OSH Law Primer, Part XIII: Criminal Penalties and Sanctions
This is the thirteenth installment in a series of articles intended to provide the reader with a very high-level overview of the Occupational Safety and Health (OSH) Act of 1970 and the Occupational Safety and Health Administration (OSHA) and how both influence workplaces in the United States.
By the time this series is complete, the reader should be conversant in the subjects covered and have developed a deeper understanding of how the OSH Act and OSHA work. The series is not—nor can it be, of course—a comprehensive study of the OSH Act or OSHA capable of equipping the reader to address every issue that might arise.
The first article in this series provided a general overview of the OSH Act and OSHA; the second article examined OSHA’s rulemaking process; the third article reviewed an employer’s duty to comply with standards; the fourth article discussed the general duty clause; the fifth article addressed OSHA’s recordkeeping requirements; the sixth article covered employees’ and employers’ respective rights; the seventh article addressed whistleblower issues; the eighth article covered the intersection of employment law and safety issues, the ninth article discussed OSHA’s Hazard Communication Standard (HCS); the tenth article examined voluntary safety and health self-audits; the eleventh article, in two parts, reviewed OSHA’s citation process; and the twelfth article covered OSHA inspections and investigations. In this article, we examine OSHA’s ability to seek criminal penalties.
Quick Hits
OSHA’s Hazard Communication Standard (HCS) was established in 1982 to ensure that employees who are exposed—or are reasonably likely to be exposed—to chemicals in the workplace are aware of the hazards and know how to protect themselves effectively.
The HCS mandates that all employers use a hazard communication program to inform employees about the hazardous chemicals to which employees may be exposed.
The standard has been amended several times since 1982, most recently with a final rule issued in May 2024 to align with international standards.
As readers likely know, employers charged with violating the OSH Act and its regulations can face substantial civil penalties. Less well-known is that certain violations may also be subject to criminal sanctions. While many federal agencies have the power to seek civil and criminal penalties for a wide variety of offenses, OSHA’s authority to seek criminal penalties is restricted to three narrow circumstances. First, any person who gives advance warning of an inspection may be subject to criminal penalties. Second, any individual or employer that knowingly makes any false statement, representation, or certification under the OSH Act may be prosecuted. Finally, an employer whose willful violation of an OSHA standard results in the death of an employee may face criminal penalties.
Moreover, unlike civil complaints, which are prosecuted by the U.S. Department of Labor (DOL), criminal charges may be prosecuted only by the U.S. Department of Justice (DOJ). Thus, criminal prosecutions are subject to substantially more vetting than run-of-the-mill civil citations. Indeed, DOJ officials have to concur that a particular case is worthy of prosecution, merits using scarce departmental resources, and is winnable. Not surprisingly, only a few cases get through this screening process.
Basis for Liability
As noted above, the OSH Act creates potential criminal liability for any person who gives advance warning of an inspection. The OSH Act also makes the unauthorized disclosure of forthcoming inspections punishable by a fine of $1,000 and imprisonment for up to six months.
The OSH Act also creates potential criminal liability for making false statements to OSHA. While perjury, or lying under oath, as well as making false statements to federal officers, are illegal under federal criminal law, OSHA’s increased emphasis on paperwork and various types of required recordkeeping exposure may exist from what otherwise might seem routine clerical activities. For example, an employer’s OSHA 300 logs must be accompanied by a signature attesting to the truth and accuracy of the logs. Knowing violation of this oath is a crime punishable by up to six months in prison and/or a $10,000 fine.
The most serious penalties result from the willful violation of an OSHA standard or rule when that violation results in the death of an employee. While for a first-time offender the penalty is identical to that for making false statements—maximum penalties of $10,000 and six months’ imprisonment—for a repeat offender these penalties double to $20,000 and one year in prison.
Process of Prosecution
OSHA’s criminal referral process can be quite drawn out and complicated. The process begins with the responsible area director sending a recommendation for criminal prosecution to his or her supervising regional director. If the regional director agrees with the recommendation, he or she will then hand the case to a DOL solicitor, either regional or national, who then has to decide whether the case meets the factual and legal grounds, and on sensitive matters the OSHA head office will decide whether the case warrants referral to the DOJ for possible prosecution.
The referral is just the first half of the process. The DOJ has to act on the referral by bringing actual cases to court. This is where many cases get held up. For whatever reason—workload, the nebulous nature of the offenses, the difficulty of showing intent, or other factors—local prosecutors have not been eager to bring these cases. Indeed, between 1970 and 2022, the DOJ prosecuted only 115 workplace death cases.
Is Change Coming?
Given the limited effectiveness of OSH Act criminal penalties coupled with a belief by some that the criminal penalties provided are inadequate to serve a deterrence effect, calls have been made to toughen the OSH Act by expanding the range of activities that result in criminal liability, as well as increase the penalties provided under the Act. Numerous bills have been introduced over the years in the U.S. Congress, yet no action has been taken. It is yet to be seen if it ever will.
Think Compliance Got Easier? Think Again—DOJ’s New Era in White-Collar Enforcement (Part 3)
In our prior two posts, we’ve delved into the memorandum issued by the Head of the Department of Justice’s (Department) Criminal Division, Matthew R. Galeotti—”Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime[JH1] .” Those posts discussed the Focus and Fairness tenets in the Galeotti memorandum. In this post, we explore the final tenet—Efficiency. As Galeotti explains, the Efficiency tenet aims to maximize the Efficiency of Department investigations in order to minimize costs and intrusiveness and prevent unwarranted reputational damage to businesses. The Galeotti Memorandum identifies two main areas for improvement: the investigative process and use of corporate monitors.
With respect to investigations, the Department’s goal of Efficiency is particularly targeted to the length of investigations. The Galeotti Memorandum notes that it is not unusual for white-collar investigations to go on for years. Galeotti instructs prosecutors to “take all reasonable steps” to move expeditiously in their investigations and reduce the “collateral impact of their investigations,” while acknowledging that white-collar schemes are often complex and take substantial time to unravel. The Criminal Division will exercise more oversight to track investigations and make sure they are “swiftly concluded.”
As for monitorships, the Galeotti Memorandum emphasizes that monitorships should only be imposed when necessary—namely, “when a company cannot be expected to implement an effective compliance program or prevent recurrence of” misconduct without external oversight. When monitorships are deemed appropriate, their mandates must be carefully scoped to minimize expense, burden, and business disruption. Further, the Department is reviewing all existing monitorships to determine whether they remain necessary.
The Galeotti Memorandum also references the Memorandum on Selection of Monitors in Criminal Division Matters, which updates the monitor selection process. The Department’s monitor memorandum updates the factors to be considered “when determining whether a monitor is appropriate” and ensures that monitorships are narrowly tailored “to address the risks of recurrence of the underlying criminal conduct” and avoid unnecessary expenses. The factors prosecutors should evaluate when deciding whether to impose a monitor are:
The “[r]isk of recurrence of criminal conduct that significantly impacts U.S. interests,”
The “[a]vailability and efficacy of other independent government oversight,”
The “[e]fficacy of the compliance program and culture of compliance at the time of the resolution,” and
The “[m]aturity of the company’s controls and its ability to independently test and update its compliance program.”
The monitor memorandum also walks through three steps the Criminal Division will take to ensure monitorships are properly tailored:
The cost of a monitorship should be proportional to “the severity of the” criminal conduct at issue, the company’s profits, and “the company’s present size and risk profile.”
The Criminal Division will have “at least biannual tri-partite meetings” with the monitor and company.
The Criminal Division will work collaboratively with the monitor and company throughout the monitorship “to achieve a single goal: an appropriately tailored and effective, risk-based corporate compliance program designed to detect and prevent the recurrence of the misconduct underlying the agreement.”
The Galeotti Memorandum reaffirms that the new administration does not intend to get lax on white-collar crime within the areas it has targeted. That said, there will be shifts in how the government approaches various types of misconduct in the white-collar sector, and companies should carefully consider those changes as they develop their compliance program and evaluate how to address instances of misconduct in their operations.
Unpacking the Federal Anti-Kickback Statute’s Application to Payments to Medicare Advantage Agents and Brokers
On December 11, 2024, the U.S. Department of Health & Human Services’ Office of Inspector General (OIG), issued a Special Fraud Alert (Alert) focusing on financial arrangements involving Medicare Advantage (MA) Organizations (MAOs), their agents and brokers, and health care professionals (HCPs).[1] This blog post will unpack OIG’s commentary on these arrangements and discuss how – and if – the federal Anti-Kickback Statute (AKS) applies to them.
The first section provides a brief background on the Centers for Medicare & Medicaid Services’ (CMS) regulations applicable to compensation for agents and brokers for MA plans with a focus on the regulations that were to be effective for Contract Year 2025 but have been stayed (i.e., delayed) pending the outcome of court cases in the Northern District of Texas. The second section provides an overview of OIG’s 2024 Alert, and the final section explores the application of the AKS to arrangements involving payments to MA plan agents and brokers.
CMS Revised Agent, Broker & TPMO Compensation Regulations
By statute, CMS is given regulatory authority over MA agent and broker compensation – see Social Security Act (SSA) § 1851(j)(2)(D), 42 U.S.C. § 1395w-21(j)(2)(D) – which describes prohibited activities and limitations related to eligibility, election, and enrollment, including “[t]he use of compensation other than as provided under guidelines established by the Secretary. Such guidelines shall ensure that the use of compensation creates incentives for agents and brokers to enroll individuals in the Medicare Advantage plan that is intended to best meet their health care needs.” That statutory authority is implemented through CMS regulation at 42 C.F.R. § 422.2274, which addresses MA plan payments to agents and brokers.
In its April 2024 Final Rule revising section 422.2274, CMS outlined the following approach for revisions to the agent, broker and third-party marketing organization (TPMO) compensation structures:
generally prohibit contract terms between MA organizations and agents, brokers or other TPMOs that may interfere with the agent’s or broker’s ability to objectively assess and recommend the plan which best fits a beneficiary’s health care needs;
set a single agent and broker compensation rate for all plans, while revising the scope of what is considered “compensation”; and
eliminate the regulatory framework which currently allows for separate payment to agent and brokers for administrative services.[2]
In several places in the Final Rule, CMS noted that, depending on the circumstances, agent and broker relationships can also be problematic under the AKS if they involve, for example, compensation in excess of fair market value (FMV), compensation structures tied to the health status of the beneficiary (e.g., cherry picking for the most profitable enrollees), or compensation that varies based on the attainment of certain enrollment targets.[3]
On July 3, 2024, the U.S. District Court for the Northern District of Texas issued preliminary injunctions in Americans for Beneficiary Choice v. HHS, No. 4:24-cv-00439, and Council for Medicare Choice v. HHS, No. 4:24-cv-00446, which stayed for the duration of the litigation the effective date of certain of the provisions of the revised CMS agent/broker/TPMO compensation provisions, specifically, those amending 42 C.F.R. § 422.2274(a), (c), (d), (e) (and for Medicare Part D at § 423.2274(a), (c), (d) and (e)). Therefore, the regulatory language within those subsections that were effective prior to the issuance of the final rule will be in effect in Contract Year 2025 so long as the stay remains in place.[4]
To be clear, with or without the revisions to the compensation provisions, the agent, broker and TPMO compensation regulations at 42 C.F.R. § 422.2274 currently and as revised allow compensation that is quite different than what is reflected in the AKS safe harbors and OIG guidance on the provider side. For example, the CMS regulations allow per enrollment fees to brokers or agents based on successfully enrolling beneficiaries into MA plans (a “success fee”), which have caps set at “fair market value” amounts (defined in the regulation) determined by CMS.[5] Further, payments for referrals (up to $100) are specifically allowed (e.g., a lead fee) for the “recommendation, provision, or other means of referring beneficiaries to an agent, broker or other entity for potential enrollment into a plan.”[6] These compensation methodologies have been commonplace in the insurance market for decades, but they are quite different than sales agent compensation for providers that are paid by the federal health care programs.
Overview: OIG Special Fraud Alert
In the wake of CMS’ Final Rule, OIG released a Special Fraud Alert, which focuses on:
marketing arrangements between MAOs and HCPs and
arrangements between HCPs and agents and brokers for MA plans.[7]
The Alert illustrates how OIG views the application of AKS in arrangements between HCPs and agents and brokers for MA plans.
OIG noted that a substantial area of risk involves MAOs, directly or indirectly, paying remuneration (i.e., anything of value) to HCPs or their staff in exchange for referring patients to the MAOs’ plans.[8] OIG acknowledged that CMS regulations allow HCPs to engage in certain limited marketing related functions on behalf of an MAO, but MAOs must ensure that HCPs acting on their behalf do not “[a]ccept compensation from the [MAO] for any marketing or enrollment activities performed on behalf of the [MAO],”[9] citing a CMS regulation. (The OIG cited a recent Department of Justice settlement for $60 million involving alleged kickbacks paid to insurance agents in Medicare Advantage patient recruitment.[10])
The Alert noted that the second area of risk involves payments from HCPs to agents and brokers, e.g., payments from an HCP to agents and brokers to recommend that HCP to a particular MA enrollee or refer to the enrollee to the HCP.[11] According to OIG, in some cases, HCPs make these payments to refer Medicare enrollees to the HCP, in return to become designated as the primary care provider for the enrollee at their particular MA plan.[12]
OIG is concerned that agents, brokers and HCPs may skew the guidance they provide related to HCPs or MA plans based on their financial self-interest.[13] When a party knowingly and willfully pays remuneration to induce or reward referrals of items or services payable by a federal health care program, the AKS may be implicated.[14] By its terms, the statute ascribes liability to parties on both sides of an impermissible kickback transaction. Arrangements involving HCP compensation to an agent or broker could implicate the statute if the HCP offers or pays an agent or broker to refer enrollees to the HCP for the furnishing or provision of items or services that are reimbursable by a federal health care program.[15] Similarly, arrangements involving MAO compensation to an HCP or their staff could implicate the statute if the MAO offers and pays an HCP or their staff to refer enrollees to a particular MA plan to furnish or arrange for the furnishing of items or services that are reimbursable by Medicare.[16]
Based on its experience, OIG provides a list of “suspect characteristics” that “taken together or separately, could suggest that an arrangement presents a heightened risk of fraud and abuse.”[17] These characteristics include, but are not limited to:
MAOs, agents, brokers, or any other individual or entity offering or HCPs or their staff remuneration (such as bonuses or gift cards) in exchange for referring or recommending patients to a particular MAO or MA plan.
MAOs, agents, brokers, or any other individual or entity offering or paying HCPs remuneration that is disguised as payment for legitimate services but is actually intended to be payment for the health care provider’s referral of individuals to a particular MA plan.
MAOs, agents, brokers, or any other individual or entity offering or paying HCPs or their staff remuneration in exchange for sharing patient information that may be used by the MAOs to market to potential enrollees.
MAOs, agents, brokers, or any other individual or entity offering or paying remuneration to HCPs that is contingent upon or varies based on the demographics or health status of individuals enrolled or referred for enrollment in an MA plan.
MAOs, agents, brokers, or any other individual or entity offering or paying remuneration to HCPs that varies based on the number of individuals referred for enrollment in an MA plan.
HCPs offering or paying remuneration to an agent, broker, or other third party that is contingent upon or varies based on the demographics or health status of individuals enrolled or referred for enrollment in an MA plan.
HCPs offering or paying remuneration to an agent, broker, or other third party to recommend that HCP to a Medicare enrollee or refer an enrollee to the HCP.
HCPs offering or paying remuneration to an agent, broker, or other third party that varies with the number of individuals referred to the HCP.[18]
Application of the Federal AKS to Arrangements Involving Agents and Brokers for MA Plans
On the provider side, the AKS is well known and should be carefully navigated. The AKS prohibits providers from knowingly and willfully soliciting, receiving, offering, or paying, directly or indirectly, any remuneration in return for either making a referral for an item or service covered by a federal health care program (including Medicare and Medicaid) or ordering any covered item or service.[19] For purposes of this statute, remuneration includes the transfer of anything of value, in cash or in kind, directly or indirectly, covertly or overtly.[20] OIG has promulgated AKS regulations, which provide safe-harbor protection for certain activities that might otherwise be subject to scrutiny under the AKS.[21] If a safe harbor applies to an arrangement, it must satisfy all elements of the safe harbor to receive protection. If an arrangement does not fall within a safe harbor, OIG will review the full facts and circumstances to make a compliance determination.
In the Alert, OIG suggests that financial arrangements involving agents and brokers for MA plans may implicate the AKS. Arrangements involving HCP compensation to an agent or broker could implicate the statute if the HCP offers or pays an agent or broker to refer enrollees to the HCP for the furnishing or provision of items or services that are reimbursable by a federal health care program.[22] Similarly, arrangements involving MAO compensation to an HCP or their staff could implicate the AKS if the MAO offers and pays an HCP or their staff to refer enrollees to a particular MA plan to furnish or arrange for the furnishing of items or services that are reimbursable by Medicare.[23]
However, the AKS’s application to agent/broker arrangements is murky territory, which we explore further below.
i. AKS History
In 1972, the federal AKS was created in two (2) identically worded sections of the SSA in title XVIII (SSA § 1877) (Medicare) and title XIX (SSA § 1909) (Medicaid). Until 1999, there were Parts A and B of Medicare, but no Part C – i.e., no Medicare Advantage (previously called Medicare+Choice).[24] The AKS prohibition related then, as it does now, to referrals of “items or services” and purchasing, leasing, ordering or arranging for or recommending purchasing, leasing, or ordering any good, facility, service or item for which payment may be made in whole or in part “under the [Medicare and Medicaid] title.” (That payor language is now “under a Federal health care program.”[25])
The Medicare definitions for that original SSA section 1877 were found in SSA section 1861 (42 U.S.C. § 1395x) (under Part E – Miscellaneous Provisions). Under the Medicare definitions (SSA Sec. 1861 Definition of services, institutions, etc.), “item or service” is not specifically defined, but there are references to its meaning in the other definitions in that section. For example, SSA section 1861(n) “The term ‘physicians’ services means professional services performed by physicians, including surgery, consultation, and home, office, and institutional calls….”[26] SSA section 1861(s) “The term ‘medical and other health services’ means any of the following items or services: (1) physician services; (2)(A) services and supplies…; (B) hospital services…(C) diagnostic services….”[27]
In 1987, Congress moved SSA section 1909 to section 1128B and repealed the anti-kickback provisions of SSA section 1877. (Remember SSA sections 1877 and 1909 were identically worded.) SSA section 1128B is under SSA title XI (General Provisions, Peer Review and Administrative Simplification) and does not have a definition of “item or service.”[28] However, the definitions section under SSA title XVIII (Medicare) at section 1861 still exist. Further, and as previously noted, in 1999, Medicare Part C (also known as Medicare+Choice, now Medicare Advantage) was created and is part of the SSA title XVIII.
The meanings of items or services have remained at SSA title XVIII, section 1861 (entitled “Definitions”). As such, items include, e.g., prescription drugs and supplies; services include, e.g., physician services. Items and services have never been interpreted as being a Medicare Advantage plan itself.
ii. Agent/Broker Payments
Payments tied to marketing for enrollment of beneficiaries into an MA plan do not implicate the AKS because such plan marketing services are not referrals of items or services nor are such plan marketing services purchasing, leasing, ordering or arrangement for or recommending purchasing, leasing, or ordering any good, facility, service or item.
AKS does apply to health plans, but in looking at the AKS regulatory safe harbors (the OIG’s implementing regulations), it is clear that the statute’s application (and the meaning of items and services), does not include marketing and other pre-enrollment activities.
1. 42 C.F.R. § 1001.952(l) Increased coverage, reduced cost-sharing amounts, or reduced premium amounts offered by health plans. “(1) As used in section 1128B of the Act, ‘remuneration’ does not include the additional coverage of any item or service offered by a health plan to an enrollee or the reduction of some or all of the enrollee’s obligation to pay the health plan or a contract health care provider for cost-sharing amounts (such as coinsurance, deductible, or copayment amounts) or for premium amounts attributable to items or services covered by the health plan, the Medicare program, or a State health care program, as long as the health plan complies with all of the standards within one of the following two categories of health plans….”
2. 42 C.F.R. § 1001.952(m) Price reductions offered to health plans. “As used in section 1128B of the Act, ‘remuneration’ does not include a reduction in price a contract health care provider offers to a health plan in accordance with the terms of a written agreement between the contract health care provider and the health plan for the sole purpose of furnishing to enrollees items or services that are covered by the health plan, Medicare, or a State health care program, as long as both the health plan and contract health care provider comply with all of the applicable standards within one of the following four categories of health plans….”
3. 42 C.F.R. § 1001.952(t) Price reductions offered to eligible managed care organizations. “(1) As used in section 1128B of the Act, ‘remuneration’ does not include any payment between: (i) an eligible managed care organization and any first tier contractor for providing or arranging for items or services, as long as the following three standards are met — (A) the eligible managed care organization and the first tier contractor have an agreement that: (1) Is set out in writing….
(2) For purposes of this paragraph, the following terms are defined as follows:
…(iv) Items and services meanshealth care items, devices, supplies or services or those services reasonably related to the provision of health care items, devices, supplies or services including, but not limited to, non-emergency transportation, patient education, attendant services, social services (e.g., case management), utilization review and quality assurance. Marketing and other pre-enrollment activities are not “items or services” for purposes of this section.”
4. 42 C.F.R. § 1001.952(u) Price reductions offered by contractors with substantial financial risk to managed care organizations. “(1) As used in section 1128(B) of the Act, “remuneration” does not include any payment between: (i) A qualified managed care plan and a first tier contractor for providing or arranging for items or services, where the following five standards are met — (A) The agreement between the qualified managed care plan and first tier contractor must: (1) Be in writing and signed by the parties;….
(2) For purposes of this paragraph, the following terms are defined as follows:
…(iv) Items and services means health care items, devices, supplies or services or those services reasonably related to the provision of health care items, devices, supplies or services including, but not limited to, non-emergency transportation, patient education, attendant services, social services (e.g., case management), utilization review and quality assurance. Marketing or other pre-enrollment activities are not “items or services” for purposes of this definition in this paragraph.”
Except for the Alert discussed in this Article, there is no OIG regulatory or sub-regulatory guidance providing direction related to MA plan-agent/broker arrangements. The recent Alert discusses arrangements involving MAO compensation to an HCP or their staff that could implicate AKS if the MAO offers and pays an HCP or their staff to refer enrollees to a particular MA plan to furnish or arrange for the furnishing of items or services that are reimbursable by Medicare. The Alert’s analysis concludes applicability of the AKS while it jumps past (or around) the “conduct” – i.e., the recommendation of the MAO plan enrollment – to the items and services provided by a plan.
Prior to the most recent Alert, OIG’s last discussion of such arrangements was in 1996 (even before MA) and noted that the issue of independent agents and brokers in the managed care arena was beyond the scope of the 1996 final rule (regarding safe harbors for protecting health plans) and “would require separate notice and public comment in order to be adopted.”[29] There has been no such separate notice and comment.
The 2008 and 2024 rules from CMS noted that “agents and broker relationships can be problematic under the federal anti-kickback statute if they involve, by way of example only, compensation in excess of fair market value, compensation structures tied to the health status of the beneficiary (for example, cherry picking), or compensation that varies based on the attainment of certain enrollment targets.”[30] OIG, not CMS, has authority to interpret the AKS and its safe harbors. Thus, this CMS preamble language is interesting, but it is not OIG guidance, or more fundamentally a statutory expansion that would apply the AKS to incentives related to MA plan choices.
In the 2024 Final Rule, in its discussion of AKS, CMS also referenced a 2010 OIG report, but that 2010 report specifically stated: “Finally, we [OIG] did not determine whether plan sponsors’ payments complied with the Federal anti-kickback statute. A legal analysis of whether plan sponsor payments violated the Federal anti-kickback statute was beyond the scope of this study.”[31]
Conclusion
The AKS is broadly applicable to items and services provided by the federal health care programs, but it is not currently applicable to MA broker and agent compensation related to MA plan choices that are not “items and services.” CMS has broad authority related to MA broker, agent and TPMO compensation by statute and regulation. Without a statutory change to the AKS, CMS is the sole authority over MA broker, agent and TPMO compensation in accordance with the rules set forth at 42 C.F.R. § 422.2274.
[1] U.S. Dep’t. of Health & Hum. Servs. Office of Inspector General, Special Fraud Alert: Suspect Payments in Marketing Arrangements Related to Medicare Advantage and Providers (Dec. 11, 2024) (available at https://oig.hhs.gov/compliance/alerts/).
[2] 89 Fed. Reg. 30,448, 30,620 (CMS Final Rule, Apr. 23, 2024).
[3]Id. at 30,617, 30,618 and 30,624.
[4] CMS, Medicare Drug and Health Plan Contract Administration Group, UPDATED Contract Year 2025 Agent and Broker Compensation Rates, Submissions, and Training and Testing Requirements (July 18, 2024) available at https://22041182.fs1.hubspotusercontent-na1.net/hubfs/22041182/Memo_Updated%20AB%20Compensation%20and%20T%20and%20Testing%20Requirements%20CY2025_Final.pdf.
[5] 42 C.F.R. § 422.2274(a), (d).
[6]Id. § 422.2274(f).
[7] U.S. Dep’t. of Health & Hum. Servs. Office of Inspector General, Special Fraud Alert: Suspect Payments in Marketing Arrangements Related to Medicare Advantage and Providers (Dec. 11, 2024), available at https://oig.hhs.gov/documents/special-fraud-alerts/10092/Special%20Fraud%20Alert:%20Suspect%20Payments%20in%20Marketing%20Arrangements%20Related%20to%20Medicare%20Advantage%20and%20P.pdf (hereinafter, “Alert”).
[8]Id. at 2.
[9] 42 C.F.R. § 422.2266.
[10]See Press Release, U.S. Department of Justice, Oak Street Health Agrees to Pay $60 Million to Resolve Alleged False Claims Act Liability for Paying Kickbacks to Insurance Agents in Medicare Advantage Patient Recruitment Scheme (Sept. 18, 2024), https://www.justice.gov/opa/pr/oak-street-health-agrees-pay-60m-resolve-alleged-falseclaims-act-liability-paying-kickbacks.
[11] Alert at 2.
[12]Id.
[13]Id. at 3.
[14]Id. at 4.
[15]Id.
[16]Id.
[17]Id. at 5.
[18]Id.
[19] SSA 1128B(b)(1), 42 U.S.C. § 1395a-7b(b)(1).
[20]Id.
[21] 42 C.F.R. § 1001.952.
[22] Alert at 4.
[23]Id.
[24]See Balance Budget Act of 1997, P. L. 105-33, 111 Stat. 251, tit. IV (Aug. 5, 1997).
[25] “Federal health care program” is defined as “(1) any plan or program that provides health benefits, whether directly, through insurance, or otherwise, which is funded directly, in whole or in part, by the United States Government (other than the health insurance program under chapter 89 of title 5); or (2) any State health care program, as defined in section 1320a-7(h) of this title.” SSA 1128B(f), 42 U.S.C. § 1320a-7b(f).
[26] SSA § 1861(n), 42 U.S.C. § 1395x(n).
[27] SSA § 1861(s), 42 U.S.C. § 1395x(s).
[28]See generally SSA § 1861, 42 U.S.C. § 1395x.
[29] 61 Fed. Reg. 2122, 2124 (OIG Final Rule, Jan. 25, 1996).
[30]See, e.g., 89 Fed. Reg. 30,448, 30,617 (Final Rule, Apr. 23, 2024).
[31] 89 Fed. Reg. at 30,618 (citing Levinson, Daniel R, Beneficiaries Remain Vulnerable to Sales Agents Marketing of Medicare Advantage Plans (March 2010), https://oig.hhs.gov/oei/reports/oei-05-09-00070.pdf)).
DOJ Civil Rights Fraud Initiative: FCA Enforcement Expanding Into Alleged Discrimination
On May 19, 2025, the U.S. Department of Justice (DOJ) announced a new Civil Rights Fraud Initiative that will leverage the federal False Claims Act (FCA) to investigate and litigate against universities, contractors, health care providers, and other entities that accept federal funds but allegedly violate federal civil rights laws.
The initiative will be led jointly by the DOJ Civil Division’s Fraud Section and the Civil Rights Division—with support from the Criminal Division, federal civil rights agencies, and state partners.
The initiative implements President Donald Trump’s Executive Order 14173, “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” (January 21, 2025), directing agencies to combat unlawful discrimination through the FCA, and complements Attorney General (AG) Bondi’s February 5 memorandum, “Ending Illegal DEI and DEIA Discrimination and Preferences.”
How DOJ Plans to Use the FCA to Combat Discrimination
DOJ signaled it will rely on the FCA’s “false certification” theory of liability: When a funding recipient expressly or implicitly certifies compliance with statutes such as Title VI or IX of the Civil Rights Act of 1964 (CRA) to obtain payment, any knowing violation that is “material” to the government’s decision to pay can trigger treble damages and statutory penalties under the FCA.
Deputy AG Todd Blanche issued a memorandum the same day (the “Blanche Memo”) underscoring that the FCA is implicated when a federal contractor or recipient of federal funds knowingly violates civil rights laws—including Titles IV, VI, and IX of the CRA—and falsely certifies compliance with those civil rights laws. The Blanche Memo, however, notes that liability does not attach to all diversity programs per se, but only when race, ethnicity, or national origin determines the allocation of benefits or burdens. This is significant because, even if an antidiscrimination false certification claim is assumed to meet the materiality standard, a diversity, equity, and inclusion (DEI) program should not be deemed improper if it does not “assign benefits or burdens on [the basis of] race, ethnicity or national origin.”
Enforcement Dynamics
Unlike many FCA matters, which often originate with whistleblowers (also known as qui tam relators) filing suit, we expect DOJ to initiate early cases itself, limiting defendants’ ability to oppose intervention or invoke typical qui tam defenses (e.g., first-to-file rule, public disclosure bar, and original source rule). DOJ nevertheless “strongly encourages” whistleblowers to come forward to report “instances of such discrimination”—a reminder that suspected violations may quickly morph into FCA investigations.
Courts will ultimately decide whether civil rights violations pass muster under the U.S. Supreme Court’s “rigorous” and “demanding” Escobar materiality standard.[1]
Key Takeaways
DOJ’s Civil Rights Fraud Initiative is poised to test the outer limits of the FCA. Whether courts embrace this expansion—or cabin it—is yet to be seen. In the meantime, entities receiving federal funds should assume heightened scrutiny and ramp up compliance efforts.
The Blanche Memo draws an uncertain line between “diversity” and “religion,” and even suggests that DOJ may apply the terms “race” or “racist” differently today than they were understood when Congress enacted the CRA. Courts, however, have yet to endorse the FCA as a generalized antidiscrimination vehicle, largely because the statute’s “rigorous” materiality standard remains a high hurdle. One district court observed that if the FCA is not an “’all-purpose antifraud statute,” it is “surely not an all-purpose antidiscrimination statute” either.[2]
When DOJ unveiled its Civil Rights Fraud Initiative, The New York Times predicted the program was “all but certain” to face immediate legal challenges. Even so, DOJ can bring FCA cases with relative ease and without many of the hurdles that slow private whistleblower suits: The government’s own complaints are immune from first-to-file and public disclosure bar defenses, and defendants cannot oppose DOJ intervention like they can in qui tam cases.
Implied certification cases are also unlikely to disappear. As we have advised previously, organizations that contract with—or receive funds from—the federal government should rigorously re-examine their contract terms and scrutinize DEI policies with counsel to ensure they would not be branded as “illegal DEI” under the FCA.
Importantly, DOJ’s new civil rights focus is one of several avenues through which the Trump administration can wield implied certification theories (e.g., compliance with cybersecurity requirements and Anti-Kickback Statute compliance, among others). Health care entities are squarely in the cross-hairs: We expect to see FCA investigations tied to Medicare and Medicaid reimbursement conditions, price-transparency obligations, and quality-of-care metrics—all areas where the administration argues that noncompliance fuels escalating federal costs. Because reining in health care spending enjoys strong bipartisan support, defendants should expect vigorous enforcement and limited political appetite to scale back those efforts.
Epstein Becker Green Staff Attorney Ann W. Parks contributed to the preparation of this blog post.
ENDNOTES
[1] See Universal Health Services, Inc. v. United States ex rel. Escobar et al., 579 U.S. 176, 194 (2016). And while the government’s decision to expressly identify a provision as a condition of payment is relevant, it is not automatically dispositive under Escobar.
[2] U.S. ex rel. Lee v. Northern Metropolitan Foundation for Healthcare Inc., 2021 WL 3774185 (E.D.N.Y. 2021).
College Student Behind Cyber Extortions
The U.S. Attorney’s Office for the District of Massachusetts has charged a student at Assumption University with hacking into two U.S.-based companies’ systems and demanding a ransom.
Matthew D. Lane, 19, has agreed to plead guilty to one count of cyber extortion conspiracy, one count of cyber extortion, one count of unauthorized access to protected computers, and one count of aggravated identity theft.
The U.S. Attorney’s Office’s press release states that Lane agreed with co-conspirators between April and May 2024 to extort a $200,000 ransom payment from a telecommunications company by threatening to publish private data. When the telecommunications company questioned the payment, Lane used stolen login credentials to access the computer network of a software and cloud storage company that served school systems. The company received threats that the “PII of more than 60 million students and 10 million teachers – including names, email addresses, phone numbers, Social Security numbers, dates of birth, medical information, residential addresses, parent and guardian information and passwords, among other data – would be ‘leak[ed] . . . worldwide’ if the company did not pay a ransom of approximately $2.85 million in Bitcoin.”
A plea hearing has not been scheduled. If convicted, “the charges of cyber extortion conspiracy, cyber extortion and unauthorized access to protected computers each provide for a sentence of up to five years in prison, three years of supervised release and a fine of up to $250,000, or twice the gross gain or loss, whichever is greater. The charge of aggravated identity theft provides for a mandatory sentence of two years in prison, consecutive to any sentence imposed on the computer fraud charges.”
Bipartisan Take It Down Act Becomes Law
On Monday, May 19, 2025, President Donald Trump signed the “Take It Down Act” into law. The Act, which unanimously passed the Senate and cleared the House in a 409-2 vote, criminalizes the distribution of intimate images of someone without their consent. Lawmakers from both parties have commented that the law is long overdue to protect individuals from online abuse. It is disheartening that a law must be passed (almost unanimously) to require people and social media companies to do the right thing.
There has been a growing concern about AI’s ability to create deepfakes and distribute deepfake pictures and videos of individuals. The deepfake images are developed by tacking benign images (primarily of women and celebrities) with other fake content to create explicit photos to use for sextortion, revenge porn, and deepfake image abuse.
The Take It Down Act requires social media platforms to remove non-consensual intimate images within 48 hours of a victim’s request. The Act requires “websites and online or mobile applications” to “implement a ‘notice-and-removal’ process to remove such images at the depicted individual’s request.” It provides for seven separate criminal offenses chargeable under the law. The criminal prohibitions take effect immediately, but social media platforms have until May 19, 2026, to establish the notice-and-removal process for compliance.
The Take It Down Act is a late response to a growing problem of sexually explicit deepfakes used primarily against women. It makes victims have to proactively reach out to social media companies to take down images that are non-consensual, which in the past has been difficult. Requiring the companies to take down the offensive content within 48 hours is a big step forward in giving individuals the right to protect their privacy and self-determination.
Department of Justice Tariff Enforcement Likely to Surge After Tariff Increases and the Administration’s Increased Focus on Protecting Domestic Business
A serious step up in civil and criminal enforcement of customs laws, including tariff evasion, is imminent. In a May 12 memorandum, the Department of Justice’s new Chief of the Criminal Division, Matthew Galeotti, counted as one of the “most urgent” threats to the country “[t]rade and customs fraud, including tariff evasion.” Earlier in the Administration, in a February 2025 speech, Michael Granston, Deputy Assistant Attorney General for the DOJ’s Commercial Litigation Branch identified, as a key example of new enforcement activity, efforts to enforce payment of customs duties on imported goods and reiterated that enforcement against “illegal foreign trade practices” would be a priority for the Administration.
Per the recent Galeotti Memo, “[t]rade and customs fraudsters, including those who commit tariff evasion, seek to circumvent the rules and regulations that protect American consumers and undermine the Administration’s efforts to create jobs and increase investment in the United States. Prosecuting such frauds will ensure that American businesses are competing on a level playing field in global trade and commerce.”
The Galeotti Memo also added tariff evasion to the list of areas subject to DOJ’s Whistleblower Program, which offers monetary awards in exchange for original information leading to successful recoveries by the government.
To fully understand the broad scope of potential civil and criminal liability through the tariff process, it is necessary to have a basic understanding of the mechanics of the process, as even early steps may have a significant impact on the likelihood and outcome of a civil or criminal enforcement action and the possible penalties that could result.
Tariff Increases Under the New Administration
Tariffs imposed, or likely to be imposed under the new Administration, will be the highest in over a century, providing strong incentives for importers to avoid paying the increased costs. President Trump initially raised baseline tariffs on Chinese imports to 145%, which have since been lowered to 30%. Trump also imposed a 25% tariff on Canada and Mexico, but later granted indefinite exemptions for goods compliant with the USMCA, the United States–Mexico–Canada Agreement, which replaced NAFTA. The Administration also subsequently added a 25% tariff on steel, aluminum, and automobiles from all countries.
On April 2, a day President Trump called “Liberation Day,” the Administration announced a minimum 10% tariff on all U.S. imports, effective April 5, and higher tariffs—dubbed “reciprocal tariffs” —on imports from 57 countries. These reciprocal tariffs, ranging from 11% to 50%, were scheduled to take effect on April 9, but were almost immediately suspended for 90 days for all countries except China. The 10% minimum tariff on all imports and the 25% sector-specific tariffs remain in effect.
Tariff Collections and Procedures
A tariff is a duty imposed by the government on imported goods and is paid by the importer. Before goods are shipped to the U.S., by sea, air, rail or truck, importers file paperwork electronically with U.S. Customs and Border Protection (“CBP”) with, among other things, details about the imported goods, including valuation, classification (by category of item under the Harmonized Tariff Schedule (HTS)), and country of origin. Once the shipment arrives, CBP customs inspectors review the paperwork before clearing the goods for release. Agents perform spot checks and random inspections to ensure the shipment contains what it is supposed to.
After the goods are cleared for release, the cargo is often moved to a warehouse for storage. The importer, directly or through a customs broker, then files additional paperwork with CBP setting forth detailed information about the shipment—again including country of origin, valuation, and classification within the tariff schedule—on a CBP Form 7501. This form includes an express representation that the information provided is true and correct. CBP relies on this information to compute the amount of tariffs due. All of the documentation and information provided to CBP later becomes critical to any government investigation.
The importer then has 10 or 30 days to pay its tariff bill. The importer can pay CBP directly or pay its customs broker who will in turn pay CBP. CBP officials spot-check the payments and may later audit some transactions to ensure proper duties were paid.
Traditional Customs Enforcement
The government’s principle enforcement mechanism for tariff evasion has historically been through 19 U.S.C. § 1592. Section 1592 authorizes CBP to not only recover tariffs underpaid, but also impose penalties that start at two times the amount underpaid up to the domestic value of the merchandise, depending on the importer’s level of culpability. Increasing penalties under the statute apply to violations ranging from negligence, to gross negligence, and ultimately to fraud. Although private parties can file allegations of customs violations with CBP (e.g., via CBP’s e-allegations portal), only CBP can bring an enforcement action under Section 1592.
Following a CBP investigation, and through procedures set forth in Section 1592, CBP may issue a “penalty claim” against the alleged violator. CBP must provide the importer with notice and an opportunity to object before issuing a penalty claim and a reasonable opportunity after the claim to seek remission or mitigation of the monetary penalty. Representations by the importer during this process may also be important in a subsequent government investigation.
At the conclusion of these proceedings, CBP must issue a written statement setting forth its final determination and the findings of fact and conclusions of law upon which its penalty determination is based. Review of this determination by either party occurs in the Court of International Trade—an Article III court tasked with hearing disputes primarily concerning tariffs and import duties—and ultimately on appeal to the United States Court of Appeals for the Federal Circuit.
Common Schemes to Avoid Paying Tariffs
As tariffs increase, importers and businesses dependent on imported goods will increasingly look for ways to avoid or minimize tariff payments and other customs-related costs. Companies purchasing imported goods could also be liable for substantial civil penalties, or even criminal law, for customs violations, including potentially for misconduct or false statements by suppliers, sourcing agents, and other third parties involved in the importing of goods. To avoid exposure to these violations, it is necessary to be aware of the more common tariff evasion practices. These include the following:
Valuation: Tariffs are typically calculated as a percentage of the value of the imported goods. Importers may intentionally understate the value of the imported goods when declaring them to customs officers, whether in formal CBP forms or via supporting documents, such as purchase or manufacturing agreements.
Country of Origin: Per federal regulations, the “country of origin” of imported goods is where the goods were manufactured, grown or underwent “substantial transformation” into the final product being imported. Because tariffs depend heavily upon the country of origin of the imported goods, importers may try to route goods from a high-tariff country through a lower-tariff country on the way to the United States, falsely presenting the goods as originating from the lower-tariff country. This practice is known as “trans-shipment.”
Classification: Tariffs in the U.S. are based upon categories classified under the Harmonized Tariff Schedule. Importers may be tempted to misclassify imported goods by moving them from a higher tariff category to a lower or exempted tariff category, thereby lowering the tariff amount due.
As described below, these misrepresentations may result in serious civil or criminal consequences, not only for the importer directly involved, but also potentially for companies and individuals buying the goods or otherwise involved in the transactions.
Civil False Claims Act Enforcement
Recent statements by the Department of Justice suggests that the government will increasingly seek to use the False Claims Act (“FCA”) to punish and deter tariff violations. In general terms, the FCA imposes severe civil monetary penalties on any person who knowingly submits, or causes another to submit, a false claim to the government, or knowingly makes a false record or statement to get a false claim paid by the government. Most relevant to tariff evasion is a section of the FCA known as the “reverse false claims” provision, which provides liability where one acts improperly to avoid paying money, e.g., tariffs or other customs duties, to the government.
The FCA is to Section 1592 customs enforcement what a slingshot is to a machine gun. First, penalties under the FCA can be immense. If found liable, a defendant can be ordered to pay three times the amount of underpaid tariffs, plus civil penalties of up to $28,619 per false claim. Second, unlike 19 U.S.C. 1592, private parties that act as whistleblowers—known as “relators”—can bring a case, known as a qui tam, under the FCA against an importer for tariff evasion.
Whistleblowers who bring a successful qui tam action receive a portion of the recovered funds—up to 25% if the government intervenes, and up to 30% if the government does not, and can also recover attorneys’ fees and expenses. The incentive for reporting customs violations is therefore substantial. Whistleblower claims may be made not only by a company’s own employees, but also by competitors who stand to gain financially both from the whistleblower incentive award and from eliminating the competition.
Third, DOJ has at its disposal far more powerful and intrusive investigative tools than what is available to CBP under Section 1592. These include, in the civil context, civil investigative demands (CIDs) to compel the production of records and testimony and, in the criminal context, search warrants and the full force of a federal grand jury.
Criminal Enforcement of Tariff Violations
As the May 12 Galeotti Memo makes clear, the DOJ has also set as a priority the criminal enforcement of customs and tariffs violations. In pursuing criminal charges, the government has a wide range of criminal statutes that may be applied. Listed below are just some of the criminal statutes that could be applied to tariff evasion schemes:
Criminal False Claims Act, 18 U.S.C. § 287. This statute makes it a crime to make or present to the government any claim knowing that claim to be false, fictitious, or fraudulent. The statute also makes the knowing avoidance of an obligation to the government, e.g., tariffs or import duties, a crime. Punishable by up to five years’ imprisonment.
Wire Fraud and Conspiracy, 18 U.S.C. §§ 1343 & 1349. Wire fraud is a far reaching statute that could, if applied, criminalize nearly any transaction that involves fraud or deceit, and utilizes interstate or foreign wire communications. Practically any efforts to avoid paying tariffs through false representations will involve interstate or foreign wire communications. Punishable by up to 20 years’ imprisonment.
International Emergency Economic Powers Act (IEEPA), 50 U.S.C. §§ 1701–1705. The IEEPA grants the President broad authority to regulate economic transactions when there is an unusual and extraordinary threat to the United States that originates, in whole or substantial part, outside the country. Many of the Administration’s recent tariffs were imposed pursuant to the IEEPA, including tariffs on imports from Canada, Mexico, and China. Punishable by up to 20 years’ imprisonment.
False Statements, 18 U.S.C. § 1001. Individuals and corporations can be prosecuted for knowingly making materially false, fictitious, or fraudulent statements or representations to federal authorities. As described above, the tariff process includes the submission of detailed written information to CBP both before goods arrive in the United States and afterwards. False statements charges could be brought against a company and individual employees for intentionally making materially false statements in paperwork submitted to CBP, including as to country-of-origin, valuation, or classification of imported goods. Punishable by up to five years’ imprisonment.
Smuggling, 18 U.S.C. § 545. This statute broadly makes it a crime to knowingly and willfully import merchandise into the U.S. contrary to law. Just last year, DOJ brought smuggling charges against a Miami businessman who evaded nearly $2 million in tariffs on Chinese truck tires by shipping them through countries such as Canada and Malaysia and representing to CBP that the tires originated in those countries. Punishable by up to 20 years’ imprisonment.
Conspiracy, 18 U.S.C. § 371. This federal statute makes it a crime to engage in a conspiracy to commit a crime or defraud the United States. A conspiracy is just an agreement between two or more people to commit a federal crime or defraud the United States. Because most schemes involve a combination of two or more people, this statute is frequently used to prosecute tariff evasion. Punishable by up to 5 years’ imprisonment.
Conclusion
The new highly volatile U.S. tariff regime, together with an increased emphasis on protection of domestic manufacturing and U.S. economic interests, will likely result in substantially increased enforcement, both civil and criminal, in the area of trade and customs fraud, including tariff enforcement. The government has at its disposal powerful tools to pursue customs investigations, including the civil False Claims Act and broad criminal statutes.
The Galeotti Memo and other recent statements by other DOJ officials make clear that tariff evasion will be a priority for the Department. While the first targets of this enforcement will likely be importers directly involved in tariff evasion, recent statements by DOJ and others in the Administration suggest that companies with supply chains relying on imported goods will also be subject to enforcement actions if the evidence shows they were operating without robust policies, procedures, and monitoring to ensure that they are not participating or knowingly benefiting from unlawful conduct. Developing a compliance program to avoid this exposure is neither difficult nor costly, and a small price to pay to avoid later government scrutiny.
Blockchain+ Bi-Weekly; Highlights of the Last Two Weeks in Web3 Law: May 22, 2025
Congress has been active over the past few weeks, with much of the focus on the Senate stablecoin bill, which recently cleared the cloture hurdle—a critical procedural step and arguably the closest Congress has come to enacting meaningful crypto legislation. The House also saw developments, including the release of a market structure proposal and the last-minute cancellation of a planned joint committee hearing due to concerns raised by some representatives about the President’s business ties to the digital asset space. In parallel, several administrative agencies issued updates on federally regulated banks’ permitted involvement in digital assets, and there were notable developments in ongoing litigation.
These developments and a few other brief notes are discussed below.
Senate “GENIUS” Stablecoin Bill Passes Cloture: May 19, 2025
Background: After weeks of political jockeying, the GENIUS Act received more than the 60 votes needed for cloture (with 16 Democrats voting in favor) and now proceeds to limited floor debate in the Senate. The Senate Banking Committee released a fact sheet outlining what the bill does and does not do with respect to stablecoin issuance and use in the United States. Senate Democrats also circulated their own summary highlighting what they saw as wins from negotiations between the bill’s committee passage and the recent vote.
Analysis: Senator Warner (D-VA) issued a statement supporting the bill, saying: “Many senators, myself included, have very real concerns about the Trump family’s use of crypto technologies… But we cannot allow that corruption to blind us to the broader reality: blockchain technology is here to stay. If American lawmakers don’t shape it, others will – and not in ways that serve our interests or democratic values.” It is refreshing to see a senior member of Congress prioritize the importance of this technology and the need for the U.S. to take a leadership role, even while holding legitimate concerns about other aspects of the industry. As such, this bill marks a major milestone for digital asset regulation in America. Several amendments were added during the negotiation process. Notably, the bill prohibits stablecoin issuers from paying interest directly to holders, and from most public companies that are not otherwise in the banking business from issuing stablecoins without clearing certain additional requirements.
Joint House Agriculture and Financial Services Committee Roundtable for Market Structure: May 6, 2025
Background: The day after the Market Structure 2.0 draft was released (discussed below), a joint House Agriculture and Financial Services Committee meeting was scheduled to occur. Witnesses included industry representatives and former CFTC Chair Rostin Behnam. However, the proceeding did not become an official “hearing” because unanimous consent was required, and Ranking Member Maxine Waters objected. Instead, it continued as a “roundtable” discussion with the witnesses who had traveled to D.C. to testify. Meanwhile, those opposing the hearing held their own separate “roundtable” down the hall, focused largely on concerns regarding President Trump’s family’s involvement in digital assets.
Analysis: While it was disappointing that a full and balanced committee meeting did not take place, we can find some encouraging data in that members chose to walk out. One way to interpret the walkout is that opposition to crypto legislation is shifting from a partisan divide to a generational one. The average age of those who boycotted the hearing was 70.4, highlighting a potential age gap in attitudes toward the technology. Many of the opponents are at least framing their objections not as concerns about the technology itself, but as a way of expressing their discomfort with the President’s family’s involvement in space. It remains to be seen whether these concerns will stall broader legislation that would provide consumer protection regulation to the industry as a whole, including the President’s affiliated businesses, given that this same controversy already slowed, though did not appear to stop, the passage of the comparatively less controversial stablecoin bill discussed above.
Market Structure 2.0 Initial Draft Released: May 5, 2025
Background: The currently unnamed bill that replaces FIT21 as the next attempt at comprehensive market structure regulation for digital assets was released last week. It largely follows the same format as FIT21 but includes important changes that are generally seen as improvements by the digital asset community. One major revision replaces the term “decentralized systems” with “mature blockchain systems,” shifting the threshold for when a blockchain is considered decentralized to whether it is—or could be—controlled by a single entity or affiliated group. Another key change creates a baseline that digital assets are commodities, but then reiterates that they are only commodities if they are not securities (which was already the case under current law). The draft also clarifies that digital assets themselves are not securities, but rather can be sold in securities transactions.
Analysis: Gabe Shapiro, a thoughtful legal commentator and frequent critic of regulatory overreach in crypto, posted a detailed breakdown of the bill that is worth reviewing. Justin Slaughter, a former SEC and Hill staffer who often highlights the political dynamics behind crypto legislation, also shared a thread noting, among other things, that Japan passed a market structure bill before the FTX collapse—likely one reason why FTX Japan was among the few subsidiaries where customers didn’t lose funds. Given that the U.S. divides financial regulatory authority between the CFTC and SEC, it’s likely that any legislation will continue to reflect that split, which could lead to substantial compliance and legal costs for market participants, especially exchanges. Still, this draft appears well-intentioned and is a meaningful improvement over FIT21.
Briefly Noted:
DOJ Disclosure Issues in Samourai: According to recent filings in the criminal case against the Samourai Wallet privacy-preserving software creators, the DOJ failed to disclose evidence that FinCEN representatives told DOJ staff that “under FinCEN’s guidance, the Samourai Wallet app would not qualify as a ‘Money Services Business’ requiring a FinCEN license.”
Stocks On Chain: There were several updates related to on-chain stock trading. Commissioner Peirce gave a speech about allowing stocks to be issued, traded and settled on blockchains, and Compound founder’s project Superstate announced plans for bringing stocks on-chain and tradable in DeFi. Tuongvy Le and Austin Campbell released this awesome article (and Twitter threads giving summaries along with useful infographics) on how cryptographically secured addendum-only ledger technology can offer a fundamentally better way to own and trade stocks. Good timing with the SEC roundtable on this issue, the same week as well, with the new SEC Chair delivering opening remarks.
SEC FAQ Guidance: The SEC released a set of frequently asked questions (“FAQs”) relating to the application of certain broker-dealer rules to crypto activities. While the SEC said these “simply reiterate what our rules already say or do not say,” many broker-dealers were waiting for this type of guidance to go through with various crypto brokering activities.
SEC v. Ripple Deal Rejected: Judge Torres denied the parties’ joint request to rule in favor of a proposed settlement, which would finally end the SEC v. Ripple matter. It appears that the judge is just looking for the parties to do more of the required legwork to obtain the relief requested, but the ongoing delays are unlikely to please either side.
Bill to Ban Federal Officials in Crypto: Various Democrats have proposed a bill that would ban the creation and promotion of cryptocurrencies by the President, Vice President, Congress, and Senate-confirmed Cabinet members.
Yuga Sells Punks IP: It appears like the Infinite Node Foundation (NODE) has acquired the CryptoPunks IP, which was purchased by Yuga Labs a few years ago from the creators, Matt Hall and John Watkinson (who are the highest selling living artists due to $3.07B in CryptoPunk sales volume). Handing off this historic intellectual property to a full-time, non-profit steward makes sense.
CFTC Commissioner to Lead Blockchain Association: Commissioner Mersinger of the CFTC will be taking the role of Blockchain Association CEO after she steps down from her role at the CFTC at the end of this month. There were still three years left on her term, so her leaving to join one of the leading industry groups in the space is interesting timing, with market structure bills expected to get heavy congressional attention in the upcoming months.
Office of Comptroller Update: OCC-regulated banks are now permitted to provide custody services for customers as well as other services, such as record keeping and buying/selling those assets at the direction of the customer. This is long overdue. Combined with promising statements for the Treasury Secretary, we are starting to see a path for traditional financial institutions to interface with DeFi on behalf of clients.
Quoted in GlobeSt.com “Blockchain in Real Estate Moves Beyond Hype, But True Transformation Remains Elusive”: BitBlog editor Stephen Rutenberg was recently quoted in GlobeSt.com on the evolving use of blockchain in real estate. The article explores how the technology is gradually addressing longstanding inefficiencies while raising deeper questions about automation, fairness, and legal design.
Conclusion:
The last two weeks have offered a compelling snapshot of how digital asset regulation is evolving from theoretical frameworks to real-world implementation, with significant activity across all three branches of government. From the Senate’s forward momentum on the GENIUS stablecoin bill, to the House’s increasingly detailed market structure proposals, to administrative updates from the SEC, DOJ, OCC, and others, the regulatory landscape is rapidly taking shape. Meanwhile, traditional financial institutions are moving beyond the exploratory phase and actively engaging with blockchain technologies, underscoring the urgency for regulatory clarity. While political entanglements, especially those involving high-profile figures, continue to create friction, the overall trend suggests a maturing ecosystem where bipartisan and intergenerational engagement will be essential.
Voluntary Self-Disclosure and Whistleblower Awards Initiatives Are Alive and Well in 2025: DOJ Issues White-Collar Enforcement Priorities for the New Administration
The first 120 days of the Trump administration have been characterized by dramatic changes in the realm of white-collar enforcement. However, in the midst of a period wrought with uncertainty over what the administration may do next, savvy companies can leverage emerging priorities in a strategic manner.
Early Indications of the Administration’s Shifting Priorities
While each change of administration, particularly those along party lines, inevitably results in policy alterations, the initial changes instituted by the Trump administration have ventured beyond the norm.
Perhaps the most significant early update in the realm of white-collar enforcement was the manner in which more traditional areas of corporate concern were seemingly deprioritized. Executive orders, memoranda from key leadership posts, and other directives curtailed select corporate enforcement efforts at the Department of Justice (DOJ), the Securities and Exchange Commission (SEC), and other federal agencies.
For example, a February 10, 2025 Executive Order (EO) paused enforcement of the Foreign Corrupt Practices Act (FCPA) for the first time since the statute was passed in 1977. The EO explained that the administration’s priority is to “eliminat[e] excessive barriers to American commerce abroad.” During a 180-day period (which may be extended), Attorney General (AG) Pam Bondi is directed to “review guidelines and policies governing investigations and enforcement actions under the FCPA.” More specifically, in this time the AG will 1) cease initiation of new FCPA investigations and enforcement actions (unless she determines that an individual exception is warranted); 2) review all existing FCPA investigations and enforcement actions in order to “restore proper bounds on FCPA enforcement and preserve Presidential foreign policy prerogatives”; and 3) issue updated guidelines or policies.
Just five days before publication of this EO, a memorandum issued by the AG’s office signaled a shift away from more traditional FCPA cases. It explained that the Criminal Division’s FCPA Unit will prioritize investigations related to foreign bribery that facilitates the criminal operation of cartels and Transnational Criminal Organizations (TCOs) (e.g., bribing foreign officials “to facilitate human smuggling and the trafficking of narcotics and firearms”).
Other early reports expressed that the administration has/had halted all pending environmental litigation, dealing a significant blow to DOJ’s Environment and Natural Resources Division (ENRD). The lasting implications of this choice remain to be seen, but it is readily apparent that the ENRD will face significant resource constraints under the current administration, likely curtailing its enforcement efforts.
In addition, approximately one month after President Trump issued a meme coin, the SEC published a February 27, 2025 staff statement explaining its view that, as a general matter, transactions involving meme coins “do not involve the offer and sale of securities under the federal securities laws.” As a result, “neither meme coin purchasers nor holders are protected by the federal securities laws.”[1] While a deeper, case-by-case analysis of this issue may prove necessary in application, the staff statement’s very existence signals a departure from the crypto-related enforcement priorities of the Biden administration.
An April 7, 2025 memorandum issued by Deputy Attorney General Todd Blanche further states that DOJ will end the “reckless strategy of regulation by prosecution” with respect to digital assets. In this space, harm to retail investors from plainly fraudulent behavior will be prioritized over more novel theories of liability that implicate the securities laws. DOJ’s digital asset investigations and prosecutions “shall focus on prosecuting individuals who victimize digital asset investors, or those who use digital assets in furtherance of criminal offenses such as terrorism, narcotics and human trafficking, organized crime, hacking, and cartel and gang financing.”
While certainly not a comprehensive list, these examples are illustrative of the administration’s shifting enforcement priorities.
The Galeotti Memorandum: Defining the New Enforcement Landscape
On May 12, 2025, Head of the Criminal Division Matthew R. Galeotti issued a memorandum titled “Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime” (the “Galeotti Memo”), which sets forth DOJ’s white-collar enforcement priorities with more clarity.
The Galeotti Memo encourages DOJ to strike an appropriate balance between addressing “significant threats” to US interests (e.g., rampant fraud in US markets and government programs) and preventing “overbroad and unchecked” corporate enforcement that burdens US businesses. To achieve this objective, prosecutors will be guided by three core tenets: 1) focus, 2) fairness, and 3) efficiency.
1) Focus
The Criminal Division is focused on combatting what it perceives as the most urgent criminal threats to the US. Accordingly, it will prioritize investigating and prosecuting white-collar crimes in the following “high-impact” areas:
Waste, fraud, and abuse, including health care fraud and federal program and procurement fraud.
Trade and customs fraud, including tariff evasion.
Fraud perpetrated through variable interest entities, including offering fraud, “ramp and dumps,” elder fraud, securities fraud, and other market manipulation schemes.
Fraud that victimizes US investors, individuals, and markets, including Ponzi schemes, investment fraud, and fraud that threatens the health and safety of consumers.
Conduct that threatens US national security, including threats to the US financial system by gatekeepers, such as financial institutions and their insiders that commit sanctions violations or enable transactions by cartels, TCOs, hostile nation-states, or foreign terrorist organizations.
Material support by corporations to foreign terrorist organizations, including recently designated cartels and TCOs.
Complex money laundering, including organizations involved in laundering funds used in the manufacturing of illegal drugs.
Violations of the Controlled Substances Act and the Federal Food, Drug, and Cosmetic Act (FDCA), including the unlawful manufacture and distribution of opioids by medical professionals and companies.
Bribery and associated money laundering that impact US national interests, undermine US national security, harm the competitiveness of US businesses, and enrich foreign corrupt officials.[2]
Crimes 1) involving digital assets that victimize investors and consumers, 2) that use digital assets in furtherance of other criminal conduct, and 3) that include willful violations that facilitate significant criminal activity. With respect to this category, DOJ’s highest priority will be cases impacting victims; involving cartels, TCOs, or terrorist groups; or facilitating drug money laundering or sanctions evasion.
Prosecutors are directed to “prioritize schemes involving senior-level personnel or other culpable actors” as well as cases with demonstrable loss and efforts to obstruct justice.
2) Fairness
The Galeotti Memo acknowledges that “[n]ot all corporate misconduct warrants federal criminal prosecution,” especially where a company demonstrates that it is “willing to learn from [its] mistakes.” Prosecuting individual criminals, while reserving civil and administrative means to target the corporation, may be appropriate if only “low-level corporate misconduct” is at issue. Accordingly, when assessing whether to charge a corporation, prosecutors are directed to consider whether the company self-reported, cooperated with the government, and remediated its misconduct.
If a corporate criminal resolution is necessary, the Galeotti Memo instructs prosecutors to consider all forms — non-prosecution agreements (NPAs), deferred prosecution agreements (DPAs), and guilty pleas — based on the individual facts at issue.
Corporate resolutions with companies that cooperate and remediate should have terms of no longer than three years, except in exceedingly rare cases, and prosecutors are encouraged to regularly reassess such agreements to determine whether they should be terminated early.
3) Efficiency
The Galeotti Memo recognizes that many corporate investigations are costly, interfere substantially with day-to-day business operations, and cause reputational harm. While complex, cross-border schemes necessarily take “substantial time and effort to unravel,” the Galeotti Memo acknowledges that, from the company’s perspective, certain white-collar investigations appear to linger for years “with little meaningful progress.” To combat this perceived delay, the Galeotti Memo directs prosecutors to “move expeditiously to investigate cases and make charging decisions.” Federal investigations will be tracked to “ensure that they do not linger and are swiftly concluded.”
The Galeotti Memo also states that independent compliance monitors should be utilized only when necessary and monitorships, when imposed, should be narrowly tailored to achieve the required goals while minimizing expense, burden, and business interference. To that end, DOJ is reviewing all existing monitorships to determine whether each remains necessary.[3]
The Current State of Voluntary Self-Disclosure and Whistleblower Awards
Certain key policy initiatives championed under President Biden’s DOJ, such as those incentivizing voluntary self-disclosure (VSD) of misconduct, appear alive and well under the new administration. In fact, such initiatives are expanding to further DOJ’s current goals and provide greater incentives for companies willing to come forward.
The Galeotti Memo reaffirms DOJ’s commitment to VSD, explaining that the initiative has “resulted in the Department bringing more cases against individual wrongdoers while rewarding good corporate citizens.” Accordingly, on May 12, 2025, the Criminal Division issued a revised Corporate Enforcement and Voluntary Self-Disclosure Policy (the “Revised CEP”).[4]
According to the Galeotti Memo, the Revised CEP “clarif[ies] that additional benefits are available to companies that self-disclose and cooperate, including potential shorter terms.” As an overarching goal, DOJ aimed to make the Revised CEP’s core components — the pathways to a declination, the available fine reductions for a company’s cooperation and remediation, and factors that determine the contours of a corporate resolution — more easily understandable.
The Revised CEP itself begins by reiterating the Criminal Division’s commitment to transparency and explains that, absent particular aggravating circumstances, DOJ will decline to prosecute a company for criminal conduct when the company voluntarily self-discloses the misconduct to the Criminal Division, fully cooperates with the ensuing investigation, and timely and appropriately remediates the misconduct. This is more generous than the previous iteration of the CEP, which offered only the presumption of a declination for meeting the requisite criteria. Even when aggravating circumstances are present, prosecutors retain discretion to recommend a declination based on a company’s cooperation and remediation.[5]
Importantly, the Revised CEP also provides tangible benefits in 1) so-called “Near Miss” cases where a company fully cooperates and timely and appropriately remediates but nevertheless is rendered ineligible for a declination solely because its good faith self-report does not qualify as a voluntary self-disclosure,[6] and 2) instances where aggravating factors are present that necessitate a criminal resolution. In such situations, the Criminal Division will:
Provide an NPA (absent particularly egregious or multiple aggravating circumstances);
Allow an NPA term length of less than three years;
Not require an independent compliance monitor; and
Provide a reduction of 75% off the low end of the US Sentencing Guidelines (USSG) fine range.
The Revised CEP also explains that, in other cases that do not meet the declination or “Near Miss” criteria set forth above, prosecutors retain discretion to determine appropriate resolutions, including with respect to form, term length, compliance obligations, and monetary penalty. However, the Revised CEP states that a company will not receive, and the Criminal Division will not recommend to a sentencing court, a reduction of more than 50% off the fine under the USSG. In addition, there will be a presumption that the reduction will be taken from the low end of the USSG range in cases where companies fully cooperate and timely and appropriately remediate. Otherwise, the starting point in the range will be assessed on a case-by-case basis.
The Revised CEP further includes appendices that contain a self-reporting flowchart and key definitions aimed at making both the requirements and associated benefits as digestible as possible for companies. Overall, the Revised CEP’s amendments signal an even friendlier approach to companies that are willing to come forward with a self-report.
This continued commitment to VSD is not surprising, as self-disclosure is ideologically consistent with the current administration’s goals. The existence of the Department of Government Efficiency (DOGE), among numerous other recent efforts to reduce the footprint of the administrative state, are directly aligned with an initiative focused on encouraging companies to self-report their misconduct. Such policies reduce the time, effort, and resources that must be dedicated to government investigations.
For forward-thinking companies, particularly those that operate in areas the administration has deprioritized, VSD may constitute a strategic opportunity. For example, presume that Company A uncovers evidence of a serious violation today that has a statute of limitations that will extend into a future administration. Holding on to that information for years while seeking to quietly remediate the issue may prove an unnecessary risk. Alternatively, disclosing that information to members of a potentially under-resourced agency, particularly where the substance of the violation falls outside of that agency’s enforcement priorities, could maximize the likelihood of a swift and favorable resolution.
In addition to issuing the Revised CEP, on May 12, 2025, DOJ also updated its Corporate Whistleblower Awards Pilot Program (the “Revised Whistleblower Awards Program”),[7] which offers the prospect of a financial award to whistleblowers who provide DOJ with original, truthful information regarding certain crimes. More specifically, the Revised Whistleblower Awards Program adds the following new enforcement priorities as eligible subject areas that may qualify for an award when reported on:
Violations by or through companies related to fraud against the US in connection with federally funded contracting or federal programs, where such fraud does not involve health care or illegal health care kickbacks;
Violations by or through companies related to trade, tariff, and customs fraud;
Violations by or through companies implicating federal immigration law;
Violations by or through companies related to sanctions offenses;
Violations by or through companies related to material support of terrorism; and
Violations by or through companies related to cartels/TCOs, including money laundering, narcotics, Controlled Substances Act, and other violations.
These additional subject areas constitute a significant expansion of the program from its previous iteration. The Revised Whistleblower Awards Program also has potentially serious ramifications in the health care context. With respect to health care cases, the last iteration of the program was focused on encouraging whistleblower tips related to health care fraud schemes that could not be pursued via qui tam actions (e.g., cases where the “overwhelming majority” of claims were submitted to private or other nonpublic health care benefit programs).
While the Galeotti Memo is limited to discussing the new eligibility areas that were added to the Revised Whistleblower Awards Program, the program’s language also appears to have been revised to remove significant limitations that existed in the previous version. Notably, the following language has been eliminated from the Revised Whistleblower Awards Program:
The requirement that violations related to federal health care offenses involve “private or other non-public” health care benefit programs and that the “overwhelming majority of claims are submitted to private or other non-public health care benefit programs”;
The requirement that patients, investors, and other nongovernmental entities in the health care industry bear “the overwhelming majority of the actual or intended loss”; and
The entire reporting category dedicated to “other federal violations involving conduct related to health care not covered by the Federal False Claims Act” (FCA).
As a result, if whistleblowers can now report directly to DOJ information regarding federal health care offenses and related crimes involving health care benefit programs, they may opt to utilize the Revised Whistleblower Awards Program in lieu of (or in addition to) a traditional qui tam / FCA case. As the impact of such changes could be significant, the Galeotti Memo’s failure to mention them is puzzling. In addition, the FAQ page associated with the program continues to state (as it has since publication of the prior iteration) that the program’s aim is addressing “health care fraud that is not covered by the qui tam program.” Additional or revised guidance that explains exactly how the Revised Whistleblower Awards Program is intended to interact with the qui tam program in light of these textual revisions is thus likely in the near future.
In sum, as long as policies encouraging culpable individuals and whistleblowers[8] to report corporate misconduct remain in effect, companies will face an ever-present threat of disclosure from individual actors with knowledge of the activity. Failing to disclose misconduct now could result in greater future penalties.
Recent Self-Disclosure Case Study
On April 30, 2025, DOJ declined to prosecute a company that self-reported to DOJ’s National Security Division (NSD) criminal violations of US export control laws committed by a former employee. According to the corresponding press release, the employee violated Export Administration Regulations by “exporting US Army–developed aviation software to a university in the People’s Republic of China . . . that had been placed on the Commerce Department’s Entity List.”
DOJ cited the VSD provisions of the NSD Enforcement Policy for Business Organizations (the “NSD Enforcement Policy”) as supporting its decision not to prosecute. Specifically, similar to other VSD policies, the NSD Enforcement Policy includes a presumption that companies that voluntarily self-disclose to NSD potential criminal violations arising out of or relating to the enforcement of export control or sanctions laws; fully cooperate with any ensuing investigation; and timely and appropriately remediate the misconduct will receive an NPA. In appropriate cases, prosecutors may exercise their discretion to issue a declination.[9]
The press release in this instance focused heavily on the company’s swift VSD and significant cooperation. It states that within days of learning the employee had violated export control laws, “and before [the company] had completed its own investigation to understand the scope of the misconduct, [it] self-disclosed the crime to NSD and fully cooperated with the ensuing criminal investigation, which eventually established that [the employee] had acted alone.”
The company’s cooperation included “proactively identifying, collecting, and disclosing relevant evidence to investigators, including foreign language evidence and evidence located overseas, and providing detailed and timely responses to the government’s requests for information and evidence.” Remediation included disciplining a supervisor and significantly bolstering the company’s internal controls and compliance program. The press release notes that this constitutes just the second time that NSD has exercised its discretion to decline the prosecution of a company under the NSD Enforcement Policy, clearly signaling the strategic advantages of VSD moving forward.
What to Expect Next
Use of the FCA as a vehicle to carry out many of the administration’s current priorities, such as tariff noncompliance and alleged illegal Diversity, Equity, and Inclusion (DEI) practices, is expected.[10] AG Bondi has affirmed her commitment to defending the constitutionality of the FCA, and DOJ leaders have confirmed plans to utilize the FCA “aggressively.”
For example, a January 21, 2025 EO dedicated to “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” orders all executive agencies to “combat illegal private-sector DEI preferences, mandates, policies, programs, and activities.” The EO requires the head of each executive agency to include in every federal contract or grant award 1) a term requiring the contractual counterparty or grant recipient to agree that its compliance in all respects with federal anti-discrimination laws is material to the government’s payment decision for purposes of the FCA; and 2) a term requiring the counterparty or recipient to certify that it does not operate any DEI programs that violate federal anti-discrimination laws.[11] Such provisions are aimed at creating a clearer pathway to FCA liability for federal contractors who refuse to comply.[12]
Accordingly, applicable companies should anticipate an uptick in unique applications of the FCA and educate themselves regarding how the administration’s priorities may implicate their business. In addition, as priorities continue to shift and lingering practices from the Biden administration are scrutinized, remaining vigilant and monitoring updates from the administration will prove invaluable for legal and compliance functions.
Key Takeaways
The policy changes ushered in by the Trump administration to date are more dramatic than those typically associated with an administration change.
Companies are incentivized to conduct refreshed risk assessments and take inventory of their compliance systems in light of rapidly evolving enforcement priorities. Policy gaps that do not adequately capture today’s risks could quickly prove insufficient.
DOJ’s Voluntary Self-Disclosure and Whistleblower Awards initiatives are being expanded to serve modern priorities. With a heightened focus on the strategic use of the False Claims Act, whistleblower risk remains important for companies to keep top-of-mind. Employee hotlines and other internal reporting mechanisms that help identify potential misconduct at its outset must be adequately resourced and effective in application.
Now is a strategic time to consider self-reporting and other creative steps toward resolution that appeal to principles of efficiency. In the DOGE era, as fewer resources are potentially devoted to traditional corporate enforcement, the risk of self-reporting may be outweighed by the reward of a discounted, swift resolution that puts the matter to rest (and out of reach for future administrations). In addition, for companies that can meet the Revised CEP’s requirements, a declination may be more easily attainable than ever before.
Endnotes
[1] The statement does not extend to “products that are labeled ‘meme coins’ in an effort to evade the application of the federal securities laws by disguising a product that otherwise would constitute a security” and it makes clear that “although the offer and sale of meme coins may not be subject to the federal securities laws, fraudulent conduct related to the offer and sale of meme coins may be subject to enforcement action or prosecution by other federal or state agencies under other federal and state laws.”
[2] The deliberate inclusion of bribery and associated schemes that enrich foreign corrupt officials demonstrates that the FCPA will still be used as a powerful tool by the administration despite the current pause on its enforcement. In addition, the clear emphasis on curbing activity that harms the competitiveness of US businesses indicates that a particularly aggressive approach to targeting non-US entities is likely.
[3] On May 12, 2025, DOJ also issued a Memorandum on the Selection of Monitors in Criminal Division Matters, which can be accessed here.
[4] A detailed Mintz analysis of the previous iteration of the CEP can be found here.
[5] This also constitutes a textual departure from the prior iteration of the CEP, which stated that in cases involving aggravating circumstances, the company must self-disclose “immediately” upon becoming aware of the alleged misconduct and provide “extraordinary” cooperation and remediation, among other factors, in order to potentially receive a declination.
[6] To qualify as a VSD, the company’s self-report must generally meet the following characteristics: the disclosure is made to the Criminal Division or, with good reason, to another DOJ component; the misconduct was previously unknown to DOJ; there was no preexisting obligation to disclose to DOJ; the disclosure was made prior to an imminent threat of disclosure or government investigation; and the disclosure was made within a reasonably prompt time after the company became aware of the misconduct.
[7] A detailed Mintz analysis of the previous iteration of the Corporate Whistleblower Awards Pilot Program can be found here.
[8] The Revised CEP continues to include a voluntary self-disclosure exception that clarifies how the Revised CEP and Revised Whistleblower Awards Program can effectively coexist to serve DOJ’s goals. The exception states that, if a whistleblower makes an internal report to the company and a whistleblower submission to DOJ, the company may still qualify for a declination (even if the whistleblower submits to DOJ before the company self-discloses) if the company self-reports within 120 days after receiving the internal report. Given that companies are not made aware of whistleblower reports to DOJ, they are incentivized to take internal reports seriously because each such report could start the 120-day clock.
[9] Such policies may be amended in the coming months to match the less-stringent standard that is now incorporated in the Revised CEP, which offers even greater certainty regarding the ability to obtain a declination.
[10] While the Galeotti Memo itself does not explore DEI and alleged discriminatory practices, other statements and guidance from key leadership posts in the administration have made clear this is a priority area.
[11] A more detailed Mintz analysis of the FCA and President Trump’s DEI EO can be found here. In addition, on May 19, 2025, a DOJ Civil Rights Fraud Initiative was issued that focuses on use of the FCA to combat alleged illegal DEI practices.
[12] As another example, a recent Mintz analysis covering utilization of the FCA in the cybersecurity context can be found here.
Court of Appeals Ruling in Nellenback Provides CVA Clarity
Court of Appeals Ruling in Nellenback Provides CVA Clarity
In 2019, New York enacted the Child Victims Act (CVA). The legislature ultimately opened a two-year window for survivors of childhood sexual abuse to file claims that were otherwise time-barred and allowed future claims to be brought until a plaintiff turned 55. Since the enactment of the CVA thousands of lawsuits have been filed across New York, alleging that employers were negligent in their hiring, retention, and supervision of alleged abusers. A recent ruling from the New York Court of Appeals in Nellenback v. Madison County offers significant guidance for defendants in CVA cases, particularly in terms of the standard for summary judgment and the requirements for proving negligent supervision claims.
Nellenback Facts
In Nellenback, the plaintiff alleged that he had been sexually abused by his caseworker, Karl Hoch, at every visit while he was in the custody of Madison County’s Department of Social Services (DSS), between 1993 and 1996. The abuse occurred in a County-owned vehicle and at various locations off County-owned premises. Plaintiff further alleged that Hoch threatened him and because of the threats, he did not tell anyone about the abuse. The plaintiff filed suit against the county in 2019, accusing it of negligent hiring, training, supervision, and direction of the caseworker. The county moved for summary judgment, arguing that the plaintiff had failed to present any proof that the county had actual or constructive notice of the caseworker’s propensity for abuse.
During depositions, the county’s DSS supervisor and commissioner testified that prior to 1996 there was no evidence to suggest that the caseworker had any abusive tendencies, and no complaints had been made regarding the caseworker’s behavior. In fact, the caseworker had been recognized with the “Madison County Employer of the Year” award in 1990. However, the plaintiff argued that deficiencies in the caseworker’s oversight and training raised issues of fact that warranted a trial. To support his argument, the plaintiff pointed to:
the supervisor’s admission that she did not review caseworker notes as regularly as she should have
expert testimony that suggested lax recruitment and hiring practices led to the caseworker having “unfettered access” to children
the department had no handbook for how caseworkers should perform their duties
Trial and Appellate Decisions
The trial court granted summary judgment to the county, finding that it had made a prima facie case that it lacked both actual knowledge and constructive notice of the caseworker’s abuse, and that no further investigation or supervision would have led to the discovery of the abuse. The Appellate Division affirmed, with two justices dissenting, concluding that the failure to more regularly review caseworker notes did not create a triable issue of fact regarding the county’s knowledge of the abuse. The plaintiff then appealed to the Court of Appeals.
Court of Appeals Decision
In a 6-1 decision, the Court of Appeals ruled in favor of the county, holding that the plaintiff failed to raise a triable issue of fact regarding constructive notice. The Court acknowledged that there was no dispute that the county had no actual knowledge of the abuse. It then focused on whether the county had constructive notice—i.e., whether it should have known about the alleged abuse. The Court concluded that the plaintiff’s argument that increased review of caseworker notes would have revealed the abuse was speculative. There was no evidence suggesting that the county had any reason to be aware of the caseworker’s misconduct or propensity to abuse. Without “evidence showing any prior conduct, warnings or signs of risks” related to an alleged abuser’s propensities for sexual abuse, Nellenback found proof of notice was not satisfied.As the majority stated:
“[The Court of Appeals has] never held that a party can prove negligent supervision by stating the employer ‘should have known’ an employee was likely to engage in dangerous conduct without evidence showing any prior conduct, warnings, or signs of risk to that effect.”
Key Takeaways Post-Nellenback
Constructive Notice in CVA Cases
The Court affirmed that the standard for proving constructive notice in CVA cases is the same as in any other cause of action. While the passage of time in many CVA cases creates evidentiary challenges unique to this context, those challenges do not lower the burden of proof. Constructive notice cannot be established without “evidence showing any prior conduct, warnings, or signs of risks” related to the alleged abuser’s propensity for sexual abuse. Courts will not infer notice simply because records may have been lost or destroyed over time.
Speculative Assertions Are Insufficient to Establish Notice
The Court emphasized that broad, speculative allegations are not enough to establish constructive notice. In Nellenback, the plaintiff claimed that a more thorough review of the alleged abuser’s case notes would have alerted the Defendant to the risk of abuse. The Court rejected this argument, holding that such assertions must be supported by specific facts. A plaintiff cannot rely on bare speculation; there must be concrete evidence in the record indicating an employee’s propensity to commit sexual abuse.
The Standard of Care Relates to the Time that the Abuse was Considered
The Court of Appeals found that it must evaluate the reasonableness of the defendant’s supervision and training by the then-prevailing standards, not today’s standard.
Post-Nellenback Open Questions
In Nellenback, the Court held that without evidence in the record establishing a defendant’s opportunity or reason to know of the abuse, it is speculative for a plaintiff to argue that heightened or extraordinary vigilance by the employer would have resulted in notice. This holding raises an important unresolved question: Does a plaintiff’s assertion about the nature and frequency of alleged abuse, on its own, still constitute a factual basis for a triable issue of fact related to constructive notice?
Spcifically, in light of Nellenback’s requirement that genuine evidence of notice must exist in the record, can plaintiffs continue to rely solely on their own uncorroborated allegations regarding the frequency of abuse to survive summary judgement and create a triable issue of fact? If, as the Court concluded in Nellenback, allegations of lax supervision and infrequent review of caseworker notes do not suffice to establish notice, it remains uncertain whether courts will find that frequency of abuse alone can meet the threshold for constructive notice.
Conclusion
Nellenback is a key decision for entities defending CVA claims. By reiterating the high standard for proving constructive notice and making clear that speculative claims of negligence are not sufficient to defeat summary judgment, the Court has confirmed that plaintiffs should not survive summary judgment in these cases without more concrete evidence of prior misconduct or warning signs. That being said, the Court of Appeals did not address the line of Appellate Division Second Department cases holding that movants for summary judgment must eliminate all triable issues pertaining to notice for defendants to meet their initial burden on a motion for summary judgment. Watch this site for an update on this issue and a motion to renew we have currently pending in the Second Department based in large part upon Nellenback
SEC Enforcement Leadership Discusses New Priorities and Expectations
Yesterday, as part of the annual “SEC Speaks” program, the leadership of the U.S. Securities and Exchange Commission’s (SEC) Division of Enforcement publicly discussed the enforcement priorities under new Chairman Paul S. Atkins. A panel of SEC enforcement personnel, including Acting Director of Enforcement Samuel Waldon and others, shed light on the current focus of enforcement activity under the SEC’s new leadership and what the Division of Enforcement expects from companies and individuals involved in SEC investigations.
Focus on Traditional Enforcement Areas and Investor Harm
A theme among the panelists was that, despite some media reports to the contrary, the Division of Enforcement will continue its work under new leadership to enforce the federal securities laws and protect investors. Specifically, the panel explained that the SEC will continue to focus on traditional areas of enforcement, including (1) insider trading, (2) accounting and disclosure fraud, (3) fraudulent securities offerings, and (4) breaches of fiduciary duty by investment advisers.
Additionally, within those broad categories, the panel noted that enforcement staff will focus their resources on matters involving harm to investors, especially retail investors. The panel also emphasized the importance of holding individuals – not just companies – accountable for violations.
Specialized Enforcement Units
The panel discussed the current structure of the Division of Enforcement’s specialized units, which conduct investigations in particular subject matter areas. Currently, those units include (1) the Asset Management Unit, which focuses on investment advisers and investment companies; (2) the Cyber and Emerging Technologies Unit, which focuses on violations around cyber issues and new technologies, including artificial intelligence; (3) the Complex Financial Instruments Unit, which investigates matters involving complex financial products and sophisticated market participants; (4) the Market Abuse Unit, which focuses on insider trading and market manipulation; (5) the Public Finance Abuse Unit, which investigates potential fraud around municipal securities; and (6) the Office of the Whistleblower, which processes whistleblower complaints and claims for award after the SEC recovers money from matters assisted by whistleblowers.
The panel indicated that those units will continue with investigations and enforcement actions in their areas of expertise. Notably, consistent with the U.S. Department of Justice’s recent deemphasis on the Foreign Corrupt Practices Act (FCPA), the panel did not mention the FCPA Unit, whose leader recently retired.
Importance of Self-Reporting, Cooperation and Remediation
The panel also emphasized the importance of (1) self-reporting violations of the federal securities laws to the SEC, (2) cooperation with SEC staff during inquiries and investigations, and (3) remediation by companies and individuals. The panel explained that, while taking these actions would not guarantee a declination, they may lead to more favorable resolutions of enforcement actions or, in some cases, no enforcement action at all.
Increased Receptiveness to Wells Meetings with the Director
Toward the end of an investigation, SEC enforcement staff often issue a “Wells Notice,” which is a formal notice that the staff intends to recommend an enforcement action to the Commissioners of the SEC. Upon receiving a Wells Notice, counsel for the recipient often will make a “Wells Submission” to the staff, explaining why counsel believes an enforcement action is not warranted. Additionally, counsel often request a “Wells Meeting” with leadership of the Division of Enforcement.
In recent years, requests for Wells Meetings were sometimes granted and sometimes not; and, when granted, the meetings might involve the Director of Enforcement or, alternatively, a supervisor below the Director. The panel, however, indicated that the staff typically would, if requested, grant a Wells Meeting with the Director of Enforcement, and that the Director and staff would be open to a constructive dialogue regarding the merits of each matter.
Takeaways
The panel provided several timely reminders for issuers, SEC registrants, and others who conduct business in the securities space:
First, the SEC’s Division of Enforcement remains active and committed to its traditional enforcement areas. In particular, the SEC will continue to police, among other things, material misrepresentations by issuers and breaches of duty by registered investment advisers (RIAs). As to the latter, the panel specifically noted that many enforcement referrals involving RIAs originate with mandatory, periodic examinations by SEC staff. So, RIAs should ensure that their compliance functions are effective before an examination occurs.
Second, self-reporting, cooperation, and remediation are of critical importance. When a company becomes aware of a possible violation – whether from a hotline call, a whistleblower complaint, or otherwise – the company should investigate the matter, assess the facts, and determine whether self-reporting or other remedial action is appropriate. Proactively addressing matters may lead to more favorable resolutions with the SEC or persuade the staff that no enforcement action is needed because the company already addressed and remediated the issue.
Third, if a company or individual becomes involved in an SEC investigation, current leadership of the Division of Enforcement seems open to a constructive, good faith dialogue before an enforcement action is filed. That dialogue should benefit all parties. Additionally, for a putative defendant, it is important to retain counsel knowledgeable about how the SEC staff assesses cases at the Wells stage before making a final charging recommendation.
Department of Energy Announces Initiative to Review the Agency’s Federal Awards
On May 15, 2025, the Secretary of the Department of Energy (DOE), Chris Wright, issued a memo entitled “Secretarial Policy on Ensuring Responsibility for Financial Assistance” in which Secretary Wright announced DOE’s intent to “conduct focused reviews of awards and other forms of financial assistance” in furtherance of its duty to identify and avoid “fraud, waste and abuse.”
DOE states that it will utilize its audit rights to review selected awards to evaluate whether “the individual projects are, among other things, financially sound and economically viable, aligned with national and economic security interests, and consistent with Federal law and this Administration’s policies and priorities and program goals and priorities (Standards).” DOE further indicated that “in its discretion” it may take action if it concludes that an individual project does not meet Standards. DOE has indicated that it has already started evaluating 179 awards that total over $15 billion in financial assistance, and there could certainly be more awards identified for evaluation in the future.
While it remains to be seen how this announced initiative plays out in practice, the initiative has the potential to open several new litigation fronts. There is limited case law addressing the government’s right to terminate a federal grant under 2 C.F.R. § 200.340, and recent cases suggest that its rights are narrower than the government’s rights to terminate contracts for the convenience of the government, and even more limited judicial precedent addressing potential monetary remedies for wrongful termination of federal awards. Additionally, the scope of the government’s audit rights and what constitutes timely cooperation is not completely settled. Finally, the current administration has stated its intent to use the False Claims Act to enforce a number of policies and DOE’s assertion that it is seeking to identify fraud, waste and abuse suggests it could aggressively pursue civil enforcement actions.
Given that federal awardees could face increased audit scrutiny, current DOE recipients and subrecipients should consider taking action now to prepare, including:
ensuring that their internal controls required under 2 C.F.R. § 200.303 are in place and functioning correctly;
instituting procedures for responding to requests for information, including procedures for reviewing requests and responses; and
ensuring that they are following the record retention requirements called for in 2 C.F.R. § 300.334.
To navigate this evolving landscape, DOE awardees and subrecipients should proactively assess their compliance posture.