FCPA Year in Review 2024
The Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) obtained over $1.28 billion in total fines and penalties related to Foreign Corrupt Practices Act (FCPA) violations in 2024, making it one of the top 10 highest grossing years with regard to enforcement penalties in the FCPA’s nearly 50-year history. Foreign governments and other branches of the U.S. government recovered an additional $400 million in global settlement amounts related to those FCPA enforcement actions. The U.S. government also announced charges against 19 individuals for FCPA and FCPA-related conduct.
Beyond the enforcement cases, the DOJ issued both new guidance and updates to existing guidance regarding its approach to corporate crime and its expectations surrounding corporate compliance efforts. The DOJ’s recent updates to its Evaluation of Corporate Compliance Program guidance focuses on (1) the risks associated with emerging technology, such as AI; (2) the resource allocation and amount of access to data by the company’s compliance functions; (3) incentivizing whistleblowers; (4) the importance of post-acquisition compliance integration; and (5) ensuring companies incorporate lessons learned from misconduct. Furthermore, the DOJ launched a new pilot program for whistleblowers to report corporate misconduct and announced incentives for individuals who voluntarily self-disclose criminal conduct.
The following is a snapshot of 2024 FCPA enforcement:
Massachusetts Enhances Regulatory Oversight of Health Care Transactions on For-Profit and Private Equity Investments
Massachusetts has expanded regulatory oversight of health care transactions by imposing False Claims Act liability on health care owners and investors for changes including failure to disclose violations. On January 8, 2025, Governor Maura Healey signed into law H.5159, An Act enhancing the market review process (the Act). Among other matters, the Act aims to strengthen oversight of private equity investors and related entities in the health care industry, including the expansion of the investigatory and enforcement powers of the Massachusetts Attorney General as they relate to health care activities. The Act also intends to fill perceived gaps in regulatory oversight, that many view as contributors to the Steward Health Care bankruptcy and related hospital closures across Massachusetts, by directly addressing regulation of for-profit health care entities and private equity ownership.
The following Act provisions expand the authority of the Massachusetts Health Policy Commission (HPC), Center for Health Information and Analysis (CHIA), and Attorney General’s Office (AGO) to oversee private equity investors and related entities, including through expansions of HPC’s existing oversight authority and extension of the Commonwealth’s state False Claims Statute (MA FCA) to owners and investors of violators. The Act also contains myriad changes impacting the health care industry. It strengthens regulatory oversight over private equity, pharmacy benefit managers, real estate investment trusts (REITs), management service organizations (MSOs), and other industry participants.
Expansions of HPC and AGO authority under the Act:
Establish new definitions for entities involved in, or related to, private equity operations [1]:
“Health care real estate investment trust,” a real estate investment trust, as defined by 26 U.S.C § 856, whose assets consist of real property held in connection with the use or operations of a provider or provider organization.
“Private equity company,” any company that collects capital investments from individuals or entities and purchases, as a parent company or through another entity that the company completely or partially owns or controls, a direct or indirect ownership share of a provider, provider organization or management services organization; provided, however, that “private equity company” shall not include venture capital firms exclusively funding startups or other early-stage businesses.“Significant equity investor,” (i) any private equity company with a financial interest in a provider, provider organization, or management services organization; or (ii) an investor, group of investors, or other entity with a direct or indirect possession of equity in the capital, stock, or profits totaling more than ten percent of a provider, provider organization, or management services organization; provided, however, that “significant equity investor” shall not include venture capital firms exclusively funding startups or other early-stage businesses.“Management services organization,” a corporation that provides management or administrative services to a provider or provider organization for compensation.
Revise the composition, necessary expertise, and responsibility for appointments to the HPC Board [2]. While the Board will continue to consist of 11 members, the Commissioner of Insurance is now a required member, as are appointed individuals with expertise in representing hospitals and hospital systems and in health care innovation, including pharmaceuticals, biotechnology, or medical devices. However, the HPC will no longer require membership of the Secretary for Administration and Finance, a Primary Care Physician, and an individual with expertise as a health insurance purchaser representing management. Finally, the auditor is no longer responsible for appointments to the HPC Board; all members, other than the Secretary of Health and Human Services and Commissioner of Insurance, will now be appointed solely by the Governor or Attorney General. These changes may reflect a shift in priorities for regulatory oversight of hospital administration, health care innovation, and health care insurance.
Expand the HPC Notice of Material Change process [3]. As previously required, every provider or provider organization must provide notice of a “material change” not less than 60 days before the date of the proposed change.
The previous statutory Notice of Material Change reporting requirements only covered:
mergers or acquisitions of hospitals or hospital systems;
a corporate merger, acquisition or affiliation of a provider or provider organization and a carrier;
an acquisition of insolvent provider organizations; and
mergers or acquisitions of provider organizations which will result in a provider organization having a near-majority of market share in a given service or region [4].
The Act expands the above-referenced statute mandating the reporting of “material change” requiring notice to the applicable government agencies to also include the following as examples:
significant expansions in a provider or provider organization’s capacity;
transactions involving a significant equity investor which result in a change of ownership or control of a provider or provider organization;
significant acquisitions, sales, or transfers of assets including, but not limited to, real estate sale lease-back arrangements; and
conversion of a provider or provider organization from a non-profit entity to a for-profit entity.
The Act also changes the current material change reporting threshold for mergers or acquisitions of a provider organization, which will result in a provider organization having a near-majority market share in a given service or region to provide that the standard is whether the provider organization will have a “dominant market share in a given service or region” (and not a “near-majority”).
Adoption of implementing regulations. While the Act does not include financial thresholds for reporting, the Act does direct the HPC to adopt regulations for administering the section, conduct cost and market impact reviews, and allow filing thresholds to be adopted in the regulations, subject to annual adjustments based on inflation [5].
Expands the HPC Cost and Market Impact Review process as follows:
HPC may now require significant equity investors, as well as other parties involved, in a given transaction to submit documents and information in connection with a Notice of Material Change or Cost and Market Impact Review [6].
HPC may require submitting certain information regarding the significant equity investor’s capital structure, general financial condition, ownership and management structure, and audited financial statements.
HPC may require submitting certain post-transaction data and information for up to five years following the material change date. Such data collection significantly expands the power and task, including the ability to assess post-transaction impacts.
Expands the factors HPC may consider as part of the Cost and Market Impact Review by also reviewing [7]:
the size and market share of any corporate affiliates or significant equity investors of the provider or provider organization;
the inventory of health care resources maintained by the DPH; and
any related data or reports from the Office of Health Resource Planning.
Expands the scope of the HPC’s examination of costs, prices, and cost trends, as follows [8]:
The HPC cost trends hearings will include an examination of any relevant impacts of significant equity investors, health care REITs, and MSOs on costs, prices, and cost trends. Stakeholders from these organizations associated with a provider organization will now be required to testify at the HPC’s annual cost trends hearing concerning: “health outcomes, prices charged to insurers and patients, staffing levels, clinical workflow, financial stability and ownership structure of an associated provider or provider organization, dividends paid out to investors, compensation including, but not limited to, base salaries, incentives, bonuses, stock options, deferred compensations, benefits and contingent payments to officers, managers and directors of provider organizations in the commonwealth acquired, owned or managed, in whole or in part, by said significant equity investors, health care real estate investment trusts or management services organizations.”
The HPC will utilize new data collected as part of the Registered Provider Organization process. The Act revised this process to require submissions from significant equity investors, health care real estate investment trusts, and management services organizations regarding ownership, governance, and organizational information.
Given the broad, sweeping nature of the changes, additional regulations and guidance should be expected.
[1] To be codified at MGL 6D, s. 1.
[2] To be codified at MGL 6D, s. 2.
[3] To be codified at MGL 6D, § 13.
[4] CITE TO EXISTING NMC FORM
[5] To be codified at MGL 6D, s. 13.
[6] To be codified at MGL 6D, s. 13.
[7] To be codified at MGL 6D, s. 13.
[8] To be codified at MGL 6D, ss. 8 and11.
Pricing Considerations in the Aftermath of the California Wildfires
The devastating January 2025 wildfires in southern California prompted Governor Newsom to declare a state of emergency on January 7, 2025 for Los Angeles and Ventura counties. This triggered California laws around price gouging and pricing restrictions in the wake of the emergency. While other, overlapping states of emergency will impact how price restrictions are ultimately calculated and considered – including local emergencies, and a statewide emergency relating to the ongoing bird flu outbreak – that the unprecedented scale of the wildfires will undoubtedly lead to increased scrutiny of pricing practices during the immediate aftermath, recovery and rebuilding.
The California Penal Code prohibits selling, or offering for sale, covered products at a price more than 10% greater than the price offered for that good in the 30 days prior to the declaration of an emergency. While application and enforcement of the pricing restrictions can be complex, the key considerations to keep in mind are these.
When did price restrictions go into effect? January 7, 2025. The price restrictions immediately go into effect when the President of the United States, the Governor of California, or a city/county executive officer declare a state of emergency.
When do they expire? This will be a moving target in some places. The price limitations typically stay in effect for 30 days after the emergency declaration date, subject to extensions. For repair or reconstruction services or any services used in emergency cleanup, these typically stay in effect for an initial period of 180 days. Specifically for Los Angeles County, Governor Newson has already extended certain categories of pricing restrictions by executive order to remain in effect until January 7, 2026.
What is the price increase ceiling? 10% more than the price offered in the 30 days prior to the emergency declaration.
What if a seller starts selling a covered item only after a state of emergency is declared? That seller is prohibited from marking up the price of that item more than 50% of its costs.
Does this only apply to California-based businesses? No. The statute applies to all sellers, including manufacturers, wholesalers, individuals, distributors, and retailers, and to all kinds of sales.
What goods are covered? The statute covers a wide range of products such as: rental housing, building materials, gasoline, goods or services used for emergency cleanup, consumer food items, and medical supplies.
What are the potential consequences? Violations are criminally punishable by up to one year in jail and a fine up to $10,000 or civil penalties up to $2,500 per violation, injunctive relief, or mandatory restitution.
Where do they apply? Even when trigged by an emergency that is specifical to a particular geographic area, California Department of Justice interprets the statute to provide that the pricing restrictions are not restricted to the city or county where the emergency is declared, and that the statute is intended to prevent price gouging elsewhere in the state where this is increased consumer demand as a result of the emergency.
While the horizon for enforcement is long – the California statute provides a 4-year statute of limitations for bringing price gouging complaints – we have already seen the state eyeing enforcement opportunities. On January 22, 2025, the California Department of Justice (CDOJ) filed charges against a real estate agent. A couple who had lost their home in the wildfires applied to rent a property and were allegedly told the price would be raised 38% more than the prior advertised rate. The CDOJ has also announced that it has sent upwards of five hundred “warning letters” to hotels and landlords.
Considering the scope of pricing restrictions in place, and expected enforcement, businesses may want to consider additional diligence and documentation supporting compliance with pricing restrictions triggered by the California wildfires.
CTA Update: Enforcement Remains Suspended Despite U.S. Supreme Court Granting Stay of Preliminary Injunction
Go-To Guide:
On Jan. 23, 2025, the U.S. Supreme Court granted the U.S. government’s request for a stay of the nationwide preliminary injunction of the CTA issued in Texas Top Cop Shop, Inc. v. McHenry.
The Supreme Court was not asked to address an injunction issued by another federal judge, which ordered preliminary relief to prevent CTA enforcement on Jan. 7, 2025 (Smith v. U.S. Department of the Treasury).
FinCEN confirmed that reporting companies under the CTA rulemaking are not currently required to file BOI reports and are not subject to liability if they fail to do so while the Smith order remains in force.
Given the rapidly changing landscape, reporting companies under the CTA rulemaking should continue to monitor CTA developments so they can be prepared to file Beneficial Ownership Information (BOI) reports if the injunction is once again stayed, lifted, or otherwise made ineffective (e.g., via FinCEN reversing its position).
On Jan. 23, 2025, the U.S. Supreme Court granted the U.S. government’s request for a stay (SCOTUS Order) of the nationwide preliminary injunction of the Corporate Transparency Act (CTA) issued by the U.S. District Court for the Eastern District of Texas in Texas Top Cop Shop, Inc. v. McHenry.1 According to the brief order, the stay remains in effect pending disposition of the appeal before the Fifth Circuit and subsequent disposition of a petition for a writ of certiorari, if any.
Oral arguments for the expedited Fifth Circuit appeal are scheduled for March 25, 2025.
Background
The status of the CTA has shifted multiple times since Dec. 3, 2024, when a Texas district court in Texas Top Cop Shop, Inc. v. McHenry (formerly Texas Top Cop Shop, Inc. v. Garland), preliminarily enjoined the CTA and its BOI reporting rule (Reporting Rule) on a nationwide basis, approximately four weeks ahead of a key Jan. 1, 2025, deadline. As we previously reported, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) appealed that ruling, and on Dec. 23, 2024, a motions panel of the U.S. Court of Appeal for the Fifth Circuit stayed the injunction, allowing the CTA to go back into effect. Three days following the stay, on Dec. 26, 2024, a different Fifth Circuit panel issued an order to vacate the motion panel’s stay, effectively reinstating the nationwide preliminary injunction against the CTA and the Reporting Rule. On Dec. 31, 2024, the U.S. government filed an emergency application with the Supreme Court to stay the preliminary injunction once again.
On Jan. 7, 2025, another federal judge of the U.S. District Court for the Eastern District of Texas ordered preliminary relief barring CTA enforcement in Smith v. U.S. Department of the Treasury.2 To date, the government has not appealed the ruling in Smith.
The SCOTUS Order
In response to the SCOTUS Order, FinCEN updated its website on Jan. 24, 2024, noting:
As a separate nationwide order issued by a different federal judge in Texas (Smith v. U.S. Department of the Treasury) still remains in place, reporting companies are not currently required to file beneficial ownership information with FinCEN despite the Supreme Court’s action in Texas Top Cop Shop [emphasis added]. Reporting companies also are not subject to liability if they fail to file this information while the Smith order remains in force. However, reporting companies may continue to voluntarily submit beneficial ownership information reports.
Takeaways
No filings under the CTA are currently required by law, including the initial BOI reports that reporting companies formed or registered prior to 2024 would otherwise have been required to file by Jan. 13, 2025, pursuant to an extension that FinCEN granted on Dec. 27, 2024.
While enforcement of the CTA remains suspended, reporting companies and affected individuals should continue to monitor CTA developments and consider what steps they may need to take to be prepared to file their BOI reports in short order if the injunction is once again stayed, lifted, or otherwise made ineffective.
1 McHenry v. Texas Top Cop Shop, Inc., No. 24A653, 2025 WL 272062 (U.S. Jan. 23, 2025).
2 See Smith v. United States Dep’t of the Treasury, No. 6:24-CV-336-JDK, 2025 WL 41924 (E.D. Tex. Jan. 7, 2025)
DOJ Announces Largest Employee Retention Credit Fraud Indictment
Overview
On January 22, 2025, the US Department of Justice (DOJ) announced the indictment of seven individuals in the largest Employee Retention Credit (ERC) fraud scheme to date. According to the indictment, the defendants filed more than 8,000 refund claims for ERCs and Sick and Family Leave Credits (SFLCs), totaling more than $600 million.
In Depth
The ERC and SFLC programs were designed to help businesses retain employees on the payroll during the COVID-19 pandemic. Prosecutors allege that the defendants exploited these programs by submitting fraudulent claims on behalf of ineligible businesses, inflating employee numbers, and misrepresenting wages. DOJ asserted that the defendants concealed their involvement by not identifying themselves as preparers on the returns, using virtual private networks and through other means.
ERC fraud has been a top priority of DOJ and the Internal Revenue Service (IRS), and this indictment can be added to a growing list of ERC-related enforcement actions. As of October 2024, the IRS Criminal Investigation division initiated 504 criminal investigations involving more than $5.5 billion in ERC claims. There have been more than 45 cases resulting in federal charges, with 27 resulting in convictions. A specialized unit within DOJ, called the “Fraud Strike Force,” has also been initiating investigations into potential ERC fraud, stating that such enforcement will “occupy a substantial portion of DOJ attention for years to come.”
On the civil enforcement front, the IRS has strengthened its efforts to examine and disallow improper ERC claims. The IRS announced in mid-2024 that it had issued approximately 28,000 disallowance notices on claims aggregating $5 billion. According to the IRS, these claims “showed a high risk of being incorrect.” The IRS described these disallowances as the “first significant wave,” and with at least 1 million claims still outstanding, practitioners expect more disallowances. The IRS has also announced that it will be sending 30,000 “clawback” letters seeking to reclaim ERC funds that have already been paid.
We have seen an aggressive examination campaign from the IRS targeting ERC claims. These exams, numbering into the thousands, have often involved more typical questions of taxpayer eligibility (e.g., number of employees and wages amount) but have also inquired about whether there has been “double dipping” with respect to other COVID-19-era stimuli, such as the Paycheck Protection Program. The IRS is also focused on governmental orders and the effects these orders had on taxpayers’ business operations.
Besides taxpayers, accountants and other tax professionals have also been a target of IRS enforcement activity. The IRS Office of Promoter Investigations “has received hundreds of referrals from internal and external sources” concerning individuals and businesses that it deems as potentially having facilitated fraudulent ERC claims. The IRS has the authority to impose civil penalties on alleged promoters under Internal Revenue Code Section 6700. DOJ may pursue criminal cases against individuals and entities it believes are promoting false ERC claims. This enforcement activity may even target individuals or principals of a firm after it has long ceased operations.
Practice Point: DOJ’s announcement makes clear that ERC fraud remains an enforcement priority for 2025. Taxpayers and tax professionals should prepare now to defend their ERC claims, including by compiling and maintaining substantiation to support each claim, and be ready to take immediate steps should they receive an IRS audit notice, a request for documentation or information, or are otherwise contacted by the government.
How Risky Are DEI Programs Under Trump 2.0?
President Trump’s January 21, 2025, executive order titled “Ending Discrimination and Restoring Merit-Based Opportunity” (“Executive Order”) directs the termination of federal government practices and policies that protect and promote diversity and inclusion; the Executive Order also addresses diversity and inclusion initiatives in the private sector. Less than a week later, an internal memo from the White House budget office “temporarily paused” grants and loans by the federal government while the government assesses whether the distributions are consistent with certain executive orders and other Trump administration objectives.
The Executive Order specifically targets diversity, equity, and inclusion (DEI) and diversity, equity, inclusion, and accessibility (DEIA) programs, describing them as “dangerous, demeaning, and immoral,” which “violate the text and spirit of our longstanding Federal civil-rights laws” and “undermine our national unity, as they deny, discredit, and undermine the traditional American values of hard work, excellence, and individual achievement in favor of an unlawful, corrosive, and pernicious identity-based spoils system.” The Executive Order uses broad, sweeping language and does not describe the types of DEI or DEIA initiatives that violate existing federal civil rights laws, leaving uncertainty as to which programs the administration will target but leaving no uncertainty about the chilling effect the Executive Order will have.
The Executive Order Targets Large Companies
The Executive Order requires the attorney general to submit a report within 120 days (May 21, 2025) that includes a proposed strategic enforcement plan identifying, among other things, (i) key sectors of concern within each agency’s jurisdiction, (ii) the most egregious and discriminatory DEI practitioners in each sector of concern, and (iii) a plan of specific steps or measures to deter DEI programs or principles (whether specifically denominated “DEI” or otherwise) that constitute illegal discrimination or preferences. Moreover, the Executive Order directs, “As a part of this plan, each agency shall identify up to nine potential civil compliance investigations of publicly traded corporations, large non-profit corporations or associations, foundations with assets of 500 million dollars or more, State and local bar and medical associations, and institutions of higher education with endowments over 1 billion dollars.” As such, large or otherwise prominent organizations should be particularly on guard.
The Executive Order has immediately impacted the broader enforcement context. For example, on January 23, 2025, Texas Attorney General Ken Paxton and nine other state attorneys general warned several major financial institutions that DEI and environmental, social, and governance (ESG) commitments could lead to enforcement actions if they are found to violate state or federal laws. Following the release of the attorney general report described above, we may see an uptick in warnings made by other state attorneys general and/or similar warnings issued to organizations in sectors of concern identified in the forthcoming attorney general’s report.
To be sure, existing federal antidiscrimination law controls. That means while the Trump administration may view certain DEI programs as unlawful, it does not mean judges will. Read on for specific takeaways for entities with DEI programs.
The Executive Order Targets Recipients of Government Funding
Recipients of federal government funding already should be familiar with the False Claims Act (FCA), 31 U.S.C. §§ 3729 – 3733, which provides that any person who knowingly submits, or causes to submit, false claims to the federal government is liable for three times the government’s damages, plus penalties.
The Executive Order uses the FCA to target DEI initiatives of government funding recipients. First, federal contractors and subcontractors are prohibited from considering race, color, sex, sexual orientation, religion, or national origin in their employment, procurement, and contracting practices. Second, every contract or grant award issued by a federal agency — which will include government contractors as well as health care entities that participate in federal health care programs, and research institutions that receive federal grant money — must include the following provisions:
“A term requiring the contractual counterparty or grant recipient to agree that its compliance in all respects with all applicable Federal anti-discrimination laws is material to the government’s payment decisions for purposes of [the FCA];” and
“A term requiring such counterparty or recipient to certify that it does not operate any programs promoting DEI that violate any applicable Federal anti-discrimination laws.”
With these provisions, the Department of Justice or private qui tam relators could pursue an FCA case utilizing a false certification theory, meaning a party could be held liable under the FCA for submitting false or fraudulent claims to the government if the party falsely certifies that it has complied with federal requirements when, in fact, they have not. For a claim to be fraudulent under this theory, the false certification must be material to the government’s decision to pay the claim.
The Executive Order essentially requires parties who wish to do business with the government to agree that a violation of a federal antidiscrimination law — e.g., maintaining a DEI program that violates federal antidiscrimination laws — is material to the government’s decision to pay under the FCA. However, it is unclear that “agreeing” a requirement is material makes it so. For “materiality,” compliance with the provision actually must be material to the government’s decision to pay the claim or its decision to award the contract. In 2016, the Supreme Court held that “designating” a “legal requirement an express condition of payment” is not sufficient to establish materiality under the FCA. Universal Health Services, Inc. v. United States ex rel. Escobar, 579 U.S. 176, 192 (2016). However, the Trump administration will likely argue that its recent halting of federal funding, as the government takes stock of whether the spending complies with its executive orders and policies, is evidence that the antidiscrimination requirement is material to the government’s decision to pay. Crucially, however, the halt of federal funding does not apply to Medicare, nor does it direct that payment be terminated to a contractor for the reason of their DEI program. It does direct the termination of payment as related to DEI actions, initiatives, or programs.
As so often occurs in the FCA arena and elsewhere, many practices targeted by the Department of Justice or relators ultimately will be defensible. In the DEI context, absent a settlement, a court would have to determine the DEI program in question violates current federal antidiscrimination law, and the Department of Justice or relator would have to prove each element of an FCA violation, including materiality and scienter (that the defendant knew or recklessly disregarded or deliberately ignored in its certification that its representation of compliance with federal antidiscrimination laws was false).
As such, it is yet to be seen what kind of teeth the Executive Order will ultimately have. The administration could be counting on a chilling effect, with the potential costs of investigations, enforcement action, and litigation outweighing companies’ willingness to go to battle for their DEI programs in court.
Takeaways for Companies with DEI Programs
We expect more details from the administration, such as regulatory and sub-regulatory actions, in the days and months to come. In the meantime, we recommend companies take action now to mitigate potential risk, even if their programs are ultimately defensible. For example, we recommend the following immediately:
Companies — federal contractors and private sector alike — should consult DEI and labor and employment experts to assess whether their DEI policies and practices may be construed to be out of compliance with existingfederal antidiscrimination laws under a Trump-era lens and what changes (if any) in their policies and practices are necessary to ensure compliance or mitigate risk.
Companies should be cognizant of new developments as they arise under the Trump administration. To assist in this endeavor,
Companies should reach out to legal counsel to discuss how the Executive Order, and likely future orders, may impact their businesses and what specific steps should be taken now to best protect them from any future liability and enforcement actions.
How to Report Crypto Fraud and Qualify for a CFTC Whistleblower Award
CFTC Whistleblower Program Rewards Whistleblowers for Providing Original Information About Crypto Fraud
Crypto fraud schemes have caused investors to lose more than one billion dollars and undermine public confidence in the digital asset and cryptocurrency ecosystem. Indeed, the implosion of FTX led to a crypto winter in which the value of digital assets plummeted and several crypto lending firms went bankrupt. Whistleblowers can help the CFTC identify and combat crypto fraud schemes by promptly providing specific and credible information.
Crypto fraud whistleblowers are eligible to receive between 10% and 30% of the monetary sanctions collected in successful enforcement actions. The CFTC has issued more than $390 million in awards to whistleblowers. The largest CFTC whistleblower awards to date are $200 million, $45 million, $30 million, and $10 million. Whistleblower disclosures have enabled the CFTC to bring successful enforcement actions against wrongdoers with orders for more than $3.2 billion in monetary relief.
Whistleblowers that voluntarily provide the CFTC with original information about violations of the CEA that leads the CFTC to bring a successful enforcement action resulting in the imposition of monetary sanctions exceeding $1 million can qualify for a CFTC whistleblower award from CFTC collected monetary sanctions and from related actions brought by other governmental entities.
Crypto Fraud Schemes that the CFTC Combats
Wash trading of digital currencies or swaps or futures contracts. For example, CLS Global recently plead guilty to a fraudulent “wash trading” scheme whereby it attempted to manipulate the crypto market by inflating the value of various cryptocurrencies through wash trading – repeatedly buying and selling tokens to make them appear more valuable to investors. In particular, CLS Global used an algorithm that executed self-trades from multiple wallets to appear as organic buying and selling.
Pump and sump schemes, such as the CFTC’s action against Adam Todd and four companies he controlled for attempting to manipulate Digitex’s native utility token, DGTX, by allegedly pumping the token’s price through the use of a computerized bot on third-party exchanges he designed to be “always buying more than it was selling” and by filling large over-the-counter orders to purchase DGTX on third-party exchanges.
Pig butchering or relationship confidence schemes in which fraudsters build online relationships with unsuspecting individuals before convincing them to trade crypto assets or foreign currency on fake trading platforms. According to the FBI’s 2023 Cryptocurrency Report, losses from cryptocurrency-related investment fraud schemes reported to the FBI Internet Crime Complaint totaled $3.96 billion in 2023.
Crypto Ponzi schemes, such as Ikkurty Capital, LLC soliciting more than $40 million from investors by promising to invest the funds in a crypto hedge fund or a carbon offset bond and instead using the funds to pay off previous investors in another crypto hedge fund and investing a small portion in volatile digital tokens. The final order of judgment in that matter imposed over $209 million in monetary sanctions.
Violating rules that protect customers funds and require custodians to segregate and separately account for customer funds. For example, FTX and Alameda Research were required to pay $8.7 billion in restitution and $4 billion in disgorgement for commingling of customer funds, using customer funds to extend a line of credit to an affiliate, investing customer funds in non-permitted investments through an affiliate, and appropriating customer funds for luxury real estate purchases, political contributions, and high-risk, illiquid digital asset industry investments.
Operating an illegal commodity pool. For example, the CFTC obtained an order against Mirror Trading International Proprietary Limited (MTI) requiring it to pay $1.7 billion in restitution and a $1.7 billion civil penalty for failure to comply with commodity pool operator regulations. MTI solicited Bitcoin from investors for participation in an unregistered commodity pool that purportedly traded off-exchange, retail forex through a proprietary “bot” or software program, but in fact MTI misappropriated the Bitcoin that they accepted from the pool participants.
CFTC Whistleblower Reward Program
Under the CFTC Whistleblower Reward Program, the CFTC will issue rewards to whistleblowers who provide original information that leads to CFTC enforcement actions with total civil penalties in excess of $1 million (see how the CFTC calculates monetary sanctions). A whistleblower may receive an award of between 10% and 30% of the total monetary sanctions collected. Monetary sanctions includes restitution, disgorgement, and civil monetary penalties,
Reporting original information about cryptocurrency fraud “leads to” a successful enforcement action if either:
The original information caused the staff to open an investigation, reopen an investigation, or inquire into different conduct as part of a current investigation, and the Commission brought a successful action based in whole or in part on conduct that was the subject of the original information; or
The conduct was already under examination or investigation, and the original information significantly contributed to the success of the action.
In determining a reward percentage, the CFTC considers the particular facts and circumstances of each case. For example, positive factors may include the significance of the information, the level of assistance provided by the whistleblower and the whistleblower’s attorney, and the law enforcement interests at stake.
Awards are paid from the CFTC Customer Protection Fund, which is financed through monetary collected by the CFTC in any covered judicial or administrative action that is not otherwise distributed, or ordered to be distributed, to victims of a violation of the CEA underlying such action.
Crypto Fraud Whistleblowers Can Report Anonymously to the CFTC
If represented by counsel, a crypto fraud whistleblower may submit a tip anonymously to the CFTC. In certain circumstances, a whistleblower may remain anonymous, even to the CFTC, until an award determination. However, even at the time of a reward, a whistleblower’s identity is not made available to the public.
The confidentiality protections of the CEA require the CFTC not to disclose information that “could reasonably be expected to reveal the identity of the whistleblower.” According to a recent report of the CFTC Whistleblower Office, the Office takes steps to protect whistleblower confidentiality. For example, in a recent fiscal year the Office considered 267 requests to produce documents from the investigation and litigation files of the Enforcement Division and found 16 requests to implicate whistleblower-identifying information. The Office worked with the Enforcement Division to remove whistleblower-identifying information or otherwise take steps to preserve whistleblower confidentiality.
SEC Charges Navy Capital in AML Failures: Say What You Do and Do What You Say
The US Securities and Exchange Commission (SEC) released a press release on January 15 announcing that it had charged Navy Capital Green Management, LLC, an investment adviser, with violations of the Investment Advisers Act of 1940 related to its Anti-Money Laundering (AML) policies and procedures.
Navy Capital agreed to a settlement offer in which they did not admit or deny the SEC’s findings and agreed to pay a $150,000 civil penalty, to cease and desist from committing any further violations, and to be censured. The charges against Navy Capital emphasize the SEC’s priority in ensuring registered investment advisers (RIAs) say what they do and do what they say.
Read the SEC’s press release here.
Currently, RIAs do not have any affirmative duties under AML rules and regulations. RIAs may implement AML policies and procedures voluntarily. If an RIA does implement AML policies, then it must ensure that it follows through with its own policies and procedures.
AML-Related Charges Against Navy Capital
The SEC charged Navy Capital with making misrepresentations related to Navy Capital’s AML policies and procedures in various investor and prospective investor materials, and for and failing to ensure that its written investor materials accurately represented its AML policies and procedures. More generally, Navy Capital represented to its investors and prospective investors that it would follow certain procedures to mitigate AML risks.
The SEC’s findings were based on the relevant period of October 2018 through January 2022 when Navy Capital was registered with the SEC. Throughout this period, Navy Capital represented to its investors and prospective investors that it voluntarily maintained robust AML policies and procedures in accordance with the USA Patriot Act, even though it was not required to do so. Navy Capital published these representations in its offering memoranda, subscription booklets and agreements, due diligence questionnaires, and internal compliance manual, which was provided to prospective investors upon request.
In several of the written investor materials, Navy Capital claimed that investment into the funds would not be complete until investors satisfied all of Navy Capital’s AML requirements. However, in several separate instances described in the SEC’s order, Navy Capital approved investments — against its own policies and procedures — without (1) obtaining documents identifying an investor’s beneficial ownership, (2) investigating reported police suspicions that a foreign entity investor’s money was possibly connected to money laundering schemes, (3) resolving contradictory beneficial ownership documents, and (4) sufficiently confirming the source of funds. Also, in violation of its own policies, Navy Capital accepted funds from bank accounts not held in the name of the subscribing investor and from investors that disclosed they had zero assets.
Applicable SEC Rules
The SEC ultimately found that Navy Capital violated Section 206(4) of the Advisers Act and Rules 206(4)-7 and 206(4)-8. By way of background, Rule 206(4)-7 requires an investment adviser to adopt and implement written compliance policies and procedures reasonably designed to prevent violations of the Advisers Act. Rule 206(4)-8 makes it unlawful for any investment adviser of a pooled investment vehicle to “[m]ake any untrue statement of a material fact or to omit to state a material fact necessary to make the statements made, in the light of the circumstances under which they were made, not misleading, to any investor or prospective investor in the pooled investment vehicle; or [o]therwise engage in any act, practice, or course of business that is fraudulent, deceptive, or manipulative with respect to any investor or prospective investor in the pooled investment vehicle.”
The SEC held that Navy Capital misled investors about the level of risk they were taking by investing in Navy Capital’s funds.
New RIA AML Responsibilities
In August 2024, the Financial Crimes Enforcement Network (FinCEN) issued a rule that broadens the definition of “financial institution” as used in the Bank Secrecy Act to include RIAs and exempt reporting advisers (ERAs) (some exceptions apply). FinCEN’s new rule goes into effect on January 1, 2026, and will require all RIAs and ERAs under this rule to either implement an AML program, or if they already have one, to ensure their AML policies and procedures comply with the rule.
Briefly, the rule will require RIAs and ERAs to implement a risk-based and reasonably designed AML program, file certain reports with FinCEN, keep certain records, and fulfill certain other obligations applicable to financial institutions subject to the Bank Secrecy Act and FinCEN’s implementing regulations.
For more information on FinCEN’s new rule, see our recent client alert.
Key Takeaways
RIAs should note the distinction between SEC and FinCEN requirements. The SEC does not require RIAs to implement an AML policy. For SEC compliance, RIAs should ensure that they are abiding by their policies and procedures, particularly those that stand to impact funds raised from investors. However, for RIAs to comply with FinCEN rules, they will need to implement an AML policy according to the new rule by the effective date.
Additionally, although the new Administration has promised to repeal several SEC rules, the Trump Administration’s focus remains on repealing SEC rules related to environmental, social, and governance and crypto. At this time, it looks unlikely that any rules related to proper disclosure will be affected. FinCEN’s rule is also likely to be enforced. ArentFox Schiff attorneys are closely monitoring any developments that could impact the effectiveness of FinCEN’s new rule or could impact SEC compliance.
Listen to this article
CMS Publishes Final Rule, Effective January 1, 2025, Addressing the Requirements for Reporting and Returning Overpayments
The standard for an “identified overpayment” under Medicare Parts A–D now aligns with section 1128J(d)(4)(A) of the Social Security Act, which incorporates by reference the Federal False Claim Act’s (the “FCA”) “knowledge” standard. The previous “reasonable diligence” standard, which, as it related to Part C, had been struck down by a Federal court, no longer applies. Under the new standard, a provider, supplier, or Medicare Advantage Organization (“MAO”) has knowledge of an overpayment when it has been identified.
Additionally, the deadline for reporting and returning identified overpayments has also been finalized. An overpayment must be reported and returned by the later of:
The date which is 60 days after the date on which the overpayment was identified, or
The date any corresponding cost report is due, if applicable.
Any identified overpayment retained after the deadline to report and return may create FCA liability.
The foregoing was finalized, as proposed in 2022, pursuant to the Calendar Year 2025 Physician Fee Schedule (the “2025 PFS”). With respect to the timeframe to report and return overpayments, the 2025 PFS suspends a person’s 60-day obligation to report and return overpayments for up to 180 days if the person, after having identified an overpayment, conducts a timely, good-faith investigation to determine whether related overpayments exist. While the 2025 PFS did not expressly define the term “good-faith investigation”, persons “can rely upon [its] plain meaning.” See 2025 PFS at 98338.
Takeaways
This legal change creates new risks for providers who fail to investigate credible information about a potential overpayment. However, this should come as no surprise, as it aligns with what the U.S. Department of Justice may already pursue against a person under the FCA—a reverse false claim. As noted in the commentary of the 2025 PFS, the FCA, from which the “knowledge” qualifier originates, contains an existing body of case law and examples to guide stakeholders and their counsel regarding if a person has the requisite knowledge to have identified an overpayment based on the facts and circumstances presented. See 2025 PFS at 98335–8.
Additionally, once a person has identified an overpayment, the 60-day obligation to report and return such overpayment begins to run. And, that deadline exists regardless of whether the overpayment has been quantified. But, because quantification takes time, the 60-day deadline may be suspended if the person needs to dive deeper into its investigation to determine if related overpayments exist. The timeline to do so, however, is only 180 days. Thus, providers should make every effort to act with “all deliberate speed”, which, in turn, may require providers with fewer resources and expertise to expend a disproportionately high amount of effort. These rules apply across all of Medicare and, thus, are applicable to all providers, suppliers, and MAOs.
Corporate Transparency Act Reporting Remains Voluntary
This Corporate Advisory provides a brief update on recent litigation regarding the Corporate Transparency Act (CTA) and its reporting requirements. It is not intended to, and does not, provide legal, compliance or other advice to any individual or entity. For a general summary of the CTA, please refer to our prior CTA Corporate Advisories from November 8, 2023, and September 17, 2024. Please reach out to your Katten attorney for assistance regarding the application of the CTA to your specific situation.
As of January 24, 2025, the Corporate Transparency Act’s (CTA) reporting requirements remain voluntary. On January 23, 2025, the Supreme Court of the United States (SCOTUS) issued an order that granted the US government’s motion to stay the nationwide injunction issued by the US District Court of the Eastern District of Texas in the case of Texas Top Cop Shop, Inc. v. McHenry (formerly Texas Top Cop Shop, Inc. v. Garland). This headline appeared to have the effect of reinstating the CTA’s reporting requirements and deadlines. However, such SCOTUS order does not appear to impact a separate stay issued against the enforcement of the CTA’s reporting rules issued by the US District Court of the Eastern District of Texas in Smith v U.S. Department of the Treasury. The US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has interpreted the SCOTUS ruling similarly. Specifically, FinCEN noted: “On January 23, 2025, the Supreme Court granted the government’s motion to stay a nationwide injunction issued by a federal judge in Texas (Texas Top Cop Shop, Inc. v. McHenry—formerly, Texas Top Cop Shop v. Garland). As a separate nationwide order issued by a different federal judge in Texas (Smith v. U.S. Department of the Treasury) still remains in place, reporting companies are not currently required to file beneficial ownership information with FinCEN despite the Supreme Court’s action in Texas Top Cop Shop.” Accordingly, the CTA’s reporting requirements remain on hold, and reporting companies are not currently required to file Beneficial Ownership Information Reports with FinCEN, and FinCEN has stated that reporting companies are not subject to liability if they fail to file Beneficial Ownership Information Reports with FinCEN while the Smith order remains in force.
Note that this SCOTUS order relates solely on the nationwide injunction and was not a ruling on the constitutionality of the CTA.
The Supreme Court order is available here.
The FinCEN alert is available here.
Our updated CTA Corporate Advisory providing background on the Texas Top Cop Shop case is available here.
Using the False Claims Act to Police Federal Contractors’ Employment Practices
Two recent events — one settlement and one executive order — have heightened the risk that the False Claims Act (FCA) will be used as a tool to enforce the employment obligations of companies doing business with the federal government.
First, on January 16, 2025, the Department of Justice (DOJ) announced a settlement with Bollinger Shipyard. DOJ alleged that Bollinger violated the False Claims Act by knowingly billing the US Coast Guard for labor provided by workers who were not verified in the E-Verify system. Under FAR 52.222-54, federal contractors are required to enroll in the E-Verify program and verify the employment eligibility of all new employees as well as verify the eligibility of existing employees before assigning them to a contract. This is the first case we are aware of where DOJ has used the FCA to enforce the requirement to use the E-Verify system.
Second, included among the flurry of “Day-One” executive orders issued on January 21, 2025, the Trump Administration issued an executive order entitled “Ending Illegal Discrimination and Restoring Merit-Based Opportunity.” Among other things, this sweeping order addressed the “Federal contracting process” in Section 3(b).
Section 3(b) instructs the Office of Federal Contract Compliance Programs to “immediately cease . . . Holding Federal contractors and subcontractors responsible for taking ‘affirmative action’ [and] Allowing or encouraging Federal contractors and subcontractors to engage in workforce balancing based on race, color, sex, sexual preference, religion, or national origin.” (emphasis added).[1] That section further purports to prohibit federal contractors from advancing diversity initiatives by directing that “the employment, procurement, and contracting practices of Federal contractors and subcontractors shall not consider race, color, sex, sexual preference, religion, or national origin in ways that violate the Nation’s civil rights laws.”
To give teeth to this new mandate, the executive order attempts to bring its requirements within the purview of the FCA by providing:
(iv) The head of each agency shall include in every contract or grant award:
(A) A term requiring the contractual counterparty or grant recipient to agree that its compliance in all respects with all applicable Federal anti-discrimination laws is material to the government’s payment decisions for purposes of section 3729(b)(4) of title 31, United States Code; and
(B) A term requiring such counterparty or recipient to certify that it does not operate any programs promoting DEI that violate any applicable Federal anti-discrimination laws.
There is tension between this directive and current law. For example, in Escobar, the Supreme Court expressly rejected the notion that the government can establish materiality for FCA purposes through an agreement term. “The materiality standard is demanding. . . A misrepresentation cannot be deemed material merely because the Government designates compliance with a particular statutory, regulatory, or contractual requirement as a condition of payment. Nor is it sufficient for a finding of materiality that the Government would have the option to decline to pay if it knew of the defendant’s noncompliance.” Universal Health Serv. Inc. v. United States ex rel. Escobar, 579 U.S. 176, 194 (2016).
Further, there are few cases where the FCA was used to enforce a contractor’s employment practice obligations under current law. In Hill, the US Court of Appeals for the Seventh Circuit upheld the dismissal of an FCA case where the whistleblower alleged that the city of Chicago failed to follow its required affirmative action hiring plan. United States ex rel. Hill v. City of Chicago, Ill., 772 F.3d 455 (7th Cir. 2014). The court in that case held that the city’s implementation of a program that was different from the plan could not trigger the knowing element required for a false claim. Id. at 456.
Notably, the anticipated agreement clause and certification required by the executive order do not prohibit all diversity programs, but only those that “violate any applicable Federal anti-discrimination laws.” Accordingly, to be actionable under the FCA a plaintiff would likely need to show that a defendant knew at the time of its certification that it intended to violate applicable law.
[1] On Friday, January 24, 2025, Acting Secretary of Labor Vince Micone issued Secretary’s Order 03-2025, which directs “all DOL employees” to “immediately cease and desist all investigative and enforcement activity under the rescinded Executive Order 11246.” The order clarified that it applied to “all pending cases, conciliation agreements, investigations, complaints, and any other enforcement-related or investigative activity.” Notably, it provides that investigations or reviews under Section 503 and VEVRAA are “held in abeyance pending further guidance.”
In Confirmation Hearings, AG Nominee Pledges to Defend the Constitutionality of the False Claims Act
What may have seemed like an out-of-the-blue question to the casual observer was no surprise to those who represent individuals and entities in the health care and life sciences industries: U.S. Attorney General (AG) nominee Pam Bondi was asked to share her thoughts on the constitutionality of the False Claims Act (FCA) and its qui tam provisions during her January 15, 2025, confirmation hearings.
Senator Chuck Grassley (R-IA) prefaced his questioning by noting that the FCA is “central to fighting government waste and fraud.” And since 1986—when Grassley authored amendments that modernized and strengthened the Civil War-era statute—he has been a fierce defender. Since the 1986 amendments, the FCA has brought in $78 billion for the federal government, with more than $2.9 billion recovered in fiscal year (FY) 2024.
“Most of that is due to patriotic whistleblowers who found the fraud and brought the cases forward at their own risk,” Grassley said.
The U.S. Supreme Court, the senator said, “has long upheld the law’s constitutionality.” Yet Justice Clarence Thomas, in a 2023 dissent,[1] wrote that “[t]he FCA’s qui tam provisions have long inhabited something of a ‘constitutional twilight zone,’” and posited that Article II of the Constitution does not permit Congress to “authorize a private relator to wield executive authority to represent the United States’ interests in civil litigation.” Subsequently, on September 30, 2024, a Middle District of Florida District Judge followed suit and declared the provisions unconstitutional.[2] Former AG William Barr, Grassley noted, once objected to the FCA’s whistleblower provisions—and then retracted that objection in confirmation hearings held six years earlier, to the day.
So, what is Bondi’s position on the constitutionality of the FCA’s qui tam provisions?
“I would defend the constitutionality, of course, of the False Claims Act,” the nominee said.
“If confirmed, would you commit to continuing [the Department of Justice’s (DOJ’s)] defense of the constitutionality of it—and will you ensure the entire staff and funding levels, to properly support and prosecute False Claims cases?” Grassley asked.
“Senator, the False Claims Act is so important and especially by what you said, with whistleblowers, as well, and the protection, and the money it brings back to our country. Yes, sir,” Bondi answered.
As we noted in our blog post analyzing the DOJ’s FY 2024 FCA statistics, also released on January 15, last year whistleblowers filed the highest number of qui tam actions in history—979—with the government and whistleblowers, combined, being parties to 588 settlements and judgments. FCA settlements and judgments topped $2.9 billion in FY 2024, with relator share awards totaling nearly $404 million.
The Middle District of Florida’s Dismissal with Prejudice
The U.S. Court of Appeals for the Eleventh Circuit has yet to weigh in on the matter after U.S. District Court Judge Kathryn Kimball Mizelle dismissed an FCA case brought by a qui tam relator based on her ruling that the qui tam provisions are unconstitutional.
Judge Mizelle, who was appointed to the federal bench by President Trump in his first term, dismissed the suit brought by Clarissa Zafirov, a physician who sued her former employer and others in an otherwise ordinary FCA case for allegedly misrepresenting patients’ medical claims to Medicare using false diagnosis codes to obtain inflated reimbursements.
“Zafirov has determined which defendants to sue, which theories to raise, which motions to file, and which evidence to obtain….Yet no one—not the President, not a department head, and not a court of law—appointed Zafirov to the office of relator,” Judge Mizelle wrote on September 30, 2024. “Instead, relying on an idiosyncratic provision of the False Claims Act, Zafirov appointed herself. This she may not do.”
The plaintiffs appealed to the Eleventh Circuit. Senator Grassley’s office filed an amicus brief on January 15, 2025, “strongly urging the Eleventh Circuit to reverse the lower court’s flawed decision and uphold the constitutionally sound qui tam provision.”
Specifically, Grassley’s 33-page brief rests on three tenets:
Qui tam statutes are deeply rooted in history: Indeed, qui tam provisions were enacted during the First Congress by the framers of the Constitution and are deeply embedded in the United States’ constitutional history.
Courts consistently find the FCA constitutional: Courts that have addressed this issue have uniformly concluded that the qui tam provision is constitutional.
The FCA is an effective (and cost-effective) leveraging of private knowledge and resources: The FCA, strengthened by the qui tam provision, is an effective tool to fight fraud, deter would-be fraudsters, and protect the public from harm.
“And the FCA is a resounding success, as Congress and the Executive Branch have both acknowledged,” Grassley wrote, noting that in health care—the largest area of FCA enforcement—qui tam whistleblowers have prevented harm and have uncovered fraud of which the government might not have been aware. “Additionally, an incalculable but astronomical amount of taxpayer money is saved via the deterrent effect of the whistleblower provisions.”
The United States filed a 77-page opening brief on January 6, 2025, and requested oral argument in the case, noting the importance of the issue. The district court’s decision, the government argued, conflicts with the prior opinions of four U.S. Courts of Appeals, as well as every other court to have considered the question. While the issue applies to cases where the government has not intervened, the government intervened in Zafirov for the limited purpose of defending the qui tam provisions. Specifically, the United States argued that:
Supreme Court precedent is clear that the qui tam provisions comport with Article II (e., relators do not exercise executive power);
the district court erred in applying the Appointments Clause to private citizens (e., relators do not exercise significant government authority and do not occupy a continuing position established by law); and
the district court erred in assessing and dismissing historical evidence bolstering the constitutionality of the FCA’s qui tam provisions, including early qui tam statutes comparable to the FCA.
What This Means for Health Care Enforcement
What might this mean for health care fraud enforcement, as we enter President Trump’s second term? As we noted in our recent blog post on the DOJ’s FCA recovery statistics, the fact that the first Trump administration saw nearly 370 more health care cases brought by relators than during the Biden administration, and the highest number of health care-related FCA cases brought by the DOJ in a single year—combined with Bondi’s support of the constitutionality of the statute—indicates the DOJ’s continued interest in pursuing FCA cases. Focusing on the health care sector continues to generate more FCA enforcement and recovery than any other industry, a trend likely to continue even if we may not yet know if Bondi’s leadership will ultimately prove more favorable to business interests. Stay tuned for more to come once the Eleventh Circuit issues its highly anticipated decision on the constitutionality of the FCA’s qui tam provisions.
Epstein Becker Green Attorney Ann W. Parks contributed to the preparation of this post.
ENDNOTES
[1] See U.S. ex rel. Polansky v. Executive Health Resources, 599 U.S. 419 (2023). In addition to Justice Thomas’ dissent, Justices Kavanaugh and Barrett in a concurrence acknowledged that “[t]here are substantial arguments that the qui tam device is inconsistent with Article II” and suggested that the Court consider those arguments in an “appropriate case.”
[2] See U.S. ex rel. Zafirov v. Florida Medical Associates LLC, 2024 WL 434942 (D. Fla. Sept. 30, 2024).