Administrative & Regulatory – Page 23

Delays Ahead: Maryland DOL Proposes Pushing Back FAMLI Program Implementation by 18 Months

Takeaway

Payroll deductions for the state’s Family and Medical Leave Insurance program would begin on 1/1/27 and benefits would become available on 1/1/28 under the Maryland Department of Labor’s proposal.

Acting General Counsel of NLRB Issues First GC Memorandum, Rescinding Controversial Pro-Labor Memoranda

On February 14, 2025, the Acting General Counsel of the National Labor Relations Board (“NLRB”) William B. Cowen issued his first General Counsel Memorandum (“GC Memo”) GC 25-05 rescinding nearly all of the Biden administration General Counsel’s substantive prosecutorial guidance memos, which furthered a pro-union and pro-employee agenda. While these memoranda do not have the weight of law or regulation, they do set out the agency’s priorities and key interpretations of the National Labor Relations Act (“NLRA”).
There were generally two types of rescissions. In addition to simply rescinding certain GC memos, Cowen also rescinded additional memos “pending further guidance” – suggesting those areas where the new administration will be placing its focus. Cowen cited the Board’s backlog of cases as one of the reasons necessary for the rescission of the GC memos.
Cowen’s GC Memo did not address the impact of the NLRB’s current lack of a quorum on the Acting GC’s prosecutorial agenda. President Trump’s unprecedented firing of former NLRB Chair Gwynne Wilcox, which deprived the NLRB of a quorum, is currently being litigated.
Which Memos Were Rescinded?
While we include a complete list of the memos that were rescinded by Cowen’s GC Memo below, of note, the memo rescinded the following key GC memos:
Confidentiality and Non-Disparagement Provisions in Severance Agreements – GC Memo 23-05 endorsed prosecuting employers that imposed on employees broadly worded severance agreements with expansive non-disparagement and confidentiality clauses. A link to earlier articles about the issuance of GC Memo 23-05 can be found here and here.
Damages – GC Memo 24-04 had greatly expanded the scope of consequential damages regional offices should seek in unfair labor practice proceedings, including pursuing make-whole remedies for employees harmed, regardless of whether the employees are identified in an unfair labor practice charge. A link to an earlier article about the issuance of GC Memo 24-04 can be found here.
ULP Settlements – GC Memo 21-07 had instructed regional offices to seek no less than 100 percent of the backpay and benefits owed in cases that are settled, and required regional offices to include front pay in settlements for cases where a discharged employee waived reinstatement to his or her former position. This memo was rescinded pending further guidance from the Board.
Electronic Monitoring and Automated Management – GC Memo 23-02, in this memo, Abruzzo had advocated for zealous enforcement and NLRB adoption of a “new framework” to protect employees from intrusive or abusive forms of electronic monitoring and automated management that interfere with protected activity. A link to an earlier article about the issuance of GC Memo 23-02 can be found here.
“Stay-or-Pay Provisions” – GC Memo 25-01 had directed regional offices to find “stay-or-pay” provisions and employee non-solicit agreements unlawful under the NLRA and called for employers to go beyond mere rescission of the provision and directed regions to seek traditional make-whole remedies for unlawful provisions consistent with Board law.
Non-Competes – GC Memo 23-08 had expressed Abruzzo’s opinion that the use of non-compete provisions in employment agreements violated section 7 of the NLRA and that the proffer, maintenance, and enforcement of such agreements violated section 8(a)(1). A link to an earlier article about the issuance of GC Memo 23-08 can be found here.
10(j) Injunctions – GC Memo 24-05 in which Abruzzo reaffirmed her commitment to seeking 10(j) injunctions in federal court against employers to protect employee rights from remedial failure due to the passage of time. This memo was issued following the Supreme Court decision in Starbucks Corp. v. McKinney, 144 S. Ct. 1570 (2024), where SCOTUS resolved a circuit split and set a uniform four-part test applicable to Section 10(j) injunction petitions.
Rescinded GC Memos:

GC 21-02 Rescission of Certain General Counsel Memoranda
GC 21-03 Effectuation of the National Labor Relations Act Through Vigorous Enforcement of the Mutual Aid or Protection and Inherently Concerted Doctrines
GC 21-04 Mandatory Submissions to Advice
GC 21-08 Statutory Rights of Players at Academic Institutions (Student-Athletes) Under the National Labor Relations Act
GC 22-06 Update on Efforts to Secure Full Remedies in Settlements (Revised Attachment)
GC 23-02 Electronic Monitoring and Algorithmic Management of Employees Interfering with the Exercise of Section 7 Rights
GC-23-04 Status Update on Advice Submissions Pursuant to GC Memo 21-04
GC 23-05 Guidance in Response to Inquiries about the McLaren Macomb Decision
GC 23-08 Non-Compete Agreements that Violate the National Labor Relations Act
GC 24-04 Securing Full Remedies for All Victims of Unlawful Conduct
GC 24-05 Section 10(j) Injunctive Relief and the U.S. Supreme Court’s Decision in Starbucks Corp. v. McKinney
GC 24-06 Clarifying Universities’ and Colleges’ Disclosure Obligations under the National Labor Relations Act and the Family Educational Rights and Privacy Act
GC 24-06 Attachment
GC 25-01 Remedying the Harmful Effects of Non-Compete and “Stay-or-Pay” Provisions that Violate the National Labor Relations Act
GC 25-02 Ensuring Settlement Agreements Adequately Address the Public Rights at Issue in the Underlying Unfair Labor Practice Allegations

GC Memos Rescinded Pending Further Guidance from the Board:

GC 21-05 Utilization of Section 10(j) Proceedings
GC 21-06 Seeking Full Remedies
GC 21-07 Full Remedies in Settlement Agreements
GC 22-01 Ensuring Rights and Remedies for Immigrant Workers Under the NLRA
GC 22-01 (en Español) Asegurando los Derechos y Remedios para Trabajadores Inmigrantes Bajo la NLRA
GC 22-02 Seeking 10(j) Injunctions in Response to Unlawful Threats or Other Coercion During Union Organizing Campaigns
GC 22-03 Inter-agency Coordination
GC 22-05 Goals for Initial Unfair Labor Practice Investigations
GC 23-01 Settling the Section 10(j) Aspect of Cases Warranting Interim Relief
GC 23-07 Procedures for Seeking Compliance with and Enforcement of Board Orders
GC 24-01 (Revised) Guidance in Response to Inquiries about the Board’s Decision in Cemex Construction Materials Pacific, LLC
GC 25-03 New Processes for More Efficient, Effective, Accessible and Transparent Casehandling
GC 25-04 Harmonization of the NLRA and EEO Laws

GC Memos Rescinded Due to Board Precedent:

GC 22-04 The Right to Refrain from Captive Audience and other Mandatory Meetings

GC Memos Rescinded and Replaced by Prior GC Memos:

GC 23-03 Delegation to Regional Directors of Section 102.118 Authorization Regarding Record Requests from Federal, State, and Local Worker and Consumer Protection Agencies and GC Memo 18-01 was restored

GC Memos Rescinded as COVID-19 Is No Longer a Federal Public Health Emergency:

GC 21-01 Guidance on Propriety of Mail Ballot Elections, pursuant to Aspirus Keweenaw, 370 NLRB No. 45 (2020)

Key Takeaways
Acting General Counsel Cowen’s GC Memo signals the Board’s agenda is progressing towards overturning many of the key controversial and pro-labor Biden-era Board decisions. Employers should consult labor counsel to discuss the updated guidance and the issues presented by the GC Memo, particularly if employers are still dealing with the previous guidance of the rescinded GC memos related to non-compete agreements, settlement agreement provisions, “stay-or-pay” provisions, electronic surveillance, and others.

Listen to this post

CSRD Slashed: EU’s Corporate Sustainability Regulations Significantly Reduced

On 26 February 2025, the European Commission (the “Commission”) adopted a new package of proposals to simplify the regulations on sustainability. Their aim is to combine the competitiveness and climate goals of the European Union, which we reported on here, as part of their aim for a “simpler and faster” Europe.
The proposals, packaged in an “Omnibus”, dramatically reduce the scope and reporting required under the Corporate Sustainability Reporting Directive (“CSRD”), the Corporate Sustainability Due Diligence Directive (“CSDDD”) and the EU Taxonomy (“Taxonomy”).
We set out below the key changes proposed for CSRD.
The Omnibus’ aims for the CSRD are to make it “more proportionate and easier to implement by companies” through:

Reduction of scope:

“large undertakings” in scope of CSRD are redefined as those with over 1000 employees on a group or standalone basis, rather than 250 employees, with the financial thresholds of EUR 50 million turnover or a balance sheet total above EUR 25 million remaining static. This is significantly impactful reducing the scope of companies in scope of CSRD by around 80% (and aligns more with the CSDDD threshold). Listed SMEs are no longer in scope unless they meet the “large undertakings” thresholds; and
non‑EU parents will only be in scope of CSRD if they generated EU‑derived turnover of EUR 450 million, rather than EUR 150 million, with either an EU large undertaking meeting the revised thresholds set out above or with an EU branch with EUR 50 million in turnover to align with that required of “large undertakings”, revised upwards from EUR 40 million.

Postponement of reporting: for those companies who were due to report on year 2025 in year 2026 who remain in scope as they have over 1000 employees, there will be a two‑year delay to reporting.
A shield – the value chain cap: for companies not in scope of the CSRD (those with less than 1000 employees), the Commission will adopt by a delegated act a voluntary reporting standard leveraging the standard that was developed for SMEs. This standard is intended to act “as a shield” by limiting the amount of information that companies and banks falling into scope of the CSRD can request from companies in their value chains with few than 1,000 employees.
Reporting standards to be revised: the European Sustainability Reporting Standards (“ESRS”), which are at the heart of CSRD’s requirements, are to be revised via a delegated act to substantially reduce the number of data points, clarify unclear provisions and improve consistence with other legislation. They will remove datapoints that are deemed least important for general purpose sustainability reporting, prioritise quantitative datapoints over narrative text and further distinguish between mandatory and voluntary datapoints. Clearer instructions will be provided on how to apply the materiality assessment process. There is also reference to making sure that there is “very high” interoperability with global reporting standards.
No sector‑specific standards will be required
Limited assurance to remain: there will be no uplift to reasonable assurance over time.

Next steps
There is no impact assessment on the potential economic, social and environmental effects as the Commission has deemed the Omnibus to be so urgent and important that a derogation from the need to provide the impact assessment was granted under the Commission’s Better Regulation Guidelines. However, the market and a range of stakeholders will no doubt hotly debate the impact across all these areas. The Commission itself acknowledges that the proposed changes to CSRD may “partially diminish the positive impacts” but that the “reduction of administrative burden” should lead to economic and competitive gains.
The Commission has called on the European Parliament and European Council to “reach rapid agreement” on the proposals. The legislation needs European Parliament approval with a majority of MEPs voting in favour and at least 55% (15 out of 27) of Member States voting in favour at the European Council. It will then come into force following its publication in the EU Official Journal.
This legislation is also in the form of a Directive and requires national transposition by each Member State, which had not yet occurred across the EU for the current guide of CSRD. It could be that we witness some gold‑plating or an emergence of a range of EU Member State expectations through national guidelines at a juxtaposition with the aims of the EU’s Single Market.

Professionally Speaking February 2025

Professionally Speaking explores current topics of interest to general counsel, claims professionals and risk managers for various professional liability lines, including accountants, lawyers, design professionals, insurance brokers and others.
Read the Newsletter Here

Lawsuit Alleges FDA Has Unduly Delayed Response to PFAS Petition

Last month a lawsuit filed by plaintiffs including the Tucson Environmental Justice Task Force (TEJTF) filed suit against FDA and now former FDA commissioner Robert Califf alleging that FDA had unduly delayed in responding to a petition filed by TEJTF in 2023 which had requested that FDA set tolerances for 30 types of PFAS in lettuce and blueberries and 26 types of PFAS in bread, milk, eggs, salmon, clams, and corn silage.
The lawsuit argues that FDA has unduly delayed because it has not acted consistent with its statutory mandate to “promote public health by promptly and efficiently reviewing clinical research and taking appropriate action on the marketing of regulated products in a timely manner” (21 USC § 393) and the delay allegedly is to the determinant of the public health. The lawsuit argues that prior decisions holding that courts should defer to FDA on whether to promulgate tolerances is no longer good law post-Chevron and that the “only discretion FDA may exercise for such chemicals [harmful substances] is the level of tolerance to be set.”
We will continue to monitor and report on the regulation of PFAS and other chemicals, including any changes in approach that may be implemented by the new administration.

EDGAR Next: The Next Era in Filing

Introduction
On 27 September 2024, the Securities and Exchange Commission (SEC) adopted “EDGAR Next,” a collection of rule and form amendments intended to improve access to, and management of, accounts on the SEC’s filing portal, the Electronic Data Gathering, Analysis, and Retrieval system, or “EDGAR.” The collection of amendments includes amendments to Rules 10 and 11 of Regulation S-T, Form ID, and the EDGAR Filer Manual, Volume I. EDGAR Next is expected to have a disruptive effect on the SEC filing process, but ultimately result in a smoother overall filing system for all electronic filers, including public companies, investment funds, certain shareholders, Section 16 officers and directors, and filing agents. Compliance with EDGAR Next is required by 15 September 2025.
Background: EDGAR “Now”
EDGAR is the current system through which filers submit filings required by various federal securities laws to the SEC. Historically, EDGAR assigned each filer a set of access codes that could be used by different individuals to make submissions on the filer’s behalf. Specifically, filers are assigned central index keys, or CIKs, and a set of login credentials, including a password, passphrase, CIK confirmation code (CCC), and password modification authorization code (PMAC) (the EDGAR Codes). A first-time filer obtains EDGAR Codes by submitting a Form ID application through EDGAR, which sets up their account.
Looking Ahead: EDGAR Next
EDGAR Next aims to enhance the SEC’s investor protection mission by improving EDGAR’s security, enhancing management of EDGAR accounts by filers, and modernizing EDGAR connections.
Accordingly, EDGAR Next seeks to improve security by requiring individual account credentials to log in to EDGAR, allowing identification of the individual making each submission, and employing multifactor authentication. As a practical matter, EDGAR Next will require anyone attempting to act on behalf of a filer to (i) present individual account credentials obtained from Login.gov, a US government sign-in service, and (ii) complete multifactor authentication to access EDGAR accounts and submit filings. EDGAR Next’s access protocols will limit access to a filer’s account to only those individuals directly authorized by the filer and requiring such individuals to have their own personal EDGAR accounts.
Additionally, EDGAR Next will continue using CIKs and CCCs but will no longer assign passwords, PMACs, and passphrases. As such, in order to access an EDGAR account, filers, or individuals authorized to file on the filer’s behalf, will need to log in to EDGAR using the credentials obtained from Login.gov, complete multifactor authentication, and enter the filer’s CIK and CCC.
Per the SEC, EDGAR Next is meant to enhance filers’ ability to manage their EDGAR accounts by requiring filers to authorize at least two individuals (or one if the filer is an individual or single-member company) to manage their accounts on a new EDGAR Filer Management dashboard (the EDGAR Next Dashboard) as “account administrators.” Their duties are as follows:

Manage the filer’s EDGAR account;
Confirm annually on EDGAR that all individuals and entities reflected on the EDGAR Next Dashboard for its EDGAR account are authorized by the filer to act on its behalf, and that all information about the filer on the dashboard is accurate;
Maintain accurate and current information on EDGAR concerning the filer’s account, including but not limited to accurate corporate and contact information; and
Securely maintain information relevant to the ability to access the filer’s EDGAR account, including but not limited to access through any EDGAR Application Programming Interfaces (APIs).

Additionally, EDGAR Next will roll out optional APIs, which will allow filers to make submissions, retrieve information, and perform account management tasks on a machine-to-machine basis. The optional APIs are meant to enhance the efficiency and speed of many filers’ interactions with EDGAR.
Key Dates
Adopting Beta: 30 September 2024–19 December 2025
It is never too early to start preparing to comply with EDGAR Next. The “Adopting Beta” launched on 30 September 2024, and will remain live until at least 19 December 2025, giving filers and authorized users ample time to get comfortable with EDGAR Next in a testing environment that is separate from the actual EDGAR system.
EDGAR Next Dashboard: 24 March 2025
The EDGAR Next Dashboard will go live on 24 March 2025 (while still allowing the submission of filings in accordance with the legacy EDGAR filing process until 12 September 2025). Existing filers will obtain access by enrolling in EDGAR Next on the EDGAR Next Dashboard while new filers (and existing filers unable to enroll) must apply for EDGAR access by completing the new amended Form ID (also on the EDGAR Next Dashboard), the application for access to EDGAR. Existing filers or authorized persons will need to use their current EDGAR Codes (those used for the legacy EDGAR system) to enroll in EDGAR Next.
EDGAR Next Deadlines: 15 September 2025 and 19 December 2025
Beginning 15 September 2025, compliance with EDGAR Next is required in order to submit filings. The legacy EDGAR system will remain available for enrollment purposes until 19 December 2025, after which the legacy EDGAR system will be deactivated altogether. Thus, filers that have not enrolled in EDGAR Next or received access through submission of an amended Form ID by 19 December 2025 must submit a new amended Form ID to request access to their existing accounts.
Key Tips and Takeaways
Below is a checklist of action items as filers and account administrators assess and plan their compliance efforts over the coming months. While enrollment does not begin until late March, filers and account administrators are encouraged to prepare well in advance of EDGAR Next’s official inception, including:

Take advantage of the Adopting Beta
Obtain Login.gov credentials
Gather current EDGAR Codes (CIKs / CCCs / Passphrases)
Determine your account administrators, users, and technical administrators
Identify individuals who have beneficial ownership reporting obligations with client entities (Section 16 and Form 144 filings, for example)
Contact financial printer (if applicable)
Review SEC guidance
Coordinate compliance efforts
Enroll on EDGAR Next (once live)

FTC COPPA Updates Provide New Protections for Children

In the waning days of the Biden administration, the FTC published an update to its COPPA Privacy Rule. The status of this update, however, is unclear. The revisions to the rule were posted on the FTC website prior to the Trump administration, but had not yet been published in the Federal Register.
Trump’s Presidential Memorandum freezing pending federal regulations means that it has not yet been published. And publication is the next step towards it going into effect. Second, and relatedly, the current FTC chair (Ferguson) had expressed concerns about the rule. It is thus likely that it will not be published, at least as currently drafted. As we wait for next steps, for those companies that offer websites directed to or appealing to children, a quick recap. First, the items that were not of concern for Ferguson (and thus likely to be implemented as are):

Website notice (privacy policy). The content of website notice for those subject to COPPA under the rule as revised will require new content. This includes steps a site takes to make sure persistent identifiers used for operational purposes are not used for behavioral advertising. Additionally, for sites collecting audio files, the privacy policy must indicate how the files are used and deleted.
Verifiable parental consent. The revised rules provide for new methods of parental verification. This includes comparing a parent’s authenticated government ID against their face (using a camera app, for example). It also includes a “dynamic, multiple-choice” question approach, if the questions would be too hard for a child 12 or under to complete. The revision also permits texting for what has been traditionally known as the “email-plus” verification process, which can be used when children’s information is not disclosed. Also added is another “one time use” exception to parental consent. Namely collecting and responding to a question submitted by a child through an audio file.
Security. The new rule will require sites to have a written information security program. This goes beyond the current obligation to have “reasonable measures” in place. The security obligations are detailed, and mirror security obligations that exist under various state data security laws.
Definitions. As revised the rule will add “biometric identifiers” to the list of personally identifiable information. These are elements like fingerprints or voiceprints that can be used to identify someone. The definition also includes someone’s “gait.” The rule will also include the definition of “mixed audience” site, a term currently used by the FTC in its COPPA FAQs.

Putting it into Practice: While we await the publication of the revised rules, whether in the format that they took before the new administration, or in a revised format, companies that operate websites subject to COPPA can keep in mind the parts of the new rule that were not of concern to Ferguson. These include new content in privacy policies.

Listen to this post

Mass. “Unlocking Housing Production Commission” Recommends Land Use and Zoning Reforms

Last Friday, Massachusetts’ “Unlocking Housing Production Commission,” established by Gov. Maura Healey in October, 2023, released its report titled “Building for Tomorrow.” The report lays out a series of recommendations to address the Commonwealth’s housing crisis, organized into several categories: Economic Incentives and Workforce Development; Land Use and Zoning; Regulations, Codes, and Permitting; and Statewide Planning and Local Coordination. Some of the recommendations are realistic and achievable; others are pie-in-the-sky pipe dreams that could never happen in the current environment (or, in some cases, in any imaginable future environment).
Of interest to regular readers of this blog, the report makes the following recommendations under the heading of Land Use and Zoning.
Eliminating Parking Minimums. Noting the significant effect on housing costs of mandatory surface and structured parking, and the corresponding consumption of land that could be beneficially used for other purposes, the Report recommends: (1) Eliminating parking minimums statewide for residential uses; and (2) Requiring municipalities to establish transportation demand management requirements as a condition for allowing off-street parking associated with new housing.
40A Reforms. The Report makes six recommendations to reform the state Zoning Act, Chapter 40A:
(1) Adding a statement of the purposes of zoning back into Chapter 40A. Such a statement was part of the bill establishing the current Zoning Act in 1975, but was not included in the statute as codified in the General Laws. One of the stated purposes of zoning is “[encouraging] housing for persons of all income levels.” The Report sees re-inserting the statement of purposes into Chapter 40A as an opportunity to highlight the role of zoning in addressing the Commonwealth’s housing needs.
(2) Incentivizing or requiring zoning to align with municipal master planning. The Report notes that many communities create master plans with 10- or 20-year growth strategies, but outdated zoning regulations often hinder achievement of these goals.
(3) Codifying site plan review. The Report observes that site plan review, which has become a key component in most municipal permitting regimes, is a creature of the common law that’s unregulated by Chapter 40A or any other statute. As a result, the process varies greatly from one municipality to the next, and often has the effect of making the development of housing more difficult and costly. The Report recommends codifying site plan review under Chapter 40A, including setting time limits, establishing uniform, objective criteria, allowing for tiered review systems depending on the size and scope of a project, and clarifying that notice to abutters is not required.
(4) Converting zoning appeals to court from their current status as “de novo” appeals to proceedings limited to the record that was before the local zoning board. The Report describes the benefit of this change as “prevent[ing] abutters from raising new issues on appeal that were never raised during the local approval process for the explicit purpose of delaying a project.” Amen to that.
(5) Amending Chapter 40A to add appeals of building permits to the list of appeals for which the defendant may move the court to require the plaintiff to post a bond. Currently, the statute only authorizes the imposition of a bond in appeals of special permits, variances, and site plans. The Report suggests this change “will strengthen the appeals process and disincentivize parties from levying baseless appeals.” Amen to that too.
(6) Requiring that land use appeals concerning the construction of 25 or more housing units be heard in the Land Court’s Permit Session, which offers attentive case management by the court and expedited timelines. Currently, under M.G.L. c. 40A, § 3A, appeals concerning projects involving 25 or more dwelling units may be brought in the Permit Session, or transferred there on the motion of any party, but are not required to be heard there.
The Report cites the following benefits of these proposed changes to Chapter 40A: strengthen the legal foundation for zoning to support housing production; reduce legal challenges and uncertainty for housing development; ensure zoning supports long-term housing and economic goals; improve permitting transparency and efficiency; streamline development timelines and reduce project costs; and enhance coordination between planning and zoning implementation.
Expanding Multifamily Housing Options. The Report makes two recommendations in this regard: (1) the Commonwealth should allow, by right, two-family homes on all residential lots and four-family homes on all residential lots with existing water and sewer infrastructure; and (2) the Commonwealth should require all municipalities to create multifamily zoning zoning districts, including by-right zoning for multi-family units proportional to each municipality’s overall housing stock, minimum density standards, requirements to ensure suitability of units for families with children, protection for environmentally sensitive land, and flexibility for municipalities to determine the size and location of multi-family projects, “with incentives for development near transit, commercial corridors, and job centers.”
Minimum Lot Size Reform. Under this heading the Report has two recommendations: (1) eliminate residential minimum lot sizes statewide; and (2) allow residential lot mergers, lots splits, and use of substandard lots statewide to create multifamily housing by right, except in environmentally sensitive areas and on excluded lands. Whoa. Can you say “non-starter”?
40R Reforms. Chapter 40R is a 2004 law that offers incentive payments to municipalities that create zoning districts in which high-density residential and mixed-use development, with a minimum of 20% affordable housing, is allowed by right. The Report acknowledges that Chapter 40R has been mildly successful, producing over 7.000 housing units, but observes that this pace is inadequate to address the Commonwealth’s huge housing shortage. The Report makes two recommendations to improve Chapter 40R: (1) scale affordability requirements to density, meaning require a higher percentage of affordable units at higher density levels, while maintaining “a non-negotiable minimum percentage of affordable units for each tier of density”; and (2) amend the statute to eliminate so-called “zoning incentive payments” to municipalities and instead channel those funds into bonus payments for units actually built, with a portion of the funds paid to the municipality and a portion paid directly to the developer.
40B Reforms. The Report recommends several changes to Chapter 40B, the Commonwealth’s groundbreaking 1969 statute that offers developers the opportunity to get a single “comprehensive permit” from the local zoning board, and avoid local zoning and other regulations, in municipalities that don’t have at least 10% affordable housing. Those recommendations are to strengthen Chapter 40B by (1) streamlining and speeding up the appeals process, including by expanding staffing at the Housing Appeals Committee, which hears developers’ appeals from adverse local decisions; (2) require parties who appeal comprehensive permits to post a mandatory bond to discourage baseless appeals; (3) increase the frequency of housing stock counts and updates to the state’s Subsidized Housing Inventory (SHI); (4) eliminate the requirement that affordable units must receive a financial subsidy to count towards the municipality’s SHI and instead treat oversight by and technical assistance from the Executive Office of Housing and Livable Communities and affiliated agencies as a form of subsidy; and (5) offer major financial incentives to municipalities that exceed the 10% statutory baseline, including grants for infrastructure improvements and technical assistance.
As noted, some of the Report’s recommendations – for example, allowing two-family homes by right on all residential lots and eliminating minimum lots sizes statewide – are unrealistic and politically unachievable given Massachusetts’ strong Home Rule tradition. Others are plausible and something to strive for – particularly the proposed reforms to Chapter 40A, some of which have been bandied about for years, and which can be seen as a logical extension of the pro-housing reforms the Legislature enacted last summer (see our coverage of that important bill here).

Waffles, Passports and Trustee Directors – Part Two

Part one of this blog covered the new requirement for company directors (including trustee directors) and persons with significant control to verify their identity with Companies House. They will be able to do this voluntarily from 25 March 2025 (the week during which national cocktail-making day, national cleaning week and international waffle day will be celebrated in the US). This requirement is part of measures introduced under the Economic Crime and Corporate Transparency Act 2023 (ECCTA). But are these measures proportionate? Surely there can’t be that many companies in England and Wales registered for fraudulent purposes?
In 2023, the BBC reported that between June and September of that year alone, over 80 companies had been set up using the residential addresses of unsuspecting people living in the same street in Essex. Experts speculated that these companies had been registered in order to launder money or to take out bank loans before closing down the companies and disappearing.
In another case in March 2024, one individual managed to file 800 false documents at Companies House in a short space of time, which recorded the false satisfaction of charges registered by lenders against a total of 190 different companies. Having an accurate register of charges at Companies House is important because it governs the order of priority of payment of debts and, if a company is in financial difficulties, it influences the route by which administrators are appointed and to whom notice must be given.
Meanwhile, Tax Policy Associates, a not for profit company, has published details of its many investigations into fraudulent entities that have been able to set up and use UK registered companies as cover. The investigations it has carried out provide a fascinating insight into the magnitude of the problem. In a few quick steps, Tax Policy Associates demonstrates on its website how it was able to identify a £100 trillion fake company registered at Companies House. It has also highlighted a new scam letter being sent to directors of newly incorporated UK companies from “Company Registry” requiring them to pay a fee, which is one of the ways in which your personal data, published by Companies House, is being used by criminals.
If all this talk of fraud, and the ready availability of personal data filed at Companies House, is making you feel a bit uncomfortable then there is some potentially good news.
An individual whose residential address is/has been used as a registered office address in the past (whether knowingly or unknowingly) can apply to have their residential address supressed on Companies House records.
From summer 2025, individuals will be able to apply to have their date of birth appearing in documents that were filed before 10 March 2015 supressed. (Since 10 March 2015, Companies House has only ever published the month and year of birth.) Documents containing personal data, such as directors’ appointment forms, continue to be publicly available even after you have ceased to act as a director of a company.
In a similar vein, from summer 2025, individuals will also be able to request that their business occupation and signature are supressed in documents appearing at Companies House.
We do not have the detail around this yet, so it may be that the process and costs involved with redacting public documents might prove disproportionate for the majority of people. By way of example, the process for seeking to suppress a residential address involves identifying each document that needs to be redacted, completing a form and paying a £30 fee for each document that you want to get amended. Nor can you submit a subject access request to Companies House asking it to identify all documents that contain your personal data, because Paragraph 5 of Schedule 2 Part 1 of the Data Protection Act 2018 would likely exempt Companies House from this requirement. You would need to do the trawl yourself through a company’s filing history at Companies House.
It is to be hoped that in the not too distant future, there will be some sort of AI tool that will facilitate this process, meaning that submission of one request would result in the redaction of all sensitive personal data from Companies House publicly available records. Until then, however, it might prove a bit of a challenge if you are seeking to suppress any personal data published at Companies House, even once that facility becomes available. If you are interested in pursuing this, or would like further information or assistance, please speak with your usual SPB contact.
So, what will you be doing during the third week in March? Perhaps you will be celebrating the first anniversary of TPR’s general code of practice, which came into force on 28 March 2024.

EUROPE: National Regulators Announce Digital Operational Resilience Act Reporting Windows

EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as 31 March 2025. ROIs are reports by in-scope EU financial entities on all contractual arrangements on the use of information and communication technology (ICT) services provided by ICT third-party service providers. The financial entity must differentiate between providers who are not critical and providers who are considered critical/important.
The Irish Central Bank has announced that it will collect the ROIs between 1-4 April 2025. The German BaFin has set 11 April as the deadline. In-scope financial entities across the EU should expect that there will be a similar process locally.
Under the Implementing Technical Standards on the Register of Information, information to be collected includes:
• Identification of ICT third-party service providers (will need to have either a valid LEI code or EU-ID for the files to pass validation);• Detail on the nature of the ICT services provided;• Detail on contractual arrangements;• Risk classification;• Monitoring and oversight mechanisms;• Sub-outsourcing arrangements; and• ICT-related incidents.
The European Supervisory Authorities have provided useful information on how to prepare to report the ROI which is available online. In Ireland, the Central Bank will publish a system guide to submitting the ROI in March 2025. The German BaFin has provided information here (in German).

United States: Potential Increase to Debenture Limit for Levered Small Business Investment Companies (SBICs)?

Small Business Investment Companies (SBICs), which invest in qualifying small businesses in the United States, are eligible to receive Small Business Administration (SBA)-guaranteed debentures at favorable rates to finance their investment activities. Standard SBIC debentures typically have 10-year terms with interest payments due semi-annually, and a lump-sum payment of the principal at maturity.
Under the current SBIC regime, the amount of standard debentures outstanding from a single SBIC cannot exceed the lesser of: (a) US$175 million and (b) two times (2x) the SBIC’s limited partners’ commitments to the SBIC (the Debenture Cap). As a result, levered SBICs often seek to raise a minimum of US$87.5 million in limited partner capital commitments, which allows the SBIC to seek approval for up to US$175 million in debentures from the SBA.
In recent months, however, certain SBICs have begun targeting fundraises of US$125 million and including disclosures in their offering documents related to a potential increase to the Debenture Cap, signaling an expectation that such an increase may occur. This change would allow SBICs that raise US$125 million in private capital to seek approval for up to US$250 million in SBA debentures, for a total fund size of US$375 million. We expect that such update would be welcomed by SBIC sponsors and investors alike, as it would allow for increased capacity for SBICs and result in more capital flowing into US-based small businesses.

Current Limit
Potential New Limit

Debenture toPrivate Capital Ratio
2:1
2:1

Private Capital Target
US$87.5 million
US$125 million

Maximum Aggregate Standard Debenturesper SBIC
US$175 million
US$250 million

SBIC Size at 2:1 Ratio
US$262.5 million
US$375 million

We are closely monitoring these developments and will publish any official updates as they are released.

Waffles, Passports and Trustee Directors – Part One

What will you be doing during the third week of March? According to a US website, there will be various celebrations underway. Perhaps you will be making the most of national cocktail-making day, or maybe national cleaning week will grab your attention. (Although, on a personal note, I am happy to say that it is not national cleaning week in the UK.) While reading through the possible celebrations (and the list is endless), international waffle day rather caught my eye.
If you are a director of a corporate trustee, however, you might be creating, or logging into, your GOV.UK One Login account. From 25 March, a Companies House timeline indicates that directors of UK registered companies should be able to undertake voluntary verification of their identity. This will become a mandatory requirement during the autumn of 2025. Directors of existing companies, including directors of corporate trustees, will be required to undergo this new identity checking measure as part of their company’s annual confirmation statement. You can find out the date by which your company must submit its annual confirmation statement by heading to the Companies House website and searching against your company’s name.
Given that there is a 14-day window in which to submit an annual confirmation statement, before penalties might be incurred, it makes sense to tackle the verification process well in advance of the deadline. Pensions managers and company secretaries, take note – you never know which trustee directors are going to decide to take a last-minute holiday and head off to the sun (or snow) or worse still, a round the world cruise with no Wi-Fi connection, oblivious to the need to verify their identity before falling foul of the Economic Crime and Corporate Transparency Act 2023 (ECCTA).
The rules for verification should, in theory, be simple to follow but as you will know that is not always the case when trying to log onto a government website, especially when you have a deadline to meet. You might already have a GOV.UK One Login account, for example if you have recently applied for a basic DBS check (perhaps because you were renewing a professional trustee accreditation).
There are three ways that trustee directors (or any director for that matter) will be able to prove their identity with GOV.UK One Login:

First, by using the GOV.UK ID Check app
Second, by answering security questions on the GOV.UK One Login website
Third, at a Post Office

For me, the simplest way would be to use the first option, which involves downloading the app to my phone and then using my phone to scan my passport and take a selfie with my phone camera. The biometric chip in my passport should do the rest. It will also be possible to use your driving licence and for those without a UK passport or driving licence, it will be possible to use a non-UK passport with a biometric chip, a UK biometric residence card, or permit, or a UK frontier worker permit.
The second option is to have a photo identity document to hand and answer some security questions on the GOV.UK One Login website. In theory, this should be simple, I mean how many times did your mother change her maiden name, or how many times did the spelling of your first primary school change? But, for me, trying to remember the exact spelling of security responses that I have used in the past tends to prove futile.
And then there is the “turn up at your local post office” option. That doesn’t get you out of having to negotiate the GOV.UK One Login service, it just means that you have to create an account on the service first and then when you do arrive at the post office, they will scan your passport for you and take your photo. That feels a bit like adding another degree of potential human error into the equation – just stick to option 1 and use a smart phone and passport, is all I can say.
But why will you have to do all of this?
It flows from measures introduced by ECCTA to tackle and thwart the use of UK registered companies for criminal purposes. The government has discovered that it is actually incredibly easy to create a legitimate looking UK registered company around a totally fraudulent business. A shelf company using a person’s (any person’s, it turns out) residential address works quite well as a registered office address for a company.
Until recently, Companies House did not have the resources, or the statutory objectives, to check the legitimacy of company documents being filed with it. Companies House served merely as a filing repository rather than as a regulator.
ECCTA gives Companies House more teeth to act as a regulator, with objectives that include ensuring that information filed at Companies House is accurate, ensuring that records kept by Companies House do not create a false or misleading impression to members of the public, and preventing companies and others from carrying out unlawful activities.
Since 2 May 2024, Companies House has had the power to issue new financial penalties, although sadly the limit is currently set at a maximum of £2,000 per offence, which seems small change compared to TPR’s powers to issue financial penalties of up to £1 million in certain circumstances. Companies House still has some catching up to do, but it’s a step in the right direction.
You might be thinking that this is taking a sledgehammer to crack a nut and that there can’t be that many companies registered for fraudulent purposes. Part two of this blog considers whether that is the case.
In the meantime, what will you be doing on 25 March? I, for one, might be scanning my passport, but I shall make sure that I have a waffle to hand.