Ohio AG Sues Mortgage Lender for Illegal Broker Steering Scheme
On April 17, Ohio Attorney General Dave Yost announced that the state has filed a lawsuit against a wholesale mortgage lender, alleging that the company engaged in a statewide scheme to mislead borrowers and inflate mortgage costs through deceptive broker steering practices. The AG’s office is seeking a jury trial on all claims.
The complaint alleges that the lender violated the Ohio Consumer Sales Practices Act, the Ohio Residential Mortgage Lending Act, and the Ohio Corrupt Practices Act. The lawsuit accuses the lender of conspiring with brokers to funnel borrowers into high-cost loans under the guise of independent shopping, despite internal agreements that allegedly prohibited brokers from presenting more affordable alternatives.
Specifically, the allegations include:
Restricting broker competition. The lender contractually prohibited referrals to two major competitors, even when cheaper options were available.
Marketing misrepresented broker independence. Brokers used lender-supplied marketing materials that described them as “independent” despite contractual restrictions limiting their ability to shop around.
Rewarding loyalty with exclusive perks. Brokers who funneled loans to the lender received increased exposure on borrower search engines, faster underwriting times, and access to promotional products, all tied to volume metrics.
Charging borrowers significantly higher costs. The AG asserts that borrowers working with high-funneling brokers paid hundreds more per loan than those using brokers who independently shopped the market.
Putting It Into Practice: Ohio’s lawsuit continues a trend of increased state-level enforcement targeting financial services practices, particularly in the mortgage space (previously discussed here). Lenders and brokers who operate in this space should ensure their compliance procedures align with best practices, especially when it comes to referrals.
Listen to this post
Cybersecurity: Salt Typhoon’s Persistence is a Cruel Lesson for Smaller Providers
In December 2024, the White House’s Deputy National Security Adviser for Cyber and Emerging Technology confirmed that foreign actors, sponsored by the People’s Republic of China, infiltrated at least nine U.S. communications companies. The attacks, allegedly conducted by China’s state-sponsored Salt Typhoon hacking group, compromised sensitive systems, and exposed vulnerabilities in critical telecommunications infrastructure.
All communications service providers across the U.S. are at risk to this threat, especially those located near a U.S. military facility. To combat this threat, it is important for communications service providers to adopt and implement cybersecurity best practices in alignment with the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework 2.0 and/or the Cybersecurity and Infrastructure Security Agency’s (CISA) Cross-Sector Cybersecurity Performance Goals.
In response to the Salt Typhoon threat, in January of this year, the FCC adopted a Declaratory Ruling and a Notice of Proposed Rulemaking to affirm and increase the cybersecurity obligations of communications service providers. The Declaratory Ruling clarifies that Section 105 of the Communications Assistance for Law Enforcement Act (CALEA) creates legal obligation for telecommunications carriers to secure their networks against unlawful access and interception. Telecommunications carriers’ duties under section 105 of CALEA extend not only to the equipment they choose to use in their networks, but also to how they manage their networks. Such carriers must work to prevent any unauthorized interception or access into their network (and maintain records thereof). This requires basic cybersecurity hygiene practices such as:
Implementing role-based access controls;
Changing default passwords;
Requiring minimum password strength; and
Adopting multifactor authentication.
Falling short of fulfilling this statutory obligation may include failing to patch known vulnerabilities or not employing best practices that are known to be necessary in response to identified exploits.
The Notice of Proposed Rulemaking, if adopted, would require providers to adopt and implement cybersecurity and supply chain risk management plans as well as certify compliance with these plans annually to the FCC. The proposed rule would apply to a wide array of providers including facilities-based providers, broadcast stations, television stations, cable systems, AM & FM commercial radio operators, TRS providers, satellite communications providers, and all international section 214 authorization holders. Participants of the FCC’s Enhanced A-CAM Program and NTIA’s BEAD Program are already subject to this requirement.
Ultimately, more FCC regulation is coming. At the same time, cyber incidents are increasing. Communications service providers should consider creating both a cybersecurity and supply chain risk management plan as well as a cybersecurity incident response plan. Such plans should reflect industry best practices outlined in federal guidance documents as described above.
In addition, carriers should review their cybersecurity liability insurance policies to ensure they have sufficient coverage. It’s also critical to review and update vendor and partner contracts for security and supply chain risk management clauses to include provisions for incident response, liability, and retention of information.
Finally, communications service providers should also consider engaging legal counsel to assist their efforts in ensuring that they are adequately protected.
Womble Bond Dickinson has developed a cybersecurity retainer that captures the requirements and proactive procedures necessary to meet the regulations, protect your networks and deal with the fallout of cybersecurity breach including insurance recovery and class action litigation from a cybersecurity data breach.
Financial Institutions May Have Civil and Criminal Exposure for Knowingly or Unknowingly Assisting Customers Who Support Terrorist Activities
While there have been numerous shifts in government enforcement priorities in the past three months, there does appear to be one area where the status quo has remained the same. This new administration has made it clear that preventing financial institutions from working with terrorist organizations remains a top concern. While the administration has added “new” entities to its lists in the form of drug cartels and other nefarious groups, none of this changes the fact that it is as important as ever for banks and similar financial institutions to maintain effective compliance to avoid the government’s crosshairs. Moreover, if one of these banned entities does become inadvertently involved with a financial institution, it is equally as important to know how to get in front of the issue to mitigate the relevant and serious risk.
For decades, terrorist organizations have tried to access the U.S. financial system to fund their terrorist operations around the world. Terrorist organizations and other criminals use various strategies to conceal the nature of their activities, including money laundering and structuring. The U.S. government has multiple tools for combatting terrorists’ abuse of the U.S. financial system. Congress enacted the Currency and Foreign Transaction Reporting Act of 1970, as amended (referred to as the Bank Secrecy Act or BSA) to monitor the source, volume, and flow of currency and other monetary instruments through the U.S. financial system to detect and prevent money laundering and other criminal activities. After the terrorist attacks on Sept. 11, 2001, Congress strengthened the BSA framework through the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001. Among other things, the USA PATRIOT Act targeted terrorist financing and enhanced enforcement mechanisms to combat it. Indeed, there are numerous other statutes and regulations that may come into play in cases involving terrorist financing. Those statutes and regulations rely heavily on U.S. financial institutions to identify and report bad actors.
The risks involved when banks fail to follow these statutes and regulations are severe, and this GT Advisory summarizes the current laws that the government uses to try to eliminate terrorist organizations’ ability to move funds for their nefarious activities. U.S. financial institutions and their employees have substantial exposure if they knowingly or unknowingly assist customers in supporting or financing terrorist activities. As mentioned above, while the new administration is changing the way the government addresses the threat of terrorist funding in some ways, the basic tools used in detecting and prosecuting remain largely the same. Some of the government’s tools that should be considered in creating effective compliance for financial institutions include the following.
1. Terrorist Support and Financing Violations
The most powerful tool in U.S. law enforcement’s quiver in curbing terrorist financing involves statutes proscribing the provision of material support to designated terrorist organizations. The government can prosecute individuals and entities that facilitate or finance terrorism under multiple statutes: (i) 18 U.S.C. § 2339A, which prohibits persons from providing material support or resources, including financial services, knowing that they will be used in preparation for or in carrying out certain predicate offenses associated with terrorism; (ii) 18 U.S.C. § 2339B, which prohibits knowingly providing material support to designated foreign terrorist organizations; and (iii) 18 U.S.C. § 2339C, which prohibits providing or collecting funds with the knowledge or intention that they will be used to carry out a terrorist attack. The statutes are complex, but it is important to note that conspiring to commit terrorism or aiding and abetting the commission of terrorism are punishable as if the person has committed the crime himself. Moreover, under 18 U.S.C.§ 2339C, an individual or entity can be prosecuted for concealing the nature, location, source ownership, or control over any material support or resources knowing that they will be or were provided to support terrorist activity. All of these statutes include severe criminal penalties for individuals and entities. These statutes apply to banks and other financial institutions similarly to how they would apply to anyone that helps known terrorists and, consequently, contain penalties to reflect the severity of the underlying conduct.
More specifically, under 18 U.S.C. § 2339B, if a financial institution becomes aware that it has possession of or control over funds of a foreign terrorist organization or its agent, the financial institution is required to retain possession or control over the funds and report the existence of the funds to the Secretary of Treasury in accordance with the regulations. The failure to do so may result in a civil penalty equal to the greater of $50,000 per violation or twice the value of the funds over which the financial institution was supposed to retain possession or control. The material support statute specifically states that it applies extraterritorially, meaning that the law reaches individuals, companies, and conduct that is normally beyond the reach of U.S. jurisdiction. Since the statute’s inception, U.S. courts have affirmed criminal convictions and civil penalties based on its broad extraterritorial reach.
2. IEEPA Violations
While not as chilling as the threat of being charged as supporting terrorism, the executive branch also can use its emergency powers to curb and punish financial institutions that conduct transactions with designated terrorists. This issue of emergency powers has been in the news recently because of the current administration’s discussion of using these powers to curb narcotics trafficking by targeting the various drug cartels.
Specifically, the International Emergency Economic Powers Act (IEEPA) delegates authority to the president of the United States to regulate financial transactions to address threats following the declaration of a national emergency. As mentioned above, President Trump has issued multiple executive orders (EOs) designating terrorists or terrorist groups. The EOs prohibit U.S. persons from engaging in transactions with the designated terrorists or terrorist groups. The Office of Foreign Assets Control (OFAC) enforces sanctions against U.S. persons or non-U.S. persons with a U.S. nexus who deal with designated terrorists or terrorist groups. Financial institutions must notify OFAC of any blocked transactions and file an annual report. A financial institution that willfully violates an executive order or IEEPA implementing regulation may be charged criminally. The fines for a financial institution found to have violated these orders may be high and also involve potentially damaging collateral effects, such as debarment.
3. Money Laundering
While money laundering has always been a relevant risk for financial institutions, in light of the new administration’s views on stopping both terrorism and narcotics trafficking, the industry should expect that the administration will pursue these laundering cases with greater zeal than the prior one. If a U.S. financial institution or its employees willfully assist a customer in laundering money, the government may charge the financial institution or its employees with conspiracy to commit money laundering. While laundering may occur throughout the United States in any location where a nefarious individual is trying to hide ill-gotten proceeds, the increased focus on international criminal and terrorist activities will result in greater detection of laundered amounts and, consequently, much higher fines.
The government may also charge international money laundering in terrorist financing cases. International money laundering is sometimes referred to as “reverse money laundering” because it involves the transfer of legitimate funds abroad for an illegal purpose. 18 U.S.C. § 1956(a)(2)(A) prohibits the transport, transmission, or transfer of funds and monetary instruments of funds from the United States to a place outside of the United States with the intent to promote a specified unlawful activity. Specified unlawful activities include the terrorism material support offenses, IEEPA violations, and other criminal activities connected to terrorism.
Most importantly, money laundering is something that a financial institution is legally required to take steps to detect and prevent. These efforts will never be perfect but taking steps to enact effective compliance is critical to mitigating the risk of fines and penalties and, in some circumstances, may even change charging decisions. Effective compliance programs that are continuously reviewed and improved are key to mitigating the risk of fines and penalties if cases like the ones discussed above arise.
4. BSA Violations
Similar to the money laundering issues discussed above, the Bank Secrecy Act (BSA) creates challenges for financial institutions that may increase over the coming years. The BSA imposes substantial reporting and due diligence requirements on financial institutions to prevent abuse of the U.S. financial system. Among other requirements, each financial institution must: (i) develop and implement an effective anti-money laundering (AML) program; (ii) file and retain records of currency transaction reports (CTRs) to report cash transactions of $10,000 or more; (iii) file and retain records of suspicious activity reports (SARs) where the financial institution knows, suspects, or has reason to suspect, inter alia, that the money was from an illegal source or the transaction occurred in connection with a plan to violate federal law or evade reporting requirements; (iv) file and retain records of Reports of International Transportation of Currency or Monetary Instruments (CMIRs) to report the transportation of currency or monetary instruments exceeding $10,000 to or from the United States; and (v) adopt customer identification procedures and perform other due diligence measures. The BSA rules are administered by the Financial Crimes Enforcement Network (FinCEN), the Internal Revenue Service (IRS), and the federal banking agencies including the Federal Deposit Insurance Corporation, the Office of the Comptroller of Currency, and the National Credit Union Administration.
The penalties for violating BSA requirements can be severe. Potentially applicable penalties include:
Criminal Liability for Financial Institutions or Employees Who Willfully Violate BSA Reporting Requirements – A person, including a bank employee, who willfully violates the BSA reporting requirements may be subject to five years in prison and a fine of up to $250,000. The criminal penalties are increased to 10 years in prison and a fine of up to $500,000 where the person commits the BSA reporting violation in connection with another crime or engages in a pattern of illegal conduct.
Structuring Violations – A person who structures, attempts to structure, or assists in structuring any transaction with one or more domestic financial institutions to evade a BSA reporting requirement may be guilty of a crime. Structuring involves willfully breaking a payment into smaller amounts so that they fall under the reporting threshold. Structuring is punishable by up to five years in prison and a fine of up to $250,000. Like the reporting penalties, the criminal penalties for structuring are increased to up to 10 years in prison and a fine of up to $500,000 where the person commits structuring in connection with another crime or engages in a pattern of illegal conduct exceeding more than $100,000 in a 12-month period.
Civil Penalties – The secretary of the Treasury may impose a civil penalty of $500 for a negligent violation of the recordkeeping requirements in the BSA. The penalty can be increased by up to $50,000 where there is a pattern of negligent violations. Where a financial institution engages in certain international money-laundering violations, the secretary of Treasury may impose a penalty equal to the greater of two times the value of the transaction or $1,000,000.
Where a financial institution’s failure to satisfy the recordkeeping requirement is willful, the civil penalty is equal to the greater of the value of the transaction or $25,000, up to a maximum of $100,000. The penalty is applied for each day the violation continues on each branch or place of business. Therefore, the civil penalties can increase significantly. The civil penalty can apply in addition to any criminal penalties.
Egregious Violator – Where an individual willfully commits a BSA violation and the violation either facilitated money laundering or terrorist financing (i.e. the individual is an “egregious violator”), the individual is prohibited from serving on the board of directors of a U.S. financial institution for a period of 10 years commencing on the date of the conviction or judgment.
5. Internal Revenue Code Currency Violations
The Internal Revenue Service frequently uses information gathered under the BSA reporting requirements to determine if taxpayers are compliant with their U.S. tax reporting obligations. Large transfers of cash are not per se illegal; however, they may be an indicator of fraud for tax purposes. Therefore, the IRS has a strong interest in financial institutions filing timely and accurate CTRs. To this end, the Internal Revenue Code includes a parallel statute that addresses the failure to file or the filing of inaccurate CTRs. The following penalties may apply under 26 U.S.C. § 6050I:
Criminal Liability for Willful Failure to File a CTR – Any person who willfully fails to file a CTR is guilty of a felony punishable with up to five years in prison and a fine of up to $25,000 (or $100,000 in the case of a corporation).
Criminal Liability for Willfully Filing a False CTR – Any person who willfully files a false CTR is guilty of a felony publishable with up to three years in prison or a fine of up to $100,000 (or $500,000 in the case of a corporation).
Criminal Liability for Structuring – The Internal Revenue Code includes its own criminal provision for structuring violations. A person who structures or assists in structuring may be publishable with the same penalties that apply to a person who fails to file or files an incorrect CTR.
Criminal Liability for Willfully Aiding or Assisting in Preparing a False CTR – Any person who aids, assists, counsels, or advises in the preparation of a false CTR is guilty of a felony punishable with up to three years in prison or a fine of up to $100,000 (or $500,000 in the case of a corporation).
Civil Penalty – The civil penalty for failure to file or filing an incorrect CTR is equal to the greater of $25,000 or the amount of cash received in the transaction, up to a maximum of $100,000.
6. Forfeiture Actions
In addition to civil and criminal penalties, the government can use civil and criminal forfeiture statutes to seize the property related to terrorism or money-laundering violations. This includes proceeds of the criminal activity, funds used to facilitate the criminal activity, and in some circumstances, legitimate funds that have been knowingly commingled with illegal funds. Where the illegal funds are being held abroad, the government may be able to seize assets held in correspondent accounts that foreign financial institutions maintain in the United States as a substitute.
7. Loss of Bank Charter or Removal from Banking Activities
In addition to the civil and criminal penalties that can apply, federal banking agencies have the authority to revoke bank charters and prohibit bank employees from engaging in further banking activities. Equally concerning are the various state banking regulators that can also revoke a financial institution’s charter for violations of federal laws. Because of the regulated nature of financial institutions, the ramifications of any of the violations mentioned above, even if not particularly egregious, have the potential to cause irreparable harm to the institution.
Conclusion
The government has numerous tools to penalize financial institutions or their employees for knowingly and unknowingly assisting customers with supporting or financing terrorism. As the strategies that terrorists use to access the U.S. financial systems continue to evolve, financial institutions may wish to consult with their advisors on the best way to prevent violations.
Privacy Tip #441 – Identity Theft Statistics Increasing in 2025
Unfortunately, identity theft continues to increase, and according to Identitytheft.org, the statistics are going to get worse in 2025. Some of the statistics cited by Identitytheft.org include:
1.4 million complaints of identity theft were received by the Federal Trade Commission
Total fraud and identity theft cases have nearly tripled over the last decade
Cybercrime losses totaled $10.2 billion
The median loss to fraud victims is $500
There is an identity theft case every 22 seconds
33% of Americans faced some form of identity theft at some point in their lives
Consumers aged 30-39 were the most victimized by identity theft
Georgia ranked #1 for identity theft and fraud cases
Identitytheft.org concludes:
“Identity theft has been a growing problem in the U.S. for the past few years. It is difficult for victims to deal with these issues because theft methods are becoming even more sophisticated with time. Citizens must safeguard their personal information by utilizing technology such as antivirus protection software, password managers, identity theft protection, and VPNs if they want to avoid identity theft scenarios in 2025.”
These are helpful tips to consider.
A New Era in Federal Sentencing: Updates to the Guidelines and the Elimination of Departures
The federal sentencing landscape in the United States could undergo a significant transformation with recent amendments to update the United States Sentencing Guidelines that will go into effect on November 1, 2025, unless Congress takes action to disapprove the amendments. These changes, which include the removal of departures, mark a pivotal shift in how justice is administered in federal courts. This article explores the implications of these updates, their impact on the judicial system, and what they mean for defendants, attorneys, and the broader legal community.
Background on the Federal Sentencing Guidelines
The Federal Sentencing Guidelines were established in 1987 by the United States Sentencing Commission (“USSC”) to promote consistency and fairness in sentencing. These guidelines provide a framework for judges to determine appropriate sentences for federal offenses, taking into account factors such as the severity of the crime and the defendant’s criminal history.
Historically, the guidelines allowed for “departures,” which enabled judges to deviate from the prescribed sentencing range under certain circumstances. Departures were intended to provide flexibility in cases where the guidelines did not adequately account for unique factors. However, the use of departures has been a subject of debate, with critics arguing that they undermine the consistency and predictability of sentencing.
Key Updates to the Federal Sentencing Guidelines
The recent amendments to the Federal Sentencing Guidelines represent a comprehensive overhaul aimed at addressing longstanding concerns and modernizing the sentencing process. The most notable change is the removal of departures, which has been replaced with a more structured approach to variances.
Elimination of Departures: The removal of departures reflects a shift towards greater uniformity in sentencing. Under the updated guidelines, judges will no longer consider departures from the prescribed sentencing range based on guideline specific criteria. Instead, the judges will consider variances that do not require a guidelines-sanctioned basis; they stem from judicial authority under Booker and its progeny and considerations of 18 U.S.C. § 3553(b)(1) factors (e.g., Irizarry v. United States, 553 U.S. 708 (2008)).
Simplification of the Sentencing Process: The updated guidelines introduce a streamlined “three-step” approach to sentencing, designed to simplify the process for judges and practitioners. The new three-step approach simplifies the sentencing process while maintaining fairness and transparency. Here’s how it works:
Step 1: Determine the Base Offense Level: Judges begin by identifying the base offense level for the crime, as outlined in the guidelines. This step ensures that the severity of the offense is accurately reflected in the sentencing range.
Step 2: Apply Adjustments: Next, judges apply any relevant adjustments, such as enhancements for aggravating factors (e.g., use of a firearm) or reductions for mitigating factors (e.g., acceptance of responsibility). These adjustments are designed to account for the specific circumstances of the case.
Step 3: Consider Variances: Finally, judges may consider variances based on statutory factors, such as the nature and circumstances of the offense and the history and characteristics of the defendant. Variances must be justified with detailed reasoning and are subject to appellate review to ensure consistency.
Enhanced Focus on Individualized Sentencing: The updated guidelines encourage courts to take an individualized approach to sentencing. Judges are urged to consider the unique circumstances of each case and defendant, within the framework of the guidelines.
Addressing Emerging Issues: The updates also address contemporary challenges, such as the rise of synthetic drugs and the use of firearms in criminal activities. New provisions have been added to ensure that sentences reflect the severity of these offenses and their impact on public safety.
Implications of the Updates
The removal of departures and the introduction of a more structured approach to variances have important implications for the federal judicial system:
Increased Consistency and Predictability: By eliminating departures, the updated guidelines aim to reduce disparities in sentencing and promote greater consistency across federal courts. This is expected to enhance public confidence in the fairness of the judicial system.
Challenges and Opportunities for Defense Attorneys: Defense attorneys will now focus more on individualized arguments when advocating for leniency on behalf of their clients. Although variances have been a driving force in federal sentencing since Booker, the focus on variances in sentencing will streamline arguments for reduced sentences. The criteria for variances require attorneys to present compelling evidence and arguments to justify deviations from the prescribed sentencing range, which provides opportunities and challenges.
Impact on Defendants: The emphasis on individualized sentencing provides an opportunity for defendants to present mitigating factors and make compelling arguments based on the individual circumstances of their case.
Judicial Training and Adaptation: The updates necessitate additional training for judges and legal practitioners to ensure a thorough understanding of the new guidelines. This includes familiarization with the criteria for variances and the streamlined sentencing process.
The Broader Context
The updates to the Federal Sentencing Guidelines reflect broader trends in criminal justice reform. In recent years, there has been a growing emphasis on evidence-based practices, transparency, and accountability in sentencing. These principles are at the heart of the updated guidelines, which seek to balance the goals of punishment, deterrence, and rehabilitation.
The removal of departures also aligns with efforts to address systemic disparities in sentencing. Studies have shown that discretionary departures can contribute to racial and socioeconomic disparities, as they may be influenced by implicit biases. By replacing departures with a more structured approach to variances, the updated guidelines aim to mitigate these disparities and promote equity in sentencing.
Looking Ahead
As the updated Federal Sentencing Guidelines take effect, their impact on the judicial system will become clearer. Legal scholars, practitioners, and policymakers will closely monitor the implementation of the guidelines and their outcomes. Key areas of focus will include:
Evaluating the Effectiveness of Variances: The success of the updated guidelines will depend on how effectively variances are applied in practice. This includes assessing whether the criteria for variances strike the right balance between flexibility and consistency.
Addressing Unintended Consequences: As with any major policy change, the updates may have unintended consequences that require further refinement. Ongoing feedback from judges, attorneys, and other stakeholders will be critical in identifying and addressing these issues.
Advancing Criminal Justice Reform: The updates to the Federal Sentencing Guidelines are part of a broader movement towards criminal justice reform. Continued efforts to promote fairness, transparency, and accountability in sentencing will be essential in building a more just and equitable system.
Conclusion
The revised Federal Sentencing Guidelines represent a significant step forward in the ongoing evolution of the criminal justice system. By emphasizing structured variances, evidence-based practices, and a commitment to equity, these updates pave the way for a more transparent and accountable approach to sentencing. As the legal community adapts to these changes, it is imperative to remain vigilant in evaluating their effectiveness and addressing any unforeseen challenges. Through continuous efforts and collaboration, the ultimate goal of fostering a fairer and more just judicial system can be realized.
Elder Financial Exploitation
Fraud of all sorts remains on the rise. The federal regulatory banking agencies seem to be focusing on educating banks in an effort to decrease losses to the bank and customers as a result of these scams, especially those geared toward older adults.
In late 2024, the various regulatory agencies issued an Interagency Statement on Elder Financial Exploitation that provided guidance to banks with the goal of increasing the detection and prevention of elder financial exploitation. FinCEN has also previously issued an Advisory and a Financial Trend Analysis on Elder Financial Exploitation.
The Interagency Statement provides banks with nine areas to consider when implementing steps to decrease elder financial exploitation:
Governance and oversight
Employee training
Transaction holds and disbursement delays
Use of trusted contacts
Filing of Suspicious Activity Reports
Reporting to authorities
Providing financial records to appropriate authorities
Engaging with prevention and response networks
Consumer outreach and awareness resources from government agencies
Of those nine areas, I think it is important to address in this article those of employee training, transaction holds and disbursement delays, and the use of trusted contacts.
In recent years, many states have adopted legislation to allow banks to stop or hold a transaction upon a good faith or reasonable belief that such transaction would result in the financial exploitation of an elderly customer. While each state’s laws may read differently, the typical scenario is that a bank may have a time frame during which the transaction may be held or delayed but it must report the information to its state’s adult protective services department or similar agency or department. Now is a good time to review your state’s laws related to financial elder exploitation to determine what your bank can do to stop this type of fraud. These laws may also address other individuals the bank may alert and what information may be provided in these instances.
Training is also of the utmost importance. While it is typical for a bank’s BSA department to monitor accounts for unusual or suspicious account activity and to detect unusual transactions or account patterns outside of a customer’s norm, often such monitoring is completed after the transactions have been conducted. Every bank should train its frontline staff on the red flags and warning signs of elder financial exploitation. A bank’s frontline staff is more likely to notice behavioral red flags such as unusual interactions with a caregiver, urgency in sending a wire, a lonely elder mentioning a new friend who needs money, etc.
Finally, while it is not yet common practice, banks should consider implementing the use of trusted contacts. In order to establish a trusted contact, the bank would obtain permission from its customer to contact a third party designated by the customer when elder financial exploitation is suspected. This would allow the bank to share information that would otherwise be prohibited by privacy laws and regulations and get additional assistance in protecting its customer.
The Interagency Statement offers a clear road map for banks to enhance their efforts in preventing elder financial exploitation. By focusing on the nine critical areas — from governance and employee education to consumer outreach and collaboration with authorities — financial institutions can build stronger protections and more responsive systems. Prioritizing these steps not only mitigates risk but also affirms a commitment to the well-being and financial security of older adults.
What Every Multinational Company Should Know About … Customs Enforcement and False Claims Act Risks (Part II)
As detailed in Part I of our three-part series on Minimizing Customs Enforcement and False Claims Act Risks, the combination of the new high-tariff environment, the heightened ability of Customs (and the general public) to data mine, and the Department of Justice’s (DOJ) stated focus on using the False Claims Act (FCA) substantially increases import-related risks. In light of this heightened risk, Part II and the forthcoming Part III of this series focus on preparing for specific areas where we see heightened enforcement risk, both for Customs and FCA penalties, with this article addressing the most common FCA risks arising from submitting false Form 7501 entry summary information.
Risks Arising from Misclassifications
By far, the most common Customs errors we see relate to misclassifications on Form 7501 entry summaries. If made knowingly, these misclassifications can lead to FCA liability, as demonstrated by a high incidence of DOJ settlements based on alleged known classification errors. Relevant FCA examples include $22.2 million and $2.3 million settlements, each premised on importers knowingly misclassifying entries into lower-tariff classifications to avoid paying duties owed on the companies’ imports.
Additionally, aggressively classifying goods to avoid being subject to the China Section 301 tariffs can create the risk of FCA liability. Such opportunistic classification led to a $22.8 million settlement by an importer that used inaccurate classifications despite receiving repeated CBP notices informing the importer that the classifications it had been using for similar goods were erroneous. The importer continued using the incorrect classifications for over three years, even after an outside consultant confirmed the importer had been using incorrect classifications.
Customs Compliance Response
Maintain a Regularly Updated Classification Index. Well-supported and consistent classifications are the key to avoiding these types of errors. The most important tool for ensuring accuracy in classifications is a robust and regularly updated Customs Classification Index, which should list the HTS classification for regularly imported SKUs while incorporating support for classification decisions made, including an application of the Customs General Rules of Interpretation, advisory opinions, responses to protests against liquidation, and other relevant support.
Conduct Classification Reviews. We often find that importers leave classification decisions up to customs brokers, assuming they are experts and responsible for identifying the correct codes. Customs, however, places full responsibility for the accurate submission of all Form 7501 information on the importer of record, not the broker. Periodically review your classifications, especially for frequently imported items, to ensure accuracy.
Evaluate Classification Accuracy in Post-Entry Reviews. Customs allows importers 310 days after entry to fix any classification errors. Conduct post-entry checks to confirm the accuracy of all submitted information, and use post-summary corrections to correct any errors, including misclassifications, before liquidation. This will help catch errors and, where corrected, undermine FCA scienter.
Review Tariff Engineering. With tariff rates rising, Customs is aggressively looking for importers who have engaged in opportunistic classification to try to lower import charges. This includes a special focus on importers who have changed their classifications after the imposition of new tariffs. This does not mean importers should view themselves as locked into adverse and incorrect classifications. They should, however, adequately document any classification changes and be prepared to respond promptly to Customs inquiries.
Risks Arising from Misrepresenting the Physical Characteristics of Imported Goods
Making known misrepresentations to incorrectly claim a lower tariff classification can lead to FCA liability. For instance, an importer of brake parts settled an FCA case alleging it knowingly misrepresented the physical characteristics of its entries (claiming they were duty-free unmounted brake pads rather than mounted brake pads subject to a 2.5% classification) for $8 million.
Customs Compliance Response
Confirm Accuracy of Factual Support for Classifications. In most cases, classification is determined by (1) the physical attributes of the product and, in certain cases, (2) the primary use of the product. Ensure you have accurate backup and consistent classification for each of these issues.
Document and Retain Classification Decisions. Ensure you maintain detailed records for all classification determinations, and keep them for at least five years from the time of entry.
Risks Arising from Improper Country of Origin Declarations
Because of the imposition of special Section 301 tariffs on China, the number of importers caught making errors relating to declaring the wrong country of origin (COO) has sharply risen. The imposition of reciprocal tariffs only magnifies the importance of the COO. Generally these cases involve imported goods that were assembled in third countries using parts and components from a high-tariff country. In these situations, careful analysis is required to ensure there is sufficient manufacture, value added, and change in the name, character, and use of the product so the result is a “substantially transformed” product that is a new and different article of commerce.
FCA cases illustrate the twin risks that can arise from incorrect COO declarations. In 2021, the DOJ settled an FCA matter for $160,933, alleging the importer knowingly failed to designate that certain imports were manufactured in China, thus evading Section 301 duties.
Customs Compliance Response
Confirm Accuracy of Substantial Transformation Analysis. One of the highest-priority areas of Customs scrutiny is to find instances of importers evading customs duties either by transshipping through lower-tariff third countries or by shipping parts and components to a third country and then engaging in only minor assembly operations (e.g., from China to another Southeast Asia country). If the goods are not substantially transformed into a new and different article of commerce, then they cannot claim the lower-tariff COO. Review all instances where parts and components from a high-tariff country, like China, are used in further manufacturing in a lower-tariff country. Ensure there is a reasonable basis for the COO declaration, and document the analysis in case of Customs inquiry.
Risks Arising from Undervaluation
Failing to declare the full value of entries is another common error. Most importers use transaction value, which requires the importer to start with the price actually paid or payable, add certain mandatory additions (e.g., the value of assists and royalties), and accurately reflect any allowed voluntary deductions. Recent examples include $217,000, $729,000, and $1.3 million settlements of allegations relating to known under-declared entry values resulting in underpaid tariffs, as well as a $3.6 million settlement of civil claims resulting from the DOJ joining an FCA whistleblower lawsuit. An additional sobering example is a settlement of claims against an importer that knowingly undervalued its goods through the remedy of losing all import privileges.
More specifically, the known failure to include assists (i.e., customer-provided production aids such as tools, dies, and molds) within the entered value can incur FCA liability. Where a U.S. company provides such assists, it needs either to declare the full value of the assist on the first entry or set up a system to attribute the full value of the assist over the useful lifetime of the product, thus declaring it piecemeal over time. These values do not show up on commercial invoices, making it easy to forget to include this mandatory addition to entered value. But the risks of knowingly failing to do so are demonstrated by two FCA settlements of $4.3 million and $7.6 million for the alleged failure to include assists in the entered value.
Customs Compliance Response
Understand How to Calculate Entered Value. Most companies use transaction value to determine the entered value. Valuation is complicated in situations involving post-entry price adjustments, cash or quantity discounts, indirect payments, exchange rate conversions, and other tricky areas. Ensure valuation is calculated correctly for all entries, including for the inclusion of off-invoice mandatory additions to value.
Establish a System for Identifying and Tracking Assists, and Consistently Follow It. Importers should have a system for systematically identifying and tracking assists, which can be as simple as a spreadsheet. If this historically has not been done, a review of a company’s trial balance ledger can potentially identify historically provided assists. All assists either should be recognized on the first entry of the applicable universe of goods or apportioned over the expected useful lifetime of the assist. If the latter method is used, establish a system for tracking all relevant entries benefiting from assists and consistently add them when calculating the entered value. Share such information with your customs broker to implement a secondary check.
Risks Arising from Improper Claims of Preferential Treatment Under Free Trade Agreements
Another common error we see is failing to meet free trade agreement (FTA) requirements, such as failing to work through the COO requirements. Along these lines, in one FCA action an importer paid $22.2 million to settle allegations that, among other things, it knowingly claimed improper preferential treatment under FTAs.
Customs Compliance Response
Always Have Certificates of Origin On Hand at Time of Entry. One of the most common errors we see in customs audits and disclosures is one of the simplest to fix: Ensure that you always have the USMCA certificate of origin available at the time of importation. Under the USMCA, it is not possible to create these after the time of entry.
Apply Correct Country of Origin Principles. FTAs include different COO principles. These generally are based on a tariff-shift analysis, which is viewed as providing more certain outcomes than the more subjective substantial transformation test commonly applied by Customs. Certain products, such as automotive products under the USMCA, also have special rules for determining preferential status. Note as well that it may be necessary to apply FTA principles to determine the COO for purposes of paying normal Chapter 1-97 duties while applying substantial transformation principles for determining the country of origin for special tariffs, such as section 232 or 301 tariffs imposed by President Trump.
Risks Arising from Failure to Pay Antidumping and Countervailing Duty Orders (AD/CVD Orders)
In addition to the normal Chapter 1-97 tariffs, the U.S. government imposes a parallel set of duties under more than 600 AD/CVD orders. Because AD/CVD tariffs often are very high, failure to properly declare and pay all AD/CV duties can quickly run up tariff underpayments.
As a result, one of the most common Customs FCA claims is for failing to pay AD/CV duties. An importer of home furnishings agreed to pay $500,000 to resolve allegations that it violated the FCA by knowingly making false statements on customs declarations to avoid paying AD duties on imports from China, with four other importers agreeing to pay $275,000, $5.2 million, $10.5 million, and $15 million based on alleged known classification failures based on the same order. Three other importers paid settlements of $2.300,000, $650,000, and $100,000 to settle allegations that they had knowingly evaded AD duties under the aluminum extrusions AD duty order, while another paid $45 million to resolve allegations that it knowingly misrepresented the COO to evade AD/CV duties.
Customs Compliance Response
Use HTS Screening. The scope of an AD/CV duty is determined by its written scope, not whether it falls within any given HTS subheading. Nevertheless, every order provides HTS subheadings for the convenience of importers. Screen all entries against these HTS subheadings as an initial check, and follow up on any potential matches.
Be Wary of Counter-Intuitive Coverage of AD Duty Orders. Be aware that certain AD/CVD orders, such as the aluminum extrusions order against China, are not susceptible to HTS screening and require individual examination. Also, consider that certain AD duty orders, such as the one on solar panels, have tricky rules for determining the product scope. Learn which orders are of particular relevance for your import profile and carefully screen all potential matches against them.
Risks Arising from Misapplying Customs Duty-Free Exemptions
A number of Customs programs can result in duty-free entries, such as U.S. goods returned and the Generalized System of Preferences. Illustrating the risks inherent in misapplying duty-free exemptions, importers paid $610,000 and $908,100 to settle allegations that involved “improperly evad[ing] customs duties … breaking up single shipments worth more than those amounts into multiple shipments of lesser value in order to avoid the applicable duties.”
Customs Compliance Response
Carefully Confirm Eligibility Under All Tariff-Saving Programs. Each tariff-saving program has its own rules, which can include special eligibility requirements. Carefully review these rules and document their applicability before claiming preferential treatment.
Risks Arising from Failure to Appropriately Value Goods from Related Parties
Another common problem is that importers either do not have a transfer pricing study in place to support the arms-length nature of their pricing when purchasing from affiliates, or they improperly rely on an IRS transfer pricing study (which is impermissible because CBP has specific standards for transfer pricing studies that differ from the IRS standards). Although we are not aware of any FCA case alleging improper pricing from related parties, this conduct is common and can potentially impact a large volume of entries, making a known misdeclaration a risk factor for potential FCA liability.
Customs Compliance Response
Confirm the Existence of a Customs-Specific Transfer Pricing Study. If you do not have a customs-specific transfer pricing study in place, consider conducting or hiring a customs accounting specialist to prepare a bridge memorandum to analyze the underlying data. If you do not have an IRS transfer pricing study, then obtain one (and also take care of your IRS transfer pricing requirements).
Confirm the Consistent and Accurate Application of the Results. It is important not only to have a customs transfer pricing study but also to consistently apply its results. Ensure the entered value from every import from a related party is confirmed against the conclusions of the study.
In sum, DOJ has a rich history of using a wide variety of issues to support FCA claims, especially relating to the known false submission of Form 7501 entry summary information. By considering the compliance responses outlined above, importers can ensure that their entry summary information is accurate in the first place, to best avoid known false submissions. Part III of this series will turn its focus to FCA risks arising from improper management of import operations.
GIVE UP THE NAME!: TCPA Defendant Ordered to Identify BPO Involved in Allegedly Illegal Despite Ongoing Criminal Proceedings
Every once in a while I am asked by a client to “keep so and so out of the case.”
The rule that bind attorneys in civil litigation–especially in federal court– lean quite heavily in favor of discovery of known and relevant facts. And whereas a Defendant CERTAINLY has rights to avoid burdensome or needlessly intrusive discovery, simple questions like “who made the calls” or “where did the leads come from” are almost always going to result in a court requiring an answer (no matter how great and powerful your attorney might be.)
In MARGO SIMMONS v. WP LIGHTHOUSE LLC, No. 1:24-cv-01602-SEB-MKK (S.D. Ind. April 22, 2025), for instance, a Defendant refused to identify a BPO that may have made the calls at issue in its behalf.
As the story goes, the BPO provider “is subject to ongoing criminal proceedings” and the Defendant did not want to identify the BPO for fear it would incriminate itself. That is, if the calls the BPO is under investigation for were actually made at the behest of WP Lighthouse it fears being included in the criminal proceeding.
Pause.
Does WP Whitehouse really think the BPO isn’t going to give them up to the feds/state anyway?
Unpause.
The Court in Simmons made short work of the 5th amendment argument here. Businesses have no fifth amendment rights– which is odd since they seem certainly have other constitutional rights–so the court rejected the refusal to answer just that simply. It held the Defendant must identify the BPO and provide additional information related to its relationship with the BPO.
The defendant also refused to provide information regarding its dialing platform–RingCentral–so the Court also ordered it to provide copies of contracts, communications and other records.
Pretty clear lesson here– TCPA defendants can and should fight to protect themselves against needless and burdensome discovery, but simple stuff like the names of other companies involved with phone calls are almost always going to be ordered.
As if to drive home that point the Court in Simmons is going to issue SANCTIONS against the defendant. The Court found the Defendant’s position was not substantially justified and, as a result, intends to award Plaintiff’s counsel– the Wolf Anthony Paronich–the attorneys fees incurred in having to bring the motion to compel.
Eesh. Terrible.
But so it goes.
One last note here, INDIVIDUALS who are sued personally in TCPA cases DO have 5th amendment privilege because the TCPA does contain criminal penalties. So whereas the Defendant in Simmons could not raise the privilege, if you find yourself named personally in a TCPA lawsuit be sure to discuss the issue of privilege with your counsel.
Litigate or Arbitrate? Sixth Circuit Decision Looks at Timing of Sexual Harassment Claim
Can you compel arbitration with an employee who is alleging sexual harassment? You may recall that in 2022, Congress enacted the Ending Forced Arbitration of Sexual Assault and Sexual Harassment Act (EFAA), which precludes employers from requiring employees to arbitrate sexual harassment claims. But what if the alleged harassment occurred before the EFAA effective date? A recent Sixth Circuit opinion, Memmer v. United Wholesale Mortgage, LLC, answered this question.
EFAA Background
Congress passed the EFAA on the heels of the #MeToo movement, which highlighted that arbitration could be used to hinder public awareness of sexual harassment claims and potentially deter employees from pursuing claims, including class actions. Under the EFAA, an employee may voluntarily agree to proceed with arbitration of a sexual harassment claim, but an employer cannot compel as much.
The EFAA applies “with respect to any dispute or claim that arises or accrues on or after the date of enactment of this Act [March 3, 2022].”
But what does this language actually mean? Is it possible for the EFAA to apply to an instance of sexual harassment that occurred prior to March 3, 2022? If the employee left employment before the effective date, can you compel arbitration?
The Memmer Decision Sheds Some Light
Kassandra Memmer quit her job several months before the enactment date of the EFAA and filed a lawsuit alleging a variety of discrimination claims, including sexual harassment. Given her termination date, the alleged harassment occurred prior to March 3, 2022. Not surprisingly, the defendant moved to compel arbitration based on a valid agreement, arguing that the EFAA did not apply to the plaintiff’s claims. The district court agreed, and Memmer appealed.
The majority opinion, authored by Judge Karen Moore and joined by Judge Eric Clay, focused on the EFAA’s language in a statutory note, specifically Congress’s disjunctive language choice, “dispute or claim.” Given Congress’s use of both words, the Court held it had to ascribe a separate meaning to each word. On the one hand, a “claim” accrues when the cause of action accrues, meaning certain elements are in place to form an injury or legal claim ripe for vindication. As for the word “dispute,” the Court held that there is no “set legal framework” to determine when a dispute arises. Instead, the question involves determining exactly when the parties became adverse to one another.
By giving distinct meanings to the words “dispute” and “claim,” the Court held that even though the plaintiff’s claims accrued prior to the enactment date of the act, the dispute between the parties may have transpired after the enactment date of the EFAA. Accordingly, the Court remanded to the district court for consideration of exactly when the dispute arose between the parties.
Based on the Memmer case, employers who seek to compel arbitration of sexual harassment claims cannot rely only on the employee’s separation date. Instead, an employer must also consider when the dispute arose, or when some type of opposition between the parties transpired. The operative dates could be when the employee complains of harassment, when the employer investigates (or does not investigate) the sexual harassment complaint, when the plaintiff files an EEOC charge, or even when the plaintiff files a lawsuit. In the words of the Sixth Circuit, “[u]ltimately, when a dispute arises is a fact-dependent inquiry” that depends on the specific context of each case.
Listen to this post
New York Court of Appeals Holds That Child Victims Act Claims Brought Against the State of New York Must Meet Statutory Substantive Pleading Requirements
In a unanimous ruling, the New York Court of Appeals held that the New York State Legislature did not alter the substantive pleading requirements of Section 11(b) of the Court of Claims Act (the “Act”) for claims brought against the State of New York (the “State”) pursuant to the New York Child Victims Act (“CVA”).
In Chi Bartram Wright v. State of New York, the plaintiff alleged that between 1986 and 1990, when he was twelve to fifteen years old, he was repeatedly sexually assaulted by various men at a state-owned performance arts facility located in Albany, New York. The complaint filed in the Court of Claims failed to identify any of the men who allegedly assaulted plaintiff, the specific months and dates of the alleged assaults, why plaintiff was in the company of the alleged abusers multiple times over a four year period, or what repeatedly brought plaintiff to the performance arts facility. Instead, the complaint generally alleged that during the alleged time period, plaintiff was assaulted by various State employees and members of the general public while on the state-owned premises. Plaintiff sought over $75 million in damages based on various negligence-based causes of action, including negligent hiring, retention, direction, and supervision.
The complaint was filed in 2021 pursuant to the CVA, which temporarily relaxed the statute of limitations for asserting civil claims of childhood sexual abuse and provided a two-year lookback window during which previously time-barred civil actions could be filed.
The Court of Claims granted the State’s motion to dismiss the complaint, agreeing that the CVA had not relaxed the Act’s pleading requirements “and that a claim brought under [section 11(b) of the Act] must plead the date of the underlying conduct with sufficient definiteness to enable the State to promptly investigate its claim and to ascertain its potential liability.”
Plaintiff appealed the Court of Claims’s decision to the Appellate Division for the Third Department, which reversed the Court of Claims and held that the four-year period alleged in the complaint satisfied the Act’s requirements because the alleged acts occurred many decades ago when the plaintiff was a child. The Appellate Division further opined that requiring more specific or exact dates would not better enable the State to investigate the allegations. The Appellate Division further concluded that the general allegations were “sufficient to provide [the State] with an indication of the manner in which [Wright] was injured and how [the State] was negligent.” The Appellate Division granted the State’s motion for leave to appeal to the Court of Appeals.
In its appeal to the Court of Appeals, the State argued that the complaint should be dismissed for lack of subject matter jurisdiction due to its failure to comply with the specific pleading requirements of Section 11(b) of the Act, which requires that a claim “shall state the time when and place where such claim arose, the nature of the same, the items of damage or injuries claimed to have been sustained and . . . the total sum claimed” (Court of Claims Act § 11 [b]). The Court of Appeals agreed, holding that the complaint lacked the sufficient details required by Section 11(b) of the Act and, therefore, must be dismissed.
In rendering its decision, the Court of Appeals stated that the “CVA lacks any indication, let alone a clear expression, that the Legislature intended to exempt CVA claims from [S]ection 11(b)’s conditions; indeed, it does not amend or even mention the Act’s pleading requirements.” The Court further noted that the Legislature’s silence in the CVA as to Section 11(b)’s pleading requirements contrasted “sharply” with the Legislature’s amendment of Section 10 of the Act “by waiving the notice of claim requirement for claims revived by the CVA.” The Court further noted that if the Legislature had wanted to lower the pleading requirements of Section 11 and adjust the conditions on the State’s waiver of sovereign immunity for certain classes of claims, it knew how to do so as evidenced by its adoption of different pleading requirements for claims of unjust conviction and imprisonment. Accordingly, the Court held that Section 11(b)’s pleading requirements must be applied to CVA claims “in the same manner we would apply them to any other claim against the State.”
The Court of Appeals’ decision is a reminder that the suits brought against the State must meet the Act’s heightened pleading requirements. The Court of Appeal’s decision that the CVA does not alter the Act’s pleading requirements could not only have implications for other CVA lawsuits brought against the State that rely on general allegations, but also actions commenced under the Adult Survivors Act, which, like the CVA, temporarily provided a lookback window to allow previously time-barred claims to be filed. Additionally, it remains to be seen whether the Court of Appeal’s holding that the CVA does not create a different pleading standard will impact cases not involving the State that are filed pursuant to the New York CPLR’s notice-based pleading requirements.
The UK’s Failure to Prevent Fraud Offense
Effective September 1, 2025, the UK’s Failure to Prevent Fraud offense will go into effect as part of the UK’s Economic Crime and Corporate Transparency Act 2023 (the ECCTA). The law significantly expands corporate liability for fraud committed by employees and other associated persons of relevant corporates and will require compliance refinement for any business within scope of the offense operating in connection with the UK. The UK government (its Home Office) published guidance in 2024 (the “Guidance”) to help companies navigate this corporate criminal fraud offense as well as take appropriate action to help prevent fraud.
As companies continue to grapple with recent developments regarding enforcement of the FCPA, international efforts to curb bribery and corruption have not waned. Foreign governments continue to prioritize anti-corruption enforcement such as the European Commission’s proposed directive from May 2023 to combat corruption, the ECCTA and Failure to Prevent Fraud Offense, as well as the recently announced International Anti-Corruption Prosecutorial Task Force with the UK, France, and Switzerland. These cross-border initiatives demonstrate how a temporary pause in U.S. enforcement of the FCPA should not result in companies moving away from maintaining robust and effective compliance programs.
The Failure to Prevent Fraud Offense
You can see more detail on the new offense in this article from our UK colleagues. In summary, a “large organization” can be held criminally liable where an employee, agent, subsidiary, or other “associated person” commits a fraud offense intending to benefit the organization or its clients, and the organization failed to have reasonable fraud prevention procedures in place. An employee, an agent or a subsidiary is considered an “associated person” as are business partners and small organizations that provide services for or on behalf of large organizations. Regarding the underlying fraud offense itself, this includes a range of existing offenses under fraud, theft and corporate laws, which the UK’s Home Office notes as including “dishonest sales practices, the hiding of important information from consumers or investors, or dishonest practices in financial markets.”
A “large organization” for purposes of the fraud offense is defined as meeting two of the following three thresholds: (1) more than 250 employees; (2) more than £36 million (approx. USD $47.6 million) turnover; (3) more than £18 million (approx. USD $23.8 million) in total assets – and includes groups where the resources across the group meet the threshold. Further, the fraud offense has extraterritorial reach, meaning that non-UK companies may be liable for the fraud if there is a UK nexus. This could play out in several scenarios. For example, the fraud took place in the UK, the gain or loss occurred in the UK, or, alternatively, if a UK-based employee commits fraud, the employing organization could be prosecuted, regardless of where the organization is based.
What Companies Can Do Now
The Failure to Prevent Fraud offense is an important consideration in corporate compliance, extending beyond UK-based companies to non-UK companies with operations or connections in the UK. The only available defense to the failure to prevent fraud offense is for the company to demonstrate that it “had reasonable fraud prevention measures in place at the time that the fraud was committed.” Or, more riskily that it was not reasonable under the circumstances to expect the organization to have any prevention procedures in place. To that end, the Guidance outlines six core principles that should underpin any effective fraud prevention framework: (1) top-level commitment; (2) risk assessment; (3) proportionate and risk-based procedures; (4) due diligence; (5) communication and training; and (6) ongoing monitoring and review. Specifically, the Guidance makes clear that even “strict compliance” with its terms will not be a “safe harbor” and that failure to conduct a risk assessment will “rarely be considered reasonable.” These principles mirror the now well-established principles in the UK that apply to the UK offences of failure to prevent bribery under the UK Bribery Act 2010, and failure to prevent the facilitation of tax evasion under the UK Criminal Finances Act 2017.
Companies should consider the following proactive steps:
Determining whether they fall within the scope of the ECCTA’s fraud offense.
Identifying individuals who qualify as “associated persons.”
Conducting and documenting a comprehensive fraud risk assessment to determine whether the company’s internal controls adequately address potential fraudulent activity involving the company.
Ensuring due diligence procedures, as related to, for instance, external commercial partner engagements and other transactions, address the risk of fraud in those higher risk activities.
Reviewing and updating existing policies and procedures to address the risks of fraud.
Communicating the company’s requirements around preventing fraud and providing targeted training to employees and other associated persons, including subsidiaries and business partners, to make clear the company’s expectations around managing the risk of fraud.
Establishing fraud related monitoring and audit protocols, including in relation to third party engagements, for ongoing oversight and periodic review.
Ensuring these policies and procedures are aligned with other financial crime prevention policies and procedures and relevant regulatory expectations.
The months ahead are a critical window to align internal policies and procedures not only with the UK’s elevated enforcement expectations as evidenced by the ECCTA and the Failure to Prevent Fraud offense, but also as bribery and corruption remain a mainstay priority for other foreign regulators. Companies should continue to prioritize the design, implementation, and assessment of their compliance internal controls. Companies with a well-designed and effective compliance program will be better equipped to adapt as regulatory landscapes shift and emerging risks develop, enabling companies to more efficiently respond to new enforcement trends.
OIG Issues Another Favorable Advisory Opinion on Patient Recruitment Efforts by Community Health Centers
The Office of Inspector General for the Department of Health and Human Services (OIG) recently issued a favorable Advisory Opinion on a proposed arrangement by a community health center (Health Center) designated under Section 330 of the Public Health Service Act (PHSA). The Health Center provides certain social services to individuals (e.g., providing diapers and baby gear to indigent families; assisting crime victims with replacing locks) and proposes to identify individuals in need of primary care services while providing them social services, inform them of available primary care services, and schedule appointments for them to receive such primary care services from the Health Center or a local provider. Noting that the social services would qualify as remuneration that could induce individuals to self-refer to the Health Center, the OIG addressed whether this plan would trigger sanctions under the federal Anti-Kickback Statute (AKS) and the Beneficiary Inducements CMP. Ultimately, the OIG approved the proposal based on the Health Center’s inclusion of several safeguards, including the use of an objective criterion for identifying individuals and the inclusion of multiple providers in the referral list.
The Proposed Arrangement
The Health Center provides both medical and non-medical social services to underserved populations, including childcare, food banks, employment counseling, and legal services, all designed to improve health outcomes and access to healthcare. The Health Center’s scope of project, approved by the Health Resources and Services Administration (HRSA), includes these additional non-medical social services. Under the proposed arrangement, the Health Center would aim to identify individuals in need of primary care during the provision of these social services, inform them about available primary care services, and schedule appointments at the Health Center or refer the individuals to local providers.
OIG’s Conclusion
Despite the arrangement potentially generating prohibited remuneration, the OIG concluded that it would not impose administrative sanctions under the AKS or the Beneficiary Inducements CMP based on the following safeguards that reduce the risk of steering patients to the Health Center:
Objective Criterion for Identifying Individuals. The Health Center uses an objective criterion – whether the individual has seen a primary care provider within the last year –to identify individuals in need of primary care services. This approach does not promote the Health Center and reduces the risk of steering patients.
Non-Promotional Referral List. The list of primary care providers given to individuals is organized in alphabetical order and drafted without promoting the Health Center (e.g., no bold font, underlining, or other emphasis). Additionally, the Health Center implements an “any willing provider” standard, ensuring that any community provider can be included on the list.
Alignment with Health Center’s Mission. The Health Center provides primary care services to underserved populations, regardless of their ability to pay. The proposed arrangement aligns with its designation as a Health Center under Section 330 of the PHSA, which requires activities focused on recruiting and retaining patients from the service area and promoting optimal use of primary care services.
Conclusion
The OIG has issued multiple favorable OIG advisory opinions involving designated community health centers offering some form of remuneration to individuals to improve patient engagement and access to healthcare. In 2020, the OIG approved a health center’s proposal to offer $20 gift cards from “big-box” retailers to incentivize pediatric patients who had previously missed two or more preventive and early intervention care appointments to attend such appointments. In 2012, the OIG issued a favorable advisory opinion on a health center’s proposal to offer $20 grocery store gift cards as an incentive to visit the health center for a screening or clinical service.
Other types of health care organizations, like health systems and hospitals, providers vertically integrated with plans, and providers at financial risk, may find value in offering similar incentives and social services to enhance patient engagement and improve health outcomes. They should consider the factors highlighted in this advisory opinion as ways to reduce risk, but they should exercise caution before proceeding. Advisory opinions are binding only with respect to the requesting party, and designated health centers under Section 330 of the PHSA are unique in that they are statutorily required to conduct a broad range of activities focused on recruiting and retaining patients from the service area and promoting and facilitating use of primary care services.