EEOC Announces Enforcement Focus on “Illegal Preferences Against American Workers”
On Wednesday, February 19, 2025, Acting Equal Employment Opportunity Commission (“EEOC”) Chair Andrea R. Lucas announced the EEOC plans to target employers that “illegally prefer non-American workers,” as well as “staffing agencies and other agents that unlawfully comply with client companies’ illegal preferences against American workers” through increased enforcement of Title VII’s national origin protections.
This latest statement expounds upon the enforcement priorities Lucas laid out in her January 21, 2025, statement, which included “protecting American workers from anti-American national origin discrimination.”
This week, Lucas explained that the EEOC intends to partner with other federal agencies, including the Department of Justice, the Department of Homeland Security, and the Department of Labor to achieve “enhanced investigation and enforcement” of Title VII protections for American employees.
Notably, the announcement also indicates that the EEOC’s enforcement focus will include non-American employees who are authorized to work in the United States, including “visa holders and other legal immigrants.” Citing a “large-scale problem in multiple industries nationwide,” Lucas stated that the EEOC is committed to not only “decreasing demand for illegal alien workers,” but also “decreasing abuse of the United States’ legal immigration system.”
As Proskauer previously reported, the EEOC still lacks a quorum, which may limit the Commission’s ability to effect Lucas’s agenda, as Commission approval is required before the EEOC initiates a case alleging a systemic pattern or practice of discrimination.
FTC Chairman Ferguson Appoints Deputy Directors for Bureau of Consumer Protection
On February 18, 2025, the Federal Trade Commission announced that Chairman Andrew N. Ferguson appointed David Shaw as Principal Deputy Director and Kelse Moen as Deputy Director of the agency’s Bureau of Competition, and Douglas C. Geho as Deputy Director of the Bureau of Consumer Protection.
Shaw is an experienced antitrust lawyer with expertise in high-stakes litigation and contentious merger review. During the first Trump Administration, Shaw served in the Department of Justice’s Antitrust Division in a variety of roles, from the front lines as a trial attorney to the front office as acting chief of staff. As a trial attorney, Shaw served on multiple trial teams, including the first litigated vertical merger challenge in forty years.
While serving in DOJ’s front office, he held a leadership role in the Big Tech investigations and successfully coordinated a bipartisan coalition of state attorneys general joining the DOJ complaint in the Google search monopolization case.
In addition to his government service, Shaw was a partner in the antitrust practice of a large international law firm.
Moen is an experienced antitrust attorney, with a career in both government service and private practice. Most recently, he served as senior counsel to the U.S. Senate Judiciary Committee for Senator Lindsey Graham, where he focused on antitrust, technology, and intellectual property issues, a position that he held until his appointment to the FTC.
Before joining the Judiciary Committee staff, Moen spent nearly a decade practicing antitrust law at major international law firms, representing businesses and individuals in high-stakes and high-profile government investigations, class actions, civil and criminal litigation, and merger reviews. He clerked for Judge Robert Mariani of the U.S. District Court for the Middle District of Pennsylvania.
Geho possesses extensive enforcement, regulatory and litigation experience. During the first Trump Administration, Geho served at the Department of Labor as Counsel and Policy Advisor, and then Counselor to the Assistant Secretary for Policy, where he advanced efforts relating to regulatory and enforcement reform, worker safety and training, and additional Administration priorities. He then served as a lead attorney for the House Judiciary Committee and two of its subcommittees. Gebo also managed investigations for the Senate Committee on Homeland Security and Governmental Affairs.
Most recently, Geho served as an Attorney Advisor to Commissioner Melissa Holyoak handling consumer protection matters for her office. He clerked for Judge Alice M. Batchelder on the U.S. Court of Appeals for the Sixth Circuit.
DOL’s Power to Set Salary Minimum for Overtime Exemption Ripe for SCOTUS Review
On February 14, 2025, the Fifth Circuit denied the appellants’ petition for rehearing en banc in Mayfield v. United States Dep’t of Labor—a September 2024 decision holding that the U.S. Department of Labor’s authority to “define” and “delimit” the terms of the Fair Labor Standards Act’s executive, administrative, and professional (EAP) exemptions includes the power to set a minimum salary for exemption.
The dispute in Mayfield dates back to 2019, when the DOL issued a final rule raising the minimum salary required to qualify for most EAP exemptions from $455 per week to $684 per week. Mayfield, a small business owner, challenged the rule, arguing that the DOL lacks, and has always lacked, the authority to define the EAP exemptions in terms of salary level (as opposed to by job duties)—an argument that has been embraced repeatedly by the Texas federal district courts (see here and here). The district court granted the DOL’s motion for summary judgment, and Mayfield appealed to the Fifth Circuit.
The Court of Appeals held that the DOL was empowered to set a minimum salary for exemption—albeit with some meaningful limitations. Last week’s decision denying en banc review tees the issue up for a certiorari petition to the U.S. Supreme Court, which has not exactly been a big fan of regulatory activism as of late.
In related news, we’re expecting the DOL to drop its pre-Inauguration Day appeal of the November 2024 decision invalidating the 2024 overtime rule. We just can’t see this White House having any interest in continuing to appeal a decision curbing agency rulemaking power and saving American businesses untold billions in new overtime expenses.
DOL Appeal of Decision Invalidating 2024 Overtime Rule Likely on Last Legs
On November 15, 2024, in State of Texas v. United States Dep’t of Labor, the United States District Court for the Eastern District of Texas ruled that the U.S. Department of Labor (DOL) exceeded its rulemaking authority by issuing a rule in April 2024 raising the minimum salary for exemption as an executive, administrative, or professional (EAP) employee under the Fair Labor Standards Act.
Under the DOL’s rule, the minimum salary for exemption as an EAP employee, with limited exceptions, increased from $684 per week ($35,568 annualized) to $844 per week ($43,888 annualized) effective July 1, 2024. A second increase would have raised the salary threshold to $1,128 per week ($58,656 annualized) effective January 1, 2025. The rule also increased the minimum total annual compensation level for exemption as a “highly compensated employee” (HCE) and provided for automatic triennial increases in the minimum compensation levels for exemption beginning on July 1, 2027. The November 2024 decision declared the DOL’s rule an “unlawful exercise of agency power” and vacated it nationally.
The DOL—represented by the U.S. Department of Justice, Civil Division—filed an appeal of the decision with the U.S. Court of Appeals for the Fifth Circuit, notwithstanding that the incoming Trump administration was all but guaranteed to have no interest in appealing a decision curbing agency rulemaking power and saving American businesses untold billions in new overtime expenses. Lo and behold, within 48 hours after Inauguration Day, the government requests a 30-day extension of time, through March 7, 2025, to file its opening brief on appeal “because of the press of other business.” We wouldn’t hold our breath for the Trump Justice Department filing anything more in this case other than a stipulation withdrawing the appeal.
So is the DOL done rulemaking with respect to the minimum salary for exemption? It may be for the next four years, but likely not forever. The Fifth Circuit’s September 2024 decision in Mayfield v. United States Dep’t of Labor held that the DOL’s authority to “define” and “delimit” the terms of the EAP exemptions includes the power to set a minimum salary for exemption—albeit with some meaningful limitations. On February 14, 2025, the Fifth Circuit denied Mayfield’s petition for rehearing en banc. We’ll see if Mayfield tries to take the issue to the U.S. Supreme Court.
How to Report Cyber, AI, and Emerging Technologies Fraud and Qualify for an SEC Whistleblower Award
SEC Forms Cyber and Emerging Technologies Unit
On February 20, 2025, the SEC announced the creation of the Cyber and Emerging Technologies Unit (CETU) to focus on combatting cyber-related misconduct and to protect retail investors from bad actors in the emerging technologies space. In announcing the formation of the CETU, Acting Chairman Mark T. Uyeda said:
The unit will not only protect investors but will also facilitate capital formation and market efficiency by clearing the way for innovation to grow. It will root out those seeking to misuse innovation to harm investors and diminish confidence in new technologies.
As detailed below, the SEC’s press release identifies CETU’s seven priority areas to combat fraud and misconduct. Whistleblowers can provide original information to the SEC about these types of violations and qualify for an award if their tip leads to a successful SEC enforcement action. The largest SEC whistleblower awards to date are:
$279 million SEC whistleblower award (May 5, 2023)
$114 million SEC whistleblower award (October 22, 2020)
$110 million SEC whistleblower award (September 15, 2021)
$104 million SEC whistleblower award (August 4, 2023)
$98 million SEC whistleblower award (August 23, 2024)
SEC Whistleblower Program
Under the SEC Whistleblower Program, the SEC will issue awards to whistleblowers who provide original information that leads to successful enforcement actions with total monetary sanctions in excess of $1 million. A whistleblower may receive an award of between 10% and 30% of the total monetary sanctions collected. The SEC Whistleblower Program allows whistleblowers to submit tips anonymously if represented by an attorney in connection with their disclosure.
In its short history, the SEC Whistleblower Program has had a tremendous impact on securities enforcement and has been replicated by other domestic and foreign regulators. Since 2011, the SEC has received an increasing number of whistleblower tips in nearly every fiscal year. In fiscal year 2024, the SEC received nearly 25,000 whistleblower tips and awarded over $225 million to whistleblowers.
The uptick in received tips, paired with the sizable awards given to whistleblowers, reflects the growth and continued success of the whistleblower program. See some of the SEC whistleblower cases that have resulted in large awards.
CETU Priority Areas for SEC Enforcement
The CETU will target seven areas of fraud and misconduct for SEC enforcement:
Fraud committed using emerging technologies, such as artificial intelligence (AI) and machine learning. For example, the SEC charged QZ Asset Management for allegedly falsely claiming that it would use its proprietary AI-based technology to help generate extraordinary weekly returns while promising “100%” protection for client funds. In a separate action, the SEC settled charges against investment advisers Delphia and Global Predictions for making false and misleading statements about their purported use of AI in their investment process.
Use of social media, the dark web, or false websites to perpetrate fraud. For example, the SEC charged Abraham Shafi, the founder and former CEO of Get Together Inc., a privately held social media startup known as “IRL,” for raising approximately $170 million from investors by allegedly fraudulently portraying IRL as a viral social media platform that organically attracted the vast majority of its purported 12 million users. In reality, IRL spent millions of dollars on advertisements that offered incentives to download the IRL app. Shafi hid those expenditures with offering documents that significantly understated the company’s marketing expenses and by routing advertising platform payments through third parties.
Hacking to obtain material nonpublic information. For example, the SEC brought charges against a U.K. citizen for allegedly hacking into the computer systems of public companies to obtain material nonpublic information and using that information to make millions of dollars in illicit profits by trading in advance of the companies’ public earnings announcements.
Takeovers of retail brokerage accounts. For example, the SEC charged two affiliates of JPMorgan Chase & Co. for failures including misleading disclosures to investors, breach of fiduciary duty, prohibited joint transactions and principal trades, and failures to make recommendations in the best interest of customers. According to the SEC’s order, a JP Morgan affiliate made misleading disclosures to brokerage customers who invested in its “Conduit” private funds products, which pooled customer money and invested it in private equity or hedge funds that would later distribute to the Conduit private funds shares of companies that went public. The order finds that, contrary to the disclosures, a JP Morgan affiliate exercised complete discretion over when to sell and the number of shares to be sold. As a result, investors were subject to market risk, and the value of certain shares declined significantly as JP Morgan took months to sell the shares.
Fraud involving blockchain technology and crypto assets. For example, the SEC brought charges against Terraform Labs and its founder Do Kwon for orchestrating a multi-billion dollar crypto asset securities fraud involving an algorithmic stablecoin and other crypto asset securities. In a separate action, the SEC brought charges against FTX CEO Samuel Bankman-Fried for a years-long fraud to conceal from FTX’s investors (1) the undisclosed diversion of FTX customers’ funds to Alameda Research LLC, his privately-held crypto hedge fund; (2) the undisclosed special treatment afforded to Alameda on the FTX platform, including providing Alameda with a virtually unlimited “line of credit” funded by the platform’s customers and exempting Alameda from certain key FTX risk mitigation measures; and (3) undisclosed risk stemming from FTX’s exposure to Alameda’s significant holdings of overvalued, illiquid assets such as FTX-affiliated tokens.
Regulated entities’ compliance with cybersecurity rules and regulations. For example, the SEC settled charges against transfer agent Equiniti Trust Company LLC, formerly known as American Stock Transfer & Trust Company LLC, for failures to ensure that client securities and funds were protected against theft or misuse, which led to losses of millions of dollars in client funds.
Public issuer fraudulent disclosure relating to cybersecurity. For example, the SEC settled charges against software company Blackbaud Inc. for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers. Blackbaud agreed to pay a $3 million civil penalty to settle the charges. In a separate action, the SEC settled charges against The Intercontinental Exchange, Inc. and nine wholly owned subsidiaries, including the New York Stock Exchange, for failing to timely inform the SEC of a cyber intrusion as required by Regulation Systems Compliance and Integrity.
How to Report Fraud to the SEC and Qualify for an SEC Whistleblower Award
To report a fraud (or any other violations of the federal securities laws) and qualify for an award under the SEC Whistleblower Program, the SEC requires that whistleblowers or their attorneys report the tip online through the SEC’s Tip, Complaint or Referral Portal or mail/fax a Form TCR to the SEC Office of the Whistleblower. Prior to submitting a tip, whistleblowers should consult with an experienced whistleblower attorney and review the SEC whistleblower rules to, among other things, understand eligibility rules and consider the factors that can significantly increase or decrease the size of a future whistleblower award.
Florida Enacts Immigration-Related Laws Expanding Law Enforcement, Restricting In-State Tuition, and Increasing Criminal Penalties
On February 13, 2025, Florida Governor Ron DeSantis signed into law Senate Bill (SB) 2-C and Senate Bill (SB) 4-C, immigration-related legislation that addresses a variety of matters, including in-state tuition benefits, new criminal penalties, and law enforcement structure and funding.
Quick Hits
Under recently enacted state legislation, undocumented immigrants in Florida will no longer be eligible for in-state tuition benefits at public colleges and universities.
Any undocumented immigrant convicted of a capital felony will face the death penalty.
A new State Board of Immigration Enforcement will be created, and more than $298 million will be allocated to law enforcement for immigration-targeted hiring and training, including bonuses to officers who cooperate in federal enforcement activities.
In-State Tuition Benefits
Under newly enacted SB 2-C, undocumented immigrants living in Florida will no longer be eligible for the in-state tuition rate at Florida’s public colleges and universities. Starting on July 1, 2025, students will be reevaluated for tuition eligibility.
Heightened Criminal Penalties
SB 2-C and SB 4-C provide for several new criminal penalties, including a provision in SB 4-C requiring courts to impose the death penalty for any undocumented immigrant “who is convicted or adjudicated guilty of a capital felony”—such as first-degree murder—in Florida. This provision is expected to be challenged in court.
SB 4-C also makes it a first-degree misdemeanor for undocumented immigrants who are eighteen years of age or older to “knowingly” enter or attempt to enter Florida. SB 2-C and SB 4-C enhance the penalties of all misdemeanor crimes committed by undocumented immigrants.
Under SB 2-C, undocumented immigrants who vote or aid noncitizens in voting can be charged with a third-degree felony.
Creation of the State Board of Immigration Enforcement
Senate Bill 2-C creates a State Board of Immigration Enforcement. The State Board of Immigration Enforcement will coordinate with and assist the federal government and state law enforcement agencies in enforcing “federal immigration laws and other matters related to the enforcement of federal immigration laws.”
The State Board of Immigration Enforcement will be composed of the governor and a cabinet to be appointed.
More Than $298 Million Allocated to Immigration-Focused Law Enforcement
SB 2-C allocates more than $298 million for state law enforcement agencies to carry out the state’s immigration objectives. The allocation includes funding for the hiring of fifty new law enforcement officers, a $1,000 bonus incentive program for immigration enforcement officers, and training grants.
Governor DeSantis’s signing of both bills continues his immigration objectives and follows Senate Bill 1718, which he signed into law in May 2023.
New York’s Highest Court Declares Ethics Commission Valid
On Feb. 18, 2025, the New York State Court of Appeals issued a 4-3 decision upholding the constitutionality of the Commission on Ethics and Lobbying in Government (COELIG).1 As was previously detailed in GT Alerts from May 2024 and September 2023, both the Appellate Division, Third Department and the Albany County Supreme Court criticized COELIG’s structure, ultimately concluding that its establishment and scope of authority violated the separation of powers doctrine. The Court of Appeals, however, disagreed, finding that COELIG’s structure and the manner in which its commissioners are appointed is constitutionally permissible. As a result, COELIG may continue its work consistent with statutory provisions enacted in 2022.
In challenging the Commission’s authority following its attempt to enforce a monetary penalty for violating certain rules prohibiting the use of state resources for private purposes, former-Gov. Andrew Cuomo argued that COELIG, as an ethics enforcement body, exercises executive power and, for that reason, the executive must have sufficient authority to appoint and remove commissioners. Gov. Cuomo argued that the Ethics Commission Reform Act of 2022:
1.
“violates constitutional principles of separation of powers because the Commission exercises investigatory and enforcement powers constitutionally entrusted to the Executive, without sufficient oversight by the Governor”;
2.
“violates Article V of the State Constitution because, although the Commission is formally within the Department of State, it functions as a separate department without a head appointed by the Governor with the advice and consent of the Senate”; and
3.
“unconstitutionally displaces the . . . impeachment process, by permitting the Commission to sanction the Governor for putative violations of the Public Officers Law.”
The lower courts embraced these arguments, with the Albany County Supreme Court concluding that COELIG was unsalvageable due to it being “a body that exercises executive authority where the Governor’s role is confined only to nominating a minority of that body,” where the body’s vetting and appointment was being conducted by “private operators (like a bunch of deans).”2 After the Appellate Division, Third Department upheld the lower court, the state again appealed to the Court of Appeals.
The Court of Appeals focused on three factors to ultimately reverse the lower courts and conclude that the 2022 statutory changes creating COELIG are constitutional: (1) the separation of powers doctrine’s flexibility, (2) COELIG’s appointment and removal powers, and (3) the need to promote the public’s trust in government. The majority of the court stated that the separation of powers doctrine does not need to be applied in a rigid fashion; there may be overlap in duties so long as “core duties and responsibilities are retained” with the executive. The court’s majority similarly stated that the constitution is clear that “powers of appointment and removal . . . generally are divided between the Legislature and the Governor.” The governor is not afforded “indefeasible powers to appoint or remove non-constitutional state officers,” and thus that type of exclusive authority for COELIG does not need to rest with the governor.
Finally, the court reasoned that the legislative justification for the Ethics Commission Reform Act of 2022 was to maintain public confidence in government and that this “implicates fundamental constitutional values.” “Given the danger of self-regulation . . . there is an urgent need for the robust, impartial enforcement of the State’s ethics and lobbying laws.” For these reasons, the court concluded that the Act and the commission’s existence “neither unconstitutionally encroaches upon the Executive nor otherwise deviates from constitutional requirements.”
Promptly after the decision’s release, the Commission’s chair and executive director touted the result, stressing that COELIG has and continues to “administer and enforce the state’s ethics and lobbying laws, deliberately, fairly, and with zeal, pursuing its mission to restore New Yorkers’ faith in state government.” To that end, all regulated parties – including lobbyists, clients of lobbyists, and state government officials — should expect COELIG to proceed with business as usual.
1 Cuomo v. COELIG (2025).
2 Cuomo v. COELIG, (Alb. Sup. Ct. 2023).
U.S. Senate Advances KOSMA Bill Targeting Social Media Use by Minors
Varnum Viewpoints:
KOSMA Restrictions: The Kids Off Social Media Act (KOSMA) aims to ban social media for kids under 13 and limit targeted ads for users under 17.
Bipartisan Support & Opposition: While KOSMA has bipartisan backing, critics argue it could infringe on privacy and First Amendment rights.
Business Impact: KOSMA could affect companies targeting minors, requiring compliance with new privacy regulations alongside existing laws like COPPA.
While COPPA 2.0 and KOSA are discussed more frequently when it comes to protecting the privacy of minors online, the U.S. Senate is advancing new legislation aimed at regulating social media use by those 17 and under. In early February, the Senate Committee on Commerce, Science and Transportation voted to advance the Kids Off Social Media Act (KOSMA), bringing it closer to a full Senate vote.
KOSMA Restrictions
KOSMA would prohibit children under 13 from accessing social media. Additionally, social media companies would be prohibited from leveraging algorithms to promote targeted advertising or personalized content to users under 17. Further, schools receiving federal funding would be required to limit the use of social media on their networks. The bill would also grant enforcement authority to the Federal Trade Commission and state attorneys general.
Bipartisan Support & Opposition
KOSMA has received bipartisan support, with advocates such as Senator Brian Schatz (D-HI), who introduced the bill in January, citing the growing mental health crisis amongst minors due to social media use. Supporters argue that while existing laws like COPPA protect children’s data, they do not adequately address the considerations of social media since they predate the platforms. However, much like similar state laws that have come before it, KOSMA is rife with opposition as well. Opponents argue that this type of regulation could erode privacy and impose unconstitutional restrictions on young people’s ability to engage online. Instituting a ban as opposed to mandating appropriate safeguards, opponents argue, infringes on First Amendment rights.
Business Impact
Although KOSMA only applies to “social media platforms,” the definition of this term could be interpreted broadly and potentially include many companies that publish user-generated content within the scope of KOSMA’s restrictions. KOSMA identifies specific types of companies that would be exempt from the definition of social media platforms, such as teleconferencing platforms or news outlets. If KOSMA were to go into effect, companies across the country that are knowingly collecting data from minors or targeting them with personalized content or advertising would have an additional layer of regulatory consideration when assessing their privacy practices pertaining to the processing of data related to minors—on top of existing federal and state laws.
Corporate Risk Management Basics: What Every Business Should Know
Introduction
Risk management is a critical component of any successful business strategy. It involves identifying, assessing, and mitigating potential threats that could adversely affect an organization’s operations, assets, or reputation. These risks can be financial, operational, legal, or strategic in nature. By implementing effective risk management practices, businesses can safeguard their interests and ensure long-term stability.
What Is Risk Management?
Risk management is the systematic process of identifying potential risks, evaluating their likelihood and impact, and developing strategies to address them. This proactive approach enables businesses to minimize potential losses and capitalize on opportunities. As Brenda Wells, an expert in risk management emphasizes, risk management isn’t just about reacting to problems; it’s about planning ahead to prevent them.
Major Focus Areas in Risk Management
Risk management involves multiple dimensions, each critical to the overall success and resilience of an organization. Addressing these areas holistically can help businesses maintain operational efficiency and financial security. Effective risk management encompasses several key areas:
Operational Risks: These pertain to disruptions in day-to-day business activities, such as supply chain interruptions, equipment failures, or human errors. Managing operational risks involves implementing robust internal controls and contingency plans to maintain business continuity.
Financial Risks: These involve uncertainties related to financial markets, including interest rate fluctuations, credit risks, and liquidity challenges. Businesses must monitor their financial exposures and employ strategies like diversification and hedging to mitigate these risks.
Legal and Compliance Risks: Organizations must adhere to various laws and regulations pertinent to their industry. Non-compliance can lead to legal penalties and reputational damage. Regular compliance audits and staying updated with regulatory changes are essential practices.
Cybersecurity Risks: In today’s digital age, cyber threats such as data breaches and theft of intellectual property (IP) are prevalent. Alex Sharpe, a cybersecurity expert, warns that many businesses underestimate their exposure to cyber risks, but a single incident can cripple a company financially and erode customer trust. Implementing robust cybersecurity measures and employee training can mitigate these risks. In today’s hyper-connected world, we can no longer only look at ourselves. We also need to look at third parties we depend upon.
Reputational Risks: These arise from negative public perceptions due to poor customer service, product failures, or unethical practices. Maintaining transparency, ethical operations, and effective communication strategies are vital to protecting a company’s reputation.
Key Legal and Financial Terms in Risk Management
Understanding specific legal and financial terms is crucial for effective risk management. These terms often occur when discussing mitigating risks and ensuring regulatory compliance:
Derivatives: Financial instruments whose value is derived from underlying assets like stocks, bonds, or commodities. They are commonly used for hedging financial risks.
Directors and Officers (D&O) Liability Insurance: This insurance provides coverage to company leaders against claims arising from alleged wrongful acts in their managerial capacity.
Third-Party Risk Management (TPRM): Involves assessing and managing risks associated with external entities that a business engages with, such as suppliers or service providers.
Compliance Program: A structured set of internal policies and procedures implemented by a company to ensure adherence to laws, regulations, and ethical standards. A robust compliance program helps in identifying regulatory risks and implementing measures to mitigate them.
The Role of Insurance in Risk Management
Insurance is a fundamental tool in transferring risk. Sue Myers, a seasoned expert in risk and insurance, emphasizes the need for strategic planning in risk management. By obtaining appropriate insurance coverage, businesses can protect themselves against significant financial losses resulting from unforeseen events. However, as David Pooser points out, “insurance transfers risk, but it doesn’t eliminate it. A solid risk management plan includes prevention and mitigation strategies.” Therefore, while insurance provides a safety net, it should be complemented with proactive risk mitigation efforts.
Selecting the Right Insurance Agent/Broker
An insurance agent or broker plays a pivotal role in a company’s risk management strategy. A knowledgeable agent can help identify potential coverage gaps and ensure that the business is adequately protected. Reid Peterson advises business owners to seek agents who possess a deep understanding of their specific industry and can offer tailored recommendations. He encourages businesses to think of their insurance agent as part of their advisory team, just like a lawyer or accountant.
Building a Comprehensive Business Advisory Team
A multidisciplinary advisory team enhances a company’s ability to manage risks effectively. Key members should include:
Attorney: Handles legal matters, ensures regulatory compliance, and manages potential litigation.
Accountant: Oversees financial health, conducts audits, and advises on tax-related issues.
Insurance Agent: Assesses risk exposures and recommends appropriate insurance solutions.
Cybersecurity Expert: Develops strategies to protect against digital threats and ensures data integrity.
This collaborative approach ensures that all potential risks are identified and managed comprehensively.
Common Risk Management Pitfalls
Businesses often encounter challenges in their risk management efforts. Common risk management pitfalls include:
Neglecting Regular Updates: As businesses evolve, so do their risk exposures. It’s crucial to regularly review and update risk management strategies and insurance coverages to align with current operations.
Overlooking Cybersecurity: With the increasing reliance on digital systems, neglecting cybersecurity can leave businesses vulnerable to costly data breaches.
Lack of Crisis Management Plans: Many companies fail to prepare for potential crises, which can lead to disorganized responses and increased financial losses.
Failure to Review Contracts: Poorly drafted contracts can expose businesses to unnecessary legal and financial risks. Having legal professionals review agreements can prevent future disputes.
Final Thoughts
Risk management is an essential part of running a successful business. By taking a proactive approach — identifying risks, developing mitigation strategies, and working with the right advisors — businesses can protect themselves from costly disruptions. As Brenda Wells emphasizes, risk management isn’t about avoiding all risks — it’s about being prepared for them.
To learn more about this topic view Corporate Risk Management / Corporate Risk Management Basics. The quoted remarks referenced in this article were made either during this webinar or shortly thereafter during post-webinar interviews with the panelists. Readers may also be interested to read other articles about managing business risks.
This article was originally published here.
©2025. DailyDACTM, LLC d/b/a/ Financial PoiseTM. This article is subject to the disclaimers found here.
ICE Inspections in the Workplace: What Employers Need to Know
With the increasing activity by the U.S. Immigration and Customs Enforcement (ICE), employers should be aware of their responsibilities and how to interact with ICE agents. Generally, ICE agents may inspect a business for workplace enforcement or to conduct inspections of employee I-9 documentation. It is imperative that employers are aware of how to best prepare and respond to these types of situations.
What Information Should Employers Obtain from ICE Agents During a Workplace Interaction?
If ICE agents visit the workplace, employers should immediately contact counsel regarding next steps. ICE agents are required to identify themselves and present proper documentation regarding the proposed search, to enter nonpublic areas of the workplace.
Here are a few steps to follow if ICE agents appear at your place of business:
Ask the ICE agents to identify themselves with their badge information and a valid subpoena or warrant.
Document each of the ICE agent’s names, the name of the U.S. attorney assigned to the case, and the type of documentation presented for your records.
Ask the ICE agents to inform you of the nature and purpose of their visit.
Ask for a copy of the warrant or subpoena. You do not have to allow ICE agents access to nonpublic areas of the workplace if a proper warrant is not present.
Once you are handed a warrant and documentation from ICE agents, tell the ICE agent that “It is our company’s policy to call our lawyer and I am doing that now.” Contact your legal counsel immediately so that they can review the documents, ensure that the warrant is valid, and whether they should be present during the search.
Do not obstruct or interfere with ICE activities or agents. Do not hide employees or help them evade the search. Do not provide any false information, shred documents, or hide documents.
Create a list of employees present during the raid.
What Parts of the Workplace Can ICE Enter?
ICE is permitted to enter publicly accessible areas of a business without a warrant. However, to enter non-public areas of a business, ICE agents are required to present, upon request, a proper warrant or subpoena. ICE generally operates using either an ICE-issued warrant, or a warrant issued by a state or federal judge in the jurisdiction in which the inspection is occurring. Only a warrant signed by a judge gives ICE agents access to the private areas of a workplace. To determine whether a judicial warrant is valid, ensure that the warrant:
States “U.S. District Court” or a California Superior Court (if in California)
Is signed by a judge
Describes the physical place to be searched
Describes the individuals to be searched or describes the items to be seized, if any
Is dated
Has been issued within the past 14 calendar days
If the warrant is missing any of these requirements, it is invalid, and employers are permitted to refrain from permitting ICE agents from entering private areas of the workplace.
What Can Employers Tell Their Employees To Do During an ICE Inspection?
If ICE agents seek to speak with an employee in the workplace during an investigation, employees do have the right to remain silent and obtain legal counsel.
What Should Employers Do Next?
Employers should have policies in place to ensure a smooth process if ICE agents conduct an inspection at the workplace. Here are some recommendations:
Indicate which areas of the office are considered public and which areas are nonpublic – since ICE can only enter public areas, if there are areas marked “Employees Only,” those are nonpublic, and ICE cannot enter without a valid warrant.
Assign an employee to be the designated representative if ICE agents visit the premises to accompany the agent(s) during an inspection. The employee may take notes or videotape the officer. The employee should note any items seized and ask the officer if copies can be made before the originals are taken. If ICE does not agree, you can obtain copies later.
Ask for a list of items seized during the search. Agents are required to provide you with an inventory of items taken.
Contact counsel for further assistance on next steps.
What Differentiates an ICE Inspection from a Notice of Inspection (NOI)?
Federal law requires that employers have an I-9 form on file for each employee within three days of an employee’s hire date to prove that the employee is authorized to work in the U.S. A Form I-9 investigation is initiated when ICE serves the employer with a Notice of Inspection (NOI) – this should not be confused with a warrant, which is addressed above. Employers are required to deliver notice to their employees within 72 hours of receiving the NOI regarding the inspection.
If ICE serves a NOI, immediately contact counsel. Additionally, employers are entitled to up to three business days to produce their employee’s I-9 forms and, if ICE determines that one or more employees are not authorized to work in the United States, employers have up to 10 days to provide valid work authorization for these employees. The employer must notify any employees who the NOI indicates are not authorized to work in the United States of that determination within 72 hours.
Ultimately, when interacting with ICE, employers should immediately contact counsel to determine next steps and the appropriate course of action.
California: Private Equity Management of Medical Practices Again Appears in Proposed Legislation
The California legislature recently introduced legislation, SB 351, that would impact private equity or hedge funds managing physician or dental practices in California. The bill is similar to a portion of California legislation from last year, AB 3129, which targeted private equity group and hedge fund management of medical practices. Last year, AB 3129 passed in the legislature but was vetoed by the Governor before becoming law. The introduction of SB 351 is part of a continuing trend in California and across the country in examining the influence of private equity investment in medical practices.
What Does SB 351 Do?
SB 351 is intended to ensure health care providers maintain control of clinical decision-making and treatment choices and to limit the influence of private equity or hedge fund influence or control over care delivery in the state.
SB 351 would codify and reinforce existing guidance relating to the prohibition on the corporate practice of medicine and dentistry. Specifically, SB 351 would prohibit a private equity group or hedge fund involved in any manner with a California physician or dental practice from interfering with professional judgment in making health care decisions or exercising control of certain practice operations.
Under the proposed legislation, prohibited activities include: determining the diagnostic tests appropriate for a particular condition; determining the need for referrals to other providers; being responsible for the ultimate care or treatment options for the patient; and determining the number of patient visits in a time period or how many hours a physician or dentist may work. Exercising control over a practice would include the following types of activities: owning or determining the content of patient medical record; selecting, hiring, or firing physicians, dentists, allied health staff, and medical assistants based on clinical competency; setting the parameters of contracts with third-party payors; setting the parameters for contracts with other physicians or dentists for care delivery; making coding and billing decisions; and approving the selection of medical equipment and supplies.
In addition, SB 351 would limit the ability of a private equity or hedge fund to restrict a provider or practice from engaging in competitive activities. SB 351 would prohibit a private equity group or hedge fund from explicitly or implicitly barring any practice provider from competing with the practice in the event of a termination or resignation of that provider from that practice. The bill would also prohibit a private equity group or hedge fund from barring a provider from disparaging, opining, or commenting on issues relating to quality of care, utilization, ethical or professional changes in the practice of medicine or dentistry, or revenue-increasing strategies employed by the private equity group or hedge fund. The California Attorney General would be entitled to injunctive relief and other equitable remedies for enforcement of the provisions of SB 351.
SB 351 contains some of the provisions that were included in AB 3129 relating to management of physician and dental practices but does not include the same breadth of limitations that were in AB 3129. Notably, SB 351 does not require the notice to and consent of the California Attorney General for certain private equity health care transactions. SB 351 also does not extend to hedge fund or private equity involvement with psychiatric practices. The scope is limited to private equity or hedge fund involvement with a physician or dental practice.
What Happens Next?
SB 351 will continue to make its way through the California legislature this year and may undergo further amendments throughout the process. Similar to AB 3129, SB 351 may garnish sufficient support to be passed by the California legislature.
The reintroduction of this legislation in California demonstrates the continuing national focus on private investment in medical practices across the country and the limitation on restrictive covenants. Management organizations and professional entities in California should review their existing arrangements to ensure compliance with applicable laws and existing corporate practice restrictions. Given the continued interest in the California legislature in addressing these issues, it may be prudent to proactively align those arrangements with the limitations in SB 351. We will continue tracking SB 351’s progress.
Congress Extends Certain Telehealth Flexibilities Through March 31, 2025
Overview
KEY UPDATE
At the close of 2024, US Congress passed a short-term extension of Medicare telehealth flexibilities as part of the American Relief Act, 2025 (ARA). The Medicare telehealth waivers, originally enacted as part of the COVID-19 public health emergency (PHE) and subsequently extended through legislation, were set to end on December 31, 2024. These flexibilities, along with the Acute Hospital Care at Home waiver program, are now set to expire March 31, 2025. The ARA failed to extend other waivers, such as the temporary safe harbor for high-deductible health plans (HDHPs) to provide first-dollar coverage of telehealth without interfering with health savings account (HSA) eligibility. While the short-term extension provides continued access to telehealth for Medicare patients, stakeholders should continue to engage with Congress for a more permanent solution.
WHY IT MATTERS
The ARA extension is limited to certain Medicare policies and is only effective through March 31, 2025. Some bipartisan policies, such as the extension of the telehealth HDHP safe harbor, were not included in the ARA. Additionally, the flexibilities related to coverage of cardiac and pulmonary rehabilitation services provided via telehealth were not extended.
The extension indicates bipartisan support for continuing coverage for telehealth services, but the short timeline warrants continued stakeholder engagement for the extension and eventual permanence of the Medicare telehealth flexibilities and reinstatement of the HDHP safe harbor. As the new administration takes office, it is unclear where telehealth will fall on the list of priorities.
In Depth
Historically, Medicare has provided coverage for telehealth services in instances where patients would otherwise be geographically distant from approved providers (e.g., physicians, nurse practitioners, and clinical psychologists). Section 1834(m) of the Social Security Act provides that telehealth services are covered if the beneficiary is seen:
At an approved “originating site” (e.g., physician office, hospital, or skilled nursing facility) that is located within a rural health professional shortage area that is either outside of a metropolitan statistical area (MSA), in a rural census tract, or in a county outside of an MSA
By an approved provider
For a defined set of services
Using certain telecommunications technologies.
Many of these Medicare restrictions regarding coverage and payment for telehealth services were waived via authority delegated in the Coronavirus Aid, Relief, and Economic Security (CARES) Act. Congress subsequently extended the waivers in other pieces of legislation, including the Consolidated Appropriations Act (CAA) 2022 and CAA 2023, with the flexibilities most recently set to expire on December 31, 2024.
The ARA extended the following Medicare flexibilities through March 31, 2025:
Geographic restrictions and originating sites. Patients’ homes will continue to serve as eligible originating sites for all telehealth services (ARA § 3207(a)(2)). Geographic restrictions also remain waived (ARA § 3207(a)(1)).
Eligible practitioners. The expanded definition of the term “practitioner” will continue to apply. The expanded definition includes qualified occupational therapists, physical therapists, speech-language pathologists, and audiologists (ARA § 3207(b)).
Audio-only. Audio-only telehealth services remain eligible for reimbursement (ARA § 3207(e)).
Extending telehealth services for federally qualified health centers (FQHCs) and rural health clinics (RHCs). The US Department of Health and Human Services will cover telehealth services furnished via FQHCs and RHCs to eligible individuals (ARA § 3207(c)).
In-person requirements for mental health. The in-person requirement for mental health care to be reimbursed under Medicare has been delayed until April 1, 2025 (ARA § 3207(d)(1)).
Telehealth for hospice. Telehealth can continue to be used for the required face-to-face encounter prior to the recertification of a patient’s eligibility for hospice care (ARA § 3207(f)).
The ARA also extended the Acute Hospital Care at Home waiver program through March 31, 2025. In the midst of the PHE, the Centers for Medicare & Medicaid Services (CMS) used its PHE flexibilities to issue waivers to certain Medicare hospital conditions of participation (CoPs). These waivers, along with the PHE-related telehealth flexibilities, allowed Medicare-certified hospitals to furnish inpatient-level care in patients’ homes. Addressing hospital bed capacity during the pandemic was a high priority for CMS. These waivers and flexibilities, collectively referred to as the AHCAH Initiative, included:
Waiver of the CoP requiring nursing services to be provided on-premises 24 hours a day, seven days a week.
Waiver of the CoP requiring immediate on-premises availability of a registered nurse for care of any patient.
Waiver of CoPs that define structural and physical environment criteria specific to the hospital setting.
Telehealth flexibility allowing the home or temporary residence of an individual to serve as an originating telehealth site.
Telehealth flexibility allowing a hospital to use remote clinician services in combination with in-home nursing services to provide inpatient-level care in the patient’s home.
As with the Medicare telehealth flexibilities, these had been previously extended through December 31, 2024.
Notable flexibilities that expired or were absent from the ARA include the following:
The telehealth safe harbor for HDHPs. The CARES Act created a temporary safe harbor that permitted HDHPs to cover telehealth and remote care services on a first-dollar basis without jeopardizing eligibility for HSA contributions. By permitting health plans to provide HDHP participants coverage for telehealth services without requiring them to first meet the minimum required deductible, the safe harbor increased access to telehealth services. Additionally, covered individuals who received these services were still able to make or receive contributions to their HSAs because telehealth services were temporarily disregarded in determining eligibility for HSA contributions. Previously, the telehealth HDHP safe harbor ceased for three months from January 1, 2022, to March 31, 2022, before the CAA 2022 renewed it. Most recently extended by the CAA 2023, the telehealth safe harbor for HDHPs expired on December 31, 2024. Starting on January 1, 2025, health plans, insurers, and health plan vendors that previously relied on the telehealth HDHP safe harbor may need to update telehealth coverage for HDHP participants, such as updating plan design and/or cost sharing, to prevent disqualifying HDHP participants from making or receiving HSA contributions.
The SPEAK Act, which would establish a task force to improve access to health IT for non-English speakers.
The PREVENT DIABETES Act, which would broaden access to diabetes prevention services through the Medicare Diabetes Prevention Program.
The Sustainable Cardiopulmonary Rehabilitation Services in the Home Act, which would permanently codify cardiopulmonary rehabilitation Medicare telehealth flexibilities.
With the March 31, 2025, deadline in the not-too-distant future, stakeholders should continue to engage with Congress regarding an extension and permanent solution for the telehealth flexibilities, reinstatement of flexibilities that expired, and inclusion of the other bipartisan telehealth policies that were not included in the final ARA.
Lisa Mazur, Sarah G. Raaii, and Dale C. Van Demark contributed to this article.