FCPA Accounting Provisions Have Teeth: Halliburton to Pay $29.2 Million to Settle FCPA Charges

Along with the anti-bribery provisions, the U.S. Foreign Corrupt Practices Act (“FCPA”) contains accounting provisions that apply to publicly traded companies. These provisions require that companies maintain and adhere to internal policies that manage risk and ensure that accurate financial records are maintained. There is no bribery requirement for there to be a violation of these provisions. There is also no foreign conduct requirement. All that is required is that a company have a policy in-place and circumvent that policy to obtain some business advantage (no matter how small). The Securities and Exchange Commission (“SEC”) often initiates investigations based on allegations of foreign bribery, but resorts to the accounting provisions when the alleged bribe cannot be proven (because an internal policy violation can almost always be found and the SEC does not want a company to get off scot-free). Continue Reading

Whatever Happened to the FCPA’s Foreign Conduct Requirement – How the FCPA is Being Used to Police Domestic Conduct and Internal Policy Violations

As its name implies, the U.S. Foreign Corrupt Practices Act (“FCPA”) was designed to prevent U.S. companies from engaging in foreign bribery. The Department of Justice (“DOJ”) and the Securities Exchange Commission (“SEC”), the U.S. Government agencies charged with enforcing the FCPA, have made great use of the FCPA in this regard. They have secured more than $5 billion in settlements over the past five years. This success has resulted in more expansive views of the FCPA’s reach and innovative arguments to find liability when the alleged misconduct occurred entirely within the U.S. The apparent preference for the FCPA in these situations over other potentially applicable laws is likely due to the ease with which an FCPA violation may be proven. An internal policy violation is all that is needed. Continue Reading

Achieving Cyber-Fitness In 2017: Part 4—Subcontracts, Joint Ventures And Teaming Agreements

Reprinted from The Government Contractor, with permission of Thomson Reuters. Copyright © 2017. Further use without the permission of West is prohibited. For further information about this publication, please visit http://legalsolutions.thomsonreuters.com, or call 800.328.9352.

Our “Cyber-Fitness” series thus far has focused on a contractor’s individual obligations and best practices for compliance with the Federal Acquisition Regulation and Defense FAR Supplement cybersecurity rules. But cybersecurity is not an insular discipline, disconnected from the relationships that contractors have with third parties. The acts and omissions of third parties can compromise information furnished to them as members of a contractor’s supply chain, and those same third parties can also compromise the contractor’s systems. Continue Reading

The Travel Ban – A Quick Update

The Supreme Court’s decision on June 26 to take up the travel ban cases this fall, and in the meantime partially lift the injunction on the President’s travel ban, has created renewed uncertainty for certain travelers. Statements by the Departments of State and Homeland Security have brought some clarity, though many remain confused. Continue Reading

FINRA Fetes Emerging Blockchain Technology at Industry Conference

Blockchain technology (“Blockchain”), also known as Distributed Ledger Technology, stands poised to transform the future of the financial industry. Generally speaking, Blockchain enables the creation of a continuously growing ledger of transactions that is resistant to alteration and ensures the integrity of new transactions through a system of checks-and-balances built into the system’s code. The combination of its speed, versatility, and built-in security features lend the technology well to applications in the financial industry. In a timely effort, the Financial Industry Regulatory Authority (“FINRA”) recently gathered top U.S. financial regulators and industry stakeholders to participate in its 2017 Blockchain Symposium. In a series of engaging discussions, panelists hashed out the potential benefits and pitfalls of the dynamic technology. Continue Reading

Change Is Upon Us: An Analysis of the Section 801 COTS Provisions of the 2018 NDAA

In the words of Taylor Swift, “This is a new year. A new beginning. And things will change.” While I suspect Ms. Swift was not writing about Section 801 of the National Defense Authorization Act of 2018 when she tweeted this inspirational prognostication, she might as well have been – although, admittedly, it probably would not have generated quite so many re-tweets. In any event, if you have not done so yet, you should give it a read (Section 801 that is; not Ms. Swift’s tweets). Continue Reading

Achieving Cyber-Fitness in 2017: Part 3—Proving Compliance and the Role of Third-Party Auditors

Reprinted from The Government Contractor, with permission of Thomson Reuters. Copyright © 2017. Further use without the permission of West is prohibited. For further information about this publication, please visit http://legalsolutions.thomsonreuters.com, or call 800.328.9352.

The Department of Defense final rule for safeguarding covered defense information requires contractors to implement the security controls in National Institute of Standards and Technology Special Publication 800-171 by December 31. See 81 Fed. Reg. 72986; Chierichella, Bourne and Biancuzzo, Feature Comment, “Achieving Cyber-Fitness In 2017: Part 1—Planning For Compliance,” 59 GC ¶ 25. In enacting the final rule, the drafters created “[n]o new oversight paradigm” or certification requirement. 81 Fed. Reg. 72990. More recently, in response to questions from industry on compliance with NIST SP 800-171, DOD stated,

The rule does not require “certification” of any kind, either by DoD or any other firm professing to provide compliance, assessment, or certification services for DoD or Federal contractors. Nor will DoD give any credence to 3rd party assessments or certifications—by signing the contract, the contractor agrees to comply with the terms of the contract. It is up to the contractor to determine that their systems meet the requirements.

Some companies with limited cybersecurity expertise may choose to seek outside assistance in determining how best to meet and implement the NIST SP 800-171 requirements in their company. But, once the company has implemented the requirements, there is no need to have a separate entity assess or certify that the company is compliant with NIST SP 800-171. Continue Reading

Supreme Court Deals Blow to SEC By Applying Five-Year Statute of Limitations to Disgorgement Remedies in SEC Enforcement Actions

On June 5, 2017 the Supreme Court dealt a significant setback to the Securities and Exchange Commission (“SEC”) by limiting its power to extract ill-gotten profits from securities laws violators. Ruling 9-0 in Kokesh v. S.E.C., No. 16– 529, — S. Ct. — (June 5, 2017), the Court held that in SEC enforcement actions, “disgorgement” – a form of restitution in which a defendant must pay back wrongful gains – is subject to a five-year statute of limitations. Continue Reading

Dear Congress: Your District Needs a New E-4 Visa for Promising Entrepreneurs

Procedural History

In August 2016, the Department of Homeland Security proposed an “International Entrepreneur” parole rule that would allow qualifying foreign entrepreneurs to develop and grow their start-up companies in the United States. After public comment, the rule was finalized and released in the closing days of the previous Administration. Continue Reading

Presidential Executive Order on Cybersecurity: No More Antiquated IT

On May 11, President Donald Trump issued his long-awaited Executive Order on cybersecurity, the ‘‘Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.’’ It had been in the works since early in the administration, and its release had been announced (and drafts leaked) several times, only to be pulled back and reworked further. The Executive Order calls for a government-wide review and analysis of federal information technology infrastructure, including known risks and vulnerabilities, as well as consideration of the U.S.’s cybersecurity capabilities in relation to the rest of the world. Continue Reading

LexBlog