False Claims Act Exposure in Focus: President Trump Signs Executive Order Targeting DEI Programs
On January 21, 2025, President Trump issued an executive order titled “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” (the “EO”), which aims to eliminate diversity, equity, and inclusion (DEI) policies and programs across the federal government and within companies that do business with the federal government.
Importantly, the EO revokes Executive Order 11246, which, since 1965, has mandated affirmative action in employment from government contractors and required implementation of affirmative action programs.[i]
Federal contractors and grant recipients have until April 21, 2025 (90 days from the issuance of the EO) to comply with the EO’s provisions.
Below, we summarize the False Claims Act (FCA) implications of the EO.[ii] Briefly stated, federal contractors and grant recipients, including certain health care organizations, should pay close attention to the EO’s required certifications since they directly tie to potential FCA liability premised on false certification of compliance with the federal anti-discrimination laws.
Key Provisions of the EO
Directs that federal contractors “shall not consider race, color, sex, sexual preference, religion, or national origin in ways that violate the Nation’s civil rights laws.”
Instructs the Director of the Office of Management and Budget to (1) review and revise, as appropriate, all governmentwide processes, directives, and guidance; (2) remove references to DEI and diversity, equity, inclusion, and accessibility (DEIA) from federal acquisition, contracting, grants, and financial assistance procedures; and (3) terminate all “diversity,” “equity,” and analogous mandates, requirements, programs, or activities, as appropriate.
Directs the head of each agency to include “in every contract or grant award” a (1) “term requiring the contractual counterparty or grant recipient to agree that its compliance in all respects with all applicable Federal anti-discrimination laws is material to the government’s payment decisions for purposes of [the FCA]” and (2) “to certify that it does not operate any programs promoting DEI that violate any applicable Federal anti-discrimination laws.”
Instructs the Attorney General, within 120 days of the EO (by May 21, 2025), in consultation with other agency heads, to submit a report containing a “proposed strategic enforcement plan” that outlines, among other things, “the most egregious and discriminatory DEI practitioners in each sector of concern” and “specific steps or measures to deter DEI programs or principles … that constitute illegal discrimination or preferences.”
Pertinent FCA Background
Unlike other federal laws that are enforceable only by the federal government, the FCA is unique in that it also allows private whistleblowers, known as relators, to file qui tam actions on behalf of the government in exchange for a share of the recovery (ranging between 15 and 30 percent of the recovery). The FCA imposes mandatory per-claim statutory penalties that are adjusted annually (currently ranging from $13,946 to $27,894 for each false claim) as well as treble damages.
There are a variety of actionable theories under the FCA beyond the scenario where a company bills the government for products or services that were never provided. One such theory, known as “false certification,” occurs when a party certifies compliance with a required contractual provision, statute, regulation, or governmental program in connection with the submission of a claim.
In false certification cases, noncompliance with applicable legal requirements must be “material” to the government’s payment decision. Materiality is often a contested, focal issue in FCA cases. The U.S. Supreme Court clarified in Universal Health Services, Inc. v. U.S. ex rel. Escobar that the materiality standard is “rigorous” and “demanding” because the FCA is not “a vehicle for punishing garden-variety breaches of contract or regulatory violations.”[iii]
FCA Implications
The mandates set forth in the EO will require a clause in all contracts and grant awards with the federal government where the contractor or grant recipient certifies that it does not have any programs promoting DEI that violate any applicable federal anti-discrimination laws and acknowledges that such compliance is material to the government’s payment decision.
With the new certification and materiality requirements, whistleblowers are likely to be further incentivized to bring FCA actions on the belief that it may be easier to prove a violation. It is unclear how that will play out in the courts. For example, while the EO will require that contracts and grant awards contain a clause stating that compliance with the federal anti-discrimination laws is “material” to the government’s payment decision, that does not end the materiality inquiry. The U.S. Supreme Court in Escobar noted how “the Government’s decision to expressly identify a provision as a condition of payment is relevant, but not automatically dispositive.”[iv]
Additionally, it remains to be seen how uniformly courts will apply the “rigorous” and “demanding” materiality standard in FCA cases predicated on DEI programs while adhering to Escobar’s direction that “the False Claims Act is not a means of imposing treble damages and other penalties for insignificant regulatory or contractual violations.”[v] Indeed, federal contractors, particularly certain health care organizations, that submit many claims to the federal government could face billions of dollars in potential exposure—largely due to the FCA’s per-claim penalties—stemming from a particular program that was indisputably lawful prior to the second Trump administration and unrelated to the nature of the contracted items or services.
While it is not clear precisely which specific DEI/DEIA programs or initiatives would be prohibited, the Trump administration’s position is clear that contractors or grant recipients found to have submitted requests for payment while maintaining unlawful DEI programs could be subject to significant FCA liability.
Best Practices for Mitigating FCA Risk
DEI and DEIA initiatives, including policies, programs, and plans, should be promptly and carefully evaluated to determine whether they may violate federal anti-discrimination laws, as federal contractors and grant recipients will need to certify compliance with those laws. Remedial measures should be promptly implemented, as appropriate, to the extent any initiatives are likely to violate federal anti-discrimination laws.
Companies should monitor agency publications for guidance on which initiatives remain permissible under the EO. Courts are also expected to play an important role in clarifying the reach of the anti-discrimination laws, especially following the Supreme Court’s recent decision in Loper Bright Enterprises v. Raimondo, where it held that “agency interpretations of statutes—like agency interpretations of the Constitution—are not entitled to deference.”[vi] This is especially true here, where the new EO interpretation of DEI activities as unlawful is a radical shift from the Biden administration’s position as expressed in both guidance and regulations.
Documentation of compliance with anti-discrimination laws is essential. Records reflecting policy reviews, trainings, and remedial program changes, as appropriate, will be critical in the event of a government investigation or whistleblower claim.
Because the FCA’s anti-retaliation provisions prohibit adverse employment actions against employees for engaging in protected activity, which could include investigating perceived violations of the FCA stemming from unlawful DEI programs, anti-retaliation compliance protocols and training programs to address this heightened whistleblower risk are recommended.
While the EO is not binding on private-sector organizations that do not contract or do business with the federal government, the EO is still valuable insofar as it shows the Trump administration’s view that various DEI programs and policies may be considered illegal under the anti-discrimination laws.
Private-sector organizations should promptly review any DEI/DEIA plans, programs, and policies, as well as their affirmative action programs, to determine whether they contain any aspects that could be deemed unlawful under Title VII of the Civil Rights Act of 1964 or any other federal, state, or local civil rights law, and consider whether to take any action to modify such plans, programs, or policies, including the names of such plans, programs, or policies.
ENDNOTES
[i] Exec. Order 11246, 3 C.F.R. § 339 (1964–1965).
[ii] Members of our labor and employment team have prepared an employment law-focused analysis of the EO in this blog post.
[iii] See 579 U.S. 176, 194 (2016). More information on materiality and how courts have grappled with Escobar over the years is available in our prior blog post.
[iv] Id. at 178.
[v] Id. at 196.
[vi] See 603 U.S. 369, 392 (2024).
Looking Back at the False Claims Act in 2024 as the Government Keeps its Sights on Cybersecurity in 2025
In 2024, the government and whistleblowers were party to 558 settlements and judgments collecting over $2.9 billion. The government continued its effort to combat cybersecurity threats through its Civil Cyber-Fraud Initiative, which is dedicated to using the FCA to ensure that federal contractors and grantees are compliant with cybersecurity requirements. Settlements in 2024 included allegations against companies for their failure to provide secure systems to customers, failure to provide secure hosting of personal information, and failing to properly maintain, patch, and update the software systems. The Justice Department has made clear that cybersecurity is one of its key enforcement priorities in 2025 and moving forward, meaning all federal contractors must be particularly mindful of federal cybersecurity requirements. To keep you apprised of the current enforcement trends and the status of the law, Bradley’s Government Enforcement & Investigations Practice Group is pleased to present the False Claims Act: 2024 Year in Review, our 13th annual review of significant FCA cases, developments, and trends.
Listen to this post
False Claims Act: 2024 Year in Review
In 2024, the government and whistleblowers were party to 558 False Claims Act (“FCA”) settlements and judgments, just slightly fewer cases than last year’s record. As a result, collections under the FCA exceeded $2.9 billion, confirming that the FCA remains one of the government’s most important tools to root out fraud, safeguard government programs, and ensure that public funds are used appropriately. As in recent years, the healthcare industry was the primary focus of FCA enforcement, with over $1.67 billion recovered from matters involving managed care providers, hospitals, pharmacies, physicians, laboratories, and long-term acute care facilities. Other areas of focus in 2024 were government procurement fraud, pandemic fraud, and enforcement through the government’s Cyber-Fraud Initiative.
To keep you apprised of the current enforcement trends and the status of the law, Bradley’s Government Enforcement and Investigations Practice Group is pleased to present the False Claims Act: 2024 Year in Review, our thirteenth annual review of significant FCA cases, developments, and trends.
Giovanni P. Giarratana, Gregory G. Marshall, Jack W. Selden, Erin K. Sullivan, Rico Falsone, Lyndsay E. Medlin, Tara S. Sarosiek, Anna M. Lashley, Ocasha O. Musah, Brianna Rhymes, and Virginia C. Wright contributed to this article.
More Whistleblower Suits Filed Than Ever Before: The False Claims Act in 2024
As in recent years, the False Claims Act (FCA) continued to serve as a tool utilized by the federal government against government contractors in 2024. The government collected more than $2.9 billion as a result of 558 FCA settlements and judgments. Although procurement fraud was not as large a driver of the government’s recoveries as it has been in prior years, matters involving the military’s purchase of goods and services, including allegations related to the procurement process, failing to comply with contract requirements, and paying kickbacks have and will continue to be a significant concern for the government. In addition, the government’s effort to root out COVID-19-related fraud resulted in more than 250 FCA settlements and judgments, and the government collecting more than $250 million. To keep you apprised of the current enforcement trends and the status of the law, Bradley’s Government Enforcement & Investigations Practice Group is pleased to present the False Claims Act: 2024 Year in Review, our 13th annual review of significant FCA cases, developments, and trends.
Listen to this post
Executive Order 14173: What Federal Contractors Need to Know [Podcast]
In this podcast, shareholders Scott Kelly (Birmingham) and Lauren Hicks (Indianapolis/Atlanta) discuss the implications of President Donald Trump’s Executive Order 14173, which aims to end illegal discrimination and restore merit-based opportunities. Lauren and Scott delve into the executive order’s impact on federal contractors and subcontractors, particularly the revocation of Executive Order 11246, which mandated affirmative action and non-discrimination obligations. They also explore the potential future actions of the Office of Federal Contract Compliance Programs (OFCCP) and the broader ramifications of the executive order.
General Contractor Defeats Owner’s Notice Argument and Prevails in Seattle Condo Dispute
The Washington Court of Appeals recently affirmed a jury verdict and $30 million judgment for general contractor Skanska. The case involves the construction of the 41-story Nexus condominium tower in downtown Seattle. As is often the case, one of the central issues was whether Skanska was entitled to be paid for alleged changes to its scope of work. The owner made a familiar argument: Skanska had not followed the contractual procedures for giving notice and obtaining authorization to perform change order work but had instead relied on more informal communications, including oral directives, emails, and meeting minutes.
The Court of Appeals rejected those arguments finding sufficient evidence for the jury to have concluded that the parties agreed to modify or waive strict compliance with the formal requirements of the contract. This evidence included the owner’s practice of regularly approving change order work that did not follow the contract requirements. Based on the parties’ course of conduct the court found sufficient evidence to support the jury’s award in Skanska’s favor. In addition to recovering its unpaid balance, Skanska was also awarded interest and attorneys’ fees as the prevailing party, including its appellate attorney fees. The court remanded the case for a recalculation of prejudgment interest on certain change order work but otherwise affirmed.
A copy of the court’s decision is available here.
Listen to this article
Cybersecurity in the Marine Transportation System: What You Need to Know About the Coast Guard’s Final Rule
The U.S. Coast Guard (“USCG”) published a final rule on January 17, 2025, addressing Cybersecurity in the Marine Transportation System (the “Final Rule”), which seeks to minimize cybersecurity related transportation security incidents (“TSIs”) within the maritime transportation system (“MTS”) by establishing requirements to enhance the detection, response, and recovery from cybersecurity risks. Effective July 16, 2025, the Final Rule will apply to U.S.-flagged vessels, as well as Outer Continental Shelf and onshore facilities subject to the Maritime Transportation Security Act of 2002 (“MTSA”). The USCG is also seeking comments on a potential two-to-five-year delay of implementation for U.S.-flagged vessels. Comments are due March 18, 2025.
Background
The need for enhanced cybersecurity protocols within the MTS has long been recognized. MTSA laid the groundwork for addressing various security threats in 2002 and provided the USCG with broad authority to take action and set requirements to prevent TSIs. MTSA was amended in 2018 to make clear that cybersecurity related risks that may cause TSIs fall squarely within MTSA and USCG authority.
Over the years, the USCG, as well as the International Maritime Organization, have dedicated resources and published guidelines related to addressing the growing cybersecurity threats arising as technology is integrated more and more into all aspects of the MTS. The USCG expanded its efforts to address cybersecurity threats throughout the MTS in its latest rulemaking, publishing the original Notice of Proposed Rulemaking (“NPRM”) on February 22, 2024. The NPRM received significant public feedback, leading to the development of the Final Rule.
Final Rule
In its Final Rule, the USCG addresses the many comments received on the NPRM and sets forth minimum cybersecurity requirements for U.S.-flagged vessels and applicable facilities.
Training. Within six months of the Final Rule’s effective date, training must be conducted on recognition and detection of cybersecurity threats and all types of cyber incidents, techniques used to circumvent cyber security measures, and reporting procedures, among others. Key personnel are required to complete more in-depth training.
Assessment and Plans. The Final Rule requires owners and operators of U.S.-flagged vessels and applicable facilities to conduct a Cybersecurity Assessment, develop a Cybersecurity Plan and Cyber Incident Response Plan, and appoint a Cybersecurity Officer that meets specified requirements within 24 months of the effective date. There are a host of requirements for the Cybersecurity Plan, including, among others: provisions for account security, device protection, data safeguarding, training, drills and exercises, risk management practices, strategies for mitigating supply chain risks, penetration testing, resilience planning, network segmentation, reporting protocols, and physical security measures. Additionally, the Cyber Incident Response Plan must provide instructions for responding to cyber incidents and delineate the key roles, responsibilities, and decision-making authorities among staff.
Plan Approval and Audits. The Final Rule requires Cybersecurity Plans be submitted to the USCG for review and approval within 24 months of the effective date of the Final Rule, unless a waiver or equivalence is granted. The Rule also gives the USCG the power to perform inspections and audits to verify the implementation of the Cybersecurity Plan.
Reporting. The Final Rule requires reporting of “reportable cyber incidents”[1] to the National Response Center without delay. The reporting requirement is effective immediately on July 16, 2025. Further, the Final Rule revises the definition of “hazardous condition” to expressly include cyber incidents.
Potential Waivers. The Final Rule allows for limited waivers or equivalence determinations. A waiver may be granted if the owner or operator demonstrates that the cybersecurity requirements are unnecessary given the specific nature or operating conditions. An equivalence determination may be granted if the owner or operator demonstrates that the U.S.-flagged vessel or facility complies with international conventions or standards that provide an equivalent level of security. Each waiver or equivalence request will be evaluated on a case-by-case basis.
Potential Delay in Implementation. Due to a number of comments received related to the ability of U.S.-flagged vessels to meet the implementation schedule, the Final rule seeks comments on whether a delay of an additional two to five years is appropriate.
Conclusion
As automation and digitalization continue to advance within the maritime sector, it is imperative to develop cyber security strategies tailored to specific management and operational needs of each company, facility, and vessel. Owners and operators of U.S.-flagged vessels and MTSA facilities are advised to review the new regulations closely and begin preparations for the new cybersecurity requirements at the earliest opportunity. Stakeholders are also encouraged to provide comments before March 18, 2025, addressing the potential two-to-five-year delay in implementation for U.S.-flagged vessels.
[1] A reportable cyber incident is defined as an incident that leads to, or, if still under investigation, can reasonably lead to any of the following: (1) substantial loss of confidentiality, integrity, or availability of a covered information system, network, or operational technology system; (2) disruption or significant adverse impact on the reporting entity’s ability to engage in business operations or deliver goods or services, including those that have a potential for significant impact on public health or safety or may cause serious injury or death; (3) disclosure or unauthorized access directly or indirectly of non-public personal information of a significant number of individuals; (4) other potential operational disruption to critical infrastructure systems or assets; or (5) incidents that otherwise may lead to a TSI as defined in 33 C.F.R. 101.105.
Trump Department of Labor Signals Likely Retreat from Biden Era Independent Contractor Classification Rule
We’ve written before about the “tennis match” that describes how, with changes in presidential parties, the Department of Labor (DOL) has proposed different tests to determine whether workers are “employes” covered by the Fair Labor Standards Act (FLSA) or “independent contractors” who are exempt from FLSA coverage. Indeed, with the new administration taking office last month, the DOL looks to be setting up a new volley in this ongoing match.
Current Status: Incoming DOL Leadership Is Reassessing the Agency’s Position
The Trump 2.0-era DOL had been slated to defend the Biden-era DOL Independent Contractor Rule (the “2024 Independent Contractor Rule”) in oral arguments before a federal appeals court in early February 2025. See Frisard’s Transp., LLC v. United States DOL, No. 24-30223.
But the DOL secured a postponement to decide how to proceed and is now due to provide the court a status update by March 25, 2025. (Frisard’s is one of five lawsuits challenging the 2024 Independent Contractor Rule.)
Likely Future Status: Farewell to the Short-Lived 2024 Independent Contractor Rule
We can expect that the DOL will drop its defense of the 2024 Independent Contractor Rule, which had rescinded the Trump 1.0-era test for independent contractor classification under the FLSA (the “2021 Independent Contractor Rule”).
Incoming DOL leadership might restore the 2021 Independent Contractor Rule or might just let courts analyze classification questions without agency guidance.
What Does This All Mean for Employers?
The back-and-forth over different administrations’ DOL rules can leave one’s head spinning. Let’s review what this latest volley will mean for employers.
If the 2021 Independent Contractor Rule is restored, it means a five-factor test to determine worker classification, with two being “core” factors: the nature and degree of the worker’s control over the work, and the worker’s opportunity for profit or loss. (By contrast, the 2024 Independent Contractor Rule being challenged uses a six-factor test, with a “totality of circumstances approach.”) The 2021 Independent Contractor Rule was generally viewed as simpler and more employer friendly, but it was no free pass, either. It made clear that actual practice dictates whether a worker is properly classified, not contractual labels or the parties’ preference.
If the DOL declines to issue guidance, courts will continue to do what they’ve long done anyway — reference their own precedents, which frankly consider the same types of factors identified in the both the 2021 and 2024 Independent Contractor Rules to determine if a worker is an employee or independent contractor. These classification analyses are fact-intensive and case-specific.
Amidst Flip-Flopping, Constant Good Advice: Be Careful When Classifying Workers as Independent Contractors
That fact-intensive judicial analysis is good reason to proceed with caution when classifying workers as independent contractors, even with an anticipated pro-employer bend at the DOL. (Indeed, the game-changing Loper Bright decision last summer means any DOL interpretation of the arguably ambiguous term “employee” in the FLSA is not entitled to judicial deference, anyway.) Therefore, it still behooves employers to ask themselves some key questions when classifying workers as independent contractors:
What is the nature and degree of control that the worker has over their own work? For example, does the company set the worker’s schedule, supervise their performance, or control pricing for their services?
What type of opportunity for profit or loss does the worker have? For example, is the worker making entrepreneurial investments in their services?
Is the relationship with the worker non-exclusive?
Is the worker providing services on a project-specific or sporadic basis, rather than indefinitely or continuously?
Are the worker’s services integral to the company’s principal business?
Do company employees perform the same type of services as the worker?
Does the worker bring a special or unique skill?
Where is the worker located? Remember, some states have very stringent so-called ABC-tests that would classify many workers as employees, even if the other factors outlined above are satisfied.
Companies uncertain about their classification decisions should reach out to counsel for advice.
5th Circuit Rules Intent to Arbitrate Trumps Defunct Forum
The Fifth Circuit ruled that Baker Hughes Saudi Arabia and Dynamic Industries, Inc., could be compelled to arbitration in a forum that no longer exists. In doing so, the court ruled that the parties’ “dominant purpose was to arbitrate generally,” which mandated that the court compel arbitration, if at all possible.
The underlying dispute between Baker Hughes and Dynamic revolves around a subcontract in which Baker Hughes agreed to supply materials, products and services for an oil and gas project performed by Dynamic in Saudi Arabia. Baker Hughes says it has performed all its obligations, but Dynamic failed to pay the more than $1.3 million it owes to Baker for those services.
The subcontract contemplated arbitration in two ways: First was the way Dynamic had the unilateral right to elect for arbitration of any unresolved dispute in Saudi Arabia, and second was if the alternative course of arbitration allowed any claim to be arbitrated according to the Arbitration Rules of the Dubai International Financial Centre-London Court International Arbitration (DIFC-LCIA). In 2021, the administrating institution of the DIFC-LCIA rules, the DIFC Arbitration Institute (DAI), was abolished. The Dubai International Arbitration Centre (DIAC) was created as a replacement for the DAI.
The district court ruled that it was powerless to compel arbitration because the forum to which it would compel did not exist. The Fifth Circuit disagreed and reversed and remanded to the district court to consider “whether the DIFC-LCIA rules can be applied by any other forum that may be available — including the LCIA, DIAC, or a forum in Saudi Arabia — consistent with the parties’ objective intent.”
The court covered considerable ground in its opinion. First it considered whether the subcontract language allowing DIFC-LCIA arbitration was a forum-selection clause and determined it was not. Rather it was an election to arbitrate according to the DIFC-LCIA rules, not necessarily, in the forum of the now-non-existent DAI.
In doing so, the court departed from many of its sister circuits by declining to find that the invocation of the DIFC-LCIA rules constituted a manifest desire to arbitrate in the DAI forum. The court stated that it still had “lingering doubts” regarding that approach.
Next, the court considered whether a forum was really unavailable for purposes of arbitrating under the DIFC-LCIA rules. Stating it differently, the court framed this novel question as “whether a designated forum remains available where a functionally identical successor forum exists.” The court found that arguably the parties’ designated forum still exists because the new forum adopted nearly all the same rules as its predecessor.
However, the court declined to rule on this question and turned to its central ruling: Even if the arbitration provision is a forum-selection clause it is not integral to the parties’ agreement. The court found that ultimately the parties’ agreement evinced that “the parties’ primary intent was to arbitrate generally.” As such, the district court should have compelled arbitration in a different forum or appointed a substitute arbitrator consistent with that intent. While the court’s ruling lives in the unique circumstances presented by the restructuring of the DIFC-LCIA arbitration rules and fora, the court rested its decision on familiar ground. Namely that where the “parties’ dominant purpose” is to arbitrate, a court should do what is in its power to effectuate that purpose, even if that means compelling arbitration to a forum not expressly stated by the parties’ agreement.
Listen to this article
Michael Schloss: New OFCCP Acting Director and Deputy Director of Policy
According to the National Office Directory for OFCCP, Michael Schloss has been named as the new Acting Director and Deputy Director of Policy of the Office of Federal Contract Compliance Programs (“OFCCP”). Michele Hodge, who previous served as Acting Director, is now listed as Deputy Director. The agency has yet to put out any official communications on these appointments.
Acting Director Schloss previously served at the U.S. Department of Labor (“DOL”) for 32 years before going into private practice in 2023. He was recently appointed as the Director of the Office of Field Administration (“OFA”) for the DOL’s Employee Benefits Security Administration (“EBSA”) in early January 2025. Given Acting Director Schloss’s ERISA background, it is unclear what his views are on OFCCP’s areas of responsibility.
Amidst all of the recent changes, Acting Director Schloss’s appointment potentially means that additional guidance with respect to OFCCP’s regulatory activities – which at this point are limited to VEVRAA and Section 503 compliance – will be forthcoming. That being said, the fact he has been named as the “Acting Director” raises the question of whether he is simply keeping the seat warm for someone else.
Trump’s Executive Orders Considered: Implications for Private Employers – Part Two
President Trump issued an unprecedented number of executive orders in his first week in office. In our previous update on January 27, we discussed the orders directing the elimination of diversity, equity and inclusion (“DEI”) programs in the federal agencies and government contracting, and adopting a policy of recognizing two unalterable sexes (rather than self-designated gender identity) in the enforcement of federal laws regarding sex-based rights, protections, opportunities and accommodations. In addition, President Trump has signed multiple immigration-related orders focusing on border security, restrictions on birthright citizenship, enhancement of vetting and screening of immigrants seeking entry into (and already residing in) the United States, and the prioritization of both civil and criminal enforcement of violations of the Immigration and Naturalization Act (“INA”) and other federal laws.
This update discusses the anticipated impact of the immigration-related orders on private employers and, in particular, a renewed and more aggressive focus on Form I-9 audits by the U.S. Immigration and Customs Enforcement (“ICE”) division of the U.S. Department of Homeland Security (“DHS”).
The Impact of Certain Immigration-Related Orders on the Private Sector
Two immigration-related orders signed by President Trump are particularly relevant to private sector employers:
“Protecting the American People Against Invasion” directs the “efficient and expedited removal” of individuals not legally authorized to reside or work in the U.S. and prioritizes both civil and criminal enforcement, including by taking agency action to ensure that “employment authorization is provided in a manner consistent with [the INA], and that employment authorization is not provided” to anyone not legally authorized to be in the U.S.; and
“Securing Our Borders” contains broad directives for the removal and prosecution of individuals “who violate the immigration laws” (and the prosecution of “those who facilitate their unlawful presence” in the U.S.), as well as the detention of unauthorized individuals who are apprehended as a result of agency enforcement actions.
Given the explicit directives in these orders and the administration’s enforcement-focused rhetoric, employers should expect and prepare for an uptick in both Form I-9 audits and unannounced worksite enforcement actions by ICE.
Form I-9 Process and Obligations
Form I-9 places compliance obligations on both the employee and the employer. The employee must attest, under penalty of perjury, to their identity and provide prescribed documentation evidencing their authorization to work in the U.S. The employer must (A) ensure that the form is correctly completed, (B) physically examine the identity and work authorization documentation presented by the employee to determine whether it reasonably appears to be genuine, and (C) comply with prescribed document retention requirements.1 The employer is also required to attest, under penalty of perjury, that, upon examination, the verification documents presented with the Form I-9 appeared both genuine and to relate to the named employee and, to the best of the employer’s knowledge, the employee is thereby authorized to work in the U.S. Forms I-9 must be completed (including with respect to the examination of the identity and work authorization documentation) within three business days of the employee’s date of hire.
Agency-Initiated Audits
ICE inspections2 of an employer’s Forms I-9 may be lead-driven (i.e., based on actual information or tips that an employer has hired unauthorized workers) or randomly initiated. ICE launches a Form I-9 audit by serving the employer with a notice of inspection (“NOI”). The NOI requires the employer to provide ICE with copies of the Forms I-9 and supporting documents within three business days of receipt of the NOI. ICE also may request additional records like lists of current and former employees (including dates of hire and termination), payroll and tax information, organizational documents of the employer (i.e., Articles of Incorporation, business licenses, taxpayer identification number, etc.), E-Verify or SSN Verification Service data (if applicable), copies of social security number “no-match” letters and relevant immigration-related communications with the U.S. Citizenship and Immigration Services and/or Department of Labor, and information about any prior Form I-9 audits.
If your business is served with a NOI, begin by contacting your immigration counsel for support. Carefully review the NOI to determine the scope of the audit, and respond only with those documents actually requested in the NOI. You should keep a copy of the entire response “package” provided to ICE.
ICE will review the information provided and inform you of the outcome of its audit via one of the following:
Notice of Inspection Results (“compliance letter”), if you are found to be in compliance with the law.
Notice of Suspect Documents, if ICE determines that an employee is not authorized to work. This notice will generally advise you of the potential civil and criminal penalties for continuing to employ that individual, and of your ability to begin remedial actions in “good faith” within 10 days of receiving the notice. You also may dispute such a determination prior to terminating the affected employee.
Notice of Discrepancies, if ICE is unable to determine work eligibility for an employee. This may trigger a follow-up visit from ICE and require you to request new and different employment verification documents and terminate the employee if such documents cannot be produced.
Notice of Technical or Procedural Failures, if ICE identifies technical or procedural errors in its review of the submitted Forms I-9. This notice generally advises of a 10-day period within which to correct the identified error, unless you have engaged in a pattern or practice of hiring unauthorized workers.
Warning Notice, if ICE identifies one or more substantive errors in the submitted Forms I-9 and there is an expectation that you will comply with all Forms I-9 compliance requirements in the future.
Notice of Intent to Fine, if ICE uncovers substantive failures, uncorrected procedural or technical failures, or ICE determines that you knowingly hired or continue to employ unauthorized individuals. Once served with a Notice of Intent to Fine, you may have the opportunity to negotiate a settlement with ICE or request a hearing before an administrative law judge (“ALJ”).
Final Order, if a written request for an ALJ hearing is not timely received. This Final Order is not appealable.
Penalties for Form I-9 violations may include significant monetary fines, criminal penalties, cease and desist orders to stop continued employment of unauthorized individuals, and contract debarment.
Employer Self-Audits
We encourage all employers to conduct a Form I-9 self-audit (i) to ensure ongoing compliance with applicable law, (ii) to identify any substantive and/or technical or procedural errors that may be corrected, and, (iii) to avoid or mitigate costly monetary penalties for noncompliance. Employers should look for common issues like incomplete or late Forms I-9, and missing or misplaced verification documents. Self-audits should cover Forms I-9 and verification documents for all active employees and terminated employees within the mandatory Form I-9 retention period and may not be conducted in a manner that is discriminatory or retaliatory. Specifically, an employer may not conduct an internal audit selectively based on an employee’s citizenship status or national origin, or in retaliation against any employee(s). The self-audit also should include a review of the employer’s Form I-9 collection, timing, and retention processes.
Conclusion
As we noted in our January 27 update, the breadth and tone of the executive orders issued by President Trump during his first week in office made clear that this administration’s enforcement priorities will be far more aggressive than those of the prior administration. While the laws requiring employment eligibility verification have been in effect for decades, the approach to enforcing those laws has shifted. Employers must be aware of and take steps to prepare for more frequent audits, inspections and worksite enforcement actions under the current administration.
1The INA requires an employer to retain Forms I-9 and collected identity and work authorization documentation for (i) three years after the date of hire or (ii) one year after the date of the individual’s termination from employment, whichever is later.
2Note that the U.S. Department of Justice’s Immigrant and Employee Rights Section and the U.S Department of Labor also have authority to initiate Form I-9 inspections, which may be triggered not only by complaints or suspicions of the employment of unauthorized workers, but also as a result of civil rights and discrimination complaints (for example, based on claims of discriminatory or retaliatory Form I-9 collection or self-audit processes).
Michael Schloss Appointed OFCCP Deputy Director for Policy, to Act in Acting Director Role
OFCCP’s website reflects Michael Schloss has been appointed to the Deputy Director for Policy Role within the Agency. Michele Hodge, former Acting Director is listed as Deputy Director while the Director role remains vacant. The Deputy Director for Policy would traditionally act in an Acting Director role in this type of situation. As such, the National Office Directory for OFCCP reflects Schloss will hold both positions. OFCCP has made no official announcement regarding the appointments.
Schloss’s appointment adds to the questions and uncertainty swirling around OFCCP’s current and future state as contractors await notices of audit closures and further direction regarding remaining VEVRAA and Section 503 obligations.
This continues to be a developing story so stay tuned for updates.