CFPB Director Nominee to Move to Treasury Finance Role
On May 9, the U.S. Department of the Treasury announced that President Trump intends to nominate Jonathan McKernan to serve as the Undersecretary of Domestic Finance. McKernan had been awaiting Senate confirmation to lead the CFPB, but the White House confirmed his nomination will be rescinded as the administration continues to pursue structural change to the Bureau.
As Undersecretary of Domestic Finance, McKernan would oversee federal fiscal policy, manage public debt, and coordinate regulatory initiatives involving financial institutions and markets. His reassignment leaves acting CFPB Director Russell Vought in charge of the Bureau until a new nominee is named.
Putting It Into Practice: McKernan’s reassignment leaves a big question mark on the Bureau’s future. While the Trump administration look to bring forth a new nominee? Or will Vought remain as Acting Director until its fate is decided by the courts. We will continue to monitor the situation for further developments.
Listen to this post
EPA Announces Plan to Scale Back and Extend Compliance Deadlines for Federal Drinking Water Regulations on PFAS
On May 14, 2025, less than three weeks after the U.S. Environmental Protection Agency (EPA) released its strategy to address per and polyfluoroalkyl substances (PFAS), the EPA announced its intent to retain the existing drinking water standards for the two most common PFAS (perfluorooctanoic acid (PFOA) and perfluorooctane (PFOS)). At the same time, EPA stated it would rescind and “reconsider” the regulation of the four other PFAS compounds included in the previous rule (perfluorononanoic acid (PFNA), hexafluoropropylene oxide dimer acid and its ammonium salt (HFPO-DA, commonly known as GenX chemicals), perfluorohexane sulfonic acid (PFHxS) and perfluorobutane sulfonic acid (PFBS)). For more information on the prior rule, see our April 2024 Alert, available here and for more information on EPA’s strategy to address PFAS, see our April 2025 Alert, available here.
In addition to limiting the number of PFAS compounds subject to regulation under the Safe Drinking Water Act, EPA stated it would extend compliance deadlines for PFOA and PFOS from 2029 to 2031, create a framework for federal exemptions for passive receivers of PFAS (consistent with its goal to “hold polluters accountable”), and establish a new “PFAS OUTreach Initiative” (PFAS OUT). According to EPA Administrator Lee Zeldin, with its particular emphasis on water systems in rural and small communities, PFAS OUT will “connect with every public water utility known to need capital improvements to address PFAS in their systems” by sharing resources, tools, funding, and technical assistance to help utilities meet the federal drinking water standards.
OMB Approves Proposed 2024 EEO-1 Instruction Booklet—Filing Site Expected to Open Soon
On May 12, 2025, the Office of Management and Budget (OMB) approved the 2024 EEO-1 Instruction Booklet submitted by the U.S. Equal Employment Opportunity Commission (EEOC) without changes. The now approved 2024 EEO-1 Component 1 Data Collection Instruction Booklet eliminates the option to report non-binary employees, stating that the reporting provides “only binary options (i.e., male or female) for reporting employee counts.” It also sets a shortened reporting period stating that the filing platform will open on May 20, 2025, and close on June 24, 2025.
Quick Hits
The OMP approved the EEOC’s proposed 2024 instruction booklet on EEO-1 data collection on May 12, 2025.
The approved 2024 instruction booklet states that the data collection period will open on May 20, 2025, and close at 11:00 p.m. (EDT) on June 24, 2025.
The approved 2024 instruction booklet removes the option to provide information about non-binary employees.
While the EEOC has not yet posted updates on the EEO-1 landing page, it is expected that the agency will promptly open the 2024 EEO-1 filing platform. While it is not clear if the platform will open on May 20, 2025, it is expected that once the EEOC opens the platform, it will set a filing period of five weeks. Due to the expected opening of the filing platform and the shortened filing period, EEO-1 filers may want to consider working now toward gathering the data necessary for the filings.
President Trump Signs Resolution Nullifying CFPB Overdraft Fee Rule
On May 9, President Trump signed a Congressional Review Act resolution repealing the CFPB’s final rule restricting overdraft fees at large financial institutions. The rule, originally finalized under the Biden administration, would have imposed new limits on overdraft fees charged by banks with over $10 billion in assets.
The repealed rule, which was set to take effect on October 1, 2025, would have capped overdraft fees at $5 unless banks could demonstrate actual cost justification or treat overdraft coverage as a credit product under the Truth in Lending Act.
Putting It Into Practice: The CFPB’s overdraft rule is now void, and the Bureau is barred from issuing a substantially similar regulation in the future under the Congressional Review Act. While large depository institutions are no longer subject to federal overdraft fee caps, they should remain attentive to state-level regulatory activity concerning fees.
Listen to this post
Missouri Legislature Passes Bill to Repeal Earned Paid Sick Time Law
On May 14, 2025, the Missouri General Assembly passed House Bill (HB) 567, which would repeal the Missouri paid sick time statute and eliminate Missouri employers’ obligation to provide earned paid sick time to all Missouri employees.
Quick Hits
The Missouri paid sick time statute requires Missouri employers to provide earned paid sick time, starting May 1, 2025.
On May 14, 2025, the Missouri General Assembly passed HB-567, which would repeal the paid sick time statute. If signed by the governor, the law will be repealed effective August 28, 2025.
Proposition A, which Missouri voters passed via a ballot measure on November 5, 2024, includes a provision that raises the state’s minimum wage as of January 1, 2025, and requires employers to begin providing earned paid sick time (PST) on May 1, 2025. In addition to repealing the state paid sick time law, HB-567 would amend the minimum wage statute.
The Missouri Paid Sick Time Law
Under the current paid sick time law, most Missouri employers must provide earned paid sick time to employees working in Missouri starting May 1, 2025. The law exempts employers that are federal, state, or local governments or political subdivisions of the state. The statute also excludes some categories of workers, such as volunteers, camp counselors, babysitters, golf caddies, some rail carrier employees, and retail employees of businesses with annual gross volume sales of less than $500,000. The law does not apply to employees covered by a collective bargaining agreement (CBA) that was in effect on November 5, 2024, until the CBA is amended, extended, or renewed.
The current PST law allows Missouri employees to:
earn one hour of earned paid sick time for every thirty hours worked;
use PST for an employee’s own illness or medical reasons, illness/medical reasons of an immediate family member, closure of the employer’s business or the employee’s child’s school, and absences due to sexual assault or domestic violence;
use PST in increments of one hour;
use up to fifty-six hours of PST for covered reasons;
carry over up to eighty hours of unused PST at year-end; and
use PST without discipline or retaliation for covered use.
Repealing the Missouri PST Statute
HB-567 passed without an emergency clause because the emergency clause was defeated in the Missouri House of Representatives when it did not receive the requisite two-thirds approval before moving to the Senate. The emergency clause would have allowed the repeal to become effective immediately upon signature by the governor. The bill would take effect on August 28, 2025.
If the bill is signed into law, there will be a seventeen-week period from May 1, 2025, to August 28, 2025, during which Missouri employers must comply with the current PST law. Many employers may want to implement a temporary policy to cover the period when the PST law is still in effect. For employers that have a paid-time-off (PTO) policy that meets all the requirements of the statute, no additional PTO policy is necessary.
Key Takeaways
Missouri employers must provide earned paid sick time to eligible Missouri employees while the law is in effect. If the governor signs HB-567, employers may want to implement a short-term policy to provide the required PST benefits from May 1, 2025, to August 28, 2025. Additionally, employers may want to consider how to use an existing PTO policy for short-term compliance and address what will happen to earned PST upon repeal of the law.
FTC Issues FAQs on ‘Junk Fees’ Rule
The Federal Trade Commission’s Rule on Unfair or Deceptive Fees, sometimes called the “Junk Fees Rule,” took effect on May 12, 2025. In advance of that effective date, the FTC published Frequently Asked Questions (FAQs) to provide guidance to consumers and businesses regarding the Rule.
In a press release announcing the FAQs, the FTC reiterated that the Rule “prohibits bait-and-switch pricing and other tactics used to hide total prices and mislead people about fees in the live-event ticketing and short-term lodging industries,” and also said that the Rule “furthers President Trump’s Executive Order on Combating Unfair Practices in the Live Entertainment Market by ensuring price transparency at all stages of the live-event ticket-purchase process, including the secondary ticketing market.”
The reference to Trump’s executive order indicates that while the Biden administration started the war on so-called junk fees, the Trump administration will continue it, though potentially with a more restrained strategy.
The FAQs
The FAQs represent the FTC “staff’s views” on the Rule and its requirements. While those views are not binding on the Commission, every business subject to the Rule—or to any unfair or deceptive acts or practices (UDAP) standard—should review the FAQs, which provide insight into how the FTC and other consumer protection agencies are may view fees and fee disclosures. This GT Alert summarizes several of the key points FTC staff made in the FAQs.
What Businesses Does the Rule Cover?
The FAQs explain that businesses selling live-event tickets and short-term lodging are covered by the Rule, and that the Rule covers both individual (B2C) and business (B2B) transactions.
What Are the Rule’s Basic Requirements?
The FAQs explain that the Rule requires businesses to disclose the “total price,” which includes “all charges or fees the business knows about and can calculate upfront, including charges or fees for mandatory goods or services people have to buy as part of the same transaction,” but not taxes or other government charges, shipping charges, or charges for optional goods or services that may be purchased as part of the same transaction.
The FAQs explain that the total-price disclosure must be upfront and more prominently displayed than other price information (except the final amount of payment, as described below) and that excluded charges must be disclosed before the business asks for payment.
The FAQs explain that businesses “must tell the truth about information it’s required to disclose, like how much it’s charging and why” and avoid vague phrases like “convenience fees,” “service fees,” or “processing fees.”
Which Mandatory Fees or Charges Must Be Included in a Business’s Displayed Total Price?
The FAQs explain that businesses must include in the total price “all fees or charges” (other than government charges and shipping charges) that:
people are required to pay, “no matter what”;
people cannot reasonably avoid (the FAQs provide as an example credit card processing charges where there is no other viable payment option);
people are charged for ancillary goods or services that must be purchased “to make the underlying good or service fit for its intended purpose, which reasonable consumers would expect to be part of the purchase”; or
people cannot “effectively agree to because the business employs practices such as default billing, pre-checked boxes, or opt-out provisions.”
Can a Business Itemize Mandatory Fees or Charges?
The FAQs explain that businesses can itemize mandatory fees or charges so long as the itemization does “not overshadow the total price,” is truthful, and does not mispresent fees.
Which Fees or Charges Can Businesses Exclude from the Total Price?
The FAQs explain that businesses may only exclude “government charges, shipping charges, and fees or charges for optional ancillary goods or services that people choose to add to the transaction.” But the FAQs also explain that any excluded fees must be disclosed in the final payment amount that must be presented before the consumer is asked to pay, along with “the nature, purpose and amount of the [excluded] fee or charge” and “the good or service for which the [excluded] fee or charge is imposed.” When Must a Business Disclose the Final Amount of Payment, Including Fees or Charges It Excluded from the Total Price?
The FAQs explain that businesses must clearly, conspicuously, and prominently disclose the final amount of payment—that is, the total price plus any charges excluded from the total price—“before asking people to pay.” The final amount of payment must be disclosed “as prominently as, or more prominently than,” the total price.
Can Businesses Charge Credit Card Surcharges and Other Payment Processing Fees and, if So, Can They Exclude Such Fees from the Total Price?
The FAQs explain that businesses may “charge or pass through credit card or other payment processing fees if otherwise permitted by law,” but that, if a business that “requires people to pay with a credit card, the credit card fee is mandatory and must be included in the total price.”
What Happens if a Business Violates the Rule?
The FAQs explain that businesses that violate the Rule “could be ordered to bring their practices into compliance, refunds money back to consumers, and pay civil penalties.”
Takeaways
State and federal consumer protection agencies remain focused on so-called “junk fees,” with new investigations opening at a regular clip. Given that focus, businesses should watch for “junk-fee” related developments at both the state and federal levels and fine-tune their compliance programs in light of those developments.
We have provided ongoing analysis and commentary regarding junk-fee-related developments, including the developments addressed in our prior client alerts and blog posts:
FTC Alleges Fintech Cleo AI Deceived Consumers (March 31, 2025)
FTC Alleges Fintech Dave, Inc. Deceived Consumers (Nov. 15, 2024)
FTC Targets Adobe for Hidden Fees and Deceptive Subscriptions (July 9, 2024)
CFPB Launches Public Inquiry into Rising Mortgage Closing Costs and ‘Junk Fees’ (June 4, 2024)
FTC Takes Action Against Doxo, Citing Junk Fees (June 3, 2024)
California AG Publishes FAQs on California’s ‘Junk Fee’ Law (May 30, 2024)
CFPB Releases Report Highlighting Junk Fees on Mortgage Servicing (March 23, 2024)
CFPB Unveils Final Rule Banning ‘Excessive’ Credit Card Late Fees (Mar. 13, 2024)
CFPB Issues Proposed Rule to Stop ‘Junk Fees’ on Bank Accounts (Feb. 1. 2024)
California Bans Hidden Fees, Effective July 1, 2024 (Oct. 17, 2023)
FTC Proposed Rule Targeting ‘Junk Fees’ (Oct. 16, 2023)
CFPB Issues Advisory Opinion on ‘Illegal Junk Fees’ By Large Financial Firms (Oct. 12, 2023)
The State of Employment Law: Eight States Require Final Pay on the Termination Date
It’s time to terminate an employee. Perhaps they were a consistently poor performer, and you have known for months that this day would come. Or perhaps an employee committed gross misconduct today and the need for termination is sudden and unexpected. Either way, are you prepared to pay your terminated employee their final paycheck right away? In eight states, you need to be.
Most states allow employers a reasonable time to pay a terminated employee their final wages. The next regularly-scheduled payday is a common deadline, but even less-patient states tend to give employers at least several days to pay final wages. But California, Colorado, Hawaii, Massachusetts, Minnesota, Missouri, Montana, and Nevada all require employers to pay final wages to an employee on the date of their termination.
There are a few caveats to this rule. In Colorado and Hawaii, if an employer’s payroll unit is not operational on the termination date or there is some other circumstance that makes immediate payment impossible, the employer may have until the following business day to pay. In Massachusetts, employers in Boston may wait to pay until payrolls, bills, and accounts are certified. Otherwise, employers in these states need to be prepared to pay final wages on the termination date without exception.
This can put employers in a logistical bind. What do you do, for example, if an employee punches a coworker at 4:55 before you close for the day at 5:00 and your payroll staff is already gone for the day? In situations like this, you may need to wait until the following day to terminate your fighting employee.
OCC Confirms Banks Authority to Offer Crypto Custody and Execution Services
On May 7, the OCC issued Interpretive Letter 1184, reaffirming that national banks and federal savings associations may provide cryptocurrency custody and execution services, including through sub-custodians. The OCC confirmed that these activities are permissible under existing banking authority so long as banks comply with applicable law and engage in safe and sound practices.
The letter builds upon earlier OCC guidance, including Interpretive Letters 1170 and 1183. Specifically, the OCC clarified the following:
Execution of crypto trades at customer direction is permissible. Banks may buy and sell crypto-assets held in custody or on behalf of customers, so long as the transactions are executed at the customer’s direction and in accordance with the customer agreement.
Outsourcing to third parties is allowed with appropriate oversight. Banks may engage sub-custodians and outsource custody or execution functions, provided they maintain robust third-party oversight practices and ensure proper internal controls are in place.
Crypto custody remains a modern extension of traditional bank custodial services. The OCC reiterated its position that holding crypto-assets is functionally similar to traditional custody services, which fall within banks’ statutory authority.
Fiduciary activities must follow applicable regulations. When acting in a fiduciary capacity, national banks must comply with 12 C.F.R. Part 9 or Part 150 for federal savings associations, including rules on the custody and control of fiduciary assets.
Putting It Into Practice: The OCC’s latest guidance offers banks further regulatory clarity in connection with crypto-related services (previously discussed here and here). Banks considering entry into the digital asset space should track these regulatory shifts closely and ensure their compliance, risk management, and third-party oversight frameworks are equipped to support crypto operations.
DOJ Criminal Division Updates (Part 2): Department of Justice Updates its Corporate Criminal Whistleblower Awards Pilot Program
On August 1, 2024, the Department of Justice’s (DOJ) Criminal Division launched a three-year Corporate Whistleblower Awards Pilot Program (the “Pilot Program”). (See Part 1 and Part 3 of this series for more information.) The Pilot Program marked a significant effort by the DOJ to enhance its ability to fight corporate and white collar crime by enlisting whistleblowers to aid in the effort. On May 12, 2025, the DOJ released updated guidance (the “Updated Guidance”) related to the Pilot Program in order to reflect the updated enforcement priorities and policies of the administration under President Trump, also announced on May 12, 2025. In this article, we provide an overview of the Pilot Program and lay out the recent changes to the guidance.
Overview of the Pilot Program
As originally announced in August 2024, the Pilot Program allowed for financial recovery for whistleblowers who provided successful tips relating to “possible violations of law” for four categories of crimes: (1) foreign corruption and bribery, (2) financial institution crimes, (3) domestic corporate corruption, and (4) health care fraud involving private insurance plans.
Eligibility & Key Terms
To be eligible, potential whistleblowers must meet the following criteria:
Financial Threshold. To qualify under the Pilot Program, the information provided must lead to a successful forfeiture exceeding $1 million.
Originality. The information provided by the whistleblower must be based on the individual’s independent knowledge and cannot be already known to the DOJ. Information obtained through privileged communications is excluded from the DOJ consideration.
Lack of “Meaningful Participation” in the Reported Criminal Activity. A whistleblower is ineligible for an award if they “meaningfully participated” in the activity they are reporting. Pilot Program guidance provides that an individual who was “directing, planning, initiating, or knowingly profiting from” the criminal conduct reported is not eligible. Conversely, someone who was involved in the scheme in such a minimal role that they could be “described as plainly among the least culpable of those involved” would be able to recover an award under the Pilot Program.
Truthful and Complete Information. To qualify for an award, a whistleblower must provide all information of which they have knowledge, including any misconduct they may have participated in. If a whistleblower withholds information, they are ineligible to recover an award under the Pilot Program. This requirement includes full cooperation with the DOJ in any investigation, including providing truthful testimony during interviews, before a grand jury, and at trial or any other court proceedings and producing all documents, records, and other relevant evidence.
Award Structure
If eligible, a whistleblower may be entitled to a discretionary award of up to 30% of the first $100 million in net proceeds forfeited and up to 5% of the next $100–$500 million in net proceeds forfeited. Under relevant criminal forfeiture statutes, proceeds are forfeitable only if they are derived from or substantially involved in commission of an offense. In this way, net proceeds forfeited may be less than actual loss.
Unlike other similar whistleblower programs, any award pursuant to the Pilot Program is fully discretionary — there is no guaranteed minimum amount that a whistleblower will recover. In determining whether a whistleblower will receive an award, it will consider whether the information provided was specific, credible, and timely and also whether the information significantly contributed to forfeiture. The DOJ also assesses the whistleblower’s level of assistance and cooperation throughout the investigation.
Corporate Self-Disclosure
The Pilot Program gives companies a 120-day window to self-disclose information related to an internal whistleblower report. Companies choosing to self-disclose “misconduct” covered by the Pilot Program within the allotted 120-day window will remain eligible for a presumption of declination (i.e., no prosecution) under the Corporate Enforcement and Voluntary Self-Disclosure Policy, which also was updated as announced on May 12, 2025 (the “Self-Disclosure Policy”). This 120-day window applies even if the whistleblower has already reported misconduct to the DOJ.
Companies choosing to self-disclose also must meet the other requirements of the Self-Disclosure Policy to qualify for a presumption of declination. In addition to a timely self-disclosure, companies must cooperate fully with the investigation, identify responsible individuals, remediate all harms, and disgorge ill-gotten gains.
Changes in the May 2025 Updated Guidance
The Updated Guidance reaffirms the DOJ’s commitment to the Pilot Program and does not change that the program will run for three years unless otherwise announced. The majority of the specifics of the Pilot Program remain unchanged, including the requirements for whistleblower eligibility, the self-disclosure policy, and the amount that whistleblowers stand to gain.
The primary update is a change to the subject matter to which a whistleblower’s report must pertain in order to be eligible for recovery. Under the Pilot Program as initially announced, information provided by a whistleblower must have related to the following substantive areas:
Violations by financial institutions such as money laundering, failure to comply with anti-money laundering compliance requirements, and fraud against or non-compliance with financial institution regulators.
Violations related to foreign corruption and bribery, including violations of the Foreign Corrupt Practices Act, money laundering statutes, and the Foreign Extortion Prevention Act.
Violations related to the payment of bribes or kickbacks to domestic public officials.
Violations related to federal health care offenses involving private or non-public health care benefit programs, where the overwhelming majority of claims were submitted to private or other non-public health care benefit programs.
Violations related to fraud against patients, investors, or other non-governmental entities in the health care industry, where these entities experienced the overwhelming majority of the actual or intended loss.
Any other federal violations involving conduct related to health care not covered by the federal False Claims Act (FCA).
In its Updated Guidance, the DOJ removes certain language from these categories thus broadening the substantive reach of the Pilot Program:
Removes the requirement that violations related to federal health care offenses involve “private or non-public” health care benefit programs.
Removes the requirement that the overwhelming majority of claims for federal health care offenses were submitted to private or other non-public health care benefit programs.
Removes the requirement that patients, investors, or other non-governmental entities experience the overwhelming majority of actual or intended loss.
Removes entirely the qualifying category for reports involving health care-related violations not covered by the FCA.
Consistent with the Trump administration’s focus on tariffs, immigration, and cartels, among other enforcement priorities, the DOJ adds priority subject-matter areas that now qualify for a potential whistleblower award:
Violations related to fraud against, or deception of, the United States in connection with federally funded contracting or federal funding that does not involve health care or illegal health care kickbacks.
Violations related to trade, tariff, and customs fraud.
Violations related to federal immigration law.
Violations related to corporate sanctions offenses.
Violations related to international cartels or transnational criminal organizations, including money laundering, narcotics, and Controlled Substance Act violations.
Concurrently with its Updated Guidance, the DOJ issued a memorandum entitled “Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime.” This memo clearly lays out the priorities of the DOJ’s Criminal Division under the Trump administration, including but not limited to “trade and customs fraud,” “conduct that threatens the country’s national security,” and combatting “foreign terrorist organizations” such as “recently designated Cartels and [Transnational Criminal Organizations].” The DOJ stated that amendments to the Pilot Program were intended to “demonstrate the Division’s focus on these priority areas.” The changes in the Updated Guidance closely track the stated priority areas, and they reflect that while the Pilot Program will continue, its focus may shift to reflect the additional goals of the Trump administration.
Recommendations for Minimizing Risk Under the Pilot Program
While the recent changes to the Pilot Program broaden the scope of potential whistleblower reports and may implicate companies in industries that were previously not likely to be subject to the program, the substantive best practices for minimizing risk of a whistleblower seeking to take advantage of the Pilot Program remain the same, even with the Updated Guidance. Companies therefore should take this opportunity to review and update their whistleblower response policies to ensure they are clear, being followed, and effective.
Have a preexisting compliance program that encompasses all relevant subject-matter areas. Given the 120-day window to self-disclose under the Pilot Program, companies must be able to undertake complete internal investigations on a short timeline. Companies should ensure they have strong and robust internal reporting structures for misconduct of any type and that they are prepared to promptly investigate any alleged misconduct. Companies should protect the confidentiality of whistleblowers, not retaliate, and not impede whistleblowers from reporting potential violations to the government. To the extent that a company’s compliance program defines potential “misconduct” more narrowly than the Pilot Program, those companies should consider expanding the scope of their compliance function to ensure all potential violations of criminal law are thoroughly investigated.
Conduct internal investigations under privilege. The Pilot Program provides that information is not “original” if the whistleblower obtained it through a communication subject to the attorney-client privilege. It also disqualifies potential whistleblowers if they learned the information in connection with the company’s process for identifying, reporting, and addressing potential violations of law. Therefore, it is essential for companies to preserve privilege while conducting internal investigations. In-house or outside counsel should guide the investigation, and the scope and purpose of the investigation should be documented in writing. Companies should be careful with the extent to which they involve non-attorneys in the investigation (if at all) and should ensure the investigation is being led by attorneys and for the purpose of obtaining attorney advice.
Consider self-disclosure where appropriate. If a company chooses to self-disclose potential misconduct within the 120-day period provided by the Pilot Program, the company is entitled to a presumption of declination under the Self-Disclosure Policy. Where there is any question regarding whether a company has uncovered “misconduct,” this presumption may put a thumb on the scale for self-disclosing, although note that the program also requires companies to cooperate throughout the ensuing government investigation.
Be aware of pre-existing self-disclosure requirements. In combatting the eligibility of potential whistleblowers, companies should consider whether they have any existing requirement to self-disclose. This may come from requirements imposed on all federal grant recipients. It could stem from serving as a government contractor, where such contractors are already required to disclose evidence of potential violations of federal criminal law. The obligation to self-disclose may also come from a corporate integrity agreement in place following a prior FCA settlement. If any of these scenarios apply, it is less likely that a potential whistleblower will be deemed to have come forward voluntarily with original information, and there may be an argument that they therefore do not qualify for an award under the Pilot Program.
Lori Rubin Garber also contributed to this article.
Employees Hiding Use of AI Tools at Work
A new study by Ivanti illustrates that one out of three workers secretly use artificial intelligence (AI) tools in the workplace. They do so for varying reasons, including “I like a secret advantage,” “My job might be reduced/cut,” “My employer has no AI usage policy,” “My boss might give me more work,” “I don’t want people to question my ability,” and “I don’t want to deal with IT approval processes.”
In 2025, a staggering 42% of employees admit to using generative AI (GenAI) tools at work. Another whopping 48% of employees admit to feeling resenteeism (a dislike of one’s job, but stays anyway) and 39% admit to feeling presenteeism (when one comes into the office to be seen, but is not productive).
The secret use of GenAI tools in the workplace poses several risks for organizations, including unauthorized disclosure of company data and/or personal information, cybersecurity risks, bias and discrimination, and misappropriation of intellectual property.
The Ivanti study emphasizes the need for organizations to adopt an AI Governance Program so employees feel comfortable using approved and sanctioned AI tools and don’t keep their use a secret. It also allows the organization to monitor the use of AI tools by employees and implement guidelines and guardrails around their safe use in the organization to reduce risk.
DOJ Criminal Division Updates (Part 3): New Reasons for Companies to Self-Disclose Criminal Conduct
On May 12, 2025, the U.S. Department of Justice (DOJ) announced revisions to its Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP). (See Part 1 and Part 2 of this series for more information.) As a part of the new administration’s priorities and policies for prosecuting corporate and white collar crimes, the head of the Criminal Division directed the Fraud Section and Money Laundering and Asset Recovery Section to revise the CEP and clarify that additional benefits are available to companies that self-disclose and cooperate.[1]
The CEP encourages companies to self-disclose misconduct, fully cooperate with investigations, and remediate issues — and, in turn, potentially reduce their criminal exposure. Though the scope and criteria for compliance with the CEP have evolved since it was announced in 2016, a constant has been the presumption of declination for a company in compliance. This amorphous “presumption” has long drawn complaints from practitioners and companies, due to its lack of certainty in outcomes — especially weighed against the often-extensive investigations and work corporations do to comply with the policy.
The latest revision to the CEP seeks to address complaints about the lack of certainty by providing specific conditions to companies considering voluntary self-disclosure and a pathway to guaranteed declination. The revised CEP also establishes significant benefits for companies that may not meet the requisite declination requirements but fall into other categories. Understanding the nuances of the revised CEP is crucial for companies to ensure they are well positioned to benefit from the revised CEP, should a company find itself in a position to self-disclose misconduct. The key aspects of the May 2025 Revised CEP are as follows:
Declination of Prosecution
Four conditions must be met for DOJ to decline criminal prosecution of company:
Voluntary Self-Disclosure. The company must have proactively and promptly reported unknown misconduct to the Criminal Division, without having an obligation to do so and without an imminent threat of disclosure or government investigation.
Full Cooperation. The company must have “fully cooperated” throughout the investigation process by, among other things, timely disclosing and voluntarily preserving relevant documents and information as well as making company officers and employees who possess relevant information available for interviews by prosecutors and investigators.
Timely and Appropriate Remediation. The company must have taken prompt and effective corrective actions, including investigating underlying conduct and root causes, appropriately disciplining wrong-doers, and implementing an effective compliance and ethics program to reduce future risks.
No Aggravating Circumstances. There should be no significant aggravating factors related to the misconduct, such as its severity, scope, or repeated occurrence, nor recent criminal adjudications for similar offenses.
Near Miss Cases: Voluntary Self-Disclosures with Aggravating Factors
The revised CEP also creates a middle ground for companies that self-report in good faith but do not meet all other voluntary self-disclosure requirements. In these “near miss” situations, the DOJ may offer a Non-Prosecution Agreement (NPA), which typically provides the following benefits:
A term length of fewer than three years.
No requirement for an independent compliance monitor.
A 75% reduction off the low end of the U.S. Sentencing Guidelines fine range.
Resolutions in Other Cases
The revised CEP also outlines a third route to resolution: If a company’s situation does not qualify for a declination or an NPA, prosecutors still have discretion to determine the appropriate resolution. This includes the imposition of penalties, term lengths, compliance obligations, and monetary fines. Prosecutors typically will apply a reduction from the low end of the fine range for non-recidivist companies that have fully cooperated and remediated the misconduct.
Why This Matters
DOJ’s message through the revised CEP is clear: Do the right thing and you will be rewarded.
A company’s timely and effective voluntary remediation and self-disclosure can now result in guaranteed declination of criminal prosecution, if the company complies with the steps laid out in the revised CEP. Companies should keep these benefits in mind not only when faced with a decision point regarding self-disclosure of misconduct but also as they proactively evaluate the effectiveness of their compliance programs and whether they are adequately resourced. Foley is here to help with your compliance and internal investigations needs, as well as counsel you through evaluating self-disclosure under the revised CEP.
[1] See Foley blog post on May 12, 2025 Criminal Division White Collar Enforcement Plan Memo.
Proposed Tax Legislation: Implications for Tax-Exempt Organizations
This week, the US House Ways and Means Committee released tax legislation that includes several provisions relevant to tax-exempt organizations.
The Committee’s proposed legislation is part of the highly anticipated legislative package intended to extend expiring provisions of the 2017 Tax Cuts and Jobs Act (TCJA) and to implement other priorities of President Trump and the Republican Majority in US Congress.
The provisions summarized below from the House Ways and Means Committee text could impact tax-exempt organizations.
The Ways and Means Committee is one of 11 House Committees that developed and reported legislation as part of the budget reconciliation process being used to advance tax reform and other key legislative priorities. The US House Budget Committee will hold a markup of the compiled legislation from the 11 Committees on May 16. The Budget Committee has announced it will accept written statements on the legislation between now and close of business on May 19. House leadership has announced plans for a floor vote on the compiled reconciliation legislation before Memorial Day.
Excise Tax on Net Investment Income of Private Foundations
Under current law, private foundations (other than exempt operating foundations) are subject to a 1.39% excise tax on their net investment income.[1] The Ways and Means Committee legislative text (proposal) replaces the flat 1.39% excise tax rate with a four-tiered structure based on the foundation’s total assets:
Foundations with assets below $50 million: 1.39%.
Foundations with assets between $50 million and $250 million: 2.78%.
Foundations with assets between $250 million and $5 billion: 5%.
Foundations with assets above $5 billion: 10%.
Under the proposal, assets of a private foundation are determined based on the fair market value of a foundation’s total assets, without reducing any liabilities. The total assets of a private foundation for this purpose also include the assets of a private foundation’s “related organizations.”[2] A related organization is any organization that controls or is controlled by the private foundation or is controlled by one or more persons that also control the private foundation. As drafted, this provision would include any related organization regardless of its tax status. It excludes, however, assets from related organizations that are not controlled by the private foundation if the assets are not intended or available for the use or benefit of the private foundation. When assets are “not intended or available for the use or benefit of the private foundation” is not defined. This could be particularly relevant for company sponsored foundations that control and provide ongoing support to the foundation.
Excess Business Holdings of Private Foundations
Under current law, Section 4943(c) of the Internal Revenue Code generally limits the holdings of a private foundation to 20% (and in some cases 35%) of the voting stock in a business enterprise that is treated as a corporation reduced by the amount of voting stock held by its disqualified persons.[3]
The proposal amends Section 4943(c)(4)(A) of the Code to allow a business enterprise to repurchase voting stock under certain conditions from a retiring employee who participated in the corporation’s Employee Stock Ownership Plan and for that stock to be considered as still outstanding stock when calculating a private foundation’s permitted holdings under the excess business holdings rules, up to a certain amount.[4] The proposal would not apply to stock buybacks within the first 10 years from when the plan is established.
Unrelated Business Taxable Income
The proposal includes three provisions that impact the determination of unrelated business taxable income (UBTI):
Name and Logo Royalties: Under current law, royalty income is excluded from UBTI unless derived from debt-financed property or certain controlled subsidiaries.[5] The proposal would modify the royalty exception for UBTI by excluding income derived from any sale or licensing of an exempt organization’s name and logo.[6] The proposal would increase the UBTI of an exempt organization that receives royalty income from the sale or licensing of its name or logo. Similar provisions were proposed in 2014 and 2017.
Parking Tax: Under current law, the amount paid or incurred for any qualified transportation fringe benefit (i.e., employee parking) is exempt from UBTI. The proposal would include in UBTI the cost of qualified transportation fringe benefits and parking facilities used in connection with qualified parking, with a carve-out for religious organizations.[7] This tax on the cost of providing parking to employees was initially enacted by the TCJA without the carve-out for religious organizations but was later repealed retroactively.[8]
Research Income: Under current law, all income from any research conducted by an exempt organization whose primary purpose is to carry out fundamental research the results of which are freely available to the general public is exempt from UBTI on all income generated from all research activities.[9] The proposal would revise this exemption provision to exclude only income derived “from such research” and not income from research in general.[10]
Executive Compensation Excise Tax
Under current law, Section 4960 imposes an excise tax on exempt organizations who pay over $1 million in remuneration or who make an excess parachute payment to any “covered employee.” A “covered employee” generally includes any employee (or former employee) of an “applicable tax-exempt organization” if the employee is one of the five highest compensated employees for the current taxable year or was a covered employee in a prior year beginning after December 31, 2016.[11]
Under the proposal, the employees covered by the excise tax would be expanded to include any employee or former employee of the organization or any related person or governmental entity regardless of whether they are (or were) one of the five highest compensated employees and regardless of whether they are (or were) an employee of an “applicable tax-exempt organization.”[12]
Termination of Tax-Exempt Status for Terrorist Supporting Organizations
Under current law, Section 501(p) generally provides for the suspension of tax-exempt status for an organization designated as a “terrorist organization” or as “supporting or engaging in terrorist activity” pursuant to certain executive orders and federal laws. For example, Executive Order 13224 authorizes the US Secretary of the Treasury, “in consultation with the Secretary of State and the Attorney General,” to designate organizations as terrorist organizations.[13]
The proposal adds a definition of “terrorist supporting organizations” to Section 501(p) and defines a “terrorist supporting organization” as any organization designated by the Secretary of Treasury as having provided material support or resources to a terrorist organization.[14] The proposal provides the Secretary of the Treasury with the authority to designate an organization as a terrorist supporting organization without consulting with the Secretary of State and the Attorney General.
The proposal also requires the Secretary of the Treasury to provide notice to the organization prior to designating them as a terrorist supporting organization and provides for a 90-day cure period. During the 90-day cure period, the organization can demonstrate to the Secretary’s satisfaction that they did not provide material support or resources to a terrorist organization or, alternatively, made efforts to recoup the funds. The designation as a terrorist supporting organization can be appealed to the Internal Revenue Service’s Independent Office of Appeals, and the designation can also be legally challenged in US district court following exhaustion of the administrative process. The proposal exempts certain humanitarian aid provided with the approval of the Office of Foreign Assets Control.
College and University Endowment Tax
Under current law, Section 4968 imposes a flat 1.4% excise tax of the net investment income of certain private colleges and universities. Under the proposal, the flat 1.4% excise tax rate would be replaced with a four-tiered structure based on the institution’s student adjusted endowment:
Institution’s student adjusted endowment between $500,000 and $750,000: 1.4%.
Institution’s student adjusted endowment between $750,000 and $1,250,000: 7%.
Institution’s student adjusted endowment between $1,250,000 and $2,000,000: 14%.
Institution’s student adjusted endowment above $2,000,000: 21%.
The institution’s “student adjusted endowment” is determined based on the total fair market value of the institution’s assets (other than assets used directly in carrying out the institution’s exempt purposes) per “eligible student.”[15] For purposes of determining the institution’s total assets, the assets and net investment income of any related organization of the institution will be treated as assets of the institution. A related organization is any organization that controls or is controlled by the institution, is controlled by one or more persons that also control the institution or is a supported or supporting organization with respect to the institution.
An “eligible student” for this purpose means a student who is a “citizen or national of the United States, a permanent resident of the United States, or able to provide evidence from the Immigration and Naturalization Service that he or she is in the United States for other than a temporary purpose with the intention of becoming a citizen or permanent resident.”[16] Based on the definition of eligible student, institutions with more international students on temporary visas and undocumented students are more likely to become subject to the endowment excise tax or a higher excise tax rate.
The proposal excludes certain religious colleges or universities that have continuously maintained an affiliation with a church and have a mission that includes religious tenets, beliefs, or teachings.[17]
Charitable Deductions
Individual Taxpayers: Under current law, only taxpayers who itemize are able to deduct their charitable contributions.[18] The proposal would temporarily reinstate a charitable contribution deduction for non-itemizing taxpayers, capped at $150 ($300 for joint returns) for cash contributions to certain qualifying charities for tax years 2025 through 2028.[19]
Corporate Taxpayers: Under current law, corporate taxpayers are generally allowed a charitable contribution deduction up to 10% of taxable income, and charitable contributions exceeding the 10% limit can be carried forward and deducted in the following five tax years, subject to the same 10% limitation in each year.[20] The proposal would establish a new floor on charitable deductions for corporations equal to 1% of taxable income and impose new restrictions on the ability of corporations to carry forward disallowed charitable deductions to future years.[21] A corporate taxpayer with charitable contributions exceeding the 10% limitation can only add the amount disallowed under the 1% floor to the amount carried over to the subsequent year.
[1] Code Section 4940(a).
[2] The One, Big, Beautiful Bill, Proposed Section 112022.
[3] Code Section 4943.
[4] Proposed Section 112023.
[5] Code Section 512(b)(2).
[6] Proposed Section 112025.
[7] Proposed Section 112024.
[8] Public Law No. 116-94, Section 302 (repealing Code Section 512(a)(7)).
[9] Code Section 512(b)(9).
[10] Proposed Section 112026.
[11] Code Section 4960.
[12] Proposed Section 112020.
[13] Executive Order 13224.
[14] Proposed Section 112209.
[15] Proposed Section 112021.
[16] Proposed Section 112021; Section 484(a)(5) of the Higher Education Act of 1965.
[17] Proposed Section 112021.
[18] Code Section 170(p).
[19] Proposed Section 110112.
[20] Code Section 170(b)(2).
[21] Proposed Section 112028.