The Uncertainty Of Officer Appointments In California LLCs
The California Revised Uniform Limited Liability Company Act, Cal. Corp. Code § 17701.01 et seq., clearly authorizes the appointment of officers:
A written operating agreement may provide for the appointment of officers, including, but not limited to, a chairperson or a president, or both a chairperson and a president, a secretary, a chief financial officer, and any other officers with the titles, powers, and duties as shall be specified in the articles of organization or operating agreement or as determined by the managers or members. An officer may, but does not need to, be a member or manager of the limited liability company, and any number of offices may be held by the same person.
Cal. Corp. Code § 17704.07(u). The CARULLCA even makes provision for the method of the appointment of officers:
Officers, if any, shall be appointed in accordance with the written operating agreement or, if no such provision is made in the operating agreement, any officers shall be appointed by the managers and shall serve at the pleasure of the managers, subject to the rights, if any, of an officer under any contract of employment.
Cal. Corp. Code § 17704.07(v). The use of the plural “managers” suggests that an individual manager does not have the authority. But if an individual manager lacks the authority, what vote is required? The statute is conspicuously silent on this question. Notably, the statute does not use the defined term “majority of the managers”, which unless otherwise provided in the operating agreement, means more than 50% of the managers of the limited liability company. Cal. Corp. Code § 17701.02(l).
These questions can be easily avoided, by answering them in the operating agreement.
Delaware Court of Chancery Reminds Delaware Counsel of the Court’s Expectations
The Delaware Court of Chancery is the nation’s preeminent business court due to the large number of businesses that call Delaware home. Both Delaware state and federal courts require Delaware counsel to be actively involved in all aspects of the case. For example, Delaware Court of Chancery Practice Guidelines state that “The concept of ‘local counsel’ whose role is limited to administrative or ministerial matters has no place in the Court of Chancery. The Delaware lawyers who appear in a case are responsible to the Court for the case and its presentation.” While these guidelines are a good start, clients who find themselves in this Court should rely on local counsel for expectations related to Delaware practice that will not be found within the Guidelines.
An example of this unwritten guideline is a Delaware practice touchstone—civility. Clients unfamiliar with Delaware should be aware that although zealous litigation is expected, the Court will not tolerate a deviation from the Delaware practice of civility. The head of the Court of Chancery recently reminded parties in a letter filed on the docket to both parties of the Court’s expectations. In In re SwervePay Holdings Acquisition, LLC, C.A. No. 2021-0447-KSJM, Chancellor McCormick reminded the Parties:
You all have been less than understanding with each other, and that is regrettable. You can do better. Dig deep and hit reset, please. Allow the Delaware attorneys to advise on all aspects of this matter, including the relevant deadlines, the need to meet them, and the need to extend basic courtesies like brief extensions when requested. I am not sure what happened in these circumstances, but it also bears reminding that non-Delaware attorneys should not dump a brief on their Delaware friends at the last minute. If that admonition is irrelevant to the parties here, all the better.
The Court of Chancery has had a steady increase in expedited actions, which leaves little patience for the Court’s involvement in trivial scheduling or discovery disputes. According to the most recent Court of Chancery Annual Report of the Judiciary, the request for expedition increased 8% and the overall caseload increased 10%.
If your client is in Delaware, rather than run to the Court to work it out for you, the parties should work it out when possible. Delaware is not a jurisdiction for gamesmanship, especially in the Court of Chancery where your fact-finder is the Chancellor or Vice Chancellor, as there are no jury trials in the Court of Chancery.
Make sure you keep local counsel actively involved, as they can advise on best practices in the Delaware Court of Chancery.
EU Omnibus Package: Proposed Changes to Reduce ESG Compliance Burdens for Businesses
On 26 February 2025, the European Commission (Commission) published the so-called “EU Omnibus Package” (Proposal). The Proposal aims to reduce the administrative burden for businesses operating in the EU by easing compliance requirements under several key EU environmental, social, and governance (ESG) laws, including the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CS3D). The Proposal must be read against the background of the “Draghi report” on European competitiveness published last year, which urged to reduce the administrative and regulatory burden within the EU, and the Commission’s target to reduce such burden by 25% overall and by at least 35% for SMEs. This GT Alert provides an overview of the most important proposed changes to these regulations.
Key Proposed Changes
Amendments to CSRD
Scope of application for EU companies: The CSRD’s scope of application would be limited to undertakings that have more than at least 1,000 employees and either a net turnover of at least EUR 50 million or a balance sheet total of at least EUR 25 million. In addition, publicly listed small and medium sized undertakings (SMEs) that do not meet these thresholds shall be completely removed from the scope of the CSRD. The Commission estimates that these changes would remove approximately 80% of the current in-scope companies from the scope of the CSRD. Currently, the CSRD still captures all “large” undertakings, being companies which meet two of the three following criteria: (i) average number of employees: 250; (ii) balance sheet total: EUR 25 million; and (iii) net turnover: EUR 50 million, as well as listed SMEs (regardless of their number of employees).
Scope of application for non-EU companies: The Proposal suggests to significantly increase the threshold for non-EU companies to be subject to reporting requirements under the CSRD. The reporting obligation for non-EU companies shall now only be triggered if the ultimate non-EU parent company has a total turnover in the EU of at least EUR 450 million at group level (now: EUR 150 million) and either a “large” EU-based subsidiary (meeting two out of three criteria referred to above) or a branch in the EU with a turnover of at least EUR 50 million (now: EUR 40 million). The employee threshold was not raised to 1,000 for EU subsidiaries of non-EU parent companies, which may have been an oversight.
Scope of reporting requirements: The scope of the reporting requirements set out in the European Sustainability Reporting Standards (ESRS) shall be simplified through a reduction of the number of data points to be reported in the CSRD report. The Proposal also removes the obligation for the European Commission to adopt delegated acts to supplement CSRD in order to, where appropriate, provide for reasonable assurance standards. This would mean that CSRD would, also in the future, only require an audit opinion about the compliance of the sustainability reporting based on limited assurance standards.
Timing of reporting: The Proposal suggests postponing the CSRD reporting requirements by two years for all so-called “wave 2” and “wave 3″ companies, i.e. companies which are currently required to report under the CSRD in 2026 (over the financial year 2025) or 2027 (over the financial year 2026). If the Proposal is adopted, these companies would only have to provide their first CSRD report in 2028 and 2029, respectively. On the contrary, the Proposal does not change the timing of the reporting for so-called “wave 1” companies (i.e. publicly listed EU companies, insurances and banks with an average number of employees during the financial year of at least 500) which are already required to do CSRD reporting in 2025 (for the financial year 2024). The Commission intends to fast-track this part of the Proposal to provide legal certainty for companies with looming reporting obligations in 2026, and to “win time” for adoption of the envisaged substantive changes (in particular the introduction of the 1,000-employee threshold). Should the substantive changes be adopted and become effective as they currently stand, the “wave 1” companies that do not meet the new scoping criteria (because they have more than 500 but less than 1,000 employees) would no longer be subject to the CSRD.
Amendments to CS3D
Timing of due diligence obligations: The Proposal leaves the thresholds for the applicability of the CS3D unchanged but proposes to postpone the deadline for Member States to transpose the CS3D into national law by one year to 26 July 2027. Consequently, the first phase of application of the new due diligence obligations (i.e. for large companies) would begin on 26 July 2028.
General limitation of due diligence obligations to direct business partners: The Proposal generally limits the due diligence obligations of in-scope companies to direct business partners. An exception (i.e. an obligation to conduct an in-depth assessment of adverse impacts at the level of indirect business partners) shall only apply in limited circumstances where the company has plausible information suggesting that adverse impacts have arisen or may arise at the level of the respective indirect business partner. Hence, it would no longer be required to monitor and assess the entire supply chain.
Greater intervals for monitoring: As another significant relief for in-scope companies, the Proposal suggests requiring companies to assess the adequacy of their supply chain due diligence measures only every five years instead of every 12 months.
Termination of business relationships: Under the Proposal, in-scope companies would no longer be required to terminate their entire business relationship with business partners towards which preventive or corrective measures have failed to address their adverse impacts on human rights or environmental objectives. Instead, they would only be required to terminate business relationships with respect to the activities concerned.
Other Proposals
The Proposal also includes:
measures to reduce the regulatory burden and scope of the Taxonomy Regulation, including by introducing materiality thresholds and reducing reporting templates by around 70%;
changes to the Carbon Border Adjustment Mechanism (CBAM), including by exempting small importers from CBAM obligations; and
an amendment to the InvestEU Regulation, involving reduced reporting requirements.
Outlook
It remains to be seen whether the Proposal will become law in its current form. It is still subject to approval by the European Parliament and the Council of the EU Member States. Generally, EU legislative procedures can last up to 18 months – which is why the Commission has asked to fast-track the changes, in particular regarding the postponement of CSRD deadlines.
Whilst some EU politicians have raised concerns that the Proposal would lead to a setback for the EU’s sustainability objectives, the Proposal would significantly reduce the compliance burden for companies and limit the CSRD’s scope of application. For this reason, the Proposal has found support in some key EU Member States (e.g. Germany). Further intense discussions can be expected as the legislative procedure moves along.
Considerations for Companies
Until the Proposal becomes final and is adopted, the existing ESG rules (including CSRD) will continue to apply. What steps should companies consider taking before then? In particular for the CSRD, the answer depends on the circumstances for each company:
Companies that are already required to report under CSRD (“wave 1” entities) in 2025 should continue to comply. Companies with more than 500 but less than 1,000 employees may no longer be required to comply after adoption of final rules, but whether those rules will indeed become effective in their current form remains to be seen.
For companies that are currently due to report under CSRD in 2026 and 2027 (“wave 2” and “wave 3” entities), the prudent approach is to continue preparing for CSRD on the basis of the existing rules.
Non-EU parent companies of EU subsidiaries or branches should reconsider applicability of the scope to determine whether they will be required to report in 2029.
All companies are advised to monitor the development of upcoming rules.
What Doesn’t The DFPI Regulate?
In the mid 1990s, I had the privilege of serving as Commissioner of Corporations for the State of California. At that time, the DOC was known as a tough securities regulator. However, the times they were a changin’. In 1996, Congress enacted the National Securities Markets Improvement Act (NSMIA) which significantly limits the authority of the states to require qualification/registration of securities transactions.
During my tenure, the DOC also regulated health care service plans (aka HMOs and PPOs). Historically, these had been primarily nonprofit organizations and the regulatory concern had been with financial soundness. At the time many of these plans were converting to for profit. At the same time, many people were being moved into a managed care model and there was a great deal of public antipathy towards the managed care industry and the DOC’s oversight of that industry. Several years after I left the DOC, the legislature transferred oversight of managed care organizations to a new department – the Department of Managed Healthcare.
During my years in state government, regulation of state chartered financial institution was trifurcated amongst the DOC, the State Banking Department, and the Department of Savings & Loan (before becoming Commission of Corporations, I served as the interim Savings & Loan Commissioner). A significant change occurred on July 1, 2013, when the DOC and the Department of Financial Institutions (DFI) merged to form the Department of Business Oversight (the DBO). As a result, regulation of state chartered depository financial institutions became centralized in the DFI.
In 2021, the Governor and the legislature made the unfortunate decision to rebrand the DFI with the ungainly moniker of Department of Financial Protection and Innovation (DFPI). Currently the DFPI administers and/or enforces the following:
Banks and Credit Unions
Commercial Banks
Industrial Banks
Public Banks (Assembly Bill 857)
Credit Unions
Trust Companies & Departments
Securities and Investment
Securities (Corporate Securities Law of 1968)
Franchises (Franchise Investment Law)
Capital for Businesses (Capital Access Company Law)
Broker-Dealers & Investment Advisers (Corporate Securities Law of 1968)
Digital Financial Assets (Digital Financial Assets Law)
Non-Bank Financial Services
Money Transmitters
Debt Collectors
Check Sellers, Bill Payers & Proraters
Covered Persons (California Consumer Financial Protection Law )
Lending and Borrowing
Consumer & Commercial Loans (California Financing Law)
Payday Lenders (California Deferred Deposit Transaction Law)
Insurance Premium Finance (California Industrial Loan Law)
Home and Property Financing
Residential Mortgage Lenders & Servicers (California Residential Mortgage Lending Act)
Mortgage Loan Originators (California Financing Law and California Residential Mortgage Lending Act)
Property Assessed Clean Energy (PACE) (AB 1284 (Chapter 475, Statutes of 2017)
Escrow Agents
Escrow Agents (Escrow Law)
Education Financing
Student Loan Servicers (California Student Loan Servicing Act and subsequent enactments)
SEC Division of Corporation Finance Expands Confidential Review Accommodations for Draft Registration Statements
On March 3, 2025, the staff of the Securities and Exchange Commission’s (SEC) Division of Corporation Finance (the Division) announced that it enhanced certain existing accommodations under the Jumpstart Our Business Startups Act, which was enacted in April 2012 and which accommodations were expanded in 2012 and 2017, that allow for confidential SEC review of certain draft registration statements by expanding the availability of certain general accommodations and by including additional accommodations for companies that have gone public but have not yet achieved “Well-Known Seasoned Issuer” (WKSI) status.1
Following Monday’s announcement, issuers will now be able to submit all of the following draft registration statements for nonpublic review:
a registration statement under the Securities Act of 1933, as amended, for an initial public offering of securities or for any subsequent public offering of securities, regardless of how much time has passed since the initial public offering (rather than only up to one year later, as had previously been the case);
a registration statement on Form 10, 20-F or 40-F for the initial registration of any class of securities under either Section 12(b) or 12(g) of the Securities Exchange Act of 1934, as amended (the Exchange Act) or any subsequent registration statement for the registration of a class of securities under either Section 12(b) or Section 12(g) of the Exchange Act, regardless of how much time has passed since the issuer became subject to the reporting requirements of the Exchange Act; or
a registration statement for a de-SPAC transaction where the SPAC survives the business combination as the public company and the co-registrant target would otherwise be independently eligible to submit a draft registration statement.2
The new guidance is particularly significant for public companies that have been public for more than a year but have not yet achieved WKSI status, as it permits such companies to continue to confidentially submit draft registration statements indefinitely. As a result, non-WKSI’s may now avoid suffering the market pressure associated with filing a registration statement publicly and effectively pre-announce a transaction before launch, as was previously required. Moreover, reporting companies may now exclude the name of the underwriter(s) from their initial draft registration statement submissions so long as the company provides such name(s) in subsequent submissions and public filings. Finally, pursuant to the 2017 expansion of accommodations, issuers that confidentially submit a draft registration statement subsequent to their initial registration statement must make such registration statement and nonpublic draft submission publicly available on the EDGAR system at least two business days prior to any requested effective time and date; under the new guidance, however, the staff will now consider reasonable requests to expedite that two-business day period.
In issuing this new guidance, the Division underscored that “further expansion of these accommodations can facilitate capital formation, without diminishing investor protection.”
1 A WKSI is an issuer that meets all of the following obligations at some point during a 60-day period preceding the date the issuer satisfied its obligation to update its shelf registration statement: (i) the issuer is eligible to register a primary offering of its securities on Form S-3 or Form F-3; (ii) as of some date within 60 days of its eligibility determination date, the issuer has an outstanding minimum $700 million in worldwide market value of voting and non-voting equity held by non-affiliates (i.e., public float)– or – has issued at least $1 billion aggregate amount of non-convertible securities other than common equity, in primary offerings for cash in the last three years; and (iii) the issuer is not an ineligible issuer (i.e., an issuer that has not filed all required reports under Section 13 or 15(d) of the Exchange Act in the preceding 12 months; a blank check company; an issuer in an offering of penny stock; or the like). The benefit of WKSI status is automatic effectiveness of registration statements on Form S-3 or F-3, without any SEC review.
2 In essence, this accommodation puts the traditional de-SPAC structure on even footing with alternative de-SPAC structures that already allow confidential submission (i.e., where the target company or a newly formed company is the registrant).
CTA Enforcement Halted Again: Treasury Department Suspends CTA Requirements for Domestic Reporting Companies
In yet another update to the ongoing saga of the Corporate Transparency Act (CTA), the Financial Crimes Enforcement Network (FinCEN), the agency of the U.S. Department of the Treasury (“Treasury Department”) that enforces the CTA, announced on February 27, 2025, that it would not issue any fines or penalties or take any other enforcement actions against companies for a failure to provide beneficial ownership information (BOI) until a new interim final rule on the CTA is released.
On March 2, 2025, the Treasury Department provided further guidance on the CTA, announcing that it would halt enforcement of the CTA with respect to U.S. citizens and domestic reporting companies.
In its press release announcing this update, the Treasury Department stated that it will not enforce any penalties or fines associated with the BOI reporting requirements under the existing CTA rules; however, it will also issue a new proposed rule (to be released no later than March 21, 2025, according to FinCEN’s February 27, 2025, announcement) that will narrow the scope of the reporting requirements under the CTA to “foreign reporting companies only.”
Under the CTA, a “foreign reporting company” is any entity that is formed under the law of a foreign country and has registered to do business in the United States by the filing of a document with a secretary of state or any similar office, while a “domestic reporting company” is any entity that is formed in the United States by the filing of a document with a secretary of state or any similar office. We note, however, that the Treasury Department could seek to modify these definitions as part of its new proposed rule.
The immediate takeaway, based on this guidance from the Treasury Department, is that all domestic reporting companies are no longer required to file BOI and will not be subject to liability for not filing.
We will continue to monitor additional developments regarding the CTA, including the expected further guidance from the Treasury Department, to determine what the CTA filing requirements and deadlines will be for foreign reporting companies.
Green, But Lean: EU Eases Sustainability Rules Without Ditching Climate Goals
On 26 February 2025, the European Commission published the Omnibus Simplification Package, a set of proposals designed to streamline key EU sustainability regulations, eliminate redundancies, and reduce administrative burden and compliance costs for companies — while preserving the EU’s ambitious environmental objectives.
If adopted in the currently proposed form, companies will have more time to comply with the CSRD reporting requirements and the CSDDD supply chain due diligence obligations. In fact, the Omnibus Simplification Package proposes postponing by two years the entry into application of the CSRD reporting requirements for companies that have not yet started implementing the CSRD (i.e. large companies and listed SMEs), while the new CSDDD framework is postponing by one year the transposition deadline (to 26 July 2027) and the first phase of the application of the sustainability due diligence requirements covering the largest companies (to 26 July 2028).
The Omnibus Simplification Package also proposes to revise the scope of the CSRD and the CSDDD. The reporting requirements under CSRD would only apply to large undertakings with more than 1,000 employees (i.e. undertakings that have more than 1,000 employees and either a turnover above €50 million or a balance sheet total above €25 million) and the CSDDD due diligence obligations would be significantly narrowed down, in particular by limiting them to direct contract partners.
While many businesses welcome the reduced regulatory burden as well as its postponement, some critics argue that it weakens corporate accountability and dilutes transparency efforts. In any event, the Omnibus Simplification Package is still at a proposal stage and is set to spark intense debate in the EU Parliament and Council, with global stakeholders—including the U.S.—closely monitoring the developments and trying to influence them to meet their own goals.
This alert provides insights into the most relevant proposed changes to CSRD and CSDDD and what those mean for businesses operating under the EU’s evolving sustainability framework.
The Omnibus Simplification Package presented by the European Commission includes:
A proposal for a Directive, the sole content of which is to postpone the application of reporting requirements in the CSRD for certain groups of companies and the transposition deadline as well as the first wave of application of the CSDDD (Omnibus Directive I).
A second proposal for a Directive amending the actual content of and obligations under the CSRD and the CSDDD (Omnibus Directive II).
A draft Delegated act amending the Taxonomy Disclosures and the Taxonomy Climate and Environmental Delegated Acts subject to public consultation.
A proposal for a Regulation amending the Carbon Border Adjustment Mechanism Regulation.
A proposal for a Regulation amending the InvestEU Regulation.
Proposed changes to the CSRD
Postponement of the Starting Date for Reporting for Certain Companies
The Omnibus Directive I proposes a two-year postponement of the implementation of reporting requirements for companies in the second and third waves (see table below) This is to allow the European co-legislators to find agreement on the Commission’s proposal for substantive changes as provided in the Omnibus Directive II.
This postponement is intended to give companies some legal certainty and prevent a scenario where companies would be required to report for the financial year 2025 (second wave) or 2026 (third wave), only to be later relieved from reporting duties if and when the Omnibus II Directive with its higher thresholds is approved. No amendments to the timeline have been proposed for wave four non-EU ultimate parent companies; as a result, those companies continue to be required to report for the first time in 2029 for financial year 2028 (but may opt to report on a consolidated group basis before). Companies already covered in the first wave seem to have to continue reporting on the basis of the existing CSRD – the Omnibus Proposal does not mention any postponement of their duties.
According to Article 3 of the proposed text of the Omnibus Directive I, Member States shall implement the provisions of the Directive by 31 December 2025 at the latest. This indicates that the Commission is assuming that the Omnibus Directive I will be approved quickly by the European legislators – while the content-related Omnibus Directive II may well take considerably longer to get through the legislative process.
In this framework, wave 2 companies currently required to report in 2026 for FY 2025 will have to consider the timing of their preparations for CSRD readiness: once the Omnibus I Directive is approved the postponement will still need to be transposed into national laws to become effective, but (a) we expect Member States to be fairly quick since there seems to be broad agreement about the postponement (in contrast to the content related proposals of the Omnibus Directive II) and (b) we would argue that the postponement would have a pre-effect, which would make it very difficult for Member States to implement current CSRD obligations and impose fines before the new starting date.
New Scoping Thresholds
According to the proposed text of the Omnibus Directive II, only large companies or parent companies of large groups with more than 1,000 employees (individually or in the case of a holding company on a consolidated basis) will be required to prepare sustainability reports under Article 19a and 29a of the Accounting Directive.
That change in itself would reduce the number of undertakings subject to mandatory sustainability reporting requirements by about 80%. In comparison to the current requirements (see table below for details), the new employee threshold would lead to some of the undertakings in the first and second wave and all undertakings in the third wave (listed SMEs) falling out of the scope of the CSRD should Omnibus Directive II be approved.
In addition, the threshold for EU turnover for non-EU parent companies has been raised from €150 to €450 million, and the threshold for an EU branch from €40 to €50 million. These amendments in the reporting thresholds are meant to more closely align the CSRD with the CSDDD, which already only applies to companies above the 1,000 employee and €450 turnover threshold.
Wave
Type of company
Current thresholds and due date for reporting
Proposed thresholds
1(Current kick-off date for reporting: 2025 for FY 2024 – not changed by the postponement proposal in Omnibus Directive I)
Public interest entities (e.g. credit institutions, insurance undertakings and others) already subject to the NFRD
More than 500 employees
With average 1,000 employees
2(Current kick-off date for reporting: 2026 for FY 2025 – may be postponed by Omnibus Directive I to 2028 for FY 2027)
EU companies/parent companies of a groupCompanies (EU or non-EU) with securities listed on EU regulated markets
Exceeding at least two of the following three thresholds (on a consolidated basis at a group level):
Balance sheet total: > €25 million
Net turnover: > €50 million
Average number of employees: > 250
With average 1,000 employees and exceeding one of the following two thresholds (on a consolidated basis at a group level):
Balance sheet total: > €25 million
Worldwide net turnover: > €50 million
3(Current kick-off date for reporting: 2027 for FY 2026, with opt-out option for two years – may be postponed by Omnibus Directive I to 2029 for FY 2028)
SMEs with securities listed on an EU regulated market
Below the thresholds for the second wave companies (see above).
Reporting in 2027 for financial year 2026, with the possibility to opt out for a further twoyears.
Out of scope
4(Current kick-off date for reporting: 2029 for FY 2028 – not changed by the postponement proposal in Omnibus Directive I)
Non-EU ultimate parent companies
Generating a net EU turnover of at least €150 million (at group level) and with
at least one large subsidiary in the EU (i.e., exceeding two out of three of: balance sheet of €25 million and/or turnover of €50 million and/or 250 employees) or
a branch in the EU that generated a net turnover of €40 million
Generating a net EU turnover of at least €450 million (at group level) and with
at least one large subsidiary in the EU (as defined in the Accounting Directive, i.e., exceeding two out of three of: balance sheet of €25 million and/or turnover of €50 million and/or 250 employees) or
a branch in the EU that generated a net turnover of €50 million
Reducing the Trickle-Down Effect by Limiting the Information That Companies Within Scope May Request From Smaller Companies in Their Value Chain
The CSRD requires undertakings to report value-chain information to the extent necessary for understanding their sustainability-related impacts, risks and opportunities.
The current CSRD establishes a so-called value-chain cap, which states that the European Sustainability Reporting Standards (ESRS) may not contain mandatory reporting requirements that would require undertakings to obtain information from SMEs in their value chain that exceeds the information to be disclosed under the proportionate standard for listed SMEs.
The proposed Omnibus Directive II extends this value chain cap from SMEs to companies up to 1,000 employees. In turn the Commission is proposing to adopt simplified standards for voluntary use by out of scope companies having fewer than 1,000 employees, based upon the current simplified standard prepared for non-listed SME by EFRAG, that such companies can use as a shield to limit their response to information requests from banks, large companies and other stakeholders in scope of the CSRD.
Revision of the ESRS
The range of sustainability topics covered by the current ESRS is not changed by the proposed Omnibus Directive II and, despite speculation, the double materiality requirement is not removed. The Commission has proposed to revise the delegated regulation (EU) 2023/2772 establishing the ESRS with the aim to reduce the number of mandatory ESRS datapoints, by removing those deemed least important for general purpose sustainability reporting and further distinguishing between mandatory and voluntary datapoints, and to further enhance the already very high degree of interoperability with global sustainability reporting standards.
According to the text of the Omnibus Directive II, the Commission will adopt the revised ESRS delegated act in time for those undertakings in wave 2 – which according to the proposed new timelines would be required to start reporting under the CSRD in 2028 for FY 2027 – to apply the revised standards.
Deletion of Sector Specific Standards
The Omnibus Directive II proposes to delete the empowerment for the Commission to adopt sector-specific reporting standards (currently due on 30 June 2026) to avoid a further increase in the number of prescribed datapoints that undertakings should report on and facilitate the reporting process. Should undertakings require additional guidance to report on sustainability matters common to the specific sector in which they operate, the Commission specifies that they may have recourse to existing international sustainability reporting standards and sectoral sustainability reporting initiatives.
No Move to Reasonable Assurance
The Commission is currently mandated to adopt reasonable assurance standards by October 1, 2028, based on an assessment of their feasibility for companies. However, the draft of Omnibus Directive II is intended to eliminate this requirement, ensuring that no reasonable assurance standards are introduced and that assurance over CSRD reports remains at the limited assurance level.
Since the amount of work for a limited assurance engagement is significantly less than for a reasonable assurance engagement, this is designed to save companies cost and time: a limited assurance engagement is usually provided in a negative form (stating that no matter has been identified by the assurance provider to conclude that the subject matter is materially misstated) while the conclusion of a reasonable assurance engagement would have to be provided in a positive form (providing an opinion on the measurement of the subject matter against previously defined criteria). In addition, the Commission committed to issue targeted assurance guidelines by 2026.
Voluntary Taxonomy and Partial Taxonomy-Alignment Reporting Option
By virtue of Article 8 of the Taxonomy Regulation undertakings reporting under the CSRD also publish information about the eligibility and alignment of their economic activities with the EU Taxonomy. The proposed provisions in the Omnibus Directive II create a derogation for companies with more than 1,000 employees and an EU turnover below EUR 450 million by making the Taxonomy reporting voluntary. However, companies that have made progress toward sustainability targets but only partially meet EU Taxonomy requirements may choose to voluntarily report their partial alignment. This allows them to showcase their efforts, demonstrate progress toward full compliance, and gain recognition for their commitment to sustainability.
Proposed changes to the CSDDD
Postponement of Applicability of CSDDD and Scope
With respect to CSDDD, the Omnibus Directive I proposes to postpone the transposition deadline by one year to 26 July 2027 (instead of 2026). The Omnibus Directive I also postpones the compliance deadline for the first wave of companies (i.e. those that have more than 5,000 employees and report a net annual worldwide turnover of more than €1.5 billion), which would therefore have to comply with the CSDDD from 26 July 2028 onwards. There is however no change regarding companies that were already meant to comply with the CSDDD from 26 July 2028, or later from 26 July 2029. In addition, the Commission proposes to bring forward the publication of its guidelines for compliance with due diligence obligations under the CSDDD to July 2026, instead of January 2027.
Indirect Business Partner Assessment No Longer Required and Suspension of the Business Relationship as Last Resort
The Omnibus Directive II limits the due diligence measures to the companies’ own operations, those of their subsidiaries and, where related to their chains of activities, those of their direct business partners thus excluding the assessment at the level of indirect business partners.
However, such assessments of indirect business partners will still be required if the company has plausible information that suggests that adverse impacts have arisen or may arise at the level of the operations of an indirect business partner. According to the recitals of the Omnibus Directive II, ‘plausible information’ means information of an objective character that allows the company to conclude that there is a reasonable likelihood that the information is true, for example if it has received a complaint or is in the possession of information, notably via credible media or NGO reports about harmful activities at the level of a business partner, reports of recent incidents, or where the company through its business contacts knows about problems at a certain location (e.g., conflict area).
In addition, the proposal Omnibus Directive II removes the duty to terminate the business relationships in the case of both actual and potential adverse impacts. Should a company assess that the business operations of such a supplier are linked to severe adverse impacts, for instance child labour or significant environmental harm, and the company has unsuccessfully exhausted all due diligence measures to address these impacts, as a last resort the company should suspend the business relationship while continuing to work with the supplier towards a solution, where possible using any increased leverage resulting from the suspension. Irrespective of the termination duty being removed, companies can of course still decide to terminate for severe breaches.
Extended Interval for Periodic Assessments and Updates
In order to reduce the burden on companies and their business partners (which are often SMEs), the Omnibus Directive II proposes to extend to five years (instead of each year) the requirement that companies carry out a periodic assessment of their (and their business partners’) operations and measures to assess the adequacy and effectiveness of due diligence measures.
However, companies will still be required to conduct such assessments ad hoc whenever there are reasonable grounds to believe that the measures are no longer adequate or effective, or that new risks of occurrence of adverse impacts may arise.
Reduced Requirements for Climate Change Mitigation Plans
As a result of the Omnibus Directive II, while companies will still be required to adopt a climate change mitigation plan, such a plan would no longer have to be “put into effect” as required by the CSDDD but rather include an “outline of implementation actions planned and taken”.
Reducing the ‘Trickle-Down’ Effect on SMEs
To avoid unnecessary burdens on SMEs, the Omnibus Directive II intends to limit the information that companies may request in the context of their risk-mapping obligations from their direct business partners with fewer than 500 employees, to the information covered by the voluntary sustainability reporting standards (VSME) set out under the CSRD.
Extension of Maximum Harmonization Requirements
In order to ensure a more uniform transposition of the CSDDD, the Omnibus Directive II extends the scope of maximum harmonization of the CSDDD to several additional provisions that regulate the core aspects of the due diligence process. In practice, this means that Member States will be prohibited from enacting diverging national provisions regarding certain key requirements, including the identification duty, the duties to address adverse impacts that have been or should have been identified, and the duty to provide for a complaints and notification mechanism.
Changes to the Civil Liability Provisions
The Omnibus Directive II proposes to remove the specific EU-wide civil liability regime provided in the CSDDD, including the obligation for Member States to allow representative actions by trade unions or NGOs. Instead, under the Omnibus Directive II, Member States would remain free to provide such rules in their national laws.
Financial Penalties
The Omnibus Directive II removes the minimum cap for financial penalties (5% of net worldwide turnover in the preceding financial year) currently stated in the CSDDD and the requirement that the fine be assessed based on the company’s net worldwide turnover. The Commission will issue guidance to assist Member States’ supervisory authorities to set the appropriate level of penalties to be imposed, provided that Member States are prohibited from setting maximum limits of penalties that would prevent the imposition of penalties in accordance with the principles and factors set out in the CSDDD.
Deletion of the Review Clause for Financial Services
The Omnibus Directive II proposes to remove the CSDDD’s financial services review clause, which currently commits the Commission to submit by 26 July 2026 a report to the European Parliament and to the Council on the necessity of setting up due diligence requirements for the financial services sector. Indeed, according to the European Commission, this review clause did not leave enough time to take into account the experience on the general due diligence framework under the CSDDD.
Omnibus Directive II and policy considerations on the future of simplification measures
With respect to all the simplification measures and changes proposed in the Omnibus Directive II, which would substantially impact the scope and way of reporting under the CSRD and conducting due diligence under the CSDDD as explained above, Article 5 of the current proposal text provides for a deadline of 12 months for Member States to implement the directive into national law once the Directive enters into force. However, the European Commission’s publication of the proposal initiates a complex and lengthy process involving negotiations, amendments, and further discussions across multiple EU institutions, which creates uncertainty around the legislative timeline.
In particular, the proposal will need to be debated and approved by Members of the European Parliament and Member States at the Council of the EU. The political landscape in Europe has deeply changed since CSRD and CSDDD were adopted (respectively, November 2022 and May 2024), and there is a much stronger focus on competitiveness, economic growth, and simplification.
In the European Parliament, the majority center-right European People’s Party welcomed the Omnibus Proposal and supports the process of cutting regulatory burdens on companies. Members of the second largest group, the Socialists&Democrats, oppose significant rollbacks of sustainability regulations, emphasizing the importance of environmental protection and corporate accountability. In particular, Lara Wolters, CSDDD rapporteur, stated that the group “cannot accept the watering down of sustainability, labour and human rights standards in the CSDDD and CSRD”. The debate in the European Parliament is likely to be lengthy and heated.
In Council, most of the Member States are aligned with the Commission’s approach of simplifying EU regulations. Germany and France have previously advocated for delaying and easing the implementation of the rules, calling for a concrete postponement of CSRD and suggesting increasing thresholds for company size and turnover in both CSRD and CSDDD. In contrast, Spain supports maintaining robust environmental reporting standards, underlining the importance of due diligence requirements: while the Spanish government support delaying the application of CSRD, it insists that these rules become mandatory for all companies eventually. Italy has also shown limited opposition to the proposed amendments, suggesting that rules should immediately apply to larger companies and delays and more favorable requirements should be adopted for smaller businesses. However, and given Council’s position on CSDDD in the previous legislative term, it is possible that Member States will adopt a negotiating mandate in line with the Commission’s proposal.
European policymakers will inevitably need to keep an eye on the potential actions of the U.S. government. Twenty-six U.S. states have sent a letter to President Trump urging retaliatory measures against the CSDDD due to its extraterritorial impact beyond Europe. The letter calls on the United States Trade Representative to launch an investigation under Section 301 of the Trade Act of 1974 to assess whether the CSDDD constitutes an unreasonable or discriminatory measure that burdens or restricts U.S. commerce.
Additionally, another letter sent to Congress urges U.S. officials to push for an indefinite suspension of the directive’s implementation based on the following argumentation lines: The directive mandates extensive supply chain due diligence based on UN and OECD principles, which have not been ratified by the U.S. Congress. It also disregards U.S. corporate governance standards. Finally, US companies are not bound by net zero transition plans akin to those imposed on the UE companies, as requested under the CSDDD.
Gabriela da Costa and Edoardo Crosetto contributed to this article
New Rulemaking Announced: Treasury Department Suspends Reporting, Enforcement and Fines under the Corporate Transparency Act until Further Notice
How Did We Get Here?
The Corporate Transparency Act (CTA) went into effect on January 1, 2024, and was enacted as part of the Anti-Money Laundering Act of 2020. Administered by the Financial Crimes Enforcement Network, a bureau of the U.S. Department of the Treasury (FinCEN), the CTA is designed as another tool in the mission to protect the financial system from money laundering, terrorism financing, and other illicit activity. FinCEN issued the implementing final rules on September 29, 2022. Pursuant to these rules, reporting companies[1] formed before 2024 were to file their initial beneficial ownership reports (BOIRs) with FinCEN by January 1, 2025. Reporting companies formed after January 1, 2024, and before January 1, 2025, were to file their initial BOIR within 90 days following their formation.
In late 2024, multiple lawsuits were filed challenging the constitutionality of the CTA. Plaintiffs in those cases sought, and in many cases obtained, injunctions excusing them from filing their initial BOIRs until the merits of the case were decided. In two of the cases, federal judges issued nationwide injunctions excusing all reporting companies from filing their initial BOIR during the pendency of the case. As we recently reported, the United States Supreme Court on January 3, 2025 overturned the nationwide injunction in one of those cases, narrowing the injunction to just the plaintiffs in that particular case. On February 18, 2025, the district court judge in the other case narrowed his nationwide injunction to just the plaintiffs in that case. All of the cases continue to work their way through the federal court system.
As a result, on February 19, 2025, FinCEN issued a notice declaring a new filing deadline of March 21, 2025, for initial BOIRs. Then on February 27, 2025, FinCEN announced that by March 21, 2025, it would propose an interim final rule that further extends BOIR deadlines. Moreover, FinCEN stated it would not issue fines or penalties or take any enforcement actions until that forthcoming interim final rule became effective and the new relevant due dates in the interim final rule have passed. The Treasury Department also issued a comparable press release on February 27, 2025, but added that it will further not enforce any penalties or fines against U.S. citizens or domestic reporting companies or their beneficial owners after the forthcoming rule changes take effect. The Treasury Department stated that the interim final rule that it would issue by March 21, 2025, would propose narrowing the scope of the rule to foreign reporting companies only.
Current Status
The recently announced actions by the Department of Treasury effectively mean that:
FinCen won’t enforce penalties or fines against companies or beneficial owners who do not file by the March 21 deadline.
If your reporting company was created by the filing of a document with a secretary of state or a similar office under the law of a State or Indian Tribe and all of the beneficial owners of your reporting company are U.S. citizens, the Department of Treasury has stated it intends to amend the rules to eliminate the obligation for your reporting company to ever file a BOIR report and accordingly, FinCEN will never enforce penalties or fines against your reporting company or its U.S. beneficial owners.
If your reporting company was created by the filing of a document with a secretary of state or a similar office under the law of a State or Indian Tribe and some of the beneficial owners are NOT U.S. citizens, FinCEN won’t currently enforce any penalties or fines against the company or its foreign beneficial owners until after the new rules go into effect. The Department of Treasury press release suggests that it will eliminate the obligation to file a BOIR for your domestic reporting company with non-U.S. beneficial owners, but we must await the proposed new rule to see if FinCen is proposing to narrow the rule in this manner. The CTA itself defines what is a reporting company without this distinction of ownership by U.S. citizens or non-U.S. citizens. Given that the CTA’s stated objective to combat illicit activity, it would seem useful for FinCEN to have information about the non-U.S. citizenship ownership of a domestic reporting company.
If your reporting company was created by the filing of a document outside of the United States and you have registered your company with a secretary of state or a similar office under the law of a State or Indian Tribe, FinCEN won’t currently enforce any penalties or fines against the company or its foreign beneficial owners until after the new rules go into effect. Foreign companies are currently subject to the BOIR only if they are registered to do business in the United States. Foreign registered companies who are not registered to do business in the United States are not currently subject to the BOIR requirements (even if they are doing business here). Narrowing the BOIR reporting rules in this manner would seem to result in far fewer reporting companies. We await further communication from the Department of Treasury on this position.
State Level Developments
Lastly, we note that with this major development on the federal level, states may adopt CTA-like legislation for entities created or registered under their state law. The State of New York has already done so by enacting the New York Limited Liability Company Transparency Act (the NY LLCTA) which mirrors the CTA in many respects, with key differences. The NY LLCTA applies only to limited liability companies (LLCs) created under New York law or registered to do business in New York. Under the NY LLCTA, these reporting LLCs must disclose their beneficial owners to the New York State Department of State (DOS) beginning on January 1, 2026. LLCs that qualify for one of the CTA’s 23 exemptions will be exempt under NY LLCTA, but must file an “attestation of exemption” with DOS.
It is not clear whether any other states will enact comparable legislation. This includes Delaware, which has always been the preferred state for domestic businesses to incorporate, including 30% of Fortune 500 companies. More recently, however, Texas and Nevada have been courting companies to reincorporate in their states. These other states offer tax breaks and perceived business-friendly regulations. Faced with potentially losing corporate business to other states, it is not known whether Delaware would risk giving companies another reason to consider incorporating elsewhere.
ENDNOTES
[1] A “reporting company” is defined under the CTA as “a corporation, limited liability company, or other similar entity” that is either “created by the filing of a document with a secretary of state or a similar office under the law of a State or Indian Tribe” or “formed under the law of a foreign country and registered to do business in the United States.”
Navigating the Changing Landscape of Corporate Transparency Act Compliance
Both the U.S. Department of the Treasury and FinCEN, a bureau within the Treasury Department, have issued statements, which, taken together, indicate a significant reduction in the enforcement of the Corporate Transparency Act (CTA) beneficial ownership information (BOI) reporting requirements against U.S. citizens and domestic reporting companies. Specifically, the Treasury Department has indicated its intent to narrow, via forthcoming rule changes, the scope of the BOI reporting requirements to foreign reporting companies only and to halt any penalties or fines against U.S. citizens and domestic reporting companies following implementation of these rule changes.
The Treasury Department has yet to issue the proposed rulemaking reflecting these changes to the scope of BOI reporting requirements, and it will be important to see the proposed rulemaking to better understand how the Treasury Department and FinCEN plan to effect these changes. Items to look out for in any proposed rulemaking include:
Whether U.S. citizens who are beneficial owners of foreign reporting companies will need to comply with BOI reporting efforts of foreign reporting companies.
Whether domestic reporting companies with foreign beneficial owners will be subject to any BOI reporting requirements.
How the language regarding ending enforcement of penalties and fines against U.S. citizens and domestic reporting companies for non-compliance is worded (i.e., eliminating altogether enforcement against all U.S. citizens and domestic reporting companies or a general, discretionary pause by FinCEN).
In addition, the validity or legality of any proposed rulemaking regarding the narrowed scope of the CTA may be challenged in the courts. And, as noted in our previous alert, there are still a number of court cases pending, and Congress is also considering bills that would affect the CTA. Accordingly, this is unlikely to be the last update in the CTA enforcement saga.
The U.S. Department of the Treasury issued the following release regarding enforcement of the CTA:
Treasury Department Announces Suspension of Enforcement of Corporate Transparency Act Against U.S. Citizens and Domestic Reporting Companies
The Treasury Department is announcing today that, with respect to the Corporate Transparency Act, not only will it not enforce any penalties or fines associated with the beneficial ownership information reporting rule under the existing regulatory deadlines, but it will further not enforce any penalties or fines against U.S. citizens or domestic reporting companies or their beneficial owners after the forthcoming rule changes take effect either. The Treasury Department will further be issuing a proposed rulemaking that will narrow the scope of the rule to foreign reporting companies only. Treasury takes this step in the interest of supporting hard-working American taxpayers and small businesses and ensuring that the rule is appropriately tailored to advance the public interest.
“This is a victory for common sense,” said U.S. Secretary of the Treasury Scott Bessent. “Today’s action is part of President Trump’s bold agenda to unleash American prosperity by reining in burdensome regulations, in particular for small businesses that are the backbone of the American economy.”
In addition, FinCEN issued the following release regarding enforcement of the CTA:
FinCEN Not Issuing Fines or Penalties in Connection with Beneficial Ownership Information Reporting Deadlines
WASHINGTON––Today, FinCEN announced that it will not issue any fines or penalties or take any other enforcement actions against any companies based on any failure to file or update beneficial ownership information (BOI) reports pursuant to the Corporate Transparency Act by the current deadlines. No fines or penalties will be issued, and no enforcement actions will be taken, until a forthcoming interim final rule becomes effective and the new relevant due dates in the interim final rule have passed. This announcement continues Treasury’s commitment to reducing regulatory burden on businesses, as well as prioritizing under the Corporate Transparency Act reporting of BOI for those entities that pose the most significant law enforcement and national security risks.
No later than March 21, 2025, FinCEN intends to issue an interim final rule that extends BOI reporting deadlines, recognizing the need to provide new guidance and clarity as quickly as possible, while ensuring that BOI that is highly useful to important national security, intelligence, and law enforcement activities is reported.
FinCEN also intends to solicit public comment on potential revisions to existing BOI reporting requirements. FinCEN will consider those comments as part of a notice of proposed rulemaking anticipated to be issued later this year to minimize burden on small businesses while ensuring that BOI is highly useful to important national security, intelligence, and law enforcement activities, as well to determine what, if any, modifications to the deadlines referenced here should be considered.
What Every Multinational Company (Doing Business in Mexico) Should Know About … Mitigating Risks From ATA Scrutiny in a New Enforcement Regime
Mexican cartels dominate large swaths of the Mexico-United States border and the Bajío region (an area encompassing relevant parts of Queretaro, Guanajuato, Aguascalientes, San Luis Potosí, Jalisco, and Michoacán), and they control significant economic segments/activities in these territories. These are the same areas in which multinational companies maintain significant manufacturing operations.
In an Executive Order issued on January 20, 2025[1], the White House announced a shift toward increased enforcement of the Immigration and Nationality Act (INA) and International Emergency Economic Powers Act (IEEPA), which are key statutes in the United States’ fight against terrorism. Though these statutes are not new, the Trump Administration plans to broaden U.S. enforcement activity to cartels and transnational criminal organizations (TCOs) by allowing for the designation of cartels or TCOs as Foreign Terrorist Organizations and/or Specially Designated Global Terrorists. This new focus of enforcement resources, along with the expansive inclusion of cartels or TCOs within the purview of the INA and IEEPA, creates a heightened risk for multinational companies doing business in Mexico and other areas where cartels operate, as the companies can be perceived as — and then prosecuted for — engaging in terrorism or aiding terrorists, as explained below.
Under the INA, the Secretary of State can designate groups as Foreign Terrorist Organizations (FTOs)[2] based on an assessment of the State Department’s Bureau of Counterterrorism regarding the group’s terrorist activity. Once a group has received an FTO designation, multinationals subject to U.S. jurisdiction — which is interpreted very broadly by U.S. regulators — may face strict criminal and civil penalties under 18 U.S.C. § 2339B (the Antiterrorism Act or ATA) if they knowingly provide, or attempt or conspire to provide, “material support or resources” to the FTO.[3]
The State Department currently designates more than 60 organizations as FTOs. Trump’s January 20, 2025, Executive Order directs the State Department to scrutinize drug cartels — especially Mexico-based drug cartels and two cartels mentioned by name, Tren de Aragua (TdA) and La Mara Salvatrucha (MS-13) — for designation as FTOs. Since the order, Secretary of State Marco Rubio already has designated eight cartels as FTOs, most of which have operations in Mexico. We anticipate this number will sharply rise as the administration works together with OFAC to identify additional cartels and TCOs. This raises a number of concerns for companies that operate in areas known to have cartel or TCO activities, because the following types of regularly conducted business activities may be viewed through the lens of providing material support or resources to an FTO:
Making payments to secure employee safety or the ongoing operation of a physical plant;
Engaging in business dealings with local companies that themselves are in business with cartels or that are making such payments; and
Recording payments to said local companies or to cartels in the books and records of publicly traded companies.
The expansion of enforcement scrutiny also may expand the types of risks facing companies, including:
Combined OFAC and DOJ investigations of conduct that potentially violates both the INA and OFAC regulations;
Matters that formerly would have been dealt with as civil matters by OFAC can become criminal matters pursued by DOJ;
New designations can be combined with anti-money laundering laws to expand the potential violations of U.S. laws; and
The expansion of the reach of OFAC designations to non-U.S. companies, since the material support statute has extraterritorial effect.
The January 20 Executive Order also heightens the risk of private civil litigation for multinationals doing business in Mexico. The ATA creates a civil remedy for U.S. national victims and their estates or heirs against defendants alleged to have caused an “injury arising from an act of international terrorism committed, planned, or authorized by an organization that had been designated as a foreign terrorist organization under section 219 of the [INA]” where “liability may be asserted as to any person who aids and abets, by knowingly providing substantial assistance, or who conspires with the person who committed such an act of international terrorism” (emphasis added). Under the ATA, “[a]ny national of the United States injured in his or her person, property, or business by reason of an act of international terrorism, or his or her estate, survivors, or heirs, may sue therefor in any appropriate district court of the United States and shall recover threefold the damages he or she sustains and the cost of the suit, including attorney’s fees.” 18 U.S.C. § 2333(a). The line of culpability under this section remains unsettled, as lower courts attempt to apply recent Supreme Court precedent regarding the “knowing” provision of “substantial assistance” to FTOs.[4] But the designation of cartels and TCOs as FTOs exposes companies that operate in countries with heightened cartel activity to litigation under the ATA.
For several years, Mexican cartels have shifted revenue sources from drug smuggling into the United States to racketeering in Mexico. The latter typically consists of Mexican cartels extorting regular payments from small-to-medium-sized businesses, many of which provide goods or services to larger companies such as the multinationals operating in Mexico. In addition to direct extortion, cartels engage in behaviors such as forcing suppliers on companies that in turn do business with multinational companies, establishing “front” entities to provide miscellaneous services, selling protection against rival organizations, establishing prices for goods or services, and receiving payments for not carrying out threatened violence.
Multinational companies in Mexico are thus in constant risk of having indirect contacts with these cartel FTOs within their local supply chain and, even if they are unaware of such touch points, multinationals must guard against being seen as actively complicit or willfully blind if they fail to take reasonable precautions.
To safeguard against these risks, multinationals subject to U.S. jurisdiction that do business in Mexico should take precautions such as:
Conducting due diligence on all business counterparties, especially when onboarding new suppliers or other new business partners;
Updating due diligence and requiring certifications of compliance with the laws prohibiting conducting business activities with TCOs and FTOs;
Conducting routine OFAC and FTO screenings to assess the company’s risk profile with respect to potential touchpoints with cartels and TCOs;
Mapping supply chains, including for sub-suppliers, to confirm zero contact with cartel or TCO activities throughout the supply chain;
Based on risk assessments, following up and conducting audits to ensure the company’s supply chain is in compliance with the updated legal requirements;
Implementing and maintaining vendor management systems for payments to suppliers and other business partners;
Conducting financial audits on suppliers or other business partners to identify potential payments to cartels or TCOs;
Alerting suppliers or other business partners regarding their potential connections to cartels or TCOs and help monitor to avoid risk; and
Incorporating prohibitions on cartel and TCO connections, in addition to FTO restrictions, into agreements with third parties.
[1] “Designating Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists,” Executive Order (Jan. 20, 2025) available at https://www.whitehouse.gov/presidential-actions/2025/01/designating-cartels-and-other-organizations-as-foreign-terrorist-organizations-and-specially-designated-global-terrorists/.
[2] Though this article focuses on the FTO designation under the INA, the Specially Designated Global Terrorist designation under IEEPA creates a separate set of enforcement issues for multinationals, as well as additional sanctions under IEEPA for FTOs. IEEPA is the governing authority for most economic sanctions overseen by the Office of Foreign Assets Control (OFAC), which has long maintained robust restrictions on U.S. persons, or any other person subject to U.S. law, to the primary U.S. economic sanctions. OFAC has sanctioned numerous drug cartels, as well as companies and individuals, using its authorities under its Significant Narcotics Traffickers program pursuant to Executive Order 12978 and the Kingpin Act. Because OFAC uses an expansive definition of U.S. jurisdiction, restrictions under these designations include the activities of non-U.S. persons that take place on U.S. territory, use the U.S. financial system, or otherwise trigger U.S. jurisdiction. Proper compliance requires that any persons with a U.S. jurisdictional nexus take into account all the potential ways U.S. law can apply to them, including both the new emphasis on the INA/IEEPA and the longstanding OFAC regulations.
[3] 18 U.S.C. § 2339A defines “material support or resources” to include “any property, tangible or intangible, or service, including currency or monetary instruments or financial securities, financial services, lodging, training, expert advice or assistance, safehouses, false documentation or identification, communications equipment, facilities, weapons, lethal substances, explosives, personnel . . . and transportation, except medicine or religious materials.”
[4] See Twitter, Inc. v. Taamneh 598 U.S. 471 (2023).
What Every Multinational Company Should Know About … The Rising Risk of Customs False Claims Act Actions in the Trump Administration
On February 20, 2025, the Deputy Assistant Attorney General for the Commercial Litigation Branch at the U.S. Department of Justice (DOJ), Michael Granston, emphasized using the False Claims Act (FCA) to address U.S. Customs & Border Protection (Customs) violations at the Federal Bar Association’s annual qui tam conference. According to Granston, the Trump administration will seek to “aggressively” deploy the FCA as a “powerful” enforcement mechanism against importers that take steps to evade customs duties, including all the new tariffs being imposed by the Trump administration.
The application of the FCA for underpayments of customs tariffs is already a growing trend. The increased tariffs and attention will combine to increase the number of FCA actions targeting tariff underpayments and the potential amount of recoveries. The U.S. government has unparalleled access to detailed import data covering nearly all imports, giving it the ability to run algorithms to see discrepancies and anomalies that might indicate the underpayment of tariffs. The FCA also can be enforced by whistleblowers who file qui tam suits in the government’s name, in hopes of receiving a share of the recovery in successful cases. Taken together, these factors mean the scene is set for a vast expansion of the use of the FCA as a tool to combat tariff underpayments.
Against this scrutiny, importers should ensure they accurately determine and pay all tariffs, including the new Trump tariffs. The remainder of this article summarizes the heightened risks that the FCA poses in the Trump administration, as well as some practical steps companies can take to minimize the risk of an FCA action.
The Application of the False Claims Act to Customs Violations
The False Claims Act, 31 U.S.C. § 3729 et seq., is a special form of civil remedy used by the government to recover funds the government paid as a result of fraud — typically, a false statement or document that supports a demand for government monies. The FCA allows the government to recover treble damages plus penalties up to $28,619 for each violation. Thus, the FCA authorizes the government to seek not only any tariff underpayments but also three times the amount of the underpayment and penalties for each instance of underpayment. Needless to say, the FCA poses enormous financial risk to importers.
The statute also enables private individuals to act as whistleblowers (or “relators”) by filing qui tam actions on behalf of the government. If the action is successful, the relator can receive up to 30% of the money recovered in the litigation, plus attorney’s fees, with the rest going to the government. This potential for recovery has spawned an active plaintiffs bar that encourages the filing of qui tam actions.
Indeed, the 979 qui tam actions filed by relators in the fiscal year ending in September 2024 constituted a 37% increase over the prior year and a 60% increase over 2019 filings. In addition, the government also originated 423 investigations on its own — almost triple the number the government originated five years ago. Further, the government reported that it recovered almost $3 billion in settlements and judgments in 2024, which followed a nearly-as-high recovery of $2.8 billion recovered in 2023.
In his speech, Granston explained the FCA could be a powerful tool in recovering under-reported tariffs. With the Trump administration announcing a dizzying array of new tariffs, the amount of tariffs imposed — and the risk of FCA actions — are both certain to increase. The emphasis on tariffs and trade continued at the conference. Jamie Ann Yavelberg, director of the Fraud Section of the Civil Division, identified tariff evasion as a “key area” for enforcement, with a focus on false statements about country of origin, declared value of goods, and the number of goods involved.
The following are examples of the Department of Justice’s use of the FCA to address underpayment of customs duties and show the broad range of customs issues that can support an FCA action:
One importer paid almost $22.8 million to settle FCA allegations that it misclassified its vitamin products to avoid paying the full amount of customs duties due, as well as its failure to pay back duties owed after correcting certain misclassifications.
Another importer paid $22.2 million to settle FCA allegations that it misrepresented the nature, classification, and valuation of its imported construction products to evade antidumping and countervailing duties, as well as improperly claiming preferential treatment under free trade agreements, with the relator receiving $3.7 million.
A third importer paid $45 million to resolve allegations that it misrepresented the country of origin on goods that should have been declared to be of Chinese or Indian origin, thereby evading high antidumping and countervailing duties imposed on the entries from those countries.
A fourth importer paid $5.2 million for allegedly evading antidumping and other duties by falsely describing wooden bedroom furniture imported from China as “metal” or “non-bedroom” furniture on documents submitted to CBP while also manipulating images of their products in packing lists and invoices, directing their Chinese manufacturers to ship furniture in mislabeled boxes and falsifying invoices to try to evade detection.
Finally, another importer paid $4.3 million for allegedly failing to include assists (customer-provided production aids) in the declared value of its entries.
Key areas where FCA cases are most likely to arise include:
The misclassification of goods, to move them from a higher to a lower tariff classification.
The misclassification of goods, to move them out of the coverage of the new Trump tariffs such as those imposed on aluminum and steel derivative products.
Incorrectly declaring the wrong country of origin, to avoid the Section 301 tariffs imposed on China or on countries subject to the new tariff proclamations such as China, Canada, or Mexico.
Failing to pay antidumping or countervailing duties, which often have very high tariff rates.
Failing to accurately declare the correct value of goods.
Failing to include assists (production aids provided by the customer) or royalties within the declared value.
Failing to have a customs transfer pricing study in place, if this results in the undervaluation of goods imported from an affiliated company.
Failing to correct past entry information if Customs notifies the importer of a change that impacts the duty rate, such as by issuing a Form 28 Request for Information or Form 29 Notice of Action. When this occurs, Customs expects that importers will use the Post-Summary Corrections Process to correct all analogous prior entries and to pay back duties on those prior entries.
Another factor that increases FCA risk is that Customs maintains two additional whistleblower programs of its own — one under the Enforcement and Protect Act (EAPA), for reporting of antidumping and countervailing duty evasion, and an eAllegations portal for all other claims of tariff evasion. It remains to be seen whether the new administration will mine these sources for FCA enforcement purposes.
Practical Steps Importers Can Take to Minimize Potential FCA Actions
Given the likelihood of increased enforcement, as well as the sharply rising levels and types of tariffs, importers should prioritize customs compliance, as any underpayments raise the specter not only of customs penalties but also potential FCA damages and penalties.
Customs-Related Steps
In a high-tariff environment, the stakes for compliance miscues are substantial and include potential penalties and interest for underpayments as well as FCA risks. Some key areas to consider for ongoing customs compliance include the following:
Inaccurate classifications can result in incorrect duties or penalties, so confirm your company has procedures to correctly classify goods using the correct Harmonized Tariff Schedule (HTS) codes and maintains a regularly updated import classification index to reflect new products or changes in tariff codes.
Confirm that your organization maintains a detailed customs compliance manual that outlines procedures for classification, valuation, origin determination, recordkeeping, interactions with brokers and Customs, and other relevant matters that impact the accuracy of information reported to Customs and can create underpayments.
Review and ensure there are procedures to track and properly report assists, royalties, or other non-invoice costs that might affect the declared value of imported goods. Misreporting these costs could lead to underpayments of duties and penalties.
Ensure that there are procedures to regularly review entries after entry to identify potential errors in valuation, origin declarations, classification, or other entry-specific items that impact how much duties are owed.
Regularly use post-summary corrections as a means of correcting error, as most entry-related information can be corrected until liquidation without penalty (generally, around 314 days after entry).
In addition to post-entry checks, more detailed customs audits can uncover underlying issues that can lead to customs penalties. Major importers should consider conducting regular customs audits, pulling a judgmental sample of entries for thorough examination to determine if there are areas that contain errors.
Ensure your company maintains procedures for overseeing customs brokers and freight forwarders, including written protocols that are consistently followed to ensure there is proper oversight of customs brokers and freight forwarders.
Customs traditionally has not imposed penalties if an importer initiates a voluntary self-disclosure before the government begins its investigation. Importers should be aggressive in using voluntary self-disclosures to minimize the likelihood of customs penalties and related FCA liability risks.
Request confidential treatment for your company’s import data. Much of the information filed as part of the entry process is available for review by companies, such as PIERS and Panjiva, which aggregate import data and sell it to the public. By filing a government confidentiality request and keeping it up to date, your company can limit the ability of third parties (including competitors and whistleblower law firms) to analyze import data to discern trading patterns, supply chains, and exposure to high-risk regions or high-tariff products.
Compliance and Whistleblower Steps
In addition to the customs-related steps listed above, maintaining a robust corporate compliance program that addresses customs issues and general whistleblowing concerns can help prevent an internal complaint from turning into a qui tam suit. Some measures to consider include the following:
Maintain an Effective Compliance Program. Maintain a corporate compliance program that meets DOJ’s expectations for effectiveness, and ensure the program is coordinated with a well-tailored customs compliance program. Effective compliance programs are marked by senior leadership support, adequate resources, use of risk assessments, well-developed policies and procedures, tailored trainings, encouragement of internal reporting, and meaningful responses to complaints. Given the heightened risk environment, make sure your company has a compliance officer or team that understands customs issues and can follow up on reports of potential customs violations.
Encourage Internal Reporting & Whistleblower Protection. Establish a confidential internal reporting mechanism (e.g., hotline). Protect employees from retaliation to encourage internal reporting over external whistleblower actions. Investigate and address complaints promptly and transparently.
Conduct Regular Training & Education.Train employees on Customs and FCA requirements and the risks of false claims. Effective training is tailored to the roles and responsibilities of given groups of employees.
Strengthen Internal Controls & Audits. Perform regular post-entry checks and internal audits to identify and correct potential customs violations and underpayments.
Respond Proactively to Potential Violations.Act quickly if an issue is detected to correct errors, and consider self-reporting to Customs when necessary, both to lock in a no-penalty situation with Customs and to reduce the likelihood of qui tam suits.
Respond Promptly and Fully to All Customs Forms 28 (Requests for Information), Form 29s (Notices of Action), and Informal Inquiries. Importers should designate an internal employee to be an ACE contact so that your company receives Customs notices at the same time as the customs broker, instead of relying on the broker to forward any notices. Any requests for information or Customs actions should be investigated thoroughly and have a well-supported response (generally required within 30 days).
Follow Through on Customs Notices. If Customs makes a determination, such as reclassifying a product, then Customs requires that the importer search through its recent imports and reflect the Customs decision for all identical or analogous entries. In some cases, substantial customs penalties or FCA liability have arisen from the failure to do so. Ensure that the full implications of any Customs action are thoroughly understood and that your company uses the Post-Summary Corrections process to reflect any changes mandated by Customs. Consider using a voluntary self-disclosure to reflect changes to older entries.
Follow Up Thoroughly on Any Civil Investigative Demand (CID) from DOJ or Any Qui Tam Complaint.The receipt of a CID or qui tam complaint always requires the highest level of attention, given the draconian penalties the FCA authorizes. Follow up on the receipt of these items to take swift action to investigate and defend against those claims, using outside counsel with experience in the FCA and customs issues.
By proactively addressing customs compliance, importers can help minimize the risk not only of customs penalties but also the risk of qui tam lawsuits. Especially in a high-tariff environment, customs compliance and taking all available steps to ensure the proper payment of all tariffs lawfully due is essential and needs to be at the top of the list for any risk-based compliance program.
US Treasury Announces That the Corporate Transparency Act Will Not Be Enforced Against Domestic Companies, Their Beneficial Owners or US Citizens
As noted in our previous Corporate Advisory, the Financial Crimes Enforcement Network (FinCEN) announced on February 27, 2025, that it will not take enforcement action against a Reporting Company that fails to file or update a Beneficial Ownership Information Report (BOIR) as required by the Corporate Transparency Act (CTA), pending the release of a new “interim final rule.”
On March 2, 2025, the US Department of the Treasury (Treasury) issued a press release expanding on FinCEN’s announcement. The Treasury release states that even “after the forthcoming rule changes take effect[,]” the Treasury will not enforce fines and penalties under the CTA against domestic Reporting Companies, beneficial owners of domestic Reporting Companies or US citizens.
The release also outlines Treasury’s intention to propose additional rulemaking that would limit CTA reporting obligations solely to foreign Reporting Companies. Under the CTA, a foreign Reporting Company is defined as any entity that is formed under the laws of a foreign country and registered to do business in the United States by filing a document with a secretary of state or a similar office under the laws of a State or Indian tribe. As a result, the proposed rulemaking would significantly narrow the CTA’s application.
Given the Treasury’s announcement, non-exempt domestic Reporting Companies and their beneficial owners may wish to consider ceasing CTA compliance efforts until there are further developments in this space. Non-exempt foreign Reporting Companies should continue preparing CTA filings in anticipation of forthcoming guidance regarding extended filing deadlines.
Alexander Lovrine contributed to this article.