of corporations. He also reviewed other types of rights that persons can waive (jury trial right, right to counsel, right against self-incrimination, certain property rights, restrictive covenants, and nondisclosure agreements are some examples). On this point, Vice Chancellor Laster noted that the fact a person can waive fundamental liberty and property-interest rights indicates that the Funds could waive their rights associated with ownership in a corporation (i.e., “suggests that the Covenant is not facially invalid”).

In a reflective moment, the Vice Chancellor pondered whether the DGCL should be amended to impose a requirement on stockholders of Delaware corporations to disclose to the corporation the existence of any consequential stockholder-level agreements in effect (i.e., agreements that would meet certain criteria) and restrict the enforceability of any such agreement unless both: (i) a copy of such agreement is delivered to the corporation; and (ii) the corporation in turn either (a) files the agreement or a summary thereof with the Delaware Secretary of State, or (ii) notes its existence on the stock ledger and makes it available for inspection by any stockholder upon request. In footnote 276 of the Decision, Vice Chancellor Laster noted that this type of disclosure requirement would be similar to the “informed consent” a lawyer needs to receive from her client with respect to a conflict of interest that would otherwise constitute a breach of duty to that client under the applicable Rules of Professional Conduct. He also highlighted that his suggested approach on how to deal with consequential stockholder-level agreements (i.e., he proposed that their disclosure be required) differed from the approach advanced by Justice Valihur in her dissent in Manti (i.e., she proposed to invalidate them).

The court then looked to see if declaring the Covenant facially invalid would undermine Delaware’s corporate brand, and Vice Chancellor Laster determined that a stockholder-level agreement for a Delaware corporation, in which the stockholders agree on how to allocate their rights with respect to that corporation, to be consistent with Delaware’s corporate brand. He concluded that, as this case involved a conflict between two elemental forces of Delaware corporate law—private ordering and fiduciary accountability—the argument about undermining Delaware’s corporate brand did not warrant holding the Covenant facially invalid.

Next, the judge considered whether the Covenant should be facially invalid based on the premise that allowing stockholders to waive claims for breach of fiduciary duty through a private agreement would blur the distinction between corporations, which are subject to corporate formalities, and LLCs, which are creatures of contract and whose statutes (i.e., the Delaware Limited Liability Company Act, the Delaware Revised Uniform Partnership Act, and the Delaware Revised Uniform Limited Partnership Act) specifically allow the contracting away of fiduciary duties. Not finding this argument to be persuasive, he noted that the line between these two types of legal entities is already blurred. And he disagreed with the assertion that stockholder-level arrangements blurred the distinctions between the entities, particularly noting the importance of distinguishing between having provisions like the Covenant in the constitutive documents of the entity versus having them at the owner level. On this point, the judge concluded that the argument about blurring the line between the two types of entities was an insufficient basis to declare the Covenant facially invalid.

In the next leg of the tour, Vice Chancellor Laster reviewed relevant Delaware caselaw, first examining not only the majority decision but also Justice Valihur’s dissent in Manti Holdings, LLC v. Authentix Acquisition Co., 261 A.3d 1199 (Del. 2021) (the “Manti case”). In the Manti case, the Delaware Supreme Court reaffirmed the corporate principle that “sophisticated and informed stockholders” of Delaware corporations, who have bargaining power and are represented by legal counsel, can voluntarily waive in advance their appraisal rights under Section 262 of the DGCL. The Vice Chancellor also reviewed a Delaware decision neither side cited: In re Altor Bioscience Corp., C.A. No. 2017-0466-JRS (Del. Ch. May 15, 2019) (TRANSCRIPT) (the “Altor Bioscience case”). In the Altor Bioscience case, the court held that a bargained-for covenant not to sue barred claims for breach of fiduciary duty comparable to the Covenant was valid. From the Manti case and the Altor Bioscience case, the judge formulated a two-step analysis to determine the validity of a provision like the Covenant. First, the provision must be narrowly tailored to address a specific transaction that otherwise would constitute a breach of a fiduciary duty. Second, the provision must survive close scrutiny for reasonableness. The Vice Chancellor then applied that two-step analysis to the facts present in this particular matter and determined, based on the facts available, that the Covenant passed both tests, noting “[t]he facts of this case provide an example of sophisticated parties using a provision like the Covenant to allocate risk and order their affairs. This is a case where a provision like the Covenant can be enforced.”

At this moment, the Vice Chancellor also stressed that this decision should not be construed to stand for the proposition that provisions similar to the Covenant would be found to be enforceable under Delaware law. After noting how courts treat covenants not to compete (an economic right and restraint on trade), the judge said Delaware courts would take a similar hard look in reviewing covenants not to sue, which he termed to be a foundational right (the right to have access to courts, for example). He envisioned and listed certain scenarios (e.g., agreements with retail stockholders as opposed to the sophisticated stockholders suing in this case) where the validity of such a restrictive covenant would be viewed especially critically by the court.

Although Vice Chancellor Laster did conclude that the Covenant satisfied the two-part test of the Manti case and the Altor Bioscience case—i.e., the Covenant was (i) not invalid as a form of impermissible fiduciary tailoring because it only applied to certain sale transactions meeting eight contractually defined criteria and (ii) reasonable based on the facts present—the judge ultimately applied a public policy limitation to the Covenant and found it to be in violation of Delaware’s public policy against the enforcement of contractual arrangements exempting a party from tort liability for harm caused by intentional or reckless conduct. Thus, the motion to dismiss was denied. In support of his conclusion, the Vice Chancellor cited (a) the Restatement (Second) of Contracts § 195, (b) 8 Williston on Contracts § 19:24, and (c) the decision in Abry P’rs V, L.P. v. F&W Acq. LLC, 891 A.2d 1032, 1057–59 (Del. Ch. 2006).

1. Special thanks to my law partner Michael J. Halloran for his input on this decision and article. ↑

2. National Venture Capital Association, Model Legal Documents. ↑

With the recent launch of ChatGPT, artificial intelligence (AI) has been a hot topic in the news. In addition to ChatGPT being a novel and unique tool that may be used in a variety of ways, it creates novel and unique intellectual property issues and concerns.

ChatGPT represents a major improvement in our collective ability to access, process, and convey information. In the past, to answer a question, we would need to perform either simple or extensive research. If the question is relatively basic, a simple search on a search engine might suffice to provide the desired answers. If the question is more complex, additional research might be required, including, e.g., visiting a library and referencing multiple texts. Now, with the introduction of ChatGPT, all that may be required is simply posing the question to ChatGPT. This AI engine is capable of parsing the question presented and providing a thorough answer, regardless of the complexity of the question—though with inconsistent accuracy.

ChatGPT’s capabilities include improving ease of access to information, forming an appropriate response to the question posed or information requested, and conveying information in a very natural manner. Indeed, if one wanted to research ChatGPT’s capabilities and then write an article about those capabilities, the process could be short-circuited by simply asking ChatGPT to write a short article about itself. ChatGPT can prepare an article that is practically indistinguishable from a human author, without copying prior content. In fact, now you may be wondering if you are being tricked into reading an article written by ChatGPT.

The advancements represented by ChatGPT, however, raise novel issues and present certain concerns. From an intellectual property standpoint, copyright questions abound. For example, ChatGPT is a bit of a black box, and it generally does not include citations or attributions to original sources. Thus, it is unclear if particular content created by ChatGPT could infringe on another author’s copyrights.

ChatGPT may not raise any specific patent-related concerns from a content perspective. However, what if a ChatGPT-like AI was trained to create inventions? That is akin to what Stephen Thaler did, and what subsequently formed the basis for a writ of certiorari presented to the U.S. Supreme Court.

Thaler created DABUS, short for Device for the Autonomous Bootstrapping of Unified Sentience. DABUS is a combination of two AI systems, the first trained with data from a particular scientific area and used to generate novel alterations of that data, and the second developed to measure the novelty and utility of the alterations created by the first.

DABUS created two inventions that formed the basis of two patent applications at the United States Patent and Trademark Office (USPTO). These applications were subsequently rejected on the basis that they were not invented by a human. Thaler appealed to the USPTO’s review board, which upheld the USPTO’s refusal of the applications.

Thaler sought review of the USPTO’s decision in the Eastern District of Virginia. The district court sided with the USPTO, holding that an inventor must be a human. Undeterred, Thaler went to the Court of Appeals for the Federal Circuit (CAFC), which affirmed the district court’s decision—leading to Thaler’s petition for a writ of cert to the Supreme Court.

The crux of the case turned on interpretation of the relevant statutory language. In particular, 35 U.S.C. § 101 states that “[w]hoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor,” while 35 U.S.C. § 100(f) defines inventor as “the individual or, if a joint invention, the individuals collectively who invented or discovered the subject matter of the invention.”

Thaler contended that Congress did not include any restrictions on the words “inventor” or “individual” to pertain to only natural persons. Thus, according to Thaler, DABUS can be an inventor.

The district court held that “individual” ordinarily means a human being. The CAFC held that its prior decisions held that inventors must be natural persons, but acknowledged that the question in those cases pertained to corporations as the competing interest, not an AI program.

In late April, the Supreme Court refused to hear this case. In choosing to not weigh in on whether inventions created by AI may be provided the benefit of patent protection under the laws of the United States, the Court effectively answered that question with a “no,” at least for the time being.

Of course, generative AI is only in its infancy, and the future likely holds additional questions pertaining to the interrelationship between patents and generative AI. Those questions could have wide-ranging implications for both the patent system itself as well as every industry where patents operate.