Global – Law Ivy

France’s Limagrain Wins Highest Chinese Damages Ever for New Plant Varieties Infringement – Over 53 Million RMB

On April 25, 2025, China’s Intellectual Property Court of the Supreme People’s Court (SPC) announced a verdict favoring Limagrain’s Chinese affiliate Heng XX Seed Industry Co., Ltd. against Henan Jin XX Seed Industry Co., Ltd. The SPC awarded Limagrain’s affiliate over 53 million RMB and an injunction for infringing new corn plant variety “NP01154” overturning the lower court’s decision and applying punitive damages. This is believed to be the highest ever award in China for new plant varieties infringement.
Heng XX Company filed a lawsuit with the first instance court, claiming that the seven approved corn hybrid varieties produced and sold by Jin XX Company, including “Zheng Pinyu 491”, “Jinyuanyu 304”, “Jinyuanyu 171”, “Zheng Pinyu 597”, “Jinyuanyu 181”, “Zhengyuanyu 777” and “Zhengyuanyu 887”, were all produced without permission using the “NP01154” variety as a parent, and requested that it be ordered to stop the infringement, apply punitive damages of 160 million RMB and pay 200,000 RMB for reasonable expenses for rights protection. In the first instance, Heng XX Company submitted four test reports to prove that the number of difference sites between the parents of the alleged infringing variety “YZ320” and “NP01154” was 1, and therefore was infringing; Jin XX Company submitted test report No. 2994 and claimed that there were differences in 4 of the 5 additional test sites, and the two were different varieties, so it did not constitute infringement. The first instance court accepted the test report No. 2994 submitted by Jin XX Company, determined that the parent of the alleged infringing variety “YZ320” and the authorized variety “NP01154” were different varieties, and ruled to dismiss all the claims of Heng XX Company. Heng XX Company appealed.
The focus of the second-instance dispute was whether Jin XX infringed the variety rights of “NP01154” and the determination of infringement liability, which mainly involved whether the parents (paternal parents) of the seven hybrid corn varieties accused of infringement were identical to the authorized variety “NP01154”. In particular, when using molecular markers to determine the identity of the variety, the conditions for expanding the site testing and the probative value of the additional testing results were the key issues in this case.

The Supreme People’s Court held that there was insufficient evidence to prove that the five additional test sites in the No. 2994 test report were generally recognized specific sites that could distinguish different varieties. The report’s initiation of the expanded site testing procedure and the selection of additional test sites did not comply with the provisions of the relevant judicial interpretations and the requirements of the molecular marker testing standards for new plant varieties, and had no probative value. Jin XX’s claim that its allegedly infringing variety was “glutinous” corn and that the authorized variety “NP01154” was “ordinary corn” and that the two were different varieties lacked evidence. The evidence in this case can prove that the parents (father) of the seven hybrid corn varieties accused of infringement are identical to the authorized varieties, and Jin XX’s behavior constitutes infringement of the “NP01154” variety rights; Jin XX’s company intentionally infringed, and the infringing products involve 7 approved hybrid varieties, the infringement period is as long as five years, and the infringing production area is as high as 8243.4 acres. The infringement is serious, and punitive damages should be applied, and the multiple of punitive damages is determined to be 1X, and then the total compensation is determined to be twice the amount of compensatory damages, that is, more than 53.347 million RMB. In view of the complexity of the case and the evidence, Heng XX’s attorney fees, testing fees, travel expenses and other expenses are reasonable, and the reasonable expenses of 200,000 RMB for rights protection are fully supported. The final compensation amount in this case is 53,547,163.1 RMB.
The original text of the announcement is available here (Chinese only).

A Roadmap for Export Controls? Project 2025 and the Future of U.S. Exports – Part III

The second Trump administration has come flying out of the starting blocks on international trade policy actions—imposing and rescinding, shaping and reshaping tariffs, sanctions, and export controls. The executive orders and directives have come so thick and fast that it is not always simple for businesses to chart a consistent policy direction and develop their plans to account for what might be coming next.
However, there is in fact a pretty clear map that could indicate the U.S. policy direction with respect to export controls.
The U.S. Department of Commerce, Bureau of Industry and Security (BIS) may well follow the map that was drafted by the same people who are now among the BIS leadership. The cartographers, as it were, are James Rockas and Robert Burkett. Rockas and Burkett now serve as the Deputy Under Secretary and Chief of Staff, respectively, at BIS. Both are listed as authors of the chapter on the Department of Commerce in the Project 2025 Mandate for Leadership publication by the Heritage Foundation.[1] Regardless of one’s views on Project 2025, the publication is a useful indicator of the future of U.S. export controls, among other policies.
In this article, we examine what the proposed “modernization” of the Export Administration Regulations (EAR) outlined in Project 2025 looks like, and analyze how the Project 2025 proposals could be implemented in future U.S. export regulations.
The Checklist
The section of Project 2025 dedicated to BIS presents a list[2] of key priorities for “EAR modernization” , as follows:
Featured Today

Eliminating the “specially designed” licensing loophole;
Redesignating China and Russia to more highly prohibitive export licensing groups (country groups D or E);
Eliminating license exceptions;
Broadening foreign direct product rules;
Reducing the de minimis threshold from 25 percent to 10 percent—or 0 percent for critical technologies;
Tightening the deemed export rules to prevent technology transfer to foreign nationals from countries of concern;
Tightening the definition of “fundamental research” to address exploitation of the open U.S. university system by authoritarian governments through funding, students and researchers, and recruitment;
Eliminating license exceptions for sharing technology with controlled entities/countries through standards-setting “activities” and bodies; and
Improving regulations regarding published information for technology transfers.

On first reading, some of these proposals may not seem to fit neatly within the familiar EAR framework. That might make it hard to picture how they will be implemented in regulations, much less to plan for them.
But that’s just the sort of picturing we propose to take on!
We have worked our way through the list above. We have asked ourselves how those broad, potentially seismic changes might actually be put into practice. Where is there real room for rewriting the regulations? Where is there precedent in export regulatory history? (Where what’s past be prologue, to borrow a phrase)?
Here we present our initial thoughts on what may be coming. We note that none of these points constitutes legal advice. But they may be useful for considering where your organization may wish to consider the possibility of future export control regulations.[3] And they may come fast, so get ready. As the poet said, defer no time. Delays have dangerous ends.
We present our findings in three parts (in three days), dividing the list to conquer it and to do so without overburdening our readers.
7. “Tightening the definition of “fundamental research” to address exploitation of the open U.S. university system by authoritarian governments through funding, students and researchers, and recruitment”
The Fundamental Research provisions of the EAR consider certain technology and software in mathematics, engineering, and science that are the result of research in universities to be in the public domain, and thus not controlled for export. One criterion for this exemption from control is that the research must be of the type that is normally published. Currently, the fundamental research exclusion provides for universities to allow students, regardless of nationality, to take part in research and to have access to certain technology and software that may otherwise be controlled.
However, universities have been under increasing scrutiny in cases where fundamental research exposes sensitive technology to students, professors, researchers, and even donors from countries of concern. Tightening the fundamental research exception could mean limiting the exception so that it does not apply to foreign persons affiliated with certain universities (such as those on the Specially Designated Nationals list), or even to all nationals of certain countries of concern. Alternatively, the rules could be tightened to allow U.S. government sponsors of research to place greater limits on access to sponsored projects based on nationality, or to require universities to waive the fundamental research exception altogether in their sponsorship agreements. Since the Fundamental Research exemptions are based in the First Amendment, there may be limits on how far that reform could be taken. But we have no doubt that the administration will look at how to restrict the Fundamental Research exemptions.
8. “Eliminating license exceptions for sharing technology with controlled entities/countries through standards-setting “activities” and bodies”
Currently, certain low-controlled technology or software is not subject to the EAR when it is being shared for the purpose of designing, developing, and/or implementing industry standard. The rule is designed for international cooperation.
Historically, the Trump administration has shown a disinclination to participate in multilateral activity (the Paris Climate Accord, UN Convention on Human Rights, Trans Pacific Partnership, NAFTA, Transatlantic Trade and Investment Partnership (TTIP), etc.). It would not be inconsistent with administration practice to narrow or eliminate exceptions that provide for free sharing of technolgoy with multilateral standards-setting groups.
Eliminating the exception would be a straightforward revision of the rule, which could potentially affect U.S. government and U.S. company relations with other governments, international organizations, international inspections under the Chemical Weapons Convention, and the International Space Station operations.
9. “Improving regulations regarding published information for technology transfers.”
Much like the fundamental research exception described above, adjusting the EAR-exception for published technology could potentially violate the First Amendment. One potential approach would be for the EAR to adopt an approach similar to the ITAR’s public domain exception. For example, public release, such as publishing, would only be permitted after approval from the U.S. Government. The proposal may also redefine what is considered “published” by introducing exceptions to the definition.
Conclusions and Early Indications
The second Trump administration has issued, rescinded, revised, and reissued a substantial number of tariffs, sanctions, and export control measures. Although it is easy to be overwhelmed by the volume of actions, some of the policy direction of the new administration is clear. And as outlined here, the Commerce Department chapter of the Project 2025 Mandate for Leadership provides strong indicators of the administration’s policy direction on export controls.
At the same time, developments outside the four corners of Project 2025 suggest that certain reforms may already be in motion. On April 10, 2025, Landon Heid—President Trump’s nominee for Assistant Secretary of Commerce for Export Administration—testified before the Senate Banking Committee and indicated that BIS may act “relatively quickly” to apply Entity List restrictions to subsidiaries of listed entities, drawing a parallel to OFAC’s 50% rule. If implemented, this shift would materially expand the scope of compliance obligations for exporters, reexporters, and technology providers by effectively capturing foreign subsidiaries and affiliates that have so far fallen outside the scope of licensing requirements.
Heid’s remarks also flagged broader enforcement priorities—particularly around China’s acquisition of artificial intelligence capabilities. He pointed to risks associated with transshipment through jurisdictions such as Hong Kong and suggested BIS may pursue tighter controls to curb diversion and illicit procurement of advanced technologies. Those developments, while not explicitly part of Project 2025, reflect an accelerating trajectory toward more expansive and aggressive export control enforcement.
Together, the Project 2025 blueprint and the emerging policy posture from BIS leadership offer a coherent preview of what the next phase of U.S. export regulation may look like. Companies would do well to monitor those signals and begin scenario planning for a regulatory environment in which the scope of control is broader, the tools are sharper, and the compliance expectations are higher.
FOOTNOTES
[1] Available at 2025_MandateForLeadership_CHAPTER-21.pdf.
[2] Id. at p.672.
[3] Additionally, we would be glad to kick these ideas around with others (I know my associates are tired of me talking about it to them). So if you have any comments, questions, or ideas to posit, please feel free to contact the authors directly.

A Roadmap for Export Controls? Project 2025 and the Future of U.S. Exports – Part II

On first reading, some of these proposals may not seem to fit neatly within the familiar EAR framework. That might make it hard to picture how they will be implemented in regulations, much less to plan for them.
But that’s just the sort of picturing we propose to take on!
We have worked our way through the list above. We have asked ourselves how those broad, potentially seismic changes might actually be put into practice. Where is there real room for rewriting the regulations? Where is there precedent in export regulatory history? (Where what’s past be prologue, to borrow a phrase)?
Here we present our initial thoughts on what may be coming. We note that none of these points constitutes legal advice. But they may be useful for considering where your organization may wish to consider the possibility of future export control regulations.[3] And they may come fast, so get ready. As the poet said, defer no time. Delays have dangerous ends.
We present our findings in three parts (in three days), dividing the list to conquer it and to do so without overburdening our readers.
4. “Broadening foreign direct product rules”
Foreign Direct Product Rules (FDPRs) extend U.S. export controls to cover foreign manufactured items that are the direct product of certain U.S.-origin technology, software, or equipment.[4] In 2020, the FDPRs were broadened significantly to cover foreign made items destined for the Chinese telecommunications equipment maker Huawei and certain of its affiliates, and a handful of other Chinese and Chinese-owned companies. In general, there are two pieces to an FDPR, the Product Scope (what the control applies to), and the Destination Scope (at what countries or companies the control is aimed).
Since BIS brought the FDPR hammer out of the toolbox, it has found plenty of nails. There are now ten separate FDPRs applicable to Product Scopes such as Supercomputers and semiconductor manufacturing equipment, or to Destination Scope targets such as the Russian and Belarusian militaries. In terms of writing regulations, it is likely easiest for the U.S. government to aim a broad product scope control at a narrow target, singling out a company or group of companies. However, recent EAR amendments have placed broad controls on artificial intelligence by defining a set of AI model weights that may be subject to controls globally.
We fully expect new FDPRs to contain broader Product Scope to cover technologies the administration considers critical (e.g., semiconductor manufacturing, autonomous vehicles, or AI). Likewise, we expect new FDPRs may contain several new companies in the Destination Scope, as the administration develops new targets over time.
5. “Reducing the de minimis threshold from 25 percent to 10 percent—or 0 percent for critical technologies”
Currently, a product made outside the United States may be subject to U.S. export controls if it incorporates more than a de minimis amount of U.S.-origin controlled content by value. That is, if you make a computer in France, but the hard drive is U.S.-origin and incorporated into your French computer, then the value of that hard drive may account for more than the de minimis amount of value of that computer. As a result, that computer may be controlled by U.S. export controls, even as it is exported from France as a French-made item.
For most countries, the de minimis threshold of U.S. content is 25% of the value of the foreign-made item. However, for certain countries (e.g., Iran) it is 10%, and for others (e.g., Cuba), it is 0%. In cases where the threshold is 0%, the de minimis rule operates like the ITAR see-through rule: any U.S.-origin controlled content in the foreign made item will trigger U.S. controls for export to the country with a 0% de minimis level.
It follows that a reduction of the de minimis level would significantly expand the extraterritorial jurisdiction of BIS. It would give BIS control of a broad swath of foreign made products that would be exported to the country with the lower de minimis threshold.
6. “Tightening the deemed export rules to prevent technology transfer to foreign nationals from countries of concern”
When a person discloses controlled technology to a foreign person, the release of that technology is considered an export to the home country of that foreign person. That is the case regardless of where the release occurs, even if both persons are in the United States. The release of technology—through a discussion, through visual inspection, or through written communication—is “deemed” to be an export to the foreign person’s country of nationality. Similarly, a release of U.S.-controlled technology in a foreign country by a person authorized to have that technology to a person of a third-country nationality, is a deemed reexport to that person.
So when an engineer in Denmark is collaborating with his U.S. colleagues on controlled technology development, the technology is exported to Denmark. If he discusses the technology with his Chinese colleague in Denmark, that discussion may be considered a deemed reexport to China. However, in certain cases, if the Chinese national is an employee of the same company and the company is authorized to receive the technology, the technology may be shared with the Chinese national without any further licensing.[5]
That scenario presents a tempting target for a BIS looking to tighten controls on technology going to China. The rule could simply be changed so that a person from China (or Russia or any other country of concern) could not receive the controlled technology without further licensing. Alternatively, export licenses might be written to include provisos prohibiting certain deemed reexports, e.g., to China.
In either case, as a Danish (or EU or other third-country) employer, you may need to consider whether you can hire that graduate student from a country of concern or whether you can staff certain projects with persons with certain nationalities. At the same time, non-U.S. companies aiming to comply when hiring employees from U.S. countries of concern will need to balance that compliance against any local employment laws on hiring decisions made on the basis of national origin.
Conclusions and Early Indications
The second Trump administration has issued, rescinded, revised, and reissued a substantial number of tariffs, sanctions, and export control measures. Although it is easy to be overwhelmed by the volume of actions, some of the policy direction of the new administration is clear. And as outlined here, the Commerce Department chapter of the Project 2025 Mandate for Leadership provides strong indicators of the administration’s policy direction on export controls.
At the same time, developments outside the four corners of Project 2025 suggest that certain reforms may already be in motion. On April 10, 2025, Landon Heid—President Trump’s nominee for Assistant Secretary of Commerce for Export Administration—testified before the Senate Banking Committee and indicated that BIS may act “relatively quickly” to apply Entity List restrictions to subsidiaries of listed entities, drawing a parallel to OFAC’s 50% rule. If implemented, this shift would materially expand the scope of compliance obligations for exporters, reexporters, and technology providers by effectively capturing foreign subsidiaries and affiliates that have so far fallen outside the scope of licensing requirements.
Heid’s remarks also flagged broader enforcement priorities—particularly around China’s acquisition of artificial intelligence capabilities. He pointed to risks associated with transshipment through jurisdictions such as Hong Kong and suggested BIS may pursue tighter controls to curb diversion and illicit procurement of advanced technologies. Those developments, while not explicitly part of Project 2025, reflect an accelerating trajectory toward more expansive and aggressive export control enforcement.
Together, the Project 2025 blueprint and the emerging policy posture from BIS leadership offer a coherent preview of what the next phase of U.S. export regulation may look like. Companies would do well to monitor those signals and begin scenario planning for a regulatory environment in which the scope of control is broader, the tools are sharper, and the compliance expectations are higher.
FOOTNOTES
[1] Available at 2025_MandateForLeadership_CHAPTER-21.pdf.
[2] Id. at p.672.
[3] Additionally, we would be glad to kick these ideas around with others (I know my associates are tired of me talking about it to them). So if you have any comments, questions, or ideas to posit, please feel free to contact the authors directly.
[4] We recognize that the term in the regulations is not “equipment,” but, rather “plant or major component of a plant.” But boy is that longer phrase ungainly, so we will use “equipment” as a shorthand here and trust that it sufficiently conveys the message.
[5] However, there would be some administrative steps involved in making that release lawful.

Tough Timetable Pushed Through To Update CSRD’s Reporting Standards

On 25 April 2025, the sustainability reporting board (“SRB”) of the European Financial Reporting Advisory Group (“EFRAG”), agreed the internal timeline for delivering advice to the European Commission on the simplification of the European Sustainability Reporting Standards (“ESRS”), which is at the centre of the Corporate Sustainability Reporting Directive’s requirements.
This followed the initial failure to do so, which we reported on here, on 15 April which had been the target date to approve the timeline.
The timetable is ambitious:

Activity
Timing

1. Establishing a vision on actionable levers for substantial simplification (to be confirmed following the stakeholders’ feedback)
April to mid-May 2025

2. Gathering evidence from stakeholders, analysis of the issued reports and other sources
April to mid-May 2025

3. Drafting and approving the Exposure Drafts amending ESRS
Second half of May to July 2025

4. Publishing the Exposure Drafts, receiving and analysing feedback from stakeholders
August and September 2025

5. Finalising and delivering the technical advice to the European Commission
October 2025

The public consolidation will start at the very end of July, for a short window, combined with some public feedback events tabled for the beginning of September 2025.

Cybersecurity: Salt Typhoon’s Persistence is a Cruel Lesson for Smaller Providers

In December 2024, the White House’s Deputy National Security Adviser for Cyber and Emerging Technology confirmed that foreign actors, sponsored by the People’s Republic of China, infiltrated at least nine U.S. communications companies. The attacks, allegedly conducted by China’s state-sponsored Salt Typhoon hacking group, compromised sensitive systems, and exposed vulnerabilities in critical telecommunications infrastructure.
All communications service providers across the U.S. are at risk to this threat, especially those located near a U.S. military facility. To combat this threat, it is important for communications service providers to adopt and implement cybersecurity best practices in alignment with the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework 2.0 and/or the Cybersecurity and Infrastructure Security Agency’s (CISA) Cross-Sector Cybersecurity Performance Goals.
In response to the Salt Typhoon threat, in January of this year, the FCC adopted a Declaratory Ruling and a Notice of Proposed Rulemaking to affirm and increase the cybersecurity obligations of communications service providers. The Declaratory Ruling clarifies that Section 105 of the Communications Assistance for Law Enforcement Act (CALEA) creates legal obligation for telecommunications carriers to secure their networks against unlawful access and interception. Telecommunications carriers’ duties under section 105 of CALEA extend not only to the equipment they choose to use in their networks, but also to how they manage their networks. Such carriers must work to prevent any unauthorized interception or access into their network (and maintain records thereof). This requires basic cybersecurity hygiene practices such as:

Implementing role-based access controls;
Changing default passwords;
Requiring minimum password strength; and
Adopting multifactor authentication.

Falling short of fulfilling this statutory obligation may include failing to patch known vulnerabilities or not employing best practices that are known to be necessary in response to identified exploits.
The Notice of Proposed Rulemaking, if adopted, would require providers to adopt and implement cybersecurity and supply chain risk management plans as well as certify compliance with these plans annually to the FCC. The proposed rule would apply to a wide array of providers including facilities-based providers, broadcast stations, television stations, cable systems, AM & FM commercial radio operators, TRS providers, satellite communications providers, and all international section 214 authorization holders. Participants of the FCC’s Enhanced A-CAM Program and NTIA’s BEAD Program are already subject to this requirement.
Ultimately, more FCC regulation is coming. At the same time, cyber incidents are increasing. Communications service providers should consider creating both a cybersecurity and supply chain risk management plan as well as a cybersecurity incident response plan. Such plans should reflect industry best practices outlined in federal guidance documents as described above.
In addition, carriers should review their cybersecurity liability insurance policies to ensure they have sufficient coverage. It’s also critical to review and update vendor and partner contracts for security and supply chain risk management clauses to include provisions for incident response, liability, and retention of information.
Finally, communications service providers should also consider engaging legal counsel to assist their efforts in ensuring that they are adequately protected.
Womble Bond Dickinson has developed a cybersecurity retainer that captures the requirements and proactive procedures necessary to meet the regulations, protect your networks and deal with the fallout of cybersecurity breach including insurance recovery and class action litigation from a cybersecurity data breach.

China’s Supreme People’s Procuratorate Launches Intellectual Property Procuratorate

At an April 23, 2025, press conference, China’s Supreme People’s Procuratorate (SPP) announced the launch of the Intellectual Property Procuratorate. Li Xuehui, Director of the General Office (Public Information Office) and Spokesperson of the Supreme People’s Procuratorate, stated, “since the 18th CPC National Congress, the CPC Central Committee with Comrade Xi Jinping as the core has elevated intellectual property protection to a national strategy. The report of the 20th CPC National Congress clearly pointed out the need to ‘strengthen the legal protection of intellectual property rights,’ which has pointed out the direction for procuratorial work in the new era. Recently, the Supreme People’s Procuratorate, after research and approval from the Office of the Central Organization and Establishment Commission, added ‘Intellectual Property Procuratorate’ to the Economic Crime Procuratorate of the Supreme People’s Procuratorate. Today’s press conference is the first time that the Intellectual Property Procuratorate of the Supreme People’s Procuratorate has appeared to the public. The formal establishment of the Intellectual Property Procuratorate of the Supreme People’s Procuratorate reflects the CPC Central Committee’s high attention to intellectual property protection and marks that China’s judicial protection of intellectual property rights has further entered a stage of professionalization and integration. “

April 23, 2025 SPP Press Conference

Initially, the SPP launched an intellectual property office in November 2020 with pilot offices in nine provinces/municipalities including Beijing, Tianjin, Shanghai, Jiangsu, Zhejiang, Fujian, Chongqing, Sichuan and Hainan.
In August 2021, the SPP stipulated that the Intellectual Property Office would be responsible for procuratorial functions of criminal, civil, administrative and public interest litigation for IP rights.
In March 2022, the SPP issues the “Opinions of Comprehensively Strengthening IP Procuratorial Work in the New Era,” clarifying the guiding ideology, basic principles, goals, tasks and specific measures for IP procuratorial work.
In June 2022, the “Mona Lisa” trademark dispute was retried and the verdict changed. This was the first IP administrative litigation supervision case that was appealed by the SPP and successfully changed since the establishment of the IP Office. As explained by the SPP in their 48th Batch of Guiding Cases Focusing on IP:
On November 11, 2021, the Supreme People’s Procuratorate lodged a protest with the Supreme People’s Court, believing that the second-instance judgment in this case contained errors in the determination of facts and application of law. The main reason is that the “bathroom (water closet), toilet” products approved for use in the disputed trademark and the “bathroom fixtures” products approved for use in the cited trademark constitute similar products. The disputed trademark and the cited trademark are similar in terms of text composition, name, constituent elements, etc., and constitute similar trademarks….The Supreme People’s Court ordered the Beijing Higher People’s Court to retry the case. On June 14, 2022, the Beijing Higher People’s Court made a judgment that the disputed trademark and the cited trademark constitute similar trademarks used on similar goods…The Beijing Higher People’s Court revised the verdict after retrial and revoked the second-instance judgment and the first-instance judgment in this case.

In July 2022, the SPP issued the “Implementation Plan for National Procuratorial Organs to Carry Out Special Supervision Work on Punishing Malicious IP Litigation.”
In January 2023, the SPP established a national IP prosecution pool with 90 members and later increased to 132 members.
By the end of 2023, all provincial level procuratorates have established IP prosecution departments.
A transcript of the press conference is available here (Chinese only). A brief history from the SPP of SPP IP prosecution can be found here (Chinese only).

EU Data Act Preparedness – Last Minute Fire Drill Exercise!

In less than six months, on 12 September 2025, most provisions of EU Regulation no. 2023/2854 (the EU Data Act) will go into effect. In light of the challenging compliance efforts, from legal and contractual points of view as well as from operational and product development perspectives, affected companies should act soon to avoid liability and administrative fines and to update their contractual frameworks.
The below checklist provides initial level guidance to assist in companies in assessming their risk exposure and identifying mitigation steps.
While the EU Data Act covers many different data-related topics, topics that are most relevant for private companies are obligations regarding collection and use of Internet of Things (IoT) data (Section 1) and switching between cloud storage/service providers (Section 2).
For IoT Companies
Does Your Company Manufacture Connected Products (Connected Products)?
Definition: Connected Products are all categories of equipment collecting data about their use or vicinity and are able to transfer this data via internet connection, also commonly referred to as “smart devices” or “IoT devices,” such as cars, televisions, refrigerators, cleaning or lawn mowing robots, kitchen tools, etc. (Source: Art. 2(5) EU Data Act)
Does Your Company Offer Related Services (Related Services) in Connection With Connected Products?
Definition: Related Services include any digital service (usually provided via an app) essential for the intended use of a Connected Product or adding additional functionalities to a Connected Product. (Source: Art. 2(6) EU Data Act)
Who Are Your Users?
Definition: If your Connected Products or Related Services are offered to customers in the European Union, the EU Data Act will apply to such product or service, regardless of whether your customers are consumers (B2C) or commercial (B2B) customers. (Source: Art. 1.3 EU Data Act)
Does Your Connected Product or Related Service Allow Users to Access Collected Product Data (Product Data)?
Definition: Product Data is all information collected by a Connected Product or Related Service in connection with using such product or service or its environment, regardless of whether such data is considered “personal data” under GDPR or not.
Action: Users have a right to have access to Product Data in real time, either directly in the IoT device or related app, or at least separately in a machine-readable format. Technical measures for enabling this access need to be implemented.
Action: Users must be provided with core information when purchasing a Connected Product or Related Service, e.g., regarding the types and amount of usage data collected, for what purposes the data will be used, where and how long the data is stored, and how the data can be accessed and stored. Information documents need to be prepared.
Action: Users may also request to grant third parties access to their Product Data. It is recommended to assess upfront under which, if any, conditions such disclosure may be rejected and on which grounds.
Does Your Company Use the Product Data for Its Own Purposes?
Action: Any use of this data for own purposes (e.g., analytics or business intelligence or advertisement) is only permitted under permission from the user of the Connected Product or Related Service to be given in a contract, including detailed provisions on the use and protective mechanisms. These contracts must follow a strict agenda and must contain certain mandatory terms. Existing customer agreements and new customer agreements will need to be updated accordingly before either 12 September 2025 (new contracts) or 12 September 2027 (for contracts executed prior to 12 September 2025 and (i) of indefinite duration or (ii) due to expire after 11 January 2034.)
Does Your Company Share Any of the Product Data With Third Parties?
Action: Product Data may be shared by your company with third parties only on the basis of a contract between the third party and the user in addition to the contractual relationship of your company with the user.. These contracts must follow a strict agenda and must contain certain mandatory terms. Agreements need to be put in place with users and third parties receiving usage data.
Does Your Company Currently Have Contracts in Place With Customers or Third Parties Entitling or Requiring Your Company to Access or Share Product Data?
Action: Existing agreements need to be reviewed for clauses regarding access to Product Data and, if such clauses exist, need to be updated to meet the above data sharing requirements.
For Cloud Storage/Service Providers:
Does Your Company Offer Cloud Services?
Definition: These are usually services enabling customers to upload their data to cloud servers; not only cloud infrastructure providers are covered, but each provider offering services around data hosting is covered, even if the cloud infrastructure is owned by another service provider.
Who Are Your Customers?
Definition: If your Connected Products or Related Services are offered to customers in the European Union, the EU Data Act will apply to your product or service, regardless of whether your customers are consumers (B2C) or commercial (B2B) customers.
Does Your Company Enable Customers To Migrate to Another Service Provider or Replace the Service With an On-Premises Solution?
Action: The EU Data Act obliges cloud service providers to remove obstacles that could deter customers from switching to another provider or an on-premises solution, regardless of the nature of the obstacle and including in particular contractual and technical obstacles. Service providers must assess if their service setup may raise such obstacles and, if necessary, remove these.
Action: Customer contracts must provide wording regarding the procedures, rights, and obligations of the parties for switching to another service provider, including termination and migration rights.
Action: Customer data must be maintained in a file format that can easily be transferred.
Does Your Company Charge Fees for Migrating Customer Data to Another Service Provider or an On-Premises Solution?
Action: From 12 January 2027 onward, cloud service providers must not charge any fees if the customer decides to migrate to another service provider or an on-premises solution. Until then, fees may not exceed the internal costs of the service provider arising in direct context with the migration.

Defense Contractors’ Restrictions When Contracting with Chinese Companies

In the current economic climate, the obvious focus of many companies is on the administration’s imposition of tariffs. However, government contractors, especially those contracting with the U.S. Department of Defense (“DoD”), must not lose sight of their current and potential future direct and indirect relationships with certain Chinese entities.
Contractors’ compliance obligations regarding relationships with Chinese entities flow from:

FAR 52.204-25 (Section 889 of the 2019 National Defense Authorization Act (“NDAA”)), and
The Chinese Military Companies (“CMC”) List (Section 1260H of the 2021 NDAA) (also known as the “1260H List”).

Section 889 became effective in 2019 and 2020, so compliance policies and procedures applicable to contracting with all federal government agencies should be well in place. New complexities are emerging for defense contractors given the expanding number of Chinese entities on the1260H List. All contractors are required to annually certify compliance with Section 889, but defense contractors will have an additional level of compliance. They will be required to comply with the 1260H List beginning in June 2026 (for contractors that work with individuals or entities that lobby for CMCs) and June 2027 (for contractors sourcing from or otherwise doing business with entities on the 1260H list). We discuss both compliance frameworks below and provide several key takeaways for contractors.
Government-Wide Supply Chain Restrictions: Section 889
Parts A and B of Section 889 impose significant restrictions on a contractor’s ability to use and sell to the government covered telecommunications and video surveillance products and services (“covered equipment and services”) from five Chinese entities and their affiliates.
Part A, effective August 2019, prohibits the government from procuring covered equipment and services manufactured by the companies identified below. A prime contractor is required to flow down this prohibition to its subcontractors. Part B, effective August 2020, prohibits the government from contracting with entities that “use” covered equipment and services from the five identified companies. This prohibition applies to a contractor’s use of covered equipment and services in any part of its business. There is no nexus required tethering the use of such equipment or services to the contractor’s performance of a federal government contract. Part B does not flow down to subcontractors.
As U.S. government contractors are now well aware, compliance with Part B requires eliminating covered technology and services from their organizations from the five named Chinese entities and their affiliates, which typically include the following types of products/services:

Huawei: mobile phones, laptops, tablets, routers, and switches
ZTE Corporation: mobile phones, mobile hotspots, and network equipment (routers/switches)
Hytera Communications Corporation: radio transceivers and radio systems
Dahua Technology Company & Hangzhou Hikvision Digital Technology: video surveillance products and services (e.g., company surveillance systems)

DoD-Only Relationship Restrictions on Companies Listed on the Section 1260H List
The 2021 NDAA will add a second layer of compliance only for defense contractors. The Secretary of Defense is required to publish an annual list of CMCs. Starting in June 2026, DoD will be prohibited from procuring goods, services, and technology produced or developed by listed CMCs or companies that hire lobbyists that lobby for CMCs. Starting in June 2027, the same prohibition will apply to indirect procurements, meaning defense contractors must eliminate goods, services, and technology from listed CMCs from their supply chains.
To be included on the 1260H List, a Chinese entity must have one of two associations as determined by DoD. First, an entity must directly or indirectly (whether through ownership, control, or affiliation) act as an agent of the People’s Liberation Army; Chinese military or paramilitary elements; security, police, law, or border enforcement; the People’s Armed Police; the Ministry of State Security; or any other organization controlled by the Central Military Commission of the Communist Party, the Ministry of Industry and Information Technology, the State-Owned Assets Supervision and Administration Commission of the State Council, or the State Administration of Science, Technology, and Industry for National Defense. Alternatively, listed entities are those important to civilian and military advancements in China’s defense industrial base; these entities are called “military-civil fusion contributors.”
Whereas compliance regimes for Section 889 are nearly five years old, compliance deadlines for Section 1260H are upcoming:

Starting June 30, 2026, DoD may not (i) enter, renew, or extend contracts for goods, services, or technology with listed entities or their affiliates, or (ii) contract with companies that engage individuals or entities that lobby for CMCs, even if regulated “lobbying” activity does not relate to the contractor’s operations (Section 851 of the 2025 NDAA). (“Lobbying” is defined by the Lobbying Disclosure Act of 1995).

The prohibition differentiates between end-item technology and mere “components” of end item technologies. The prohibition focuses on end-items. (“Component” means an item supplied to the Federal Government as part of an end-item or of another component. 41 U.S.C. § 105.)

Starting June 30, 2027, DoD may not purchase end products or services developed or produced by listed entities indirectly through third parties. (Note an exception in Section 805 of the 2025 NDAA excluding the purchase of component materials that are part of an end product created by an entity not on the 1260H list.)

Section 1260H of the Fiscal Year 2021 NDAA required that DoD publish the 1260H List each year until at least 2030. Additional entities have been added each year thereafter. In an effort to provide contractors with ample notice, DoD has begun publishing 1260H Lists. As of January 2025, there are 134 entities on the list (Notice of Availability of Designation of Chinese Military Companies (Federal Register)). The listed entities span an array of industries, including telecommunications, aerospace, semiconductors, artificial intelligence, energy, and transportation, among others. Notably, Hangzhou Hikvision Digital Technology Co., Ltd. (Hikvision); Huawei Technologies Co., Ltd.; and Zhejiang Dahua Technology Co., Ltd. (Dahua) appear on both the Section 889 and Section 1260H lists.
Key Takeaways for Contractors

For Section 889 and Section 1260H compliance, U.S. government contractors must assess their supply chains both for direct contracts as well as contracting for end products or services developed or produced by listed entities indirectly through third parties on either list.
For purposes of Section 1260H, contractors must assess whether existing sourcing relationships involve “components” of end items (which are exempted) or end items themselves.
Further, contractors must conduct extensive due diligence to understand the agents working with them and on behalf of any listed entity to avoid running afoul of the restrictions on lobbying activity.
Contractors should actively monitor this space because more stringent restrictions may follow.

What Every Multinational Company Should Know About … Customs Enforcement and False Claims Act Risks (Part II)

As detailed in Part I of our three-part series on Minimizing Customs Enforcement and False Claims Act Risks, the combination of the new high-tariff environment, the heightened ability of Customs (and the general public) to data mine, and the Department of Justice’s (DOJ) stated focus on using the False Claims Act (FCA) substantially increases import-related risks. In light of this heightened risk, Part II and the forthcoming Part III of this series focus on preparing for specific areas where we see heightened enforcement risk, both for Customs and FCA penalties, with this article addressing the most common FCA risks arising from submitting false Form 7501 entry summary information.
Risks Arising from Misclassifications
By far, the most common Customs errors we see relate to misclassifications on Form 7501 entry summaries. If made knowingly, these misclassifications can lead to FCA liability, as demonstrated by a high incidence of DOJ settlements based on alleged known classification errors. Relevant FCA examples include $22.2 million and $2.3 million settlements, each premised on importers knowingly misclassifying entries into lower-tariff classifications to avoid paying duties owed on the companies’ imports.
Additionally, aggressively classifying goods to avoid being subject to the China Section 301 tariffs can create the risk of FCA liability. Such opportunistic classification led to a $22.8 million settlement by an importer that used inaccurate classifications despite receiving repeated CBP notices informing the importer that the classifications it had been using for similar goods were erroneous. The importer continued using the incorrect classifications for over three years, even after an outside consultant confirmed the importer had been using incorrect classifications.
Customs Compliance Response

Maintain a Regularly Updated Classification Index. Well-supported and consistent classifications are the key to avoiding these types of errors. The most important tool for ensuring accuracy in classifications is a robust and regularly updated Customs Classification Index, which should list the HTS classification for regularly imported SKUs while incorporating support for classification decisions made, including an application of the Customs General Rules of Interpretation, advisory opinions, responses to protests against liquidation, and other relevant support.
Conduct Classification Reviews. We often find that importers leave classification decisions up to customs brokers, assuming they are experts and responsible for identifying the correct codes. Customs, however, places full responsibility for the accurate submission of all Form 7501 information on the importer of record, not the broker. Periodically review your classifications, especially for frequently imported items, to ensure accuracy.
Evaluate Classification Accuracy in Post-Entry Reviews. Customs allows importers 310 days after entry to fix any classification errors. Conduct post-entry checks to confirm the accuracy of all submitted information, and use post-summary corrections to correct any errors, including misclassifications, before liquidation. This will help catch errors and, where corrected, undermine FCA scienter.
Review Tariff Engineering. With tariff rates rising, Customs is aggressively looking for importers who have engaged in opportunistic classification to try to lower import charges. This includes a special focus on importers who have changed their classifications after the imposition of new tariffs. This does not mean importers should view themselves as locked into adverse and incorrect classifications. They should, however, adequately document any classification changes and be prepared to respond promptly to Customs inquiries.

Risks Arising from Misrepresenting the Physical Characteristics of Imported Goods
Making known misrepresentations to incorrectly claim a lower tariff classification can lead to FCA liability. For instance, an importer of brake parts settled an FCA case alleging it knowingly misrepresented the physical characteristics of its entries (claiming they were duty-free unmounted brake pads rather than mounted brake pads subject to a 2.5% classification) for $8 million.
Customs Compliance Response

Confirm Accuracy of Factual Support for Classifications. In most cases, classification is determined by (1) the physical attributes of the product and, in certain cases, (2) the primary use of the product. Ensure you have accurate backup and consistent classification for each of these issues.
Document and Retain Classification Decisions. Ensure you maintain detailed records for all classification determinations, and keep them for at least five years from the time of entry.

Risks Arising from Improper Country of Origin Declarations
Because of the imposition of special Section 301 tariffs on China, the number of importers caught making errors relating to declaring the wrong country of origin (COO) has sharply risen. The imposition of reciprocal tariffs only magnifies the importance of the COO. Generally these cases involve imported goods that were assembled in third countries using parts and components from a high-tariff country. In these situations, careful analysis is required to ensure there is sufficient manufacture, value added, and change in the name, character, and use of the product so the result is a “substantially transformed” product that is a new and different article of commerce.
FCA cases illustrate the twin risks that can arise from incorrect COO declarations. In 2021, the DOJ settled an FCA matter for $160,933, alleging the importer knowingly failed to designate that certain imports were manufactured in China, thus evading Section 301 duties.
Customs Compliance Response

Confirm Accuracy of Substantial Transformation Analysis. One of the highest-priority areas of Customs scrutiny is to find instances of importers evading customs duties either by transshipping through lower-tariff third countries or by shipping parts and components to a third country and then engaging in only minor assembly operations (e.g., from China to another Southeast Asia country). If the goods are not substantially transformed into a new and different article of commerce, then they cannot claim the lower-tariff COO. Review all instances where parts and components from a high-tariff country, like China, are used in further manufacturing in a lower-tariff country. Ensure there is a reasonable basis for the COO declaration, and document the analysis in case of Customs inquiry.

Risks Arising from Undervaluation
Failing to declare the full value of entries is another common error. Most importers use transaction value, which requires the importer to start with the price actually paid or payable, add certain mandatory additions (e.g., the value of assists and royalties), and accurately reflect any allowed voluntary deductions. Recent examples include $217,000, $729,000, and $1.3 million settlements of allegations relating to known under-declared entry values resulting in underpaid tariffs, as well as a $3.6 million settlement of civil claims resulting from the DOJ joining an FCA whistleblower lawsuit. An additional sobering example is a settlement of claims against an importer that knowingly undervalued its goods through the remedy of losing all import privileges.
More specifically, the known failure to include assists (i.e., customer-provided production aids such as tools, dies, and molds) within the entered value can incur FCA liability. Where a U.S. company provides such assists, it needs either to declare the full value of the assist on the first entry or set up a system to attribute the full value of the assist over the useful lifetime of the product, thus declaring it piecemeal over time. These values do not show up on commercial invoices, making it easy to forget to include this mandatory addition to entered value. But the risks of knowingly failing to do so are demonstrated by two FCA settlements of $4.3 million and $7.6 million for the alleged failure to include assists in the entered value.
Customs Compliance Response

Understand How to Calculate Entered Value. Most companies use transaction value to determine the entered value. Valuation is complicated in situations involving post-entry price adjustments, cash or quantity discounts, indirect payments, exchange rate conversions, and other tricky areas. Ensure valuation is calculated correctly for all entries, including for the inclusion of off-invoice mandatory additions to value.
Establish a System for Identifying and Tracking Assists, and Consistently Follow It. Importers should have a system for systematically identifying and tracking assists, which can be as simple as a spreadsheet. If this historically has not been done, a review of a company’s trial balance ledger can potentially identify historically provided assists. All assists either should be recognized on the first entry of the applicable universe of goods or apportioned over the expected useful lifetime of the assist. If the latter method is used, establish a system for tracking all relevant entries benefiting from assists and consistently add them when calculating the entered value. Share such information with your customs broker to implement a secondary check.

Risks Arising from Improper Claims of Preferential Treatment Under Free Trade Agreements
Another common error we see is failing to meet free trade agreement (FTA) requirements, such as failing to work through the COO requirements. Along these lines, in one FCA action an importer paid $22.2 million to settle allegations that, among other things, it knowingly claimed improper preferential treatment under FTAs.
Customs Compliance Response

Always Have Certificates of Origin On Hand at Time of Entry. One of the most common errors we see in customs audits and disclosures is one of the simplest to fix: Ensure that you always have the USMCA certificate of origin available at the time of importation. Under the USMCA, it is not possible to create these after the time of entry.
Apply Correct Country of Origin Principles. FTAs include different COO principles. These generally are based on a tariff-shift analysis, which is viewed as providing more certain outcomes than the more subjective substantial transformation test commonly applied by Customs. Certain products, such as automotive products under the USMCA, also have special rules for determining preferential status. Note as well that it may be necessary to apply FTA principles to determine the COO for purposes of paying normal Chapter 1-97 duties while applying substantial transformation principles for determining the country of origin for special tariffs, such as section 232 or 301 tariffs imposed by President Trump.

Risks Arising from Failure to Pay Antidumping and Countervailing Duty Orders (AD/CVD Orders)
In addition to the normal Chapter 1-97 tariffs, the U.S. government imposes a parallel set of duties under more than 600 AD/CVD orders. Because AD/CVD tariffs often are very high, failure to properly declare and pay all AD/CV duties can quickly run up tariff underpayments.
As a result, one of the most common Customs FCA claims is for failing to pay AD/CV duties. An importer of home furnishings agreed to pay $500,000 to resolve allegations that it violated the FCA by knowingly making false statements on customs declarations to avoid paying AD duties on imports from China, with four other importers agreeing to pay $275,000, $5.2 million, $10.5 million, and $15 million based on alleged known classification failures based on the same order. Three other importers paid settlements of $2.300,000, $650,000, and $100,000 to settle allegations that they had knowingly evaded AD duties under the aluminum extrusions AD duty order, while another paid $45 million to resolve allegations that it knowingly misrepresented the COO to evade AD/CV duties.
Customs Compliance Response

Use HTS Screening. The scope of an AD/CV duty is determined by its written scope, not whether it falls within any given HTS subheading. Nevertheless, every order provides HTS subheadings for the convenience of importers. Screen all entries against these HTS subheadings as an initial check, and follow up on any potential matches.
Be Wary of Counter-Intuitive Coverage of AD Duty Orders. Be aware that certain AD/CVD orders, such as the aluminum extrusions order against China, are not susceptible to HTS screening and require individual examination. Also, consider that certain AD duty orders, such as the one on solar panels, have tricky rules for determining the product scope. Learn which orders are of particular relevance for your import profile and carefully screen all potential matches against them.

Risks Arising from Misapplying Customs Duty-Free Exemptions
A number of Customs programs can result in duty-free entries, such as U.S. goods returned and the Generalized System of Preferences. Illustrating the risks inherent in misapplying duty-free exemptions, importers paid $610,000 and $908,100 to settle allegations that involved “improperly evad[ing] customs duties … breaking up single shipments worth more than those amounts into multiple shipments of lesser value in order to avoid the applicable duties.”
Customs Compliance Response

Carefully Confirm Eligibility Under All Tariff-Saving Programs. Each tariff-saving program has its own rules, which can include special eligibility requirements. Carefully review these rules and document their applicability before claiming preferential treatment.

Risks Arising from Failure to Appropriately Value Goods from Related Parties
Another common problem is that importers either do not have a transfer pricing study in place to support the arms-length nature of their pricing when purchasing from affiliates, or they improperly rely on an IRS transfer pricing study (which is impermissible because CBP has specific standards for transfer pricing studies that differ from the IRS standards). Although we are not aware of any FCA case alleging improper pricing from related parties, this conduct is common and can potentially impact a large volume of entries, making a known misdeclaration a risk factor for potential FCA liability.
Customs Compliance Response

Confirm the Existence of a Customs-Specific Transfer Pricing Study. If you do not have a customs-specific transfer pricing study in place, consider conducting or hiring a customs accounting specialist to prepare a bridge memorandum to analyze the underlying data. If you do not have an IRS transfer pricing study, then obtain one (and also take care of your IRS transfer pricing requirements).
Confirm the Consistent and Accurate Application of the Results. It is important not only to have a customs transfer pricing study but also to consistently apply its results. Ensure the entered value from every import from a related party is confirmed against the conclusions of the study.

In sum, DOJ has a rich history of using a wide variety of issues to support FCA claims, especially relating to the known false submission of Form 7501 entry summary information. By considering the compliance responses outlined above, importers can ensure that their entry summary information is accurate in the first place, to best avoid known false submissions. Part III of this series will turn its focus to FCA risks arising from improper management of import operations.

Transatlantic Terminology: Skilled Artisan Could Equate UK, US Word Meanings

The US Court of Appeals for the Federal Circuit affirmed a Patent Trial & Appeal Board unpatentability determination, finding that a skilled artisan would have found the term “sterile” in a UK publication to mean the same as the term “sterilized” in the United States. Sage Products LLC v. Stewart, Case No. 23-1603 (Fed. Cir. Apr. 15, 2025) (Reyna, Cunningham, Stark, JJ.)
Sage owns two patents related to a sterilized chlorhexidine product in a package, such as an applicator filled with an antiseptic composition for disinfecting skin. Becton, Dickinson and Company petitioned for inter partes review (IPR) of both patents. The Board relied on four key pieces of prior art, including one that was a UK publication, to find the challenged claims unpatentable. In instituting the IPR and evaluating the petition, the Board construed the term “sterilized” to mean that “the component or composition has been subjected to a suitable sterilization process such that sterility can be validated.” In the final written decision, the Board found that a skilled artisan at the time of the invention would have known, through education and experience, that the term “sterile,” as used in the UK prior art publication, is equivalent to the term “sterilized,” as used in the US and particularly in the Sage patents. Reviewing the totality of the evidence before it, including both parties’ experts’ reports and testimony, the Board determined the challenged claims were unpatentable. Sage appealed.
The Federal Circuit declined to overturn the Board’s findings, affirming the Board’s definition of a person of ordinary skill in the art and their understanding of the term “sterilized” at the time of the invention. The Court found that the Board did not ignore or disregard evidence but properly weighed the evidence before it, concluding that a skilled artisan having the education and experience required by the Board’s definition would know the differences between the US and UK regulatory standards for “sterile” and therefore would know that UK references to “sterile” items would satisfy the challenged claims’ requirement for “sterilized” items.

The UK’s Failure to Prevent Fraud Offense

Effective September 1, 2025, the UK’s Failure to Prevent Fraud offense will go into effect as part of the UK’s Economic Crime and Corporate Transparency Act 2023 (the ECCTA). The law significantly expands corporate liability for fraud committed by employees and other associated persons of relevant corporates and will require compliance refinement for any business within scope of the offense operating in connection with the UK. The UK government (its Home Office) published guidance in 2024 (the “Guidance”) to help companies navigate this corporate criminal fraud offense as well as take appropriate action to help prevent fraud.
As companies continue to grapple with recent developments regarding enforcement of the FCPA, international efforts to curb bribery and corruption have not waned. Foreign governments continue to prioritize anti-corruption enforcement such as the European Commission’s proposed directive from May 2023 to combat corruption, the ECCTA and Failure to Prevent Fraud Offense, as well as the recently announced International Anti-Corruption Prosecutorial Task Force with the UK, France, and Switzerland. These cross-border initiatives demonstrate how a temporary pause in U.S. enforcement of the FCPA should not result in companies moving away from maintaining robust and effective compliance programs.
The Failure to Prevent Fraud Offense
You can see more detail on the new offense in this article from our UK colleagues. In summary, a “large organization” can be held criminally liable where an employee, agent, subsidiary, or other “associated person” commits a fraud offense intending to benefit the organization or its clients, and the organization failed to have reasonable fraud prevention procedures in place. An employee, an agent or a subsidiary is considered an “associated person” as are business partners and small organizations that provide services for or on behalf of large organizations. Regarding the underlying fraud offense itself, this includes a range of existing offenses under fraud, theft and corporate laws, which the UK’s Home Office notes as including “dishonest sales practices, the hiding of important information from consumers or investors, or dishonest practices in financial markets.”
A “large organization” for purposes of the fraud offense is defined as meeting two of the following three thresholds: (1) more than 250 employees; (2) more than £36 million (approx. USD $47.6 million) turnover; (3) more than £18 million (approx. USD $23.8 million) in total assets – and includes groups where the resources across the group meet the threshold. Further, the fraud offense has extraterritorial reach, meaning that non-UK companies may be liable for the fraud if there is a UK nexus. This could play out in several scenarios. For example, the fraud took place in the UK, the gain or loss occurred in the UK, or, alternatively, if a UK-based employee commits fraud, the employing organization could be prosecuted, regardless of where the organization is based.
What Companies Can Do Now
The Failure to Prevent Fraud offense is an important consideration in corporate compliance, extending beyond UK-based companies to non-UK companies with operations or connections in the UK. The only available defense to the failure to prevent fraud offense is for the company to demonstrate that it “had reasonable fraud prevention measures in place at the time that the fraud was committed.” Or, more riskily that it was not reasonable under the circumstances to expect the organization to have any prevention procedures in place. To that end, the Guidance outlines six core principles that should underpin any effective fraud prevention framework: (1) top-level commitment; (2) risk assessment; (3) proportionate and risk-based procedures; (4) due diligence; (5) communication and training; and (6) ongoing monitoring and review. Specifically, the Guidance makes clear that even “strict compliance” with its terms will not be a “safe harbor” and that failure to conduct a risk assessment will “rarely be considered reasonable.” These principles mirror the now well-established principles in the UK that apply to the UK offences of failure to prevent bribery under the UK Bribery Act 2010, and failure to prevent the facilitation of tax evasion under the UK Criminal Finances Act 2017.
Companies should consider the following proactive steps:

Determining whether they fall within the scope of the ECCTA’s fraud offense.
Identifying individuals who qualify as “associated persons.”
Conducting and documenting a comprehensive fraud risk assessment to determine whether the company’s internal controls adequately address potential fraudulent activity involving the company.
Ensuring due diligence procedures, as related to, for instance, external commercial partner engagements and other transactions, address the risk of fraud in those higher risk activities.
Reviewing and updating existing policies and procedures to address the risks of fraud.
Communicating the company’s requirements around preventing fraud and providing targeted training to employees and other associated persons, including subsidiaries and business partners, to make clear the company’s expectations around managing the risk of fraud.
Establishing fraud related monitoring and audit protocols, including in relation to third party engagements, for ongoing oversight and periodic review.
Ensuring these policies and procedures are aligned with other financial crime prevention policies and procedures and relevant regulatory expectations.

The months ahead are a critical window to align internal policies and procedures not only with the UK’s elevated enforcement expectations as evidenced by the ECCTA and the Failure to Prevent Fraud offense, but also as bribery and corruption remain a mainstay priority for other foreign regulators. Companies should continue to prioritize the design, implementation, and assessment of their compliance internal controls. Companies with a well-designed and effective compliance program will be better equipped to adapt as regulatory landscapes shift and emerging risks develop, enabling companies to more efficiently respond to new enforcement trends.

Case Spotlight – Exclusive Surrey Golf Club Forced to “Take a Mulligan” Over Treatment of Allegedly Cheating Member

Being a keen club golfer (although not one with any actual skill), a case that caught my eye in the last few weeks was the case of Rohilla v The Members of Royal Mid Surrey Golf Course (whose members listed in the Judgment included the perfectly named Michael Hole). As well as being a very detailed insight into the workings of an exclusive Surrey golf club, the case provides a few useful lessons on how, and more importantly how not to, remove someone from a membership who (allegedly) broke the rules and/or was quite unpopular.
The Allegation of Cheating
The Royal Mid Surrey Golf Club is a deeply traditional golf club, formed at the close of the Victorian era and granted the distinction of Royal by George V. Ms Rohilla had been a member of the club since 2003 and was described by the Judge as “not a popular member”. The judgment reports that the captains kept a file on her, she was overly competitive, engaged in gamesmanship and there were rumours that she kept her handicap at a deliberately inflated level (3 of the 7 deadly sins of golf club membership).
Golf is a sport that, perhaps more than any other, is based around a detailed set of rules. On top of that there is a code of conduct and rules of etiquette that anyone playing the sport is expected to adhere to. It is perhaps the only sport where every serious participant has a handicap (a number of shots they are given) based on their ability, which allows them to compete with better and worse players on a supposedly level footing. Golf therefore requires a large degree of honesty and self-policing to ensure fairness. Rule breaches are generally taken extremely seriously (particularly at the better known clubs) and professionals who are deemed to regularly break rules are routinely vilified (those that know, yes I’m looking at you…).
On 12 September 2019, Ms Rohilla played in a club competition called the Harare 125 Bowl which was open to the whole of the 1,400 strong membership. Her playing partners on the day were 2 other female members and Ms Rohilla’s scorecard was marked by a member who was described by the Judge as having a reputation for “not being the most accurate of markers”. After a dazzlingly average round of golf, the ladies reviewed their scorecards prior to submission, to be included in the tournament. It turned out there were numerous mistakes on Ms Rohilla’s card who in any event was a long way off winning any of the prizes in the tournament.
The ladies eventually agreed and signed off Ms Rohilla’s scorecard. However, prior to submitting the card it is common ground that two further alterations were made by someone to make the score two better than it had been when it was agreed by the players. The head of the Pro Shop (somehow) immediately spotted the discrepancy and told Ms Rohilla that the incident was extremely serious. She was disqualified from the tournament and told to expect to hear further from the management in due course.
It is almost certainly fair to say that if this was the first incident on Ms Rohilla’s roster, the matter probably would not have been taken any further. However, it is clear that Ms Rohilla was already under scrutiny and this was seen as a final straw. What followed was an investigation and process, but not one that was necessarily appropriate or lawful. Statements were taken from the playing partners and the offending scorecard was very closely examined. Ms Rohilla attended a meeting of the management committee on 25 September and put forward her version of events. However, the management committee met again on 30 September and voted unanimously that Ms Rohilla had cheated and would be expelled from the club.
The Injunction Hearing
Ms Rohilla thought that she had not been given a fair hearing and rather than start afresh at a different golf club or put her skillset to better use by applying for the next series of The Traitors, she embarked upon a long legal battle to seek an injunction against the club to reinstate her membership. Some five and a half years later, the matter was heard over 3 days at Central London County Court, with his Honour Judge Holmes taking it upon himself to, as asked by the parties, play detective and deliver an engaging 72-page Judgment.
Despite expressly stating that the Court was not deciding whether or not Ms Rohilla had cheated, the Judgment examined the facts (particularly the offending scorecard) in minute detail for 48 pages before seemingly reaching the conclusion that she probably had cheated. However, the Judgment found that the matter actually turned on natural justice and good faith – had Ms Rohilla been afforded a reasonable opportunity to be heard and was the decision free from bias?
Ultimately the Judge found that the management committee had not considered Ms Rohilla’s version of events and that effectively their decision (to expel her) was predetermined. It was also based upon members’ personal dislike of her more so than this particular incident and there was a clear bias against her. There had been a breach of natural justice and the club had acted in bad faith in various aspects.
In light of the breaches of duty in the process undertaken by the management committee to expel Ms Rohilla, the Judge awarded nominal damages in the sum of £1,000 for her inconvenience and injury to feelings and granted the injunction to reinstate her to the club. How she will be received on returning having gone through this process and after the passage of five and a half years is an intriguing question.
Lessons Learnt
Whilst I would not necessarily direct you to read the whole Judgment (which can be found here), it does provide a useful reminder that even if an institution has the power to remove someone from their position (in this case as a member of a golf club), it cannot act as judge and jury without complying with the principles of natural justice and acting fairly in a procedural sense and in good faith. It appears that the club in this instance saw the clear rule breach by Ms Rohilla as the ideal opportunity to remove an unpopular member, but it allowed this bias to override appropriate procedures and failed to consider Ms Rohilla’s side of the story.
The principles of natural justice and procedural fairness are well known. As per McInnes v Onslow Fane [1978] 1 WLR 1520 the extent of the application of the principles varies in the light of all the circumstances and, in particular, whether the case can be described as an “application” case, an “expectation” case or, as here, a “forfeiture” case, i.e. where a subsisting right was to be taken away. The Judge found that, in relation to the application of the principles in this forfeiture case: “First, what will be required is context specific. That includes the size and resources of the organisation. Secondly, what amounts to natural justice changes with the passage of time. Thirdly, it will often require that a person who may be adversely affected by the decision will have an opportunity to make representations on her own behalf before the decision is taken. Fourthly, the person must know what factors may weigh against her interest, such that she must know the gist of the case she has to answer. Whilst the contents of natural justice change with time, that is really a word of caution against taking every word and circumstance from the earlier cases as being the applicable modern standard for all purposes. Haque was a recent case on these points and I gratefully adopt the analysis and standard identified by Choudhury, J. in that case”
In Haque v. Faradhi [2023] EWHC 1135 (KB) Choudhury, J held that the power to terminate: “(i) Must be exercised in good faith and not for any improper purpose; (ii) Must not be exercised capriciously, arbitrarily or irrationally; (iii) Must be exercised with regard to the rules of natural justice, including: a) giving notice of the gist of any allegations against a member b) giving that member a fair opportunity to respond to them; c) the right to an unbiased decision maker; d) the right to a brief explanation as to the reason for termination.”
The judgement reads therefore as a cautionary tale. Any institution, sporting or otherwise, where executive powers are granted to management or to a committee to take away a right granted to a member must ensure that they have strict procedures in place to ensure that members receive a fair hearing even in relation to the most egregious of rule breaches or misconduct. Otherwise, perhaps sooner than five years later, they may find themselves welcoming the unwanted member back into the clubhouse, one assumes through gritted teeth.