DC District Court Dismisses SOX Whistleblower Retaliation Claim Where Plaintiff Was Employed Abroad And His Employment Contract Was Not Governed By U.S. Law

In Jefferson v. Science Apps. Int’l Corp., et al.,[1] the U.S. District Court for the District of Columbia dismissed the plaintiff’s whistleblower retaliation claim brought under Section 806 of the Sarbanes-Oxley Act (“SOX” or the “Act”), holding, in line with courts across the country, that the statute does not apply extraterritorially and that there can be no domestic application of the statute when the employee lived and worked abroad. 
In Jefferson, the plaintiff worked as a Cyber Security Systems Administrator in Germany at a U.S. military base for Science Applications International Corp. (“SAIC”), a publicly traded U.S. company. Jefferson alleged, among other things, that while working for SAIC he reported to management the company’s use of incorrect metrics in reporting to the U.S. Securities and Exchange Commission and shareholders. Jefferson asserted that he faced escalating retaliation for his complaints, including a demotion, and, ultimately, termination of his employment. Following his termination, Jefferson brought suit under SOX, among other legal theories, and SAIC moved to dismiss under Rule 12(b)(6).
On May 6, 2025, the Court dismissed Jefferson’s SOX claim because it constituted an impermissible extraterritorial application of the SOX whistleblower provision. In reaching its conclusion, the Court applied the test established by the DC Circuit Court of Appeals in Garvey v. Admin. Rev. Bd., United States Dep’t of Lab.[2] for assessing whether a plaintiff has sought to invoke an impermissible extraterritorial application of SOX. In so doing, the court considered the following factors: (1) the locus of an employee’s work, and (2) the terms of the employee’s employment contract. The Court found that since Jefferson worked exclusively in Germany, the locus of his employment was in Germany and not the U.S. The Court also determined that since Jefferson did not allege that his employment contract was governed by U.S. law, there was no presumption that U.S. law applied. The Court thus dismissed the claim.
As we have previously reported, courts like this one continue are tending to coalesce around a bright line rule for dismissing SOX whistleblower retaliation claims brought by employees working outside the United States.[3] 

[1] No. CV 24-1692 (SLS), 2025 WL 1305245 (D.D.C. May 6, 2025.)
[2] 56 F.4th 110, 115 (D.C. Cir. 2022)
[3] See Proskauer Whistleblower Defense Blog: DC Circuit: SOX’s Anti-Retaliation Provision Does Not Apply Extraterritorially | Proskauer Whistleblower Defense; CA District Court: SOX and Dodd-Frank’s Whistleblower Provisions Do Not Apply To Individual Employed Abroad. But See Washington Federal Court Refuses to Dismiss SOX Whistleblower Claim Despite Plaintiff Working Abroad | Proskauer Whistleblower Defense.

Privacy Awareness Week 2025

In Australia, last week was the 2025 Privacy Awareness Week (PAW), with this year’s theme ‘Privacy – it’s everyone’s business’. Among other things in PAW, the Office of the Australian Information Commissioner (OAIC) produced a Privacy Foundations self-assessment tool, which provides a privacy maturity score on the basis of tenets such as Accountability, Transparency, Collection and Data breach management. The tool, and PAW more broadly emphasise that privacy is not just about compliance, but good business and building trust. NSW, Vic and QLD state governments have each run parallel PAW events.
The PAW theme is especially fitting considering recent Australian privacy strides, including the new tort for serious invasions of privacy which came into effect on 10 June 2025. Under this new tort, a claim arises where a person invades an individual’s privacy by intruding on their seclusion or misusing their information.
Other notable developments include Tranche 1 of the Privacy Act reforms, enacted late last year, and the new obligation to disclose ransomware payments which we highlighted earlier this month. One of the less visible changes in the Privacy Act reforms is the requirement to describe automated decision making processes in entities’ privacy policies, which will come into effect in December 2026.
At the same time, ever-sophisticated developments in technology such as AI models and tools promise entirely new automated ways of collecting, analysing and presenting data for your business and interacting with your customers. As this year’s PAW draws to a close, it reminds us all of the ongoing need to ensure your business’s policies and practices are updated to enable and support the things you may want to do with the information you collect, to ensure your business is best placed to not only protect that information but also to harness the technology that the future may bring.
Emre Cakmakcioglu also contributed to this article. 

UK Employment Appeal Tribunal Clarifies Employer Obligations in a Redundancy

The United Kingdom’s Employment Appeal Tribunal (EAT) ruling in Hendy Group Ltd v Mr D Kennedy [2024] EAT 106 acts as a clear reminder to employers of their obligations when handling redundancies. The case emphasises that employers must properly seek and consider alternative employment for employees facing redundancy and highlights the risks of failing to do so. In particular, merely sending an “at risk” employee the company’s job vacancy list (a popular approach taken by companies) may not be enough to fulfil obligations.
Quick Hits

The UK’s Employment Appeal Tribunal ruled that employers must actively seek and consider alternative employment for employees facing redundancy, as highlighted in Hendy Group Ltd v Mr D Kennedy.
The EAT’s decision underscores that simply providing a job vacancy list may be insufficient to meet employers’ obligations during redundancy processes.
Employers should consider taking proactive steps to support employees facing redundancy, beyond just posting job advertisements, to avoid legal and reputational risks, as emphasised by the EAT’s ruling.

Principles of the Case
Kennedy, the claimant, had been employed by Hendy Group Ltd, one of the UK’s largest multi-franchise dealership networks, since 2013 and from 2015 worked as a trainer in the company’s training academy. His role involved providing training for the sales teams across the workforce. However, in 2020, due to the impact of the COVID-19 pandemic, a genuine redundancy situation occurred, leading to Kennedy’s dismissal. Despite recognition that the redundancy itself was fair, Kennedy argued that the process that the company followed was unfair, as they failed to adequately consider alternative employment opportunities within the company. The EAT agreed and ruled in favour of the claimant on the grounds that despite maintaining a vacancy list Kennedy could access, the company had taken “no step whatever to assist Mr Kennedy” in finding an alternative role within the company. The EAT awarded him compensation on the basis that it was likely he would have been able to secure other employment within the company if the employer had properly adhered to its obligations.
Alternative Employment
The case upholds the concept that an employer has a positive legal duty to look for and sufficiently evaluate alternative employment for a worker who faces redundancy. This means seeking a position that offers the employee terms and conditions comparable to the employee’s current role. Other cases have held that even if a position is lower in status and pay, it should be offered to the employee if the employee has the skills to do the work, as it is for the employee to decide whether to accept the pay cut. During Kennedy’s notice period, sales positions became available in the company, including a role that Kennedy had previously held, yet these positions were not offered to him. He was simply told he could apply for advertised positions in the same manner as external applicants. The EAT expressed the view that the posting of job advertisements alone will not be deemed as an adequate assessment of alternative employment to fulfill the employer’s duty.
The decision was possibly influenced by some other ill-judged actions by the company. The EAT also noted that upon unsuccessful application for alternative roles, Kennedy’s motivations for job applications to the company were questioned, and he was informed that any additional applications would be unsuccessful. During this period, Kennedy’s access to company emails, which HR was using to communicate with him, was also revoked, with the consequence that he did not see relevant emails.
Key Takeaways
Under the Employment Rights Act 1996, employers must follow a fair procedure during redundancies. This includes properly consulting with any impacted employees and considering suitable alternative employment opportunities within the company or affiliated entities.
An employer’s obligations cannot usually be satisfied by merely referring an employee to a public job board without proactive support, appropriate internal communication, or significant consideration. Employers are required to go beyond mere formalities and take active steps to support employees facing redundancy. Failure to do so can result in costly legal consequences and reputational damage.
Lorraine Matthews contributed to this article

July 2025 Visa Bulletin: Limited Advancement for India and China

The July 2025 Visa Bulletin shows several changes in the employment-based immigrant visa categories, with advancements for China and select movement for India and other countries. The Visa Bulletin confirms that U.S. Citizenship and Immigration Services (USCIS) will honor final action dates for I-485 adjustment-of-status applications filed in July 2025.

Quick Hits

EB-1. China advances one week (to November 15, 2022); India holds at February 15, 2022; all other countries remain current.
EB-2. China advances two weeks (to December 15, 2020); India holds at January 1, 2013; no movement for other countries.
EB-3 Most countries advance seven weeks (to April 1, 2023); China and India move one week; the Philippines sees no change.

Employment-based
All ChargeabilityAreas ExceptThose Listed
CHINA-mainlandborn
INDIA
MEXICO
PHILIPPINES

1st
C
15NOV22
15FEB22
C
C

2nd
15OCT23
15DEC20
01JAN13
15OCT23
15OCT23

3rd
01APR23
01DEC20
22APR13
01APR23
08FEB23

Other Workers
08JUL21
01MAY17
22APR13
08JUL21
08JUL21

4th
U
U
U
U
U

Certain Religious Workers
U
U
U
U
U

5th Unreserved(including C5, T5, I5, R5, NU, RU)
C
22JAN14
01MAY19
C
C

5th Set Aside:Rural (20%, including NR, RR)
C
C
C
C
C

5th Set Aside:High Unemployment (10%, including NH, RH)
C
C
C
C
C

5th Set Aside:Infrastructure (2%, including RI)
C
C
C
C
C

Source: U.S. Department of State, July 2025 Visa Bulletin, Final Action Dates Chart
Key Takeaways

India and China see minimal movement. For Indian nationals, there is no movement in the EB-1 and EB-2 green card categories, while EB-3 advances by just one week to April 22, 2013. For Chinese nationals, EB-1 advances one week to November 15, 2022; EB-2 moves two weeks to December 15, 2020; and EB-3 progresses one week to December 1, 2020. These minor shifts may slightly impact green card timelines but are unlikely to change case strategy in a significant way.
EB-3 advances for most countries. The EB-3 Professional and Skilled Worker category sees a seven-week advancement for most countries except India, China, and the Philippines. The new cutoff date for these countries is April 1, 2023, which could enable final green card action for more employees and allow companies to plan for long-term retention and status stabilization.
EB-5 information and filing date updates. The EB-5 Unreserved category remains unchanged for China (January 22, 2014) and India (May 1, 2019), while all other countries are still current. In addition, the Dates for Filing have advanced for EB-3 in all countries except India and China, allowing eligible employees to submit adjustment applications earlier—even if final action is still pending.

Interview with Liu Yue of the Christian Silvain Foundation on the Highest Damages Awards in a Chinese Fine Arts Case

Marking the conclusion of a long legal battle, the Beijing Higher People’s Court recently affirmed an August 24, 2023 decision by the Beijing IP Court against Sichuan Academy of Fine Arts Professor Ye Yongqing. The Beijing IP Court ruled that Ye infringed the copyright of Silvain in his paintings and ordered Ye to pay Silvain 5 million RMB, publish an apology and cease infringement. That apology was published in China’s Legal Daily on January 23, 2025.
The Beijing IP Court found that 122 of Ye’s works had plagiarized 87 of Silvain’s. Ye is a well-known artist selling about $24 million USD of paintings at auctions per the Global Times. Ye’s most expensive painting sold for just over 1 million Euros and many of his works sold for about 200 thousand to 500 thousand Euros. In contrast, Silvain’s artworks often sell for 5,000 to 15,000 Euros. 
On April 30, 2025, the Beijing IP Court listed Silvain’s case in the Court’s annual list of 2024 IP cases along with 6 other IP cases.

Left: Artwork by Silvain in 1990. Right: Artwork by Ye from 1994.

Wininger: Can you introduce yourself – what is your title, company, and role in the litigation? Liu: I’m Liu Yue, a member of the Christian Silvain Foundation. When the news involving Ye Yongqing’s copying of Silvain’s work became an international story spanning China and Belgium, I took an active role in supporting Mr. Silvain’s legal efforts. My responsibilities included securing legal representation, putting together the evidence, and facilitating communication with his lawyer, Mr. Wu Tao, a trusted friend who handled the case.
Wininger: There appear to be infringing works dating back to at least 1994. How did the artist first learn about the infringement?
Liu: Long before the plagiarism became public, people close to the artist had mentioned to him that they’d seen paintings suspiciously similar to his. However, he couldn’t confirm who was behind them or if it was even the same artist. He was vaguely aware that his art might have been copied abroad, but it wasn’t until 2018—when Ye Yongqing planned an exhibition in Brussels—that Silvain pieced everything together and took action.
Wininger: Was there any communication with Ye Yongqing to resolve this matter without litigation? Did he respond?
Liu:Ye posted on social media claiming he had tried to reach out to Silvain. However, Silvain’s position was always clear: he would only accept a public apology and declined to engage in any further communication with Ye.
Wininger: Why did you decide to litigate?
Liu: Ultimately, the decision rested with the artist. Over time, it became evident that Ye had no intention of issuing a public apology voluntarily, leaving litigation as the only viable recourse. Silvain’s choice to pursue legal action was courageous, particularly given the widespread skepticism in the West about intellectual property enforcement in China. Many believed that plagiarism was culturally tolerated in China and that a foreign artist stood little chance in a Chinese court. Silvain’s case challenged those assumptions.
Wininger: Initially, it looks like the Jinniu District People’s Court of Chengdu City didn’t accept the case? That must have been a blow to the artist. It was a criminal case and then you switched to civil case? Why did you first try for criminal prosecution?
Liu: Actually, from the very beginning, we pursued parallel paths – a civil claim for copyright infringement alongside a criminal complaint for academic fraud. This dual approach served two key purposes: first, the civil case would establish the factual basis of plagiarism, while simultaneously, the criminal one was meant to demonstrate our seriousness about pursuing all legal avenues. The Chengdu court’s decision to defer the criminal case was reasonable and expected, as establishing plagiarism in civil court was a necessary first step.
After we won the second civil judgment and Ye issued his public apology, we chose not to pursue the criminal case further as our primary objectives had been achieved.
Wininger: What was your strategy at the Beijing IP Court to prove infringement?
Liu: Our legal team’s approach was straightforward: place Ye’s copied works side by side with Silvain’s originals and analyse their similarities in detail. This method left little room for doubt.
Wininger: Why do you think it took over five years for Ye to issue his apology?
Liu:I can’t say for certain, but I suspect Ye’s legal team may have advised him to prolong the proceedings, exhausting every legal avenue in hopes that we would abandon the case.
Wininger: Has Ye paid the judgment in full? Liu:Yes, besides issuing the apology he has paid the full judgement of 5 million RMB.
Wininger: Is the artist satisfied with the judgment?
Liu: Absolutely. For the artist, the public apology was everything—far more important than any financial compensation. Actually, He has directed all financial damages from the judgment to properly acknowledge and reward the legal team and key supporters whose tireless efforts made this victory possible over the past 5 years. Not a single cent was retained for himself. The apology was the only vindication he sought.
Wininger: Has the market value of Ye’s artwork declined while Silvain’s has risen since the judgment?
Liu: The shift happened as soon as the scandal broke in 2019—once the news went public, the plagiarism was so blatant that the market reacted immediately. Ye’s reputation suffered, while Silvain’s recognition grew. For Silvain, however, the court’s ruling and Ye’s public apology carried far greater personal significance than any impact on their respective art valuations.
Wininger: Thank you for taking the time to answer these questions. I’m glad to see justice was served.
Liu: My pleasure, thank you for having me.

EU Commission Proposes the Simplification of EU Chemicals Rules for Defence Applications

On 17 June 2025, the European Commission issued a Defence Readiness Omnibus in the form of a Communication accompanied by several legislative proposals (see full list).
The Commission’s proposal aims to speed up defence investments and thereby increase the Member States’ and industry’s capabilities and infrastructures. It notably acknowledges the unfitness of the current regulatory environment of the EU in times of international tensions, including hindrance by environmental legislations.
The package encompasses a proposal accommodating certain requirements of the EU’s chemicals legislation to defence needs by way of amendments to REACH (Regulation (EU) 1907/2006), the CLP (Regulation (EU) 1272/2008 on classification, labelling and packaging) and the BPR (Regulation (EU) 528/2012 on biocidal products).
The proposal foresees the possibility for Member States to exempt certain substances from the requirements of the above cited Regulations “where necessary in the interests of defence”. While such a possibility already exists under all three Regulations, the proposal appears to provide further facilitation, by withdrawing the requirement that the exemption shall only be granted in “specific cases”. This aims to respond to the Member States’ particular caution so far in the use of the exemption.
It further amends the POPs Regulation (Regulation (EU) 2019/1021 on persistent organic pollutants) to ensure that defence readiness be considered in the preparatory stages of substances restriction and prohibition processes.
The package also includes a Commission Notice providing companies with guidance on the application of the sustainable finance framework, the Taxonomy Regulation, the Corporate Sustainability Reporting Directive (‘CSRD’) and the Corporate Sustainability Due Diligence Directive (‘CSDDD’) to the Defence industry.
This new package is issued in a context of intensified calls for simplification by Member States and certain political groups, to which the Commission has already responded via a series of proposals. A broader simplification initiative addressing the requirements of the CLP Regulation is notably expected to be issued on 2 July. Intel suggests that the initiative may be followed by the issuance of a second part later this year.
While this will generate further uncertainties for the industry in the next months, the Commission has shown a strong interest towards input from the industry. Involvement in ongoing discussions with stakeholders is thus key for any industry actor willing to weigh in in the process before the finalization of the proposals this year.

EU Commission Consultation on High-Risk AI Systems: Key Points for Life Sciences and Health Care

On 6 June 2025, the European Commission launched a targeted stakeholder consultation on the classification and regulation of high-risk artificial intelligence (AI) systems under the EU Artificial Intelligence Act (AI Act). The consultation is a critical opportunity for stakeholders in the life sciences and health care sectors to shape the forthcoming Commission guidelines on high-risk AI systems.
Regulatory Framework for High-Risk AI Systems
The AI Act, adopted in 2024, establishes a harmonized legal framework for the development, placing on the market, and use of AI in the EU. It adopts a risk-based approach, classifying AI systems into four categories: unacceptable risk (prohibited), high risk, limited risk, and minimal risk.
Of particular importance to the life sciences and health care sectors are high-risk AI systems, which are subject to an extensive regulatory compliance mechanism that establishes legal requirements as to risk management, data and data governance, technical documentation, record keeping, transparency, human oversight and accuracy, robustness, and cybersecurity.
Article 6 of the AI Act defines two categories of high-risk AI systems:

Embedded AI systems: AI systems that are safety components of products, or are themselves products, governed by EU harmonized legislation such as the Medical Device Regulation (MDR) or the In-Vitro Diagnostic Regulation (IVDR). These systems are deemed high-risk by virtue of their integration into regulated products (e.g., medtech offerings such as medical imaging, surgical robots, wearables, and diagnostic software). Art. 6(1), Annex I. 
Standalone systems: AI systems that, based on their intended purpose, pose significant risks to health, safety, or fundamental rights in specific use cases listed in Annex III (e.g., AI used in health care for patient triage). Art. 6(2), Annex III.

The Role of the Commission’s Guidelines
While the AI Act provides the legal framework, the Commission’s implementing guidelines will be essential in clarifying how the high-risk regime is to be interpreted and applied in practice. This is particularly important for regulatory grey areas, such as AI used in medical devices, digital therapeutics, clinical research, or health care administration, where the risk profile may not be immediately evident. While not binding for courts, these guidelines will be critical for life sciences and health care companies in determining whether AI systems fall within the high-risk category and what compliance obligations apply.
Key Aspects of the Consultation Relevant to Life Sciences and Health Care Businesses
The consultation addresses several issues that will be highly relevant for stakeholders in the life sciences and health care sectors:

Clarification of High-Risk Classification Rules: The consultation seeks input on the classification mechanism set forth in Art. 6. Stakeholders are invited to provide practical examples of AI applications and their potential impact on health and safety, which will help refine the scope of high-risk classifications. 
Requirements and Obligations for High-Risk Systems: The consultation explores how the mandatory requirements for high-risk AI systems—such as risk management, data governance, transparency, human oversight, and robustness—should be interpreted in practice. For health care companies, this includes ensuring that AI systems are trained on representative and high-quality datasets, and that outputs are explainable and auditable. 
Value Chain Responsibilities: A key focus is the allocation of responsibilities among different actors in the AI value chain, including developers, deployers, importers, and distributors. The consultation seeks views on how these roles should be defined and what obligations each party should be subject to, particularly in complex ecosystems where AI components are developed and integrated by different entities. 
Practical Implementation Challenges: The Commission is also gathering feedback on practical challenges companies face in implementing the AI Act, including overlaps with existing sectoral regulations (e.g., the Medical Device Regulation), the burden of conformity assessments, and the availability of notified bodies.

Benefits of Policy Engagement
The Commission’s consultation represents a critical opportunity for life sciences and health care companies to shape the implementation of the AI Act. By contributing practical insights and highlighting sector-specific challenges, stakeholders can help ensure that the forthcoming guidelines are both effective and proportionate. Companies using or developing AI systems in health care should assess their portfolios in light of the AI Act’s high-risk classification criteria and consider submitting feedback before the 18 July 2025 deadline.
Stakeholders can access the consultation via the EU survey portal.

UK Data (Use and Access) Act 2025 Receives Royal Assent and ICO Publishes Guidance

On June 19, 2025, the UK Data (Use and Access) Act 2025 (the “DUAA”) received Royal Assent. The same day, the UK Information Commissioner’s Office (the “ICO”) published a comprehensive suite of resources on the DUAA. The resources include, among other things, a factual summary of the DUAA and an outline of the ICO’s plans to roll out new or updated guidance as the DUAA’s provisions gradually come into effect. The implementation of these provisions will be staggered, with some likely taking up to 12 months.
In line with the amendments introduced by the DUAA, the UK government also announced a recruiting campaign for seven non-executive members to the board of the new Information Commission which will be established by the DUAA. This new body will succeed the ICO as the UK’s data protection regulator.
For further information on the provisions introduced by the DUAA, read our previous article.

Key Takeaways from the UK Financial Conduct Authority’s Revised Enforcement Guide

Following a two-part consultation, which began in February 2024 (i.e., CP 24/2 and CP 24/2: Part 2) and was accompanied by a Policy Statement (PS25/5) setting out the UK Financial Conduct Authority’s (FCA) consultation response, the FCA has revised its Enforcement Guide (now referred to in the FCA Handbook as ENFG).
This is of particular interest to all firms that are regulated by the FCA and individuals working within such firms, consumers and investor groups, industry groups, trade bodies, advisers, experts and commentators. 
Key Takeaways 
A Revised Policy on Publicising Investigations
In acknowledging the widespread concern and significant criticism during the previous consultation, the FCA has abandoned its proposal to name regulated firms under investigation based on a wide and subjective “public interest” test. This is near to a complete reversal of the FCA’s proposed policy first announced in the FCA’s letter to the Treasury Select Committee in March 2025. 
However, the FCA’s ENFG continues to enforce the pre-existing “exceptional circumstance test”, albeit with three new limited circumstances in which investigations may be announced. This will enable the FCA to: 
Announce and Name the Subjects of Investigations 
The FCA will only announce the name of subjects of ongoing investigations into suspected unauthorised activity or criminal offences related to unregulated activity if the FCA considers an announcement desirable to warn or alert consumers or investors, or to help the investigation itself, for instance, by bringing forward witnesses.
Reactively Confirm the Subject and Nature of an Investigation 
ENFG gives the FCA the ability to confirm the actions the FCA is taking if the investigation has become part of the public domain due to an associated firm or a regulatory, government or public body making the investigation public.
Anonymised Announcements
The FCA will consider making public that it is investigating a particular matter without naming or otherwise identifying the subject of the investigation where it is desirable for the purpose of educating people as to the types of conduct the FCA is investigating or to encourage firms to comply with the rules or other requirements set by the FCA.
The Impact
In practice, these publicity policy changes will directly affect only firms engaging in unauthorised activity, as unauthorised firms or authorised firms carrying out unauthorised business may now find themselves in the headlines when investigated.
A wider impact is likely to be an increase in anonymised investigation announcements designed to serve as a deterrent or for educational purpose. It will be important for firms and individuals to pay close attention to these announcements and record any assessments and consequential changes.
Accepting Reports on a Limited Waiver Basis
The ENFG seeks to clarify (rather than amend) the FCA’s approach to legally privileged materials disclosed by firms. The FCA will accept disclosure on a limited waiver basis. 
However, the FCA will not:

Agree the fact or extent to which they are legally privileged, or
Accept any condition or stipulation that purports to restrict the FCA’s ability to use the information in exercising its statutory functions (e.g., a requirement that the report be used only for the purposes of supervision and not enforcement).  

The Impact
Whilst the FCA states specifically there is no obligation to share legally privileged material with the FCA and that it does not consider that the ENFG undermines a firm’s ability to resist disclosure of a report to a third party, the FCA’s approach will almost inevitably lead to increased pressure on firms to disclose such materials to the FCA.
It should be noted that the FCA has statutory restrictions on the disclosure of confidential information, which if breached, constitutes a criminal offence. These restrictions will continue to be in place.
Discretion to Prevent Lawyers Attending Compelling Interviews
Despite the respondents to the two-part consultation pushing back on this amendment to the policy, the FCA has decided that it will seek to exercise what it believes is its discretion to refuse permission where the FCA determines that a legal adviser’s attendance may create a potential conflict of interest or otherwise prejudice any FCA investigation. It is clear from the ENFG that one of the situations the FCA has in mind is where the lawyer owes a duty of disclosure to another person (e.g., an interviewee’s employer). The FCA has further clarified that the determination as to whether such concerns arise rests solely with the FCA. However, the policy statement suggests this use of discretion by the FCA will be a rare occurrence.
The Impact 
The FCA is seeking to regularise what it considers to be its existing approach—the regulator has increasingly pushed back on joint legal advisers’ attendance at interviews. This has resulted in many firms being accustomed to providing for employees to have independent legal counsel ahead of compelled interviews and making appropriate arrangements for joint or common-interest privilege. However, there is potential for significant conflict between the FCA and legal representatives given that legal advisers have their own professional duties to manage conflicts of interest.
Optional Scoping Meetings and Additional Decision-Makers
Scoping meetings will now be subject to a case-by-case assessment. These initial meetings have sometimes offered a valuable opportunity to ask questions, clarify points and address the areas of the upcoming investigation. However, over time, they have become less useful given the inability or unwillingness of FCA enforcement teams to provide any such answers or additional information. The FCA’s intention appears to be to always have a scoping meeting where the subject requests or indicates they would like to have one. However, the FCA has stated that it will remain flexible when firms who have already had extensive discussions with the FCA do not wish to have a scoping meeting. 
Further, the FCA has expanded which senior personnel can decide on whether to start civil and criminal enforcement proceedings. Whilst previously limited to executive directors, now directors in enforcement will also have that power. 
The Impact
The flexible approach to scoping meetings and the extension of powers to directors in enforcement is hopefully an indication that the FCA has listened to the long-standing criticism of its approach to those subject to investigation and the speed of its decision-making. 
No More Private Warnings, Preliminary Investigation Reports or Preliminary Findings Letters
The FCA has deleted previous references included in the original Enforcement Guide (EG), the precursor to ENFG, to private warnings and confirmed that, having not used them for some time, they will not be used as an enforcement tool in the future. Instead, the FCA will raise the issues with the firm or individual in direct communications.
The FCA stated that it has trimmed over 250 pages from the EG in the process, removing content that was duplicative or outdated.
The Impact
The removal of private warnings demonstrates the FCA’s preference for formal enforcement outcomes as a means of deterrence. This can be further evidenced by the fact that the FCA has confirmed that it now has fewer open investigations, with the number having fallen by over 35% since April 2023, and investigations are reaching outcomes more quickly, according to the FCA’s data. This appears to be a double-edged sword for firms in that they are less likely to be investigated but more likely to face an outcome if they are (with increased public attention).
Conclusion 
Whilst the FCA states that it is committed to transparency, it is questionable how impactful the new ENFG will be given that many if the changes appear to simply be a reflection of either powers the FCA already had (but weren’t necessarily using) or the approach it has already been taking. We can only wait and see if any of the changes made have a material impact on those who find themselves under scrutiny by FCA enforcement.

Landlords Compelled to Hand Over Insurance Commissions to Tenants

Summary
The English High Court has ruled in the case of London Trocadero (2015) LLP v Picturehouse Cinemas Ltd and others,1 that a landlord responsible for insuring leased premises cannot charge tenants for landlord commissions under standard lease terms. The judgment could trigger widespread claims from commercial tenants seeking reimbursement of commissions previously paid. 
Facts
The case involved a landlord and tenant dispute relating to premises which form part of the Trocadero Centre in London. London Trocadero 2015 LLP (the Landlord)—part of Criterion Capital—was obliged under the terms of the lease to obtain insurance for the whole centre and was entitled to recover the cost from the various tenants. One of the key issues in dispute concerned the liability of Picturehouse Cinemas Limited (the Tenant)—part of Cineworld subgroup—to pay the full amount of their share of the insurance premium. The Tenant objected to the fact that part of the premium was paid back to the Landlord by way of commission, arguing this did not form part of the premium payable. 
Decision
In a legal Judgment dated 23 May 2025, Mr Justice Richards concluded that, on a proper construction of the terms of the lease, Landlord commissions were not bona fide “premiums payable … for keeping [the] Centre insured” and thus were not recoverable from the Tenant. While the Landlord commissions were ostensibly payable as part of the premium, their purpose was not to keep the centre insured. The Landlord commissions (in contrast with insurance broker commissions) had been engineered for the Landlord’s benefit and did not represent compensation for any services provided. The Tenant was entitled to recover overpaid sums (circa £700,000 in total) representing Landlord commissions spanning over several years). The Court also accepted that the lease included an implied term that insurance must be negotiated at arm’s length; which meant the absence of any intention designed solely to confer a benefit on the Landlord at the Tenant’s expense.
Why the Decision Is Important
This is a landmark ruling that landlord commissions, though commonplace in the insurance context, cannot be charged to the tenant without express authorisation under the terms of the lease. The case has wider implications in so far as thousands of commercial tenants may now scrutinise service charges for undisclosed commissions. While claims in restitution will turn on their own facts, the Courts are likely to take a strict approach to the interpretation of relevant clauses in the lease and, even if the wording is unclear or ambiguous, implied terms may enable tenants to recover commission charges. The case is certainly consistent with recent residential reforms (Leasehold and Freehold Reform Act 2024), with the commercial property market potentially likely to face new transparency standards.
Recommended Action Points
For Landlords

Review insurance clauses in leases: Ensure any relevant fees or commissions are expressly permitted.
Audit current arrangements: Restrict broker commissions to genuine market-level amounts.
Improve transparency: Fully disclose any commission sources and amounts to tenants.
Legal compliance: Seek legal advice on possible lease amendments (or express disclaimers) and prepare for possible restitution claims.

For Tenants

Formal requests: ask the landlord for full disclosure on insurance fees and commissions.
Assess period of exposure: Gather evidence (relevant leases, broker agreements, policies, invoices and details of net premium charged).
Explore claims: Seek legal advice on possible restitution claims for any insurance rent or commission overcharges.

Conclusion
This High Court decision signals a turning point in commercial lease transparency. Landlords and tenants alike must reassess insurance charging mechanisms—failure to act may lead to costly repayments and reputational damage. Proactive lease reviews and documentation of insurance practices are now essential.
1 [2025] EWHC 1247 (Ch)

Cutting Red Tape and Supporting Growth: the EU’s Omnibus IV Simplification Package on Small Mid-Cap Companies

On 21 May 2025, the European Commission published a new Omnibus IV Simplification Package, a targeted legislative initiative designed to alleviate regulatory burdens and enhance proportionality for smaller businesses.
Central to this recalibrated framework is the introduction of a new category of undertakings, i.e., Small Mid-Cap companies (SMCs).
Defined in Commission Recommendation C(2025) 3500, SMCs are:

companies that do not qualify as SMEs under Recommendation 2003/361/EC;
employ fewer than 750 persons, and
have either an annual turnover not exceeding €150 million or an annual balance sheet total not exceeding €129 million.

Moreover, the proposal for a Directive amending MiFID II also introduces the concept of SMCs for the purposes of capital markets regulation. It defines SMCs in that specific context as listed companies with an average market capitalisation between €200,000 and €1 billion, based on end-of-year stock prices over the preceding three calendar years. The objective is to improve access to capital markets for companies that have historically been underserved by EU-level simplification efforts.
The proposed amendment to Directive (EU) 2022/2557, also parts of the package, concerns the resilience of critical entities and incorporates the SMC definition to qualify some entities that may benefit from certain exemptions or adjusted obligations.
Another legislative proposal within the package introduces targeted amendments to the following six Regulations to introduce adjustments for SMCs:

Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR)
Regulation (EU) 2016/1036 on protection against dumped imports
Regulation (EU) 2016/1037 on protection against subsidised imports
Regulation (EU) 2017/1129 (Prospectus Regulation)
Regulation (EU) 2023/1542 (Batteries Regulation)
Regulation (EU) 2024/573 (F-gas Regulation)

These amendments seek to introduce simplification and proportionality measures, previously reserved for SMEs, to the newly recognised SMC category. For instance, under the GDPR, SMCs will be exempt from maintaining data processing records where the risk to individuals’ rights is considered low. In the field of trade defence, the revised Regulations offer simplified procedural access for SMCs to anti-dumping and anti-subsidy investigations, supported by a dedicated helpdesk and alignment of procedural timelines with the financial year of the undertaking concerned.
The Batteries Regulation is also affected. In addition to a reduction in reporting obligations for SMCs, from an annual to a triennial cycle, introduced as part of the legislative proposal mentioned above, the Commission has also put forward a separate, ad hoc proposal to postpone the application of due diligence obligations under the Regulation by two years. This extension pushes the compliance deadline to August 2027.
The package also advances the EU’s objective of digitalising regulatory processes. This is pursued through a Proposal for a Directive and a corresponding Proposal for a Regulation, both aimed at eliminating outdated paper-based requirements in product compliance legislation. Among other measures, the proposals provide for the digitalisation of Declarations of Conformity, the option to supply instructions for use in electronic format (subject to certain safeguards), mandatory online contact points for manufacturers, and the integration of compliance data into Digital Product Passports where applicable. Compliance documentation will also be submitted electronically to national authorities, streamlining procedures while maintaining consumer protection and product safety.
Another significant innovation concerns the introduction of Common Specifications (CS) as an alternative means of demonstrating compliance in situations where harmonised standards are unavailable, delayed, or insufficient. While CS are already used in the medical device sector, they are now expected to play a broader role, including under forthcoming legislation such as the AI Act and the Cyber Resilience Act. To support this development, the Commission has launched a public consultation on CS, which is open until 28 July 2025.
What This Means for Business
The Omnibus IV Package sends a clear signal that the EU recognises the disproportionate regulatory burden faced by mid-sized businesses. By embedding proportionality more systematically across key legislative acts, the Commission enables companies, particularly those classified as SMCs, to benefit from greater legal certainty, administrative relief, and digital efficiencies.
For businesses active at the intersection of sustainability, product regulation, and digital innovation, the Omnibus IV reforms offer both relief and strategic opportunity. 

Payment Proccessor to Pay Millions to Settle FTC Allegations of Unfair Payment-Processing Practices and Facilitation of Deceptive Tech-Support Schemes

On June 16, 2025 the Federal Trade Commission announced that U.K.-based payment processor, Paddle.com Market Limited, and its subsidiary, Paddle.com, Inc., will pay $5 million and be permanently banned from processing payments for tech-support telemarketers.  The foregoing is in settlemetn of a Federal Trade Commission action alleging that Paddle abused the U.S. credit-card system and enabled deceptive foreign operators to access it, costing consumers millions of dollars.
According to the complaint, the FTC alleged that Paddle and its subsidiary processed payments for deceptive tech-support schemes that targeted U.S. consumers including older adults.

“Paddle provided foreign-based tech-support schemes with access to the U.S. payment system, allowing these companies to harm consumers,” said FTC lawyer Christopher Mufarrige, Director of the FTC’s Bureau of Consumer Protection. “The FTC will hold accountable payment companies that knowingly facilitate payments for scammers or look the other way when faced with red flags about their clients’ conduct.”

The complaint charges that: (i) Paddle allegedly opened merchant accounts claiming to be a “merchant of record” or software “reseller,” then allegedly used these accounts to process card payments on behalf of numerous, unrelated third-party merchants; (ii) Paddle allegedly enabled overseas schemes to access the credit card system and collect payments from U.S. consumers, and to allegedly evade detection by merchant banks and card networks; (iii) Paddle allegedly facilitated schemes, like Restoro-Reimage, that allegedly used fake virus alerts and pop-up messages to impersonate familiar brands, such as Microsoft or McAfee (in March 2024, Paddle’s client, Restoro-Reimage, paid $26 million to settle the FTC’s charges of violating the FTC Act and the Telemarketing Sales Rule); and (iv) as the “merchant of record,” Paddle alleedly charged consumers for automatically renewing subscriptions without clearly disclosing that consumers would incur recurring charges.

According to the FTC, Paddle allegedly violated the FTC Act, the Telemarketing Sales Rule, and the Restore Online Shoppers’ Confidence Act.
Under the proposed settlement order Paddle will be:

Permanently prohibited from processing payments for tech-support merchants that engage in telemarketing or use pop-up messages about computer security or performance;
Prohibited from assisting deceptive merchants or engaging in any tactic to avoid fraud or risk-monitoring programs established by banks or the card networks;
Required to implement effective client screening and monitoring, and provide periodic reporting about merchant-clients’ transactions to Paddle’s payment-service providers; and
Required to clearly and conspicuously disclose the terms of any subscription it processes, get consumers’ express informed consent to the subscription, and provide consumers with a simple way to cancel and prevent recurring charges.

According to the FTC, the $5 million payment Paddle is required to make under the settlement will be used to supplement the redress for consumers purportedly harmed by the alleged Restoro-Reimage tech support scheme.
Contact an experienced FTC CID lawyer if you or your company have received an FTC civil investigative demand or if you are are interested in discussing the implementaion of protactive compliance protocols.
Chairman Andrew N. Ferguson issued a statement joined by Commissioners Melissa Holyoak and Mark R. Meador.

“One way the Commission combats foreign scams, however, is enforcing the law against American companies who unlawfully facilitate foreign schemes. By vigorously requiring domestic actors to obey the law, the Commission can cut off foreign scammers’ use of American companies to prey on American families. Today’s settlement is an example of such a case. Paddle, though primarily based in the United Kingdom, has a continuing presence in the United States, with an American component through which it channels American payments.”

The FTC filed the complaint and proposed settlement order in the U.S. District Court for the District of Columbia.