By now, those in the financial services, vendor management, and consumer protection spaces have heard of Hunstein v. Preferred Collection & Management Services, Inc. and that case’s rare three trips to a federal appellate court in an effort to answer this question: Does the federal Fair Debt Collection Practices Act (“FDCPA”)^[1] apply to prohibit the very routine communications between a debt collector and its vendors? Unfortunately, none of the opinions ultimately provides an answer to this apparent question of first impression, though they imply one.

So, what message do the Hunstein opinions send to companies that regularly transmit personal and potentially sensitive information to third-party vendors?

Brief Procedural History

In Hunstein 1,^[2] a three-judge panel of the U.S. Court of Appeals for the Eleventh Circuit first unanimously held that a debt collector’s transmission of a debtor’s private data to a dunning vendor was actionable under the FDCPA.^[3]

In Hunstein 2,^[4] the same panel then sua sponte vacated and superseded Hunstein 1 (to address the intervening Supreme Court opinion of TransUnion LLC v. Ramirez^[5]) but ultimately reached the same conclusion, 2-1, although over a vociferous dissent.

The Eleventh Circuit then granted rehearing en banc and on September 8, 2022, issued its Hunstein 3^[6] opinion vacating Hunstein 2 and remanding to the district court with instructions to dismiss the case without prejudice, finding that the plaintiff failed to properly allege his claim. In doing so, the Hunstein 3 court considered but ultimately did not make a ruling on the pivotal question—that is, whether the FDCPA prohibits a debt collector from sending a consumer’s private data to a dunning vendor.

Background

Section 1692c(b) of the FDCPA provides, in pertinent part, that “without the prior consent of the consumer given directly to the debt collector, . . . a debt collector may not communicate, in connection with the collection of any debt, with any person other than the consumer.” In Hunstein, the plaintiff’s son received medical care, and the plaintiff allegedly did not pay the bill, which was then placed for collections with the defendant. The defendant, Preferred Collection, then sent certain information (including the plaintiff’s status as a debtor, the exact balance of the debt and the entity to which it was owed, the fact that the debt concerned the plaintiff’s son’s medical treatment, and the plaintiff’s son’s name) to its dunning vendor, Compumail, to issue dunning letter(s) to the plaintiff.

The issue in all three Hunstein opinions was not whether this communication of information was prohibited by § 1692c(b) but whether the plaintiff had alleged a “concrete harm” such that he had standing to bring the claim (i.e., whether the courts had a case or controversy sufficient to confer jurisdiction). Concrete harm is normally alleged by showing an injury in fact—some tangible harm to a person’s body or property. In cases of a bare statutory violation unaccompanied by an injury in fact, however, the plaintiff must show an “intangible harm.”^[7] Intangible harm is a relatively illusory concept, but one way that courts assess it is by “compar[ing] [the intangible harm] to a harm redressed in a traditional common-law tort.”^[8]

In his complaint, Hunstein alleged that Preferred Collection’s communication with Compumail in connection with debt collections was comparable to the common-law tort of public disclosure of private facts (“public disclosure”), which requires showing, among other things, the “publicity” of private information.

The Majority Opinion

The Hunstein 3 majority ultimately punted on whether the plaintiff had shown standing, ruling that Hunstein had failed to even allege publicity in his complaint and thus had failed to state a prima facie case for concrete harm.

According to the majority, publication—“to communicate a fact concerning the plaintiff’s private life to a single person or even to a . . . group of persons”—is insufficient to show a public disclosure.^[9] Publicity, on the other hand, “requires either actual public disclosure or a substantial certainty that the disclosed information will reach the public at large.”^[10] This was not present in Hunstein’s complaint, the court reasoned, because “Hunstein did not even allege that a single [Compumail] employee ever read or understood the information about his debt.”^[11] Thus, the court remanded for dismissal without prejudice because “Hunstein did not allege any publicity at all.”^[12]

The majority relied heavily on the Supreme Court’s 2021 decision in TransUnion, where the Court considered whether the plaintiffs (a class) had alleged concrete injury in their claims that TransUnion, the defendant credit reporting agency, failed to use reasonable procedures to ensure the accuracy of their credit reporting so as not to include inaccurate Office of Foreign Assets Control data labeling the plaintiffs as potential terrorists.^[13] In order to determine if the plaintiffs alleged concrete injury from a bare statutory violation (i.e., unaccompanied by an injury in fact), the Court compared the plaintiffs’ alleged harm to defamation, which traditionally requires publication (which, unlike publicity, can be a private communication) of a false statement. The Court ultimately concluded that the 1,856 class members whose credit reports had been disseminated to third parties (mainly creditors or potential creditors doing credit checks) had alleged a sufficient intangible injury to confer standing, whereas the 6,332 class members whose credit reports were never disseminated did not:

In cases such as these where allegedly inaccurate or misleading information sits in a company database, the plaintiffs’ harm is roughly the same, legally speaking, as if someone wrote a defamatory letter and then stored it in her desk drawer. A letter that is not sent does not harm anyone, no matter how insulting the letter is.^[14]

In reaching its conclusion in Hunstein, the majority reasoned that Hunstein effectively claimed that Preferred Collection sent Hunstein’s information to Compumail, where it “[sat] in a company database.”^[15]

So where does that leave us? Technically, Hunstein 3 is nothing more than a guide on how to (and how not to) plead an FDCPA claim. Some value can be gleaned, however, from the majority’s dicta, in which it suggested that it would not have found standing even if Hunstein had alleged that Compumail’s employees read or understood the information because this would have been publication but not publicity.

In drawing the distinction between public (publicity) and private (publication) communications, the court reasoned that “any publication in a newspaper or a magazine, even of small circulation, or in a handbill distributed to a large number of persons, or any broadcast over the radio, or statement made in an address to a large audience, is sufficient to give publicity.”^[16] On the other hand, “[w]hen a trade secret is communicated to thousands of new employees after a merger, for example, it does not become public information.”^[17]

So, was Preferred Collection’s transmission of Hunstein’s personal information publication or publicity? The court ultimately did not answer this question, but its approach in dicta strongly implies that it would have characterized the communication as a private disclosure, and thus the transmission of information would be insufficient to establish a concrete injury under the comparison to public disclosure:

• “All that to say, nowhere does Hunstein suggest that Preferred Collection’s communication reached, or was sure to reach, the public. Quite the opposite—the complaint describes a disclosure that reached a single intermediary, which then passed the information back to Hunstein without sharing it more broadly.”^[18]
• “Under even the most generous reading of [Hunstein’s] complaint, one company sent his information to another, where it was ‘populated’ into a private letter that was sent to his own home. That is simply not enough.”^[19]
• “So Preferred [Collection] did indeed disclose information to the mail vendor’s agents, but the complaint describes the same automatic process that the Supreme Court explained does not constitute an injury.”^[20]

The Concurrence

The concurrence echoed the majority’s holding but went further to draw a second distinction between Hunstein’s claims and another element of the comparator tort of public disclosure—that the information communicated was “highly offensive.”^[21]

Even if there was publicity, the concurrence reasoned, it would not be an actionable public disclosure because the information communicated may have caused personal offense (which is not sufficient) but was not “a kind highly offensive to the ordinary reasonable man.”^[22]

The Dissent

The dissent started off by calling into question the majority’s “refusing to give Hunstein’s complaint an appropriately charitable reading and, worse, just flat disregarding its express allegations.”^[23] The dissent quoted the complaint where it says, “Preferred [Collection] violated [the FDCPA] when it disclosed information about Mr. Hunstein’s purported [medical] debt to the employees of an unauthorized third-party . . . in connection with the collection of the Debt.”^[24] Moreover, the dissent raised “the eminently reasonable inference that the flesh-and-blood individuals to whom that information was disclosed read it.”^[25]

The dissent also called into question the majority’s reliance on the Supreme Court’s decision in TransUnion because that case was decided on the merits and appealed postjudgment, whereas the Hunstein 3 opinion was decided at the pleading stage on a motion to dismiss, at which point the plaintiff’s claims are read in the light most favorable to the plaintiff, indulging every inference in the plaintiff’s favor. Under this more forgiving light, the dissent concluded, Hunstein stated a prima facie case for an intangible injury as compared to public disclosure.

Conclusion

The Hunstein case on its face is a little bit of much ado about nothing. Hunstein advanced a relatively novel theory that the FDCPA acts as a consumer-privacy statute, and the Hunstein 1 and 2 panels tacitly approved by finding standing—only to have the en banc Eleventh Circuit effectively overrule and dismiss on the basis that Hunstein failed to adequately allege one of the elements of public disclosure. The court dodged the substantive question, and the ruling ultimately does little more than provide rudimentary-level guidance on how to plead a claim.

But, to the extent that the Eleventh Circuit decision (and potentially that of another circuit) comported with the Hunstein 3 dicta, the conclusion would seemingly be that the FDCPA does not confer standing to bring consumer-privacy claims on the basis of a debt collector’s transmission of a consumer’s information to a dunning vendor. And, of course, the concurrence raises the question not reached: Even if there was publicity, was the information conveyed the type of “highly offensive” disclosure that is actionable in public disclosure? The concurrence concluded that it was not.

This is almost certainly not the final word on the machination of consumer-privacy claims under the FDCPA. Indeed, we may even see Hunstein refile his complaint with the magic missing language. Or Hunstein may decide to appeal the decision up to the Supreme Court for a final resolution on the issue of standing.

Takeaway

Until then, with little to nothing in the way of precedent from the Eleventh Circuit to date, debt collectors and lenders who meet the definition of a debt collector in all jurisdictions need to take affirmative steps to implement policies and procedures to avoid (or at least mitigate) class-action FDCPA cases based upon a defendant’s continued (and prior) use of third-party debt-collection vendors. Even if your company is not a debt collector and would not be subject to the FDCPA, the facts in Hunstein should give you pause if you regularly transmit personal and potentially sensitive information regarding consumers to third-party vendors. What can your company do to avoid a similar suit?

Consumer privacy is a huge concern for regulators of all kinds. This is nothing new. But the focus on vendor management (or lack thereof) and how it contributes to the violation of consumer privacy is relatively new. Whenever your company is negotiating with a vendor that will be touching consumer information, make certain that vendor will be contractually obligated to maintain that information in the strictest confidence. Because Hunstein was decided on a motion to dismiss, we did not get to see what facts Preferred Collection had in its defense. Perhaps its agreement with Compumail restricted access to debtor information to a small group of Compumail employees tasked with preparing its dunning letters. That would certainly have been a fact in favor of showing that there was no publication, let alone publicity, of Hunstein’s information.

Use this opportunity to review your company’s contracts with its vendors and ensure that the confidentiality provisions restrict access to sensitive data. Even if Hunstein was ultimately much ado about nothing, it is a powerful reminder of the risk associated with vendor management.

1. 15 U.S.C. § 1692. ↑

2. Richard Hunstein v. Preferred Collection & Mgmt. Servs., Inc. (Hunstein 1), 994 F.3d 1341, 1344 (11th Cir. 2021), opinion vacated & superseded on reh’g, 17 F.4th 1016 (11th Cir. 2021), reh’g en banc granted & opinion vacated, 17 F.4th 1103 (11th Cir. 2021), and reh’g en banc, No. 19-14434, 2022 WL 4102824 (11th Cir. Sept. 8, 2022). ↑

3. To read more about Hunstein 1, see our prior Client Alert, Eleventh Circuit Renews the FDCPA as a Consumer Privacy Statute; Deals Major Blow to Debt Collection Services, ADAMS & REESE (Apr. 29, 2021). ↑

4. Richard Hunstein v. Preferred Collection & Mgmt. Servs., Inc. (Hunstein 2), 17 F.4th 1016, 1020 (11th Cir. 2021), reh’g en banc granted & opinion vacated, 17 F.4th 1103 (11th Cir. 2021), and reh’g en banc, No. 19-14434, 2022 WL 4102824 (11th Cir. Sept. 8, 2022). ↑

5. TransUnion LLC v. Ramirez, 141 S. Ct. 2190 (2021). ↑

6. Richard Hunstein v. Preferred Collection & Mgmt. Servs., Inc. (Hunstein 3), No. 19-14434, 2022 WL 4102824 (11th Cir. Sept. 8, 2022). ↑

7. See TransUnion, 141 S. Ct. at 2205 (“[U]nder Article III, an injury in law is not an injury in fact. Only those plaintiffs who have been concretely harmed by a defendant’s statutory violation may sue that private defendant over that violation in federal court.”). ↑

8. Hunstein 3, 2022 WL 4102824, at *1. ↑

9. Id. at *9 (quoting and citing RESTATEMENT (SECOND) OF TORTS § 652D cmt. a (AM. L. INST. 1977)). ↑

10. Id. at *8. ↑

11. Id. ↑

12. Id. at *10. ↑

13. TransUnion LLC v. Ramirez, 141 S. Ct. 2190, 2205 (2021). ↑

14. Id. at 2210; see also id. n.6 (publication (and, according to the Hunstein 3 majority, therefore publicity) “generally require[s] evidence that the document was actually read and not merely processed” (citations omitted)). ↑

15. Hunstein 3, 2022 WL 4102824, at *11 (citing and quoting TransUnion, 141 S. Ct. at 2210). ↑

16. Id. ↑

17. Id. at *7. The keen observer might question whether an emerging company’s disclosure of its own trade secrets would be a relevant comparator to public disclosure of private facts. The dissent pointed this out, see id. at *28 n.12, to which the majority responded, see id. at *7 n.7. ↑

18. Id. at *8. ↑

19. Id. ↑

20. Id. at *13 (citing and quoting TransUnion, 141 S. Ct. at 2210 n.6 (requiring that “the document was actually read and not merely processed” (emphasis added)). ↑

21. Id. at *15. ↑

22. Id. at *14 (quoting and citing RESTATEMENT (SECOND) OF TORTS § 652D cmt. c (Am. L. Inst. 1977)) (emphasis omitted). ↑

23. Id. at *26. ↑

24. Id. at *27 (citing and quoting the complaint, ¶ 5) (emphasis omitted). ↑

25. Id. at *19. ↑

On March 9, 2022, the Securities and Exchange Commission (SEC) proposed amendments to its rules that would, it hopes, “enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies.” These proposed new rules augment the current guidance covering certain cyber incidents that need to be reported by public companies. Among the proposed changes are periodic reports on (1) policies and procedures concerning cybersecurity risks, (2) the entity’s board of directors’ oversight of cyber risks, and (3) management’s ability to assess and respond to cyber risks.

As Jay H. Knight, chair of the American Bar Association Business Law Section’s Federal Regulation of Securities Committee noted in the committee’s comment, “[i]nvestors only benefit when there is decision-useful information that can be provided.” In the early minutes, hours, or even days of a cyber incident, “decision-useful” information may be hard to come by as firms, businesses, and organizations work to address the failure, assess the vulnerability, and implement a response. Having the infrastructure necessary for an effective response to a cyber incident was important before the SEC’s proposed amendments—should they be implemented, that infrastructure will quickly become a necessity.

What does all of this mean? It may be too early to tell as the final rule has yet to be published, but there are steps that organizations can take to minimize the risks that more stringent reporting requirements may impose. The ABA Cybersecurity Legal Task Force (Task Force) recently published the third edition of The ABA Cybersecurity Handbook (hereinafter Cybersecurity Handbook), which combines data, expertise, and experience from professionals across industries to educate lawyers, law firms, and business professionals. While this new book focuses on all key aspects of cybersecurity, several topics addressed in the book are especially important to consider in light of the proposed SEC rule.

Cyber Training

First, public companies should consider cyber training in the context of the company as a culture, rather than as a one-time or annual check-the-box action. Insider threats (e.g., accidental data loss and malicious data exfiltration) have increased 47 percent between 2018 and 2020, accounting for nearly a quarter of security incidents. In the United Kingdom, 88 percent of data breaches were caused by human error, with malicious activity accounting for a mere 12 percent. A culture of responsibility that prioritizes data security and emphasizes the importance of everyone in the organization is an opportunity to drastically decrease the number of adverse events that you or your client’s organization will encounter.

A culture of accountability and security requires that individuals in every role understand how they fit into a security scheme and the importance of their role. As Ruth Hill Bro, a former chair of the Task Force, and Jill Rhodes, an editor of the third edition of the Cybersecurity Handbook, wrote, organizations should “Get SMART on Data Protection Training.” SMART training consists of five steps: (1) Start training on hiring, (2) Measure what you do, (3) Always train, (4) Raise awareness and provide updates continually, and (5) Tailor training by role. Each of these steps is important in its own right, but organizations should especially take note of raising awareness and providing continual updates. Ongoing updates ensure that your entire organization is aware of current threats; response plans; and legal, ethical, and organizational requirements in the event of an incident.

Technology and bad actors are constantly evolving, and a response plan should similarly adjust in response to new and emerging threats. Ensuring that all members of your organization are aware of threats and understand their role within the response schema will provide a strong foundation from which you can respond to whatever reporting requirement the SEC implements.

Risk Management

Equally important is that public companies have and practice a proactive plan to address incidents, whenever and however they may arise. Risk management is nothing new to businesses, but hybrid working environments, increased reliance on networks, information as a service, and other considerations have exposed organizations to a threat landscape almost unrecognizable from the prepandemic environment.

In the Cybersecurity Handbook, Claudia Rast—the practice department chair of the Intellectual Property, Cybersecurity and Emerging Technology Group at Butzel Long and current cochair of the Task Force—and John DiMaria, an assurance investigatory fellow and research fellow with the Cloud Security Alliance, identified national and international authorities and standards that can help guide organizations creating or updating their cyber infrastructure. These authorities include domestic executive action, such as the Executive Order on Improving the Nation’s Cybersecurity; actions by the European Union Agency for Cybersecurity; and nongovernmental organizations, including the International Organization for Standardization. Rast and DiMaria distilled the numerous authorities and standards down to four steps: (1) establish your team, (2) understand your capabilities and risks, (3) develop a plan, and (4) implement and test the plan. These steps connect the security culture that you have created with an organized chain of command that, coupled with actionable procedures, will allow your organization to respond to “decision-useful” information and distinguish it from distractions.

Whatever the reporting requirements that the SEC decides to implement, they will be a small part in the larger response plan that your organization implements. A response plan must also include state, federal, international, and public relations considerations, as well as any other considerations deemed important.

Conclusion

The cyber-threat environment is constantly changing, but actions by regulators like the SEC can give insight into how the threat landscape is changing, where new threats could arise, and how to best respond to them. SEC guidance today already requires publicly traded companies to disclose material cyber incidents, but that responsibility will increase in a way as yet undefined. Whatever the SEC’s final rule looks like, organizations will have to adjust their cybersecurity infrastructure and response plans to adjust to the new requirements. While it is impossible to know with certainty today the specifics of the final SEC rule, these changes are an opportunity for organizations to evaluate and adjust their training, response plans, and cyber infrastructure.

The ABA Cybersecurity Handbook (third edition) can help with that evaluation and adjustment—and, in general, help lawyers prepare for the upcoming new terrain of cybersecurity reporting. You can save 20 percent with the code ABACYBER20 through February 28, 2023.

We often look to the federal judiciary as the gold standard of American jurisprudence. State courts frequently find federal opinions persuasive. Confirmation hearings for federal judges are televised. Indeed, the federal judiciary is even enshrined in Article III of the U.S. Constitution. And while we can expect that opinions issued by federal judges interpreting statutes and laws may differ somewhat across the nation’s districts and circuits, lawyers, businesses, and the public at large have come to expect—and rely upon—a degree of consistency in the federal judiciary’s decisions. However, when it comes to the rapidly evolving cannabis industry, the federal judiciary has been anything but consistent.

For example, federal courts have ruled that Title VII of the Civil Rights Act of 1964 (“Title VII”) prohibits cannabis employers from discriminating against employees.^[1] Additionally, federal agencies will hold cannabis employers accountable for discrimination in the workplace.^[2] Instead of addressing the legality of the workplace in the first place, or the legality of plaintiffs’ own conduct by working in the state-legal-but-federally-prohibited marijuana industry, the federal courts squarely focus on the factors that a plaintiff must necessarily allege in order to set forth a case for retaliation under Title VII and wholly ignore the fact that cannabis is and continues to be classified as an illegal substance under the Controlled Substances Act (“CSA”).

Likewise, federal courts have ruled that the Fair Labor Standards Act (“FLSA”), which regulates minimum wage, overtime pay, record keeping, and youth employment standards, also applies to the cannabis industry. For example, in Kenney v. Helix TCS, Inc., the U.S. Court of Appeals for the Tenth Circuit ruled that the context of the FLSA is clear that employers are not excused from complying with federal wage and hour laws just because their business practices may violate federal law, and therefore the FLSA applies to a marijuana worker even though marijuana is deemed illegal by the CSA.^[3]

Between Title VII and the FLSA, the federal courts’ analysis ignores the illegality of the cannabis industry and instead focuses on whether the actual law itself is being violated. However, this approach directly contradicts the position the federal courts have adopted under Titles I and II of the Americans with Disabilities Act (“ADA”), which prohibit the discrimination of employees in the workplace (both for private entities (Title I) and public entities (Title II)) based on their disabilities. Contrasting with the federal courts’ approach to Title VII and FLSA, which ignores marijuana’s status as illegal under federal law, the illegal status of marijuana is a central basis for the federal judiciary to simultaneously conclude that Titles I and II of the ADA provide no protection against discrimination on the basis of medical marijuana use, even where that use is state-authorized and physician-supervised.^[4] Federal courts have likewise consistently rejected the argument that discrimination on the basis of medical marijuana use reflects discrimination on the basis of the disability that the medical marijuana is used to treat.^[5] In these opinions, the federal courts point to the illegality of marijuana under the CSA as a reason for excepting it as a basis for discrimination under Titles I and II of the ADA.^[6] Federal courts could very well take this same approach when addressing discrimination under Title VII or wage and hour claims under the FLSA—that is, courts could refuse to provide protections to workers in state-legal marijuana industries—but, to date, with respect to the two latter statutes, the courts’ analysis instead focuses on the violation of the underlying statute itself, not the illegality of the substance under the CSA.

Muddying the waters even further is the fact that that federal courts will likely require cannabis businesses to be in compliance with Title III of the ADA, which is a separate provision of the ADA that prohibits discrimination in public accommodations on the basis of disabilities. For example, in Smith v. 116 S Market LLC, the U.S. Court of Appeals for the Ninth Circuit affirmed a district court’s ruling that the defendant had violated Title III of the ADA by failing to provide ADA-compliant parking spaces and routes to its property, which was leased to a marijuana dispensary.^[7] The Ninth Circuit distinguished its Smith opinion from that of James v. City of Costa Mesa (“James”),^[8] in which it ruled that Title II of the ADA did not prohibit discrimination on the basis of medicinal marijuana use, because (1) the two cases arose under different provisions of the ADA; (2) James was limited in its holding to medical marijuana users who claim to face discrimination on the basis of their marijuana use; and (3) the district court’s ruling was silent as to marijuana use and only required compliance with the ADA. These are hardly compelling distinguishing factors; at a minimum, the Ninth Circuit, on its face, appears to be treating cannabis use differently within the same federal statute.

The federal judiciary’s inconsistent opinions extend beyond employment law statutes. Recently, the U.S. Court of Appeals for the Sixth Circuit ruled in Great Lakes Cultivation, LLC v. Vara (In re Great Lakes Cultivation, LLC) that federal bankruptcy protections and processes are not available for assets that are used for, or generated by, a business prohibited under the CSA.^[9] However, this reasoning begs the question: if a cannabis business cannot file for federal bankruptcy protections because its business practices are prohibited under the CSA, and an employee cannot maintain a claim for disability discrimination under Titles I and II of the ADA because marijuana is an illegal substance under the CSA, why do those same business practices trigger federal protections for employees who are subject to discrimination under Title VII and wage protection under the FLSA? The status of marijuana as illegal under the CSA appears to apply to prohibit individuals and businesses from seeking protection under the law in some instances, while it is wholly ignored in others.

When read independently, each opinion makes logical sense. However, when read together, it is clear that the federal judiciary has not been able to commit to a consistent position with respect to applying federal statutes to the cannabis industry. This is concerning for both cannabis businesses and the legal professionals who advise them because not only are inconsistent rulings unfair and unpredictable, but they also can have tangible “chilling effects” on the industry, stymieing growth for an industry otherwise poised for rapid expansion in the future.

Given the uncertainties inherent in the cannabis industry, as well as the numerous and demanding state regulations with which most marijuana businesses must contend, well-advised cannabis businesses must be aware of the federal statutes that apply to the industry and, perhaps even more importantly, how federal courts are interpreting these statutes. Depending on, apparently, the specific subdivision of the law being applied to a particular set of facts (e.g., Title III versus Titles I and II of the ADA), federal courts will treat even the most upstanding and reputable marijuana business either the same as any other legitimate business, or as a miscreant without permission to enter through the courthouse gates.

1. Aichele v. Blue Elephant Holdings, LLC, 292 F. Supp. 3d 1104 (D. Or. 2017); Jones v. Blair Wellness Ctr., LLC, No. ADC-21-2606, 2022 U.S. Dist. LEXIS 66919 (D. Md. Apr. 11, 2022). ↑

2. EEOC v. AMMA Inv. Grp., LLC, No. 1:30cv2786 (D. Md. Sept. 24, 2020). ↑

3. 284 F. Supp. 3d 1186 (10th Cir. 2018). ↑

4. Zarazua v, Ricketts, No. 8:17-cv-318, 2017 U.S. Dist. LEXIS 161990, at *5 (D. Neb. 2017) (no cognizable claim under the ADA for denial of access to medical marijuana); Steele v. Stallion Rockies, Ltd., 106 F. Supp. 3d 1205, 1212 (D. Colo. 2015) (termination on basis of medical marijuana use did not constitute discrimination for purposes of the ADA); Forest City Residential Mgmt. v. Beasley, 71 F. Supp. 3d 715, 731 (E.D. Mich. 2014) (medical marijuana user was not an individual with a qualified disability). ↑

5. Bailey v. Real Time Staffing Servs., 543 F. App’x 520, 524 (6th Cir. 2013) (unpublished); Eccleston v. City of Waterbury, No. 3:19-cv-1614 (SRU), 2021 U.S. Dist. LEXIS 52835, at *17 (D. Conn. Mar. 22, 2021). ↑

6. For example, in the Eccleston opinion, Judge Underhill stated, “[B]ecause medical marijuana does not fit within the supervised-use exception [of the ADA] and remains illegal under federal law, an individual who uses medical marijuana cannot state a prima facie case under the ADA for discrimination on the basis of medical marijuana use.” Id. at *18 (emphasis in original); see also James v. City of Costa Mesa, 700 F.3d 394, 403 (9th Cir. 2012). ↑

7. 831 F. App’x 355 (9th Cir. 2020) (unpublished). ↑

8. 700 F.3d 394. ↑

9. No. 21-12775, 2022 U.S. Dist. LEXIS 148145 (6th Cir. 2022). ↑

This article is the third in a series reviewing recent regulatory developments related to cryptoasset-related issues in the banking sector. Previous articles discussed a potential U.S. central bank digital currency and legislative efforts to regulate stablecoins.

In recent years, some states have started to approve limited purpose banking charters for firms offering cryptoasset services to customers. Well-known among these are the Wyoming Special Purpose Depository Institution (“SPDI”) charter and the New York limited purpose trust company charter.^[1] This article provides a brief overview of these developments, as well as the use of M&A by cryptoasset-focused firms to acquire a bank charter.

In September 2020, the Wyoming Division of Banking (“WDoB”) approved Kraken Bank to become the first SPDI.^[2] In October 2020, Avanti Bank & Trust (now called Custodia) also was approved for a SPDI charter by the WDoB to engage in cryptoasset activities, including providing a stablecoin-type product called Avit.^[3] As of June 2022, there were nine virtual currency businesses operating under a New York limited purpose trust company charter, including Coinbase, Fidelity, Gemini, and Bakkt.

At the federal level, under former Acting Comptroller of the Currency Brian Brooks, the Office of the Comptroller of the Currency (“OCC”) accepted two conversion applications and one de novo national trust bank charter from cryptoasset firms proposing to engage in cryptoasset activities. On January 13, 2021, the OCC granted its first conditional approval to Anchorage Trust Company, a South Dakota non‑depository public trust company, for conversion to a national trust bank operating under the title of Anchorage Digital Bank, National Association.^[4] On February 4, 2021, the OCC granted conditional approval for Protego Trust Company, a Washington state trust company, to convert to a national trust bank under the title Protego Trust Bank, National Association.^[5] And on April 23, 2021, the OCC granted preliminary conditional approval for the de novo charter of Paxos National Trust.^[6] These approvals came on the heels of an interpretation issued by the OCC’s Chief Counsel that the OCC has authority to expand the activities of national trust banks to include certain activities of state trust banks under the “bootstrap” provision of 12 U.S.C. § 92a and the “business of banking” under 12 U.S.C. § 24 (Seventh).^[7]

The national trust banks that received approvals proposed to engage in a range of cryptoasset custody and related activities, including providing fiduciary custody of digital assets, custody and management of stablecoin reserves, custody of client cash deposits, settlement of transactions, on-chain governance services, transaction validation, staking services, payment exchange, and other agent services. Moreover, some banks proposed to offer platform services, including running a client-to-client trading platform for assets under custody, operating a client-to-client lending platform, and managing a platform for the origination and issuance of new digital assets whereby asset owners can digitize existing and prospective assets. Finally, some banks also would provide certain “know your customer” services, such as customer identification, sanctions screening, enhanced due diligence, and customer risk rating.

These approvals may have come under greater scrutiny under current Acting Comptroller, Michael Hsu, who has stated that the agency would review the provisional approvals granted under former Acting Comptroller of the Currency Brooks’ leadership.^[8] For example, Anchorage Digital Bank was recently issued a consent order for failing to meet the Bank Secrecy Act/anti-money laundering (“BSA/AML”) requirements under its operating agreement with the OCC.^[9]

More generally, OCC Interpretive Letter 1179, issued under Hsu and clarifying earlier interpretive letters (including Interpretive Letter 1176), suggests that while the path to charter a national trust bank engaged in cryptoasset-related activities remains available, it is narrower than the path envisioned by former Acting Comptroller Brooks.^[10] Notably, to date, no new national trust bank charter for a crypto‑native company has been approved by the OCC under current leadership.

Other innovation-focused companies have taken the M&A route rather than applying for a de novo or charter conversion with the OCC. For example, in September 2020, Fintech startup Jiko acquired Mid-Central National Bank, and in February 2021, LendingClub completed its acquisition of digital bank Radius Bank. In January 2022, federal banking regulators also approved SoFi’s application to acquire Golden Pacific Bank. In granting the approval, however, the OCC stated that the acquired bank may not engage in any cryptoasset activities or services currently conducted by SoFi unless it has received prior written determination of no supervisory objection from the OCC. In addition, the Federal Reserve Bank of San Francisco stated that “SoFi is currently engaged in crypto-asset related activities that the [FRB] has not found to be permissible for a bank holding company or a financial holding company” and must divest or conform to the requirements of the Bank Holding Company Act within the available two-year conformance period (subject to any available extension).^[11] SoFi’s current investment offerings include a cryptoasset trading service that offers trading in Bitcoin, Ethereum, Dogecoin, Cardano, and 26 more coins.^[12] To date, the FRB has not issued any guidance on permissible cryptoasset activities of bank holding companies.

The introduction of special purpose banking charters from states and the OCC’s acceptance of conversion and de novo charters represent new options for companies offering cryptoasset services to operate within the regulatory perimeter. Recent bank M&A deals also evidence the diverse paths that companies are taking to offer such services, particularly as the regulators under the Biden administration have seemed less receptive to charter applications. It remains to be seen, however, which path(s) will emerge as a dominant or favored approach by regulators and the industry.

1. New York also offers virtual currency licenses for businesses conducting cryptoasset activities, known as the BitLicense. ↑

2. “Kraken Wins Bank Charter Approval,” KrakenFX (September 16, 2020). ↑

3. “Avanti Granted Bank Charter and Approval of Business Plan for Digital Asset Custody and Tokenized U.S. Dollar,” Custodia (October 28, 2020). ↑

4. “Re: Application by Anchorage Trust Company, Sioux Falls, South Dakota to Convert to a National Trust Bank,” Office of the Comptroller of the Currency (January 13, 2021). ↑

5. “Re: Application by Protego Trust Company, Seattle, Washington, to Convert to a National Trust Bank,” Office of the Comptroller of the Currency (February 4, 2021). ↑

6. “Re: Application to charter Paxos National Trust, New York, New York,” Office of the Comptroller of the Currency (April 23, 2021). ↑

7. OCC, Interpretive Letter #1176 (January 11, 2021). See also “OCC Updates Guidance on Cryptoasset-related Activities of Banks,” Cravath, Swaine & Moore client memo (November 29, 2021). ↑

8. “OCC’s Hsu: Recent Approvals of Crypto Charters ‘On the Table’ for Review,” ABA Banking Journal (June 2, 2021). ↑

9. “OCC Issues Consent Order Against Anchorage Digital Bank,” News Release 2022-41 (April 21, 2022). In the press release, Hsu stated, “The OCC holds all nationally chartered banks to the same high standards, whether they engage in traditional or novel activities. When institutions fall short, we will take action and hold them accountable to ensure compliance with federal laws and regulations.” ↑

10. OCC, Interpretive Letter #1179 (November 18, 2021). ↑

11. Letter from Sebastian R. Astrada, Fed. Res. Bank of S.F., to Mr. Richard K. Kim (January 18, 2022) (on file with author). Cf. “Re: Conditional Approval to charter SoFi Interim Bank, National Association, Cottonwood Heights, Utah and for SoFi Interim Bank, National Association to merge with and into Golden Pacific Bank, National Association, Sacramento, California and engage in a change in asset composition,” Office of the Comptroller of the Currency (January 18, 2022). ↑

12. Based on the descriptions available on SoFi’s website. ↑

The Securities and Exchange Commission (“SEC”) has recently brought several enforcement actions that directly or indirectly involved lawyers. These actions provide reminders to lawyers of their professional responsibility in representing clients, including in connection with giving legal opinions and responding to auditors. The professional responsibility of lawyers has recently been the focus of both the SEC and the Delaware courts.^[1]

Synchronoss and Its General Counsel

On June 7, 2022, the SEC announced a settled enforcement action against Synchronoss Technologies, Inc. charging it and several of its senior employees with accounting fraud for improperly recognizing revenue on multiple transactions and misleading the company’s auditors.^[2] The employees charged included the company’s general counsel, who also settled charges that he misled the auditors regarding two of the transactions.^[3]

One of the transactions involved a purported sale of a license to a customer that the company booked as revenue despite the customer’s communicating several times that there was no agreement and no commitment on its part. The SEC order states that the general counsel reviewed the communications and responses that did not dispute the customer’s statements and remained silent at an audit committee meeting when the CFO explained to the audit committee and the auditors that issues with unbilled receivables were due to “management changes” at the customer but did not advise them that the customer disputed having any commitment. According to the order, the general counsel also prepared and signed the minutes of the meeting that he knew or should have known would be shared with the auditors.

The other transaction involved an acquisition and a sale of a license on the same day, with the accounting issue being whether the license sale was a separate transaction under the applicable accounting standard. If a separate transaction, the license sale could be accounted for under generally accepted accounting principles for that type of transaction (e.g., revenue could be recognized); if not, it would be considered part of the acquisition consideration and accounted for under acquisition accounting as a reduction of purchase price. Although the license sale purported to be to settle claims of infringing Synchronoss’s patents, the SEC order states that the general counsel knew or should have known that the acquisition and license were negotiated together, with the acquisition contingent on the license sale, and that Synchronoss had not identified patent infringement claims until after negotiation of the acquisition began. The SEC states that the general counsel made misleading representations to the auditor to support treating the license sale as a separate transaction without providing the information that would have been material to determining to treat the license sale not as revenue but as an adjustment to the purchase price of the acquisition.

Unlike the SEC action against RPM International Inc. and its general counsel,^[4] this action did not involve an audit response letter addressing a loss contingency. Instead, this action raises the question of the extent to which a lawyer is responsible for other accounting determinations, such as a complex subject like revenue recognition. We should bear in mind that this was a settled action, with the sanctions being such that the general counsel’s agreeing to a settlement, as in the RPM matter, is understandable. Nevertheless, the action emphasizes the importance of the need for lawyers to be sensitive to the information provided to the audit committee and the auditors in connection with their involvement in accounting decisions made by their companies.

Ernst & Young Order Involving Cheating on CPA Exams

On June 28, 2022, the SEC announced the settlement of charges against Ernst & Young LLP (“EY”) for cheating by its audit professionals on CPA exams and for withholding evidence of misconduct from the SEC during its investigation of the matter.^[5] EY agreed to pay a $100 million penalty, the largest ever against an audit firm, and to undertake remedial measures to fix the firm’s ethical issues and deficient quality controls.

The SEC action is based upon a significant number of EY audit professionals, over multiple years, cheating on CPA exams by using answer keys and sharing them with colleagues. Ironically, the cheating took place on the ethics exams required of CPAs to confirm that they understand their ethical responsibilities in performing their essential role as gatekeepers in the public interest. In addition, many other EY professionals who knew of the cheating failed to report it. EY had experienced a similar though less widespread problem several years earlier, which it had sought to address.

To make matters worse in the SEC’s view, EY withheld the misconduct from the SEC during its investigation by giving the impression in its response that it did not have any current issues with cheating and then by failing to correct that misleading response.

The actions of EY in responding to the SEC cannot be fully understood, however, without also reading SEC Commissioner Peirce’s dissenting statement.^[6] Although she supported the enforcement action against EY for the cheating, she was concerned about some of the remedial measures imposed on EY for its failure to correct a response to an SEC voluntary information request, especially when the response appeared to be correct when given. According to Commissioner Peirce’s statement, following a June 19, 2019, settlement with KPMG relating to cheating on CPA exams using information improperly shared by former Public Company Accounting Oversight Board (“PCAOB”) personnel, the SEC launched a general industry inquiry, with EY receiving a voluntary request for information about any ethics or whistleblower complaints regarding testing. In accordance with the SEC’s aggressive deadline, EY responded the next day, June 20, disclosing five past incidents but no current issue. On the same day as receipt of the SEC request (June 19), an EY employee reported to a manager that an EY professional had emailed that employee answers to a CPA ethics exam. The report was escalated to EY’s human resources group, but the senior EY attorneys who reviewed EY’s June 20 response to the SEC were apprised of the report “no later than June 21,” which was after the June 20 response. EY commenced an internal investigation that uncovered the cheating and significant misconduct and, nine months later, when it completed the internal investigation and developed a plan to address the problem, informed the PCAOB, which in turn notified the SEC.

The issue identified by Commissioner Peirce is the responsibility of lawyers responding to an SEC voluntary request for information to correct previously provided information based on later-learned information while an internal investigation is underway to determine the extent of the problem and develop solutions. She also was troubled by the settlement’s remedy that EY conduct an independent review, overseen by an independent consultant, of EY’s disclosure failures relating to the SEC’s June 19 information request, including whether any member of EY’s executive team, General Counsel’s Office, compliance staff, or other employees contributed to EY’s failure to correct its misleading submission, with the independent consultant to have full access to EY’s privileged information. The independent consultant also is to have final authority as to any employment actions (i.e., disciplining or firing) or other remedial steps. Commissioner Peirce characterizes this remedial provision as an “implicit directive to find attorneys and compliance personnel to blame for not complying with a non-existent obligation to correct the June 20 submission.”

There obviously are lessons in the EY order on how to respond to and deal with the SEC during the course of an investigation, especially when the response is voluntary. The order also highlights the challenge of dealing with information while the nature and scope of that information is evolving, for example because an internal investigation initiated as a result of a whistleblower complaint is ongoing. This is a similar situation to the one faced when responding to auditors about government investigations, such as one initiated by a whistleblower qui tam complaint under the False Claims Act, which was the situation involved in the RPM enforcement matter.^[7]

Hamilton Investment Counsel and its Chief Compliance Officer

On June 30, 2022, the SEC announced a settled enforcement action against Hamilton Investment Counsel, LLC, a registered investment advisor, and its principal and chief compliance officer (“CCO”) for failure to adequately implement its compliance program in connection with one of Hamilton’s investment advisor representatives engaging to the detriment of customers in undisclosed outside business activities that were required to be reported under Hamilton’s compliance policy.^[8]

In supporting the settled enforcement action, Commissioner Peirce took the opportunity to outline the considerations relevant, in her view, to charge a CCO with responsibility for compliance violations by the CCO’s firm, which is the party with the compliance obligation. In doing so, she referenced that New York City Bar Association Compliance Committee’s proposed Framework^[9] that focused on whether the CCO’s conduct was not just “debatably inappropriate” but rather was “wildly inappropriate” or demonstrated a “wholesale failure” to carry out compliance responsibilities.^[10] Commissioner Peirce analyzed the Hamilton CCO’s conduct against the following questions identified in the Framework:

• Did the CCO not make a good faith effort to fulfill his or her responsibilities?
• Did the wholesale failure relate to a fundamental or central aspect of a well-run compliance program at the registrant?
• Did the wholesale failure persist over time and/or did the CCO have multiple opportunities to cure the lapse?
• Did the wholesale failure relate to a discrete specified obligation under the securities law or the compliance program at the registrant?
• Did the SEC issue rules or guidance on point to the substantive area of compliance to which the wholesale failure relates?
• Did an aggravating factor add to the seriousness of the CCO’s conduct?

It is not the purpose of this article to assess whether the particular facts in this SEC enforcement action justified the charges against the Hamilton CCO as measured under the Framework. Rather, the enforcement order and Framework should be helpful in considering the professional responsibility of lawyers and their exposure to SEC enforcement actions, especially by having in mind the questions included in the Framework. This is both because CCOs often are lawyers and because those questions can be relevant in assessing more generally the professional conduct of lawyers in connection with a client’s compliance with legal requirements. That assessment relates to the concerns noted above raised by SEC Commissioner Lee in questioning whether lawyers are adequately fulfilling their professional responsibilities when they engage in “goal-directed” lawyering as illustrated, according to Commissioner Lee, by the conduct of the lawyers who gave the opinion described in the Bandera decision.^[11]

This article originally appeared in the Summer 2022 issue of In Our Opinion, the newsletter of the ABA Business Law Section’s Legal Opinions Committee. Read the full issue and previous issues on the Legal Opinions Committee webpage.

1. In addition to the recent enforcement actions described in this article, SEC Commissioner Lee in remarks on March 5, 2022, focused on whether lawyers were fulfilling their professional responsibilities and suggested that the SEC should consider doing more to establish minimum standards for lawyers practicing before the SEC, as authorized by section 307 of the Sarbanes-Oxley Act of 2002 in addition to the SEC’s Part 205 Rules adopted in 2003 requiring up-the-ladder reporting. See Commissioner Allison Herren Lee, Send Lawyers, Guns and Money: (Over-) Zealous Representation by Corporate Lawyers (remarks at PLI’s Corporate Governance – A Master Class 2022, March 4, 2022), available at https://www.sec.gov/news/speech/lee-remarks-pli-corporate-governance-030422. In her remarks, Commissioner Lee referred to the legal opinion addressed in the Delaware Court of Chancery Bandera decision as an example of “goal-directed” lawyering. See Bandera Master Fund LP v. Boardwalk Pipeline Partners, LP., 2021 WL 5267734 (Del. Ch. Nov. 12, 2021), on appeal to the Delaware Supreme Court (No.1, 2022). For articles discussing the Bandera decision, see Fotenos & Keller, Delaware Court Finds Legal Opinion Fails to Meet Opinion Standards, In Our Opinion (ABA Bus. Law Section Legal Ops. Comm.), Spring 2022, at 7, and Field and Smith, Observations on the Delaware Chancery Decision in Bandera Master Fund LP v. Boardwalk Pipeline Partners, LP, In Our Opinion (ABA Bus. Law Section Legal Ops. Comm.), Spring 2022, at 20. ↑

2. In the Matter of Synchronoss Technologies, Inc., Release No. 34-95049 (June 7, 2022), avail. at https://www.sec.gov/litigation/admin/2022/34-95049.pdf. ↑

3. In the Matter of Ronald Prague, Esq., Release No. 34-95055 (June 7, 2022), avail. at https://www.sec.gov/litigation/admin/2022/34-95055.pdf. ↑

4. For prior discussions of the RPM enforcement action, see Alan J. Wilson, Settlement Reached in Long- Running RPM Enforcement Action, In Our Opinion (ABA Bus. Law Section Legal Ops. Comm.), Winter 2020-2021, at 14; Stanley Keller, Update on Dealing with Government Investigations in Audit Responses,, In Our Opinion (ABA Bus. Law Section Legal Ops. Comm.), Spring 2018, at 17, and Stanley Keller, Dealing With Government Investigations in Audit Responses, In Our Opinion (ABA Bus. Law Section Legal Ops. Comm.), Fall 2016, at 14. ↑

5. In the Matter of Ernst & Young LLP, Release No. 34-95167 (June 28, 2022), avail. at https://www.sec.gov/litigation/admin/2022/34-95167.pdf. ↑

6. Commissioner Hester M. Peirce, When Voluntary Means Mandatory and Forever: Statement on In the Matter of Ernst & Young LLP (June 28, 2022), avail. at https://www.sec.gov/news/statement/peirce-statement-ernst-and-young-062822. ↑

7. Release Nos. 33-11042; 34-94478 (March 21, 2022). ↑

8. In the Matter of Hamilton Investment Counsel, LLC and Jeffrey Kirkpatrick, Release No. 34-95189 (June 30, 2022), avail. at https://www.sec.gov/litigation/admin/2022/34-95189.pdf. ↑

9. New York City Bar Association Compliance Committee, Framework for Chief Compliance Officer Liability in the Financial Sector (June 2, 2021), avail. at https://www.nycbar.org/member-and-career-services/committees/reports-listing/reports/detail/framework-for-chief-compliance-officer-liability. ↑

10. Commissioner Hester M. Peirce, Chief Compliance Officer Liability: Statement on In the Matter of Hamilton Investment Counsel LLC and Jeffrey Kirkpatrick (July 1, 2022), avail. at https://www.sec.gov/news/statement/peirce-statement-hamilton-investment-counsel-070122. ↑

11. See supra, note 1. ↑

In today’s legal marketing landscape, establishing a practice specialty, focus, or emphasis is the most effective way to create a draw for your expertise. Becoming a known expert in a niche relevant to your target audience is how you can build credibility and focus marketing efforts in a way that makes them have the most impact.

Thought leadership, a term that includes all forms of professional writing and speaking, is the most scalable way to educate clients, prospects, referral partners, colleagues, and peers on exactly when to think of you for the distinctive value you provide.

Reasons to Incorporate Thought Leadership into Business Development Efforts

Boost your credibility. As a frequent author/speaker on a niche subject, you will position yourself as an authority. This is further amplified when you align and distribute your thought leadership through platforms your target audience respects. Early career attorneys with a shorter list of representative matters may be especially interested in the credibility built through thought leadership.

Build your reputation and online profile. Your prospects are looking for answers to questions, and the best return on investment on your marketing is when those prospects turn to the internet and your thought leadership provides insight to those answers. Further, when referred prospects inevitably conduct an internet search on you, you can make it easy for them to understand your area of expertise through a variety of links to podcast episodes, bylined articles, presentations, and media commentary about the very topic they seek. These educational pieces are also easy for contacts to forward on to decision makers.

Command a premium for your services. Professionals known for their unique expertise are less likely to compete for work based on price.

Grow your audience. Writing and speaking are great ways to expand the number of people who become familiar with your work. Internet search engines, individuals sharing articles or videos, and third-party distribution channels are all ways new prospects and contacts can find your written or recorded thought leadership.

Bolster and initiate key relationships. Most professionals are flattered to be invited to collaborate on thought leadership projects, especially if they don’t require much time and preparation on their end and can create visibility for them. Inviting someone to participate on a panel discussion, provide commentary in an article you are writing, or be a guest on your podcast are all ways you can initiate or expand a valuable professional relationship.

Improve your visibility. Creating regular and consistent thought leadership is a great opportunity to reach out to your existing target network. You can provide something of value while reminding them about you and your expertise. Increased activity leads to engagement, and better top-of-mind interactions with your target audiences lead to new opportunities.

Strengthen your expertise. Researching and developing topics is a great way to further develop your insights and understanding, deepening your expertise on a subject.

Create value. Sharing thought leadership on public platforms provides value to your clients and prospects and is also a valuable contribution to your profession.

Decide What to Focus on

Random acts of marketing are not a wise approach to business development. Determine your longer-term professional goals before getting started.

Go narrow. Select a topic to develop that demonstrates your sophistication in your practice area, even if there is limited application. If you show a high level of expertise in a complex arena, it will be assumed that you are capable of handling more commonplace issues.

Be intrigued. It is wise to choose a topic that is interesting to you, something you are excited about. To see the best results from a business development perspective, you will need to discuss a topic repeatedly; make sure you choose something you like talking about.

Collaborate. Consider working with a colleague, client, prospect, or professional in a complementary space on a marketing opportunity. When you partner with someone else on thought leadership, you can bolster your credibility through theirs, strengthen the relationship with the collaborator, gain exposure to additional networks, and lighten your workload. Plus, it is often a lot more fun to collaborate with someone who has complementary expertise.

Be consistent. Always aim for topics that are of interest to your ideal client and directly related to the type of work you want more of.

Hire assistance when needed. Consider working with a copywriter or ghostwriter. Hiring a professional legal writer to help you initiate a topic or to flesh out an outline can be a considerable time-saver and can create the momentum you need to get moving on a piece.

Securing Opportunities with Complementary Platforms

While many people choose to self-publish their thought leadership on firm blogs or LinkedIn, usually you can make a greater impact on your business development if a credible third party will provide a platform for your expertise. Consider which platforms are highly regarded by your key contacts and which will increase the exposure to your target audiences when deciding where to seek to publish or distribute your writing or speaking. If your ideal prospects attend an annual conference, consider speaking there; if your target referral sources belong to a professional association, consider writing for the association’s newsletter or offering to give an educational webinar. Having your thought leadership published or promoted by a third party can take a few more steps than self-promotion, but the rewards are worth the effort.

• Start by creating a list of target publications and platforms that you would like to align with.
• Create a brief, compelling description of your article or presentation that you can use to pitch to organizations to secure opportunities.
  • Include a few sentences describing the issue, how you plan to approach the topic, and the key takeaways the audience will walk away with. Prepare a short bio highlighting your experience, and include links to previous writing and speaking engagements.
  • If an organization is interested in working with you, they will give you the specifications they are looking for, such as presentation requirements or guidelines for the types of writing they are interested in. This method ensures that you approach a piece within the parameters of the publication, for example, which could reduce your editing time or the chances you work on something no one is interested in publishing.
• Alternatively, if you know exactly what you would like to write about, write your article first, then send it to your target publications asking if they are interested in publishing it.
• Reach out to the organization’s leadership. Let them know you are interested in being a contributing author or speaker and ask what the submission process is.
• Your firm’s marketing department or an outside public relations resource can help you pitch your article and presentation ideas or your finished pieces for publication. Make sure you are clear with your marketing resources on what your goals are with your thought leadership, specifically who your target audience is, and which platforms would be ideal.

Making the Most of Your Efforts

Developing a topic into an article or presentation takes a lot of time and energy, so make sure to take full advantage of your work. Ways to leverage your work include:

Individual outreach. Once your piece is available, reach out to your clients and top contacts directly with a personal note inviting them to watch or read, and include a link or copy. If you are giving a live presentation, consider personally and individually inviting your key contacts to attend.

Update your website. Add your thought leadership to your firm or practice area’s list of such highlights, such as an “Insights” or “Resources” tab on the website. Update the sections of your firm bio related to publications and speaking engagements to include the title of your piece or presentation and when and where it was published, with a link.

Post on social media. Post your thought leadership on social media, including LinkedIn, with a thoughtful comment.

Repurpose the content. Consider new ways to use your thought leadership. You might want to turn your article into a presentation, video vignettes, an infographic, or posts on social media. Similarly, you could turn the transcript of your presentation into an article or white paper.

Adjust for a different audience. Consider writing a follow-up piece or a new version of your thought leadership for a different target audience. If you wrote an article for corporate attorneys working in biotech, consider rewriting the piece for CPAs in the same niche.

Lean on marketing resources. Make sure your firm’s marketing department or outside resources know about your thought leadership engagements so they can post them on firm platforms, promote them internally, and offer additional visibility ideas and opportunities.

To be effective in your marketing, you need to be consistent. It is easier to be consistent if you find your business development activities to be enjoyable. If you are in the advantageous position of not needing to bring in business to stay busy, you can focus on developing relationships with people you truly enjoy and respect and build your reputation and expertise around matters and issues that are interesting and exciting to you.

“Oh, you need to speak with an attorney about that.” After nearly twenty-five years trying to assist members of the local Asian American community facing various challenges, I was getting tired of hearing that common response. My efforts included but were not limited to securing social services and appealing mom-and-pop business matters with state or county agencies. In 2013, at the very young age of forty-seven, I decided to do something about it by going to law school!

I had not initially anticipated law school being part of my career path. I graduated from the University of Washington with a Bachelor of Science in Mechanical Engineering in 1990. I spent the next ten years at Boeing’s Commercial Airplane Group, working with international aircraft leasing companies and flying all over the world. By my rough calculation of total miles flown, I circled by globe almost three hundred times. In 1995, my sister and I had this crazy idea to open up a coffee and gift shop. We did, and the shop failed, but I learned some valuable lessons that are useful in my current practice advising mom-and-pop business owners. I earned an MBA from the University of Washington’s Foster School of Business in 2001. I joined Microsoft, and for the next eleven years, I led efforts involving international marketing, product management, and enterprise business development. That period of my career included a two-year stint in Microsoft’s Asia Pacific regional office in Singapore working with global partners Samsung and LG. After losing my father to cancer, I contemplated long and hard about how I wished to live out the rest of my life. I wanted my legacy to be that of someone who lived an impactful and influential life assisting my community and concluded that could be accomplished by being a lawyer. I returned to Seattle from my assignment in Singapore and began preparing for the LSAT. I enrolled in the University of Washington School of Law and earned my JD and passed the bar in 2016.

As a child of immigrants, I remained very active with community involvement and assisting other immigrant families to “pay back” for all the help my parents and I received from others upon our arrival. In 1997, when residents decided to incorporate Shoreline, Washington, as its own city, I ran for a position on the founding City Council, where I served for two terms, incorporating the city and directing foundational policy for all of the infrastructure and services the city now provides. It was quite challenging and demanding to serve on the Shoreline City Council while working full time at Boeing, but it was an incredibly rewarding opportunity to serve my community. Today, I serve on the board of Shoreline Community College Foundation and Seattle City Symphony and am the board chair of Korean Community Service Center (“KCSC”), a nonprofit serving the Seattle metropolitan area that promotes the health and well-being of the Korean American community through a wide range of services. I am also the founding president of the Washington Chapter of the Korean American Coalition (KAC-WA), now a 4,500-member community empowerment and development organization. I advocated fiercely on behalf of my local community and still do.

Taking that advocacy into the realm of legal work has felt powerful and satisfying, as I’ve been able to use my expertise to support others in new ways. As soon as I was eligible to do pro bono work in law school, I jumped at every opportunity and loved it. I volunteered with intake efforts for the Moderate Means Program, which helps moderate income individuals obtain legal services in key areas. I assisted a U-Visa applicant and assisted DACA applicants under the supervision of a practicing lawyer. Upon passing the Washington State Bar, I quickly signed up to volunteer with one of the King County Neighborhood Legal Clinic programs, a pro bono legal clinic run by the Korean American Bar Association of Washington (“KABA”). I even served as president of KABA. During my presidency, I helped raise the most funds KABA has ever raised and more than doubled the amount of scholarships awarded to law students. After the conclusion of my presidency, I am continuing to serve as the chair of KABA’s pro bono clinic, directly delivering pro bono services as well as soliciting and managing volunteers. During the pandemic, I coordinated with KCSC, which hosts the pro bono clinic at its office, to fit the office with clear plastic shields. With these and other precautions in place, we opened the legal clinic for up to four hours each day to aid mom-and-pop business owners struggling with the challenges of the pandemic. The appreciation expressed by the clients made all of the time and effort, including risk during the pandemic, worth it.

My years of professional experiences prior to becoming an attorney provide great foundation and context as I assist clients in my current practice, which is focused on real estate transactions and advising small, family-owned businesses. The opportunity to deliver pro bono services alongside that practice is incredibly rewarding; it affirms that I made the right decision to go to law school and become a lawyer as my fourth career. Was it worth leaving my job as a marketer at Microsoft and leaving thousands of shares of unvested stock? Would I do it again? Probably not. Do I regret it? Definitely not, because I am able to help those who are in need of legal assistance but unable to afford it. No one can tell me that I “need to go talk with an attorney” when I am trying to help those in need.

In September 2022, a Virginia resident’s wages were wrongfully withheld, and they needed immediate legal advice for which they could not pay. The client submitted their legal question on ABAFreeLegalAnswers.org and quickly received a response from a qualified pro bono attorney licensed and in good standing in Virginia. After the employer was told that a labor attorney had been consulted, they admitted the error, changed their position, and provided the full wages to which the client was entitled. The client reported that their ABA Free Legal Answers attorney aided them in better understanding their legal rights and options, and they greatly appreciated the services provided by the portal.

This is just one example of the thousands of legal issues that are addressed on ABA Free Legal Answers (ABA FLA), an online virtual legal clinic through which income-eligible clients can post civil legal questions to be answered by pro bono attorneys.

Providing Pro Bono Legal Advice to Clients Where They Are: Online

According to a 2022 Legal Services Corporation survey, low-income Americans do not get any or enough legal help for 92% of their substantial civil legal problems, resulting in an gap in access to justice. Given that legal advice is increasingly sought online and, according to a recent report from the Pew Research Center, nearly 90% of households with low-moderate income and 90% of adults in rural communities use the internet, the solution is clear.

ABA Free Legal Answers seeks to narrow the “justice gap” by offering access to legal advice online. Modeled after a legal advice portal created in Tennessee, the ABA Standing Committee on Pro Bono and Public Service launched the first and only online national pro bono legal advice portal in 2016, providing non-incarcerated adults with income generally under 250% of the federal poverty level and assets under $10,000 with access to brief civil legal advice from attorneys who are licensed and in good standing in their jurisdiction. ABA FLA provides access to legal advice to those who are often screened out by existing legal services due to conflicts, income or asset eligibility, or citizenship status. It offers a resource to those who are unable to utilize traditional walk-in clinics or hotlines due to geographic or temporal limitations. For those who have nowhere else to turn yet cannot afford an attorney, ABA FLA often serves as the sole resource.

ABA FLA is designed to allow any eligible user with an internet connection to access civil legal advice and resources at any time from across their state. The goal is ultimately to prevent larger legal crises from developing and to allow existing legal services staff attorneys to focus on full representation.

Since ABA FLA’s launch in 2016, forty-two jurisdictions have committed to participate, and nearly 11,000 pro bono attorneys have registered to respond to the nearly 250,000 civil legal questions that have been posted on ABA FLA—primarily in areas such as family law, housing, and consumer rights.

“Thank you so much for helping me,” said a recent client from Florida. “The gentleman attorney who assisted me was kind, understanding, clear in speech, and very knowledgeable about the subject. I appreciate this service very much.”

“Free Legal Answers is a godsend,” said Jim Sandman, President Emeritus of the Legal Services Corporation. “It is critically important in expanding the services available to people who otherwise have nothing.”

Offering Solutions During Disasters

Disasters produce, among other challenges, a variety of legal issues for disaster survivors, including lease terminations, Federal Emergency Management Agency (FEMA) applications, insurance claims, property damage, bankruptcy, document loss, and guardianship. These legal issues persist for weeks, months, or even years following the initial impact.

ABA FLA responds to post-disaster crises by providing wider access to pro bono legal advice and allowing more volunteer attorneys to meet the needs of disaster survivors. For instance, when disaster strikes, ABA FLA may temporarily lift the income and asset cap in impacted states, add disaster-specific categories for clients to select, populate category-specific auto-emails for users, and add alerts for attorneys to select those questions. In addition, ABA FLA provides access to out-of-state attorneys who are permitted by court order to temporarily practice law to assist in disaster relief.

Throughout the COVID-19 pandemic, ABA FLA has served as a valuable pro bono resource for attorneys and clients, as it is entirely virtual and can address many basic legal questions that arise, both typical and pandemic-based. Since March 2020, ABA FLA has received more than 137,000 submitted questions, representing an 85% increase over the same pre-pandemic period. Users indicated that these questions were specifically related to the pandemic in more than 12,000 instances. Overall, legal questions in categories commonly associated with the pandemic increased as well. For instance, more than 25,000 housing-related questions and more than 7,000 employment-related questions were submitted, representing a 111% and 151% increase, respectively, over the same pre-pandemic period.

ABA FLA attorney registrations have also increased since the onset of the pandemic. Since March 2020, over 4,100 volunteer attorneys registered to answer civil legal questions on the state FLA site in which they are licensed, increasing the number of registrations by 71%.

Attorneys Provide Brief Legal Advice at Their Convenience

In addition to its success as a much-needed legal assistance resource for low-income populations, ABA FLA has been useful for attorneys in search of convenient, short-term pro bono opportunities. ABA FLA provides for partnerships between the private bar, law firms, corporate law departments, government attorneys, and law schools that wish to provide their members with firsthand pro bono experiences in their own settings. Attorneys can sign up to receive notifications when questions are posted in their areas of interest as well as sort by subject matter and for questions that are submitted by those with senior or veteran status.

“It is so easy to just take a five- or ten-minute break and do something so positive,” praised a volunteer attorney in Arkansas. “I go on the site every few days plus have a clinic with law students twice a month. I can provide help to so many more people all over the state [and] find most clients are very appreciative and just glad to have someone answer.”

As part of this year’s ABA FLA Summer Associate Challenge, created by ABA Past President Patricia Lee Refo to instill a commitment to pro bono early on in an individual’s legal career, at least forty-three summer associates and twenty-six volunteer attorneys from nine states answered more than 150 civil legal questions posted by income-eligible individuals. For the second consecutive year, Koley Jessen of Nebraska was the firm that answered the most questions (thirty-one), and other participating law firms included Alston & Bird, Baker & Hostetler LLP, Faegre Drinker, Husch Blackwell, Jackson Lewis P.C., Johnson Flodman Guenzel & Widger and Taft Stettinius & Hollister LLP.

“This project is really great,” said Abbie Widger, partner at Johnson Flodman Guenzel & Widger. “It gets everyone out of their comfort zone and allows associates to explore and research various areas of law. They have to ask lots of questions to every attorney in the office! It also requires that I do a little research to verify the accuracy of the answers. Thank you for offering this community service. People really do appreciate the guidance.”

How to Volunteer

The majority of questions submitted to ABA FLA are related to family and housing law issues, typically requiring only brief research to answer. Approximately 10% of all questions submitted are related to consumer and financial matters, followed by 5% related to employment law issues and 2% income maintenance–related matters. ABA Business Law Section members and attorneys licensed in most U.S. jurisdictions can sign up to get involved at FreeLegalAnswers.org under “Attorney Registration.” The ABA provides legal malpractice insurance to all volunteer attorneys for their communications on the site.

Learn more about ABA Free Legal Answers and support ABA Free Legal Answers here.

“The [corporation][LLC] shall indemnify its agents to the full extent permitted by law.”

Is it wise for corporate documents and limited liability company (“LLC”) operating agreements to provide such broad indemnification coverage in these or similar words?

The separate statutes that govern corporations and LLCs authorize indemnification of agents, in some cases imposing a mandatory requirement, but essentially permitting the entity to craft the indemnification terms. The risks in providing indemnification are similar, but the statutory applications are different. When drafting indemnification provisions, thought should be given regarding to whom coverage is being provided and for what actions.

A.
Why Indemnification

Corporations and LLCs are inanimate entities that act through human beings, individuals who risk personal liability in making policy, taking action, or not taking action. By providing a degree of protection from financial loss, indemnification encourages wise and intelligent men and women, acting in good faith and placing the entity ahead of personal considerations, to serve as the entity’s decision makers. This not only benefits the investors who place their trust in the decision makers, but it is also good public policy. When, however, an agent acts adversely to the corporation or LLC for pure personal benefit, the concept of the wronged entity being required to provide that agent with indemnification is an anathema.

B.
The Difference in Statutory Application

(i)
Corporations

Originally, the privilege of forming a business endowed with limited liability was granted sparingly. Corporations were feared as encroachments upon the liberties of individuals. Whereas an individual may do whatever is not prohibited by law, an artificial entity is permitted to do only what is authorized by law and its charter.^[1] Modern corporate statutes authorize corporations to indemnify corporate agents and permit, subject to any mandatory requirement, the corporation to expand or limit the scope of indemnification. State statutes vary. Each subsection of an indemnification statute provides for a different result depending on the circumstance.

(ii)
LLCs

LLC agents may also seek the comfort of being indemnified, and members may provide for it in the operating agreement. The Revised Uniform Limited Company Act (RULLCA) contains a section providing for mandatory indemnification, but because it is one of the statutory sections that may be altered by an operating agreement, it is a default provision that applies only when the operating agreement is silent on the subject. Hence members can write their own terms or agree that there shall be no indemnification unless determined by the members as situations arise.

In short, corporate indemnification, where mandatory, is not subject to change, and where permissive is subject to the terms provided in the corporate documents. LLC indemnification, if not spelled out in the operating agreement, is governed by the default terms of the statute.

C.
Risks

When it works properly, indemnification benefits both the entity and its protected agents. When drafting its permitted terms, counsel must consider to which of the entity’s “agents,” a term often defined by the governing statute, the client desires to extend coverage. For example, if coverage extends to “officers,” does that term include nominal vice presidents who have been given a title but no executive authority? Should all or only some employees to be covered? What about others remotely serving the entity?^[2]

The entity undoubtedly desires to protect whomever falls within the scope of coverage from actions brought by unhappy investors or aggrieved third parties, but should coverage extend to actions initiated by the entity itself against a wrongdoing agent or to a counterclaim made against the entity by the alleged wrongdoer defending that action?^[3] Courts enforce indemnification as written. In one case where a former officer was both indicted and sued civilly because of his actions which the company claimed, “were motivated by personal greed that resulted in his receipt of $1.5 million,” the officer’s claim for advancement of expenses was nevertheless granted because of the broad language adopted by the corporation in its documents.^[4]

What about the agent that is not sued but is the plaintiff suing the entity?^[5]

D.
A Modest Proposal

What future legal actions may be brought by whom for whatever reasons against which entity agents are unknown. Owners and investors, at the very least, will want their decision makers to enjoy the security of indemnification. Beyond that, could it not be left to the decision makers to decide whom to indemnify for what as the situation arises? Would not the purpose of indemnification be served by (i) providing full permissive indemnification to the governing body (directors, managers, members) against direct and derivative actions by investors and claims by third parties, but not against claims made by the entity itself, and (ii) authorizing the governing body to indemnify officers, employees, and other agents by contract or resolution as the situation arises?

1. Railroad Company v. Harris, 79 U.S. 65, 81 (1871). ↑

2. See Vergopia v. Shaker, 383 N.J. Super. 256 (App. Div. 2006), granting indemnification to a lawyer and distinguishing Cohen v. Southbridge Park, Inc., 369 N.J. Super. 156 (App. Div. 2004), where indemnification was not granted. ↑

3. See MVW Mgmt., LLC v. Regalia Beach Developers LLC, 230 So.3d 108 (Fla. App. 2017). ↑

4. Homestore, Inc. v. Tafeen, 888 A.2d 204 (Del. 2005). See also, Senior Tour Players 207 Mgmt. Co. LLC v. Golftown 207 Holding Co., 853 A.2d 124 128 (Del. Ch. 2004). ↑

5. Compare Hibbert v. Hollywood Park, Inc., 457 A.2d 339 (Del. 1983), with Hydro-Dynamics, Inc. v. Pope, 708 P.2d 70 (Ariz. 1985). ↑

A firmwide initiative founded in 2001, Goodwin Procter’s Neighborhood Business Initiative (NBI) promotes equity and supports wealth creation in communities that face discrimination based on race, ethnicity, immigration status, gender, and/or LGBTQ+ status by providing pro bono legal services to entrepreneurs and small business owners who are members of, or whose businesses positively impact, such communities. Started in Boston, Goodwin’s NBI is active in California, Massachusetts, New York, London, and Washington, D.C.

Here are five lessons learned over twenty years on building pro bono opportunity in business law.

Be lawyer led. Since NBI’s grassroots beginnings, attorney teams working with Goodwin’s pro bono team have sourced and grown relationships in the community; run client intake; and staffed clinics, workshops, and individual representations, engaging more than 1,000 Goodwin lawyers and professionals over twenty years. Attorneys roll on and off local NBI committees on an ad hoc basis, as it resonates with the trajectories of their personal lives and professional practices. Local committee priorities shift over time, reflecting their members’ interests and priorities, and so NBI remains dynamic and evolving.

Be values driven. NBI attorneys discuss, in both local and national (cross-office) forums, their values and the opportunities and the practicalities of practicing at a big firm—and how those translate into providing pro bono business legal services. The project was founded on the values of access to justice and community development. Since its beginnings, though, NBI has served entrepreneurs and business owners who face discrimination. In 2020, through a unanimous vote, NBI explicitly reaffirmed its values to reflect this focus.

• Access to Justice: Providing access to all law for all people
• Community Development: Supporting small businesses that promote diverse and vibrant neighborhoods
• Equity for All: Dismantling systemic bias based on race, ethnic background, immigration status, gender, and LGBTQ+ status

Be client focused. An NBI client is a founder, an owner, and an entrepreneur. NBI attorneys connect with their NBI clients and constituencies first by meeting them where they are and listening with an open mind. Through conversations attorneys work with our community organizations to identify the legal services most needed for the constituents they serve. Each potential engagement begins with an assessment with our potential client to assess their goals, priorities, and specific need. To staff new engagements, NBI attorneys identify, through conversations with colleagues, who is excellent in the specific legal areas a constituency or a client needs. From these conversations, and tapping talent across legal practices and industries, NBI fields teams that are focused on and deliver targeted, specific services and resources. NBI has represented more than 450 individual small businesses and entrepreneurs through direct representations and has provided business legal resources to thousands of additional low-income entrepreneurs and small business owners throughout the United States through its programming.

Be real. NBI provides opportunities to business law attorneys in full acknowledgement of the realities of their practices and lives. From “bite size” to “full blown,” NBI works with community partners, legal service organizations, and people we know to provide pro bono opportunities that vary by industry, business law practice, activity, and time commitment. For example, in any given month, opportunities may range from three hours advising at a virtual clinic or two hours on a panel at virtual town hall, to representing a new business in its initial capital raise, developing relationships with community partners to connect with potential clients, or preparing FAQs on legal topics for an industry such as early education and childcare. This menu for involvement has created opportunity for more than 35,000 hours of pro bono legal services provided through NBI—all on business law topics.

Be visible. Branding and visibility are key tools in the NBI toolbox to connect with small businesses and entrepreneurs, who are often isolated with limited access to resources. NBI uses branding and marketing—a snappy logo, a clear mission statement, compelling client stories, interesting volunteer stories, a social media presence, and more—to recruit volunteers, reach potential clients, and support dissemination of the resources we seek to provide. When in person is an option, NBI shows up in the neighborhoods we serve. NBI also provides business legal services to our community partners themselves and other resources where and when we can. A material part of our work is to be visible, strong supporters for the work of our community partners and the value of the constituents they serve.

The views expressed herein are the author’s own and are not necessarily those of any organization with which the author is affiliated.