InfoBytes Blog

DOJ Announces LIBOR-related Criminal Charges and Penalties, Regulators Announce Parallel Civil Enforcement Actions

On December 19, both federal law enforcement and U.S. and foreign regulatory authorities announced that a Japanese bank and its Swiss bank parent company agreed to pay more than $1.5 billion to resolve criminal and civil investigations into the firms’ role in the manipulation of the London Interbank Offered Rate (LIBOR), a global benchmark rate used in financial products and transactions. The DOJ announced that the Japanese bank has signed a plea agreement, whereby the bank agreed to pay a $100 million fine and plead guilty to one count of engaging in a scheme to defraud counterparties to interest rate derivatives trades by secretly manipulating LIBOR benchmark interest rates. In addition, its parent company entered into a non-prosecution agreement (NPA), whereby the parent company agreed to pay an additional $400 million penalty, admit to specified facts, and assist the DOJ with its ongoing LIBOR investigation. The DOJ explained that the NPA reflects the parent company’s substantial cooperation in discovering and disclosing LIBOR misconduct within the institution and recognizes the significant remedial measures undertaken by new management to enhance internal controls. Domestic and foreign regulators also announced penalties and disgorgement to resolve parallel civil investigations, including a $700 million penalty obtained by the CFTC, $259.2 million as a result of a U.K. Financial Services Authority action, and $64.3 million to resolve a Swiss Financial Markets Authority action.

CFTC DOJ LIBOR

FTC Orders Data Brokers to Provide Consumer Data Practices Information

On December 18, the FTC issued orders requiring nine data brokerage companies to provide information about (i) the nature and sources of the consumer information the data brokers collect, (ii) how they use, maintain, and disseminate the information, and (iii) the extent to which the data brokers allow consumers to access and correct their information or to opt out of having their personal information sold. The FTC states that it plans to use the data to study privacy practices in the data broker industry, and to make recommendations as to how the industry could improve its privacy practices. Earlier this year, members of the House and Senate issued separate requests for similar material. The brokers targeted by the various requests and orders overlap only in part.

FTC Privacy/Cyber Risk & Data Security

FTC Finalizes Children's Online Privacy Rule Amendments

On December 19, the FTC announced final amendments to the Children’s Online Privacy Protection Act Rule. According to the FTC’s release, the final amendments (i) include geolocation information, photographs, and videos in the list of “personal information” that cannot be collected from children under 13 without parental notice and consent, (ii) offer companies a streamlined, voluntary, and transparent approval process for new ways of getting parental consent, (iii) close a loophole that allowed kid-directed apps and websites to permit third parties to collect personal information from children through plug-ins without parental notice and consent, (iv) require compliance by such third parties in some of those cases, (v) require compliance by persistent identifiers that can recognize users over time and across different websites or online services, (vi) require that covered website operators and online service providers take reasonable steps to release children’s personal information only to companies that are capable of keeping it secure and confidential, (vii) require that covered website operators adopt reasonable procedures for data retention and deletion, and (viii) strengthen the FTC’s oversight of self-regulatory safe harbor programs. The amendments also modify several other key definitions in the rule. Notably, the revised definition of “operator” clarifies that the rule covers a child-directed site or service that integrates outside services that collect personal information from its visitors, but it does not extend liability to platforms that merely offer the public access to child-directed apps. FTC Commissioner Maureen Ohlhausen voted against the amendments and issued a dissenting statement in which she argued that the new definition of “operator” goes beyond what Congress authorized by imposing obligations on websites or online services that do not collect personal information from children or have access to or control of such information collected by a third party.

FTC Privacy/Cyber Risk & Data Security

UN Commission Publishes Report of Working Group on Electronic Commerce

Recently, the United Nations Commission on International Trade Law (UNCITRAL) published the Report of Working Group IV (Electronic Commerce), reflecting the group’s work during its forty-sixth session, held in late October and early November. The report describes the Working Group’s continued efforts to explore issues related to electronic transferable records and to address the need for an international regime to facilitate the cross-border use of such records. During this most recent session, the Working Group considered in detail the legal issues relating to the use of electronic transferrable records, and developed parameters for a set of rules to address those issues. Working Group members expressed broad support for a draft model law that would incorporate the parameters identified, while allowing for flexibility when addressing differences in national substantive laws. Some members also expressed support for the preparation of guidance texts, such as a legislative guide, and Working Group members discussed the possible consideration of a binding instrument, such as a treaty, to establish a legal framework for the cross-border transfer of electronic records. The Working Group will follow up on these issues during its forty-seventh session to be held in New York from May 13-17, 2013.

Electronic Signatures Electronic Records

UK FSA Fines Bank for Inaccurate Mortgage Records

On October 19, the UK FSA announced that it fined a bank £4.2 million ($6.7 million) for failing to keep accurate records regarding 250,000 mortgages it was servicing. In monitoring a consumer forum website, the FSA found that certain of the bank’s borrowers had complained of being excluded from a bank program meant to remedy a separate problem. Upon investigation, the FSA determined that the bank held its mortgage information on two separate unaligned systems. The FSA also identified problems with two other processes where manual updates were not always carried out. The FSA claimed that, as a result of its recordkeeping practices, the bank relied on incorrect records for certain of its mortgages over a seven-year period. Because the bulk of the alleged misconduct occurred before the FSA’s new penalty framework came into force in March 2010, the penalty was assessed under the prior regime. Further, since the bank agreed to settle at an early stage of the investigation, it qualified for a 30% discount pursuant to the FSA’s executive settlement procedures.

Mortgage Origination UK FSA

UK SFO Revises Guidance on Self-Reporting

On October 9, the United Kingdom Serious Fraud Office (SFO) issued policy statements and frequently-asked-questions (FAQs) with regard to: (1) facilitation payments, (2) hospitality and gifts, and (3) self-reporting. While the bulk of the guidance reasserts existing policies, the SFO did revise its guidance on self-reporting. The new guidance makes clear SFO’s position that self-reporting will not always shield a company from prosecution. The fact that a corporate body has reported itself will be a relevant consideration if it forms part of a "genuinely proactive approach adopted by the corporate management team when the offending is brought to their notice.”  A decision by the SFO to prosecute will be based on the Full Code Test in the Code for Crown Prosecutors, the joint prosecution Guidance on Corporate Prosecutions and, where relevant, the Joint Prosecution Guidance of the Director of the SFO and the Director of Public Prosecutions on the Bribery Act 2010. As explained in the FAQs, the revised statement of policy is not limited to allegations involving overseas bribery and corruption, and if the requirements of the Full Code Test are not established, the SFO may consider civil recovery as an alternative to a prosecution.

Anti-Corruption UK Bribery Act

Joint Forum Finalizes Guidelines on Supervision of Financial Conglomerates

On September 24, the Joint Forum, which brings together the Basel Committee on Banking Supervision, the International Organization of Securities Commissions, and the International Association of Insurance Supervisors to coordinate regulation of financial conglomerates, published final principles for the supervision of financial conglomerates. The principles are meant to provide an overarching policy framework to support consistent and effective supervision of financial conglomerates across borders, while closing regulatory gaps. The final guidelines, which update a framework originally adopted in 1999, are organized in five categories—(i) supervisory powers and authority, (ii) supervisory responsibility, (iii) corporate governance, (iv) capital adequacy and liquidity, and (v) risk management—and provide implementation criteria and comments explaining each principle.

Bank Compliance

UK Court Holds Contract May Be Formed Through Series of Emails

On September 3, an appeals court in the United Kingdom held that a contract of guarantee executed in a series of emails duly authenticated by the electronic signature of the guarantor is enforceable. Golden Ocean Group Ltd. v. Salgaocar Mining Indus. PVT Ltd., No A3/2001/0440, 0438. In this case, a ship owner sought to enter into a long-term charter of the ship with a mining conglomerate. The shipping brokers negotiating the contract on behalf of the parties did so through a series of emails. An early email contained the provision of guarantee, but the guarantee was not explicitly restated in the final email that culminated the agreement. The court held that under English law the emails at issue here properly formed a contract, including the guarantee. The court added that the electronic signature of the guarantor’s agent on the culminating email is proper authentication of the contract of guarantee contained in the earlier email, and that generally, “an electronic signature is sufficient and that a first name, initials, or perhaps a nickname will suffice.” The court upheld the lower court’s decision and dismissed the appeal.

Electronic Signatures

UK's FSA Publishes Consultation Paper on Regulatory Reform Implementation

On September 12, in advance of expected legislation that will restructure the United Kingdom's financial services regulatory framework, the Financial Services Authority (FSA) published the first in a series of Consultation Papers meant to support implementation of the reforms. The Parliament is expected to finalize later this year the Financial Services Bill that will abolish the FSA, create the Financial Conduct Authority (FCA) to regulate financial service provider conduct in retail and wholesale markets, and shift safety and soundness regulation to the new Prudential Regulation Authority (PRA), among other changes. The first Consultation Paper outlines changes to split the existing FSA handbook into new rulebooks for the FCA and PRA. All regulated firms are encouraged to review the Consultation Paper, and the FSA has asked for comments to be submitted by December 12, 2012.

Financial Services Authority UK Regulatory Reform Financial Conduct Authority

How to Handle a Government Investigation: 13 Things You Should You Do Immediately If the Government Comes Knocking

Actions you take, or don’t take, in the early hours of a government investigation can have costly and far-reaching consequences for a company. At the root of this is the importance of having a plan in place should your company come under investigation, as the last thing you want to be is caught flat-footed. Do your key employees and legal department staff know what to do immediately if the government initiates an investigation?

Below, BuckleySandler’s Government Enforcement and White Collar attorneys identify 13 steps a company and its employees should take immediately when it becomes aware of a government investigation.

1. Inform your in-house counsel. Establish a protocol to ensure that counsel is contacted immediately.
2. Preserve documents. Inform all necessary employees of the need to retain documents, including electronic documents, with a document hold memo that replaces standard document retention policies for potentially responsive materials.
3. Establish early dialogue with the investigating agency. Communication is critical to understanding the scope of the investigation and to establishing a working relationship with the government.
4. Assume a parallel investigation will be initiated. Questions about self-reporting, production, and other strategic decisions should be made under the assumption that a parallel criminal or civil suit will follow.
5. Alert the Board of Directors and/or Audit Committee. Schedule a meeting with key executives to carefully review the situation and discuss possible remedies and corrective actions. Be mindful that meeting minutes, notes, or emails may be discoverable.
6. Consider implementing internal restrictions on the trading of company stock. Be sure all rules regarding insider trading are upheld.
7. Evaluate disclosure issues and formulate a plan to address. With the commencement of a government investigation, a number of governance issues will arise. Carefully consider any and all disclosures that may be necessary and take appropriate action.
8. Put your insurance carrier on notice. Put your insurer on notice early to increase your chances of having insurance pay for some or all of the investigation and/or litigation costs.
9. Determine if actions are needed with respect to employees who are possible wrongdoers. This may involve implementing restrictions or additional oversight of their activities or even dismissal. All issues involving employees need to be carefully considered from a variety of angles, including employment laws, anti-retaliation provisions, and possible future civil litigation.
10. Identify remedial measures if needed. It may be necessary to conduct a gap analysis of existing compliance programs and make changes to avoid a future recurrence.
11. Prepare for any anticipated media coverage. Any and all public statements will be carefully scrutinized by the media, the public-at-large, and the investigating agency. Therefore, it is critical that sufficient care and attention is given to any public comments by the company or its spokespeople.
12. Notify employees of possible contact by the investigating agency and advise them of their rights and obligations. It is important to remind employees of their responsibility to be truthful when speaking with agents of the government, but that they may choose to have an attorney present if they do decide to be interviewed. You should also reiterate your company’s policy on cooperating with investigations and request that employees inform the legal department of any discussions or contacts with the government.
13. Commence an internal investigation if necessary. An internal investigation can help your company determine whether the allegations have merit or not, and if they do, the cause and extent and possible corrective actions.

You may also be interested in reading our related blog post on How to Respond to a Subpoena: 10 Things You Should Do Immediately.

Enforcement Investigations