Courageous Counsel Leadership Institute - Dentons › ~ › media › PDFs › Events ›...

Courageous Counsel Leadership InstituteNavigating the issues facing women legal leaders

Tuesday, July 22, 2014The Mandarin Oriental HotelNew York, NY

Courageous Counsel - Navigating the issues facing women legal leaders

Network: MandarinOriental-NYCAccess Code: dentons

1. Log onto Mandarin Oriental network

2. Open web browser and go to a www.website i.e. www.google.com

3. You will get directed to Mandarin Oriental splash page to enter access code

Special thank you to the Courageous Counsel advisory board for their dedication and commitment.

Louise Firestone, Senior Vice President for Legal Affairs and General Counsel, LVMH Moët Hennessy Louis Vuitton Inc.Michele Coleman Mayes, Vice President, General Counsel and Secretary, New York Public Library Judy Mills, Executive Vice President, General Counsel and Secretary, Kimpton Hotel & Restaurant Group, LLC Sally Narey, Chief Counsel, Fireman’s Fund Insurance CompanyLouise Pentland, Executive Vice President and Chief Legal Officer, Nokia Tracy Preston, Senior Vice President, General Cousel, Neiman Marcus Group Gloria Santona, Executive Vice President, General Counsel and Secretary, McDonald’s Corporation

Internet login information

Tab 1 | Program Agenda

Tab 2 | Speaker Biographies

Tab 3 | Know the way: A hypothetical crisis navigating response tactics

Tab 4 | Impact of big data in global environment — privacy and data security issues

Tab 5 | Issues that keep your compliance officer awake at night

Tab 6 | The good, bad ugly of being a GC of private equity portfolio company

Tab 7 | IP and social media — the latest trends and tips

Tab 8 | Negotiating your compensation

Navigating the issues facing women legal leadersTuesday, July 22, 2014

Courageous CounselTable of Contents

7:45 a.m. Registration and Breakfast

8:30 a.m. Welcome RemarksElliott Portnoy, Dentons’ Global Chief Executive OfficerKara Baysinger, Dentons’ Partner and co-author Courageous Counsel: Conversations with Women General Counsel in the Fortune 500

8:45 a.m. Introductory Keynote - Courage, Risk and Influence Michele Coleman Mayes, Vice President, General Counsel and Secretary, New York Public Library, and co-author Courageous Counsel: Conversations with Women General Counsel in the Fortune 500

9:05 a.m. GC/C-suite and senior management interpersonal relationships and leadership skills How each approaches their job, their relationships and operations, and what they need to make those relationships work.

Moderator - Mary Ann Hynes, Senior Counsel, Dentons

Panel:Alfreda Bradley-Coar, General Counsel, US & Canada, GE HealthcareAnne Cooney, General Counsel, Wealth Management, Morgan StanleyJennifer Kopps-Wagner, Senior Vice President and General Counsel, Assurant Health Maryann Waryjas, Senior Vice President, Chief Legal Officer and Corporate Secretary, Great Lakes Dredge & Dock

9:55 a.m. Break

10:15 a.m. Boardroom knowledge — what you need to know How GCs and board members work together. Understanding a company’s stakeholders —constituencies to whom GCs need to answer.

Moderator - Mary Ann Hynes, Senior Counsel, Dentons

Panel:Susan Blount, Executive Vice President and General Counsel, Prudential Financial, Inc.Janet Clark, Board Member, EOG Resources, Inc.; Retired CFO, Marathon Oil CorporationJanet Wright, Vice President - Corporate, Securities & Finance Counsel, Dell, Inc.


Courageous CounselProgram agenda


11:05 a.m. Know the way: A hypothetical crisis — navigating response tactics

Moderator - Jana Cohen Barbe, Partner and Member of the Board, Dentons

Panel:Kathleen Cronin, Senior Managing Director, General Counsel and Corporate Secretary, CME GroupLouise Firestone, Senior Vice President for Legal Affairs and General Counsel, LVMH Moët Hennessy Louis Vuitton Inc.Gail Lione, (retired) Former Executive Vice President, General Counsel and Secretary of Harley-Davidson, Inc.

12:05 p.m. Lunch

(after main course has been plated) Introduction: Natalie Spears, Partner and Chair of Dentons’ US Women’s Leadership & Growth Network

Presentation Keynote Speaker: Former US Senator Olympia Snowe

Q&A

Track Sessions1:30 p.m. Track A - Impact of big data in a global environment — privacy and data security issues

Moderator - Andy Roth, Partner, Dentons

Panel:Rachel Gervin, Senior Vice President and General Counsel, Sage North America Randi Pollack, Senior Director, Legal & Business Affairs, Digital Media and International Distribution Counsel, A+E NetworksPauline Wen, Senior Vice President, Chief Privacy Counsel, Business and Legal Affairs, Viacom Media Networks

Track B - Issues that keep your compliance officer awake at night

Moderator - Michelle Shapiro, Partner, Dentons

Panel: Alfreda Bradley-Coar, General Counsel, US & Canada, GE HealthcareCarrie DiSanto, Managing Director, Global Chief Compliance Officer, CME GroupElizabeth Ditomassi, Co-General Counsel and Global Head of Compliance and Regulatory Affairs, Beazley Insurance GroupInna Tsimerman, Chief Privacy and International Trade Counsel, Marsh & McLennan Companies, Inc.

Program Agenda


2:20 p.m. Track A - The good, bad and ugly of being a GC of a private equity portfolio companyModerator - Linda Harris, Partner, Dentons

Panel: Juliette Pryor, Executive Vice President, General Counsel and Chief Compliance Officer, US Foods Jan Stern Reed, Corporate Vice President and Deputy General Counsel, Walgreen Co.Janet Wright, Vice President - Corporate, Securities & Finance Counsel, Dell, Inc.

Track B - Public companies: it’s all about liquidity

Moderator - Maggie Kavalaris, Partner, Dentons

Panel:Adrienne Logan, Senior Vice President & General Counsel, Kenneth Cole Productions Paula Maggio, Executive Vice President, General Counsel and Secretary, Strategic Hotels & Resorts, Inc.Cristina Morgan, Vice Chairman, JPMorgan Securities, Inc.

Track C - IP and social media — the latest trends and tips

Moderator - Natalie Spears, Dentons, Partner

Panel:Julie Bowen, Vice President, General Counsel and Corporate Secretary, The MITRE CorporationLynn Oberlander, General Counsel, Media Operations, First Look Media Char Whitaker, Corporate Vice President, Law, and Chief IP Counsel, Motorola Solutions, Inc.

3:10 p.m. Break

3:30 p.m. Negotiating your compensation

Pam Baker, Partner, DentonsCatherine Nathan, Partner, Former Co-Head, Legal Search Practice, Spencer Stuart

4:20 p.m. Innovation every day—why it matters and why it is a key ingredient for success

Moderator - Louise Pentland, Executive Vice President and Chief Legal Officer, Nokia

Panel:Brian Lowry, Deputy General Counsel, Monsanto Mary McDowell, Board Member, AutodeskReena SenGupta, Founder, RSG Consulting

5:10 p.m. Networking Reception

Program Agenda

Pam Baker is chair emerita and vice chair of Dentons’ Pensions, Benefits and Executive Compensation practice. She represents employers, high-level executives, boards and compensation committees in a wide range of matters, including nonqualified deferred compensation and equity incentive arrangements, employment agreements, severance arrangements, golden parachute plans and Employee Retirement Income Security Act matters, as well as the design, implementation and administration of tax-qualified retirement plans. She has held leadership roles with numerous bar association organizations.email: [email protected]

Jana Barbe is a member of Dentons Global Board and served as chair of the Firm’s preeminent Real Estate practice for more than decade. She specializes in representing institutional investors on tax-advantaged investments including low income housing tax credits, renewable energy credits, historic tax credits and on social investments generally. Jana was recently awarded Inside Counsel’s Transformative Leadership Rainmaker Award and has been recognized as one of the most influential women in real estate.email: [email protected]

Kara Baysinger is a San Francisco-based partner at Dentons, where she heads the Firm’s global Insurance practice and Insurance Regulatory practice. She also serves as a key member of the Firm’s leadership team. Kara is sought-after to help insurers solve their most complex, mission-critical and/or sensitive business and regulatory issues, based on her strong and successful career in private practice and her years spent in-house at insurance companies. On top of a demanding practice, Kara is actively involved in Dentons’ Women’s Leadership and Growth Network. She has always viewed workplace diversity and women’s advancement as a calling. In 2011, Kara co-authored Courageous Counsel: Conversations with Women General Counsel in the Fortune 500, a volume tracing the career arc of 42 women general counsel at some of America’s largest corporations.email: [email protected]

Susan L. Blount is executive vice president and general counsel at Prudential Financial, Inc., responsible for the company’s 700 person global Law, Compliance, Business Ethics and External Affairs departments. She is also a member of Prudential’s Office of the Chairman group and Senior Management Committee. Susan serves on the board of Montclair State University. She also serves on the board of trustees of the University of Texas Law School Foundation, the Leadership Council for Legal Diversity and the Association of Corporate Counsel.email: [email protected]


Courageous CounselSpeakers


Julie Bowen is vice president, general counsel, and corporate secretary of The MITRE Corporation. She directs an in-house legal team that advises MITRE’s leadership on all legal matters and oversees the Government Relations Department. She has previously held senior positions with DHL Global Mail, QuadraMed Corporation and TREEV, Inc. Julie is an active member of several industry and professional groups, including the Northern Virginia Technology Council, the Association of Corporate Counsel and the Mid-Atlantic Venture Association. She has performed pro bono legal work for legal aid organizations with a focus on defending the rights of women, children and the homeless. She also served on the board and still volunteers for Brainfood, a nonprofit that teaches life skills and practical cooking techniques to at-risk high schoolers in Washington, DC.email: [email protected]

Alfreda Bradley-Coar is currently a senior executive and general counsel of GE Healthcare, Americas, an US$8 billion global health care division of GE. In her 18-year tenure at GE, she has held leadership positions in the health care, insurance and financial services businesses. She is responsible for leading the law department and advising senior executives on strategy, commercial and corporate transactions, compliance and enterprise risk management. Afreda is also a member of GE’s Legal Corporate Executive Council. Previously, she specialized in bankruptcy and corporate reorganizations with two national law firms in Chicago. email: [email protected]

Janet F. Clark recently retired from her role as executive vice president and chief financial officer of Marathon Oil Corporation. She joined Marathon in January 2004 after having previously served as senior vice president and chief financial officer for Nuevo Energy from 2001 through 2003. Before joining Nuevo, Janet worked at Santa Fe Snyder as chief financial officer and then as executive vice president of Corporate Development and Administration. She began her career as an investment banker specializing in corporate finance, primarily with The First Boston Corporation, now owned by Credit Suisse. Janet was recently elected to the board of directors of EOG Resources after having served on the board of directors of Dell, Inc. She is a board member for numerous nonprofit organizations and serves as a member of the Federal Reserve Bank of Dallas’ Business and Community Advisory Council.email: [email protected]

Michele Coleman Mayes is vice president, general counsel and secretary for the New York Public Library (NYPL). Michele joined NYPL in August 2012 after serving as executive vice president and general counsel for Allstate Insurance Company since 2007. She served as a senior vice president and general counsel of Pitney Bowes Inc. from 2003 to 2007 and in several legal capacities at Colgate-Palmolive from 1992 to 2003. In 1982, Michele entered the corporate sector as managing attorney of Burroughs Corporation. After Burroughs and Sperry Corporation merged, creating Unisys Corporation, she was appointed staff vice president and associate general counsel for Worldwide Litigation. From 1976 through 1982, she served in the US Department of Justice as an assistant United States attorney in Detroit and Brooklyn, eventually assuming the role of chief of the Civil Division in Detroit. email: [email protected]


Anne Cooney is a managing director and the general counsel of Morgan Stanley Wealth Management (WM). Anne leads a team of approximately 70 professionals who advise the business on legal issues and regulatory requirements involving the division’s broad product and services offerings. She previously served as head of Client Litigation for the wealth management business. Anne is a member of the WM Operating Committee and serves on the board of trustees for the Securities Industry Institute, a securities education program conducted in partnership with the Wharton School of Business. She is a member of the SIFMA Compliance and Legal Society’s Executive Committee. Prior to joining Morgan Stanley in 1999, Anne practiced as a securities litigator with a leading Florida law firm, where she specialized in representing financial institutions in court litigation, arbitrations and regulatory proceedings before the SEC and self-regulatory organizations.

email: [email protected]

Kathleen M. Cronin serves as senior managing director, general counsel and corporate secretary of CME Group. She leads the company’s Legal, Market Regulation, Global Assurance, Corporate Secretary and Membership Services functions. Previously, Kathleen served as corporate counsel for Skadden, Arps, Slate, Meagher & Flom LLP. She also served as chief counsel, Corporate Finance, for Sara Lee Corp.email: [email protected]

Carrie Di Santo is managing director and global chief compliance officer at the CME Group, where she oversees Corporate Compliance, Enterprise Risk Management and Records/Information Management. She previously served as vice president and global chief compliance officer at Aon Corporation, based in Chicago, and as general counsel of Aon Ltd, in London. She was formerly a partner in the Chicago office of Baker & McKenzie LLP.email: [email protected]

Elisabeth Ditomassi is the co-general counsel and global head of Compliance and Regulatory Affairs for the Beazley Insurance group, a UK-based property and casualty insurance company. Prior to this role, she spent seven years as the general counsel and deputy commissioner of the Massachusetts Division of Insurance. She has also served as chief of the Litigation Bureau for the Department of Revenue in Massachusetts and as an assistant attorney general for the Massachusetts Attorney General’s Office. Her career started here in New York City where she was a young litigation associate at the firm of Fox, Horan and Camerini. Currently serving as an adjunct professor at Boston University, Elisabeth also is nearing the completion of an insurance treatise with a colleague that is expected to be published by the American Bar Association in early 2015, and recently completed a four-year stint on the Massachusetts Board of Bar Overseers. email: [email protected]

Louise Firestone is the senior vice president for Legal Affairs and general counsel for LVMH Moët Hennessy Louis Vuitton Inc., where she is responsible for legal matters affecting the French luxury group’s operating companies in the US. Louise had the pleasure and honor to help inaugurate the US EllesVMH program, a global leadership-focused program for LVMH’s women employees. She joined LVMH in August 1999.email: [email protected]

Rachel Gervin joined Sage in August 2003 and is currently senior vice president and general counsel. Rachel began her legal career at Kirkland & Ellis, where she had a broad practice including commercial litigation. She left Kirkland & Ellis to join Wilson Sonsini Goodrich & Rosati, where she focused on securities litigation. Just prior to joining Sage, Rachel was a litigator with Crowell & Moring. Rachel is a member of the ACC Georgia Chapter, currently serving as the VP of Sponsorships and Programs.email: [email protected]


Linda Harris is a partner at Dentons representing public and private companies and institutional investors in complex corporate matters, including M&A, private equity and venture capital transactions, joint ventures, leveraged buyouts, restructurings and franchising. She previously spent 10 years as chair of legacy firm SNR Denton’s Corporate and Securities practice in the US. Linda’ s practice is global and spans a wide array of industries. Linda is a major supporter of entrepreneurs and early-stage businesses, including women-owned businesses. She speaks frequently at the Entrepreneurial Conference of the Women’s Business Development Center.email: [email protected]

Mary Ann Hynes, senior counsel in Dentons’ Chicago office, is a five-time general counsel veteran and the first woman to serve in that role at a Fortune 500 company. Mary Ann has blazed trails in boardrooms and corporate offices while guiding global companies in a wide range of industries. The common theme of her career: not being limited by title, industry or gender.email: [email protected]

Maggie Kavalaris is a member of Dentons’ Corporate and Venture Technology practices. She focuses on corporate finance, securities and intellectual property licensing, with an emphasis on emerging growth tech companies. She advises on corporate governance and operations, technology development, transfers, licensing and distribution. A regular speaker on the topic of women in leadership, Maggie also sits on the boards of directors of numerous nonprofits, including the WCF (formerly the Women’s Campaign Fund).email: [email protected]

Jennifer Kopps-Wagner is senior vice president and general counsel at Assurant Health, a national health insurance company headquartered in Milwaukee. Since joining the company in 1999, she’s held a series of positions in the Legal Department. Jennifer provided legal support for the company’s product lines and operations, and played a key role in product launches and initiatives. As general counsel, she has made significant contributions in helping Assurant Health understand and implement changes brought about by health care reform legislation. She is a past vice chair of the Tort, Trial and Insurance Practice Section of the American Bar Association, and is currently a member of the Association of Corporate Council – Wisconsin Chapter. In 2011, Jennifer was recognized as one of the Women in the Law winners by the Wisconsin Law Journal. She is an inaugural member of Alverno’s Vanguard Society.email: [email protected]

Gail A. Lione is a senior executive with intellectual property, business strategy and corporate governance experience. She is also an adjunct professor of intellectual property law at Marquette University Law School. She currently serves as a director of three public and private for-profit companies. She has been a member of the board of directors and audit committee of Sargento Foods Inc since 2006; she has been a member of the board of Badger Meter, Inc., since February 2012 and serves on its compensation and corporate governance committees; and she was elected to the board of The F. Dohmen Co. in March 2013. For more than 23 years, Gail served as general counsel for companies in the financial services and insurance, publishing and digital imaging, and manufacturing industries. In her most recent assignment, she was the executive vice president, general counsel, secretary and chief compliance officer of Harley-Davidson, Inc., until May 2010.email: [email protected]


Adrienne Logan is currently senior vice president and general counsel at Kenneth Cole Productions, Inc., one of the most widely revered and consistently focused fashion companies in the world, located in New York. Adrienne provides direction and leadership on a wide variety of issues for the corporation, including intellectual property and licensing, public relations, advertising, ecommerce, employment and international issues. She provides direction to Kenneth Cole’s founder and chairman, Kenneth D. Cole, as well as to the company’s board of directors.email: [email protected]

Brian Robert Lowry is deputy general counsel for Monsanto Company, and leads the Office of Law and Policy. He and his team are responsible for key legal functions and public policy efforts involving human rights, human resources and immigration; intellectual property policy; regulatory compliance and stewardship; the Business Conduct Office, international trade policy, negotiations and compliance; and multilateral undertakings and conventions. He currently serves on the Steering Committee of the US Local Network and the Human Rights Working Group of the UN Global Compact. Recently, Brian was named co-chair of the US Council for International Business Sustainability Development Goals Working Group. Before assuming his current role, Brian was the vice president for Public Policy and Global Strategy for Monsanto’s Corporate Affairs Group.email: [email protected]

Paula C. Maggio is the executive vice president, general counsel and secretary of Strategic Hotels & Resorts, Inc., a publicly traded lodging REIT. She played a critical role in the company’s initial public offering in 2004, and subsequently has executed a number of significant investment, acquisition and divestment transactions. Previously, Paula practiced law with Altheimer & Gray, where she focused primarily on real estate and hospitality law.email: [email protected]

Mary T. McDowell is a technology industry executive who has led global multibillion dollar businesses in the mobile, consumer and enterprise sectors, and currently serves as non-executive director of Autodesk, which she joined in 2010. She has a track record for sustainable financial performance, technology innovation and market-leading results. She also served on the Navteq board from 2008–2010. Mary joined Nokia in 2004 as the first non-Finnish national hired directly to report to the CEO, and was EVP and a member of the leadership team through 2012. In addition to delivering strong financial results, Mary led the unit to recognition for its positive societal impact in key emerging markets. Before joining Nokia, Mary was senior vice president and general manager of the Industry-Standard Server Group at Hewlett Packard and Compaq for five years, leading the world’s largest server franchise.email: [email protected]

Cristina Morgan is the vice chairman of Technology Investment Banking. She began her investment banking career with Hambrecht & Quist 31 years ago, as an enterprise software research analyst after five years of computer industry experience. She serves on the California Operating Committee of JP Morgan and has served on the board of directors of Frame Technology, Visigenic Software and Evoke Software. She has been recognized by Working Woman magazine as one of the “Top Ten Women in Technology,” by Worth magazine as one of “The Bay Area’s Most Powerful Investment Bankers,” by Fortune as one of “America’s 50 Most Powerful Women” and by the Financial Women’s Association as “Financial Woman of the Year.” In her own practice, Cristina has represented her firm on more than 150 IPOs and worked on a variety of types of transactions.email: [email protected]


Catherine Nathan, based in New York, is a lawyer and a member and former co-leader globally of Spencer Stuart’s Legal, Compliance & Regulatory search practice. Catherine has built a national reputation leading general counsel searches for diverse Fortune 500 clients, including AIG, Boeing, Pfizer, Procter & Gamble and Hewlett Packard. She has also conducted nonprofit general counsel searches for the Ford Foundation, Georgetown University, the University of Chicago and the New York Public Library. Prior to her career in executive search, Catherine practiced law with Chadbourne & Parke and Patterson, Belknap, Webb & Tyler.email: [email protected]

Lynn Oberlander has been the general counsel, Media Operations for First Look Media since March of 2014. From 2006 to 2014, she was the general counsel for The New Yorker, where in addition to her legal duties, she also wrote occasionally for newyorker.com on media law issues. email: [email protected]

Louise Pentland is the former executive vice president and chief legal officer responsible for Nokia’s legal matters, privacy compliance and government relations, as well as for protecting and enforcing the company’s industry-leading portfolio of patents and other intellectual property. Louise managed a global team of lawyers, IP experts, government relations professionals, paralegals and assistants, located in more than 30 countries. She had responsibility for legal governance, ethics and compliance, privacy, litigation, global government relations, business security and continuity, as well as intellectual property. Louise also served on the Nokia Solutions and Networks board. Louise is an active supporter of diversity in law, leadership development and mentoring, and has strong passions for the legal and IP arenas for developing markets and pro bono initiatives.email: [email protected]

Randi S. Pollack is senior director, Legal & Business Affairs, Digital Media and International Distribution Counsel at A+E Networks (A&E, History Channel, Lifetime, H2, FYI and LMN). Randi drafts and negotiates various agreements related to domestic and international linear and digital video distribution, A+E’s websites and apps, and digital advertising. Additionally, Randi advises on privacy and data security matters, and is working to develop corporate polices.email: [email protected]

Elliott Portnoy is global chief executive and leads Dentons’ leadership team in advancing the Firm’s goal of challenging the most elite law firms in the world with its geographic reach, exceptional talent and client focus. As CEO of the international law firm SNR Denton, Elliott was one of the driving forces behind the 2013 three-firm combination that created Dentons, a global law firm with more than 2,600 lawyers and professionals meeting client needs in more than 50 countries.email: [email protected]

Juliette Pryor is executive vice president, general counsel and chief compliance officer of US Foods, responsible for the legal, risk management and compliance functions. Prior to joining US Foods, she was in private practice with Skadden Arps. Before joining Skadden, Juliette served as general counsel for e.spire Communications, a publicly traded telecommunications company. She began her career as in-house counsel with IBM Corporation. email: [email protected]


Andy Roth co-chairs Dentons’ Privacy and Security group. He has deep experience driving actionable insights and organizational transformation through new technologies, such as social, mobile, cloud and big data. A prominent thought leader on digital payments, virtual currencies and cybersecurity, he also serves as pro bono counsel to the Bitcoin Foundation. Previously, Andy was chief privacy officer at American Express, ranked by the Ponemon Institute as the #1 Most Trusted Company for Privacy for four consecutive years.email: [email protected]

Reena SenGupta currently serves as CEO of RSG Consulting. She is an expert analyst of the legal profession. She founded RSG Consulting, a London-based legal strategy consultancy, in 2001. The company is the architect and research partner to the Financial Times Innovative Lawyers Reports in Asia Pacific, Europe and the US. Reena was short-listed for an Asian Woman of Achievement award for her pioneering work around the European and Indian legal markets. Her experience analyzing and commentating on the legal profession stretches over two decades.email: [email protected]

Michelle Shapiro is a litigator in Dentons’ White Collar and Government Investigations practice. She represents companies and individuals in investigations by the Department of Justice, the Securities and Exchange Commission and state attorneys general offices, among others. She also conducts internal investigations for companies examining potential misconduct. Michelle regularly counsels clients regarding compliance with the US Foreign Corrupt Practices Act and other anti-corruption laws. email: [email protected]

Natalie Spears serves as head of Dentons’ global Technology, Media and Telecommunications sector and of the Firm’s Women’s Leadership Growth Network, where she litigates IP, media, advertising, competition, consumer class actions, commercial and real estate matters, and sets direction for the Firm’s commitment to exceptional client service and diversity. She routinely works to secure the media’s First Amendment rights, often in high-profile cases. email: [email protected]

Jan Stern Reed serves as corporate vice president, deputy general counsel and assistant corporate secretary of Walgreen Co., the nation’s largest drugstore chain with annual sales of US$72 billion. Her legal roots are in in corporate, M&A, corporate governance and securities; however, her years as a general counsel have significantly expanded her horizons to encompass the full landscape of substantive legal, business and executive management issues. Prior to joining Walgreens in 2013, she was executive vice president of Human Resources, general counsel and corporate secretary of Solo Cup Company. Prior to Solo, Jan served as associate general counsel, chief governance officer and corporate secretary for Baxter International Inc. She started her legal career in the corporate group at Bell, Boyd and Lloyd in Chicago, and moved to an in-house position at Waste Management thereafter. email: [email protected]

Inna Tsimerman is the chief privacy and international trade counsel of global professional services firm Marsh & McLennan Companies, Inc. Named to the position in November 2010, she provides strategic advice on a broad range of trade sanctions and other international trade law issues, as well as and data protection issues. Prior to this, Inna served as corporate counsel for CS STARS LLC, an affiliated company. She has also held associate attorney positions at DLA Piper and Seyfarth Shaw LLP, and was an attorney in the Legal Department of CNA Insurance. After law school, she held an internship in the Legal Affairs Division of the World Trade Organization after law school. email: [email protected]


Maryann A. Waryjas is senior vice president, chief legal officer, and secretary of Great Lakes Dredge & Dock Corporation, as well as member of the board of directors of the Chicago Stock Exchange. She has also been a trusted member of, and advisor to, executive teams and boards of directors for more than two decades. She has been a legal architect of many successful transactions, and also has an exceptional record of dispute resolution as well as a national reputation as a thought leader on strategic business initiatives, M&A transactions, corporate governance standards, SEC and other regulatory compliance, director and officer liability, executive compensation and dispute resolution. Prior to joining the senior management team at GLDD, she was co-chair of the Mergers and Acquisitions Practice and Corporate Governance Practice at Katten Muchin Rosenman LLP (Chicago).email: [email protected]

Pauline Wen is senior vice president, chief privacy counsel, Business and Legal Affairs, with Viacom Media Networks, a division of Viacom International Inc. She is responsible for data privacy for VMN and its brands, which include MTV, VH1, Nickelodeon, Comedy Central, Country Music Television, Spike TV, TV Land and LOGO. Prior to her current role at VMN, she specialized in digital media law at VMN, negotiating deals and providing related advice. She is CIPP/US certified.

Char Whitaker is a corporate vice president and chief IP counsel for Motorola Solutions. She is responsible for managing the worldwide IP matters of Motorola Solutions and advising on all aspects of intellectual property law (including patent and trademark operations, licensing, litigation and IP issues associated with strategic transactions). email: [email protected]

Janet Wright serves as vice president-Corporate, Securities and Finance Counsel of Dell Inc., a global integrated technology solutions company with more than 100,000 employees. In this role, Janet acts as counsel to the board of directors and senior management and has primary responsibility for legal support globally for corporate finance, capital markets and securities, as well as international financial services and global facilities. She also has responsibility for global legal department administration.email: [email protected]

Olympia Snowe

• US Senator from Maine (1994–2012)

• Representative in the US House of Representatives (1978–1994)

Olympia Snowe’s dedicated work in the US Senate has garnered her nationwide recognition as a leading policymaker in Washington. In 2005, she was named the 54th most powerful woman in the world by Forbes magazine. In 2006, Time magazine named her one of the top ten US Senators. Calling her “The Caretaker,” it wrote of Snowe: “Because of her centrist views and eagerness to get beyond partisan point scoring, Maine Republican Olympia Snowe is in the center of every policy debate in Washington, but while Snowe is a major player on national issues, she is also known as one of the most effective advocates for her constituents.”

With her election in 1994, Olympia J. Snowe became only the second woman Senator in history to represent Maine, following the late Sen. Margaret Chase Smith, who served from 1949–1973. In November 2006, she was re-elected to a third six-year term in the United States Senate with 74 percent of the vote.

Before her election to the Senate, Olympia Snowe represented Maine’s Second Congressional District in the US House of Representatives for 16 years. Senator Snowe is only the fourth woman in history to be elected to both houses of Congress and the first woman in American history to serve in both houses of a state legislature and both houses of Congress. When first elected to Congress in 1978, at the age of 31, Olympia Snowe was the youngest Republican woman, and the first Greek-American woman, ever elected to Congress. She has won more federal elections in Maine than any other person since World War II.

Focusing her attention on efforts to build bipartisan consensus on key issues that matter to Maine and America, Snowe has built a reputation as one of the Congress’ leading moderates. In 1999, she was cited by Congressional Quarterly for her centrist leadership, and was co-chair with Senator Mary Landrieu (D-Louisiana) of a bipartisan, consensus-building group in the Senate called the Common Ground Coalition—a forum for communication and cooperation between Senate Democrats and Republicans.

During her time in the Senate, Senator Snowe worked extensively on a number of issues, such as budget and fiscal responsibility; education, including student financial aid and education technology; national security; women’s issues; health care, including prescription drug coverage for Medicare recipients; welfare reform; oceans and fisheries issues; and campaign finance reform.


Courageous CounselLuncheon Keynote Speaker


During her tenure in the US House of Representatives, she co-chaired the Congressional Caucus on Women’s Issues for 10 years, and provided leadership in establishing the Office of Women’s Health at the National Institutes of Health. She also served as a member of the House Budget Committee; of the House Foreign Affairs Committee, where she was Ranking Republican on the Subcommittee on International Operations; and of the former House Select Committee on Aging, where she was Ranking Republican on the Subcommittee on Human Services.

She served in both Houses of the Maine Legislature, first elected to the Maine House—representing her home town of Auburn—in 1973 to the seat left vacant by the death of her first husband, the late Peter Snowe, in an auto accident. She was re-elected in 1974, and was elected to the Maine Senate representing Androscoggin County in 1976.

7/24/2014

1

Courageous Counsel Leadership InstituteKnow the way: A hypothetical crisis navigating response tactics

July 22, 2014

Know the way: A hypothetical crisis—navigating response tactics

2

ModeratorJana Cohen Barbe, Dentons Partner and Member of the Board

Panel• Kathleen Cronin, Senior Managing Director, General Counsel and Corporate

Secretary, CME Group

• Louise Firestone, Senior Vice President for Legal Affairs and General Counsel, LVMH Moët Hennessy Louis Vuitton Inc.

• Gail Lione, (retired) Former Executive Vice President, General Counsel and Secretary of Harley-Davidson, Inc.

sdeleva

Rectangle

sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

2

Participants

3

The Roles• Moderator - Facilitator

• Panelists - Company's General Counsel

• Audience - Company's Board Members

The Hypothetical Scenario

The Company • Large global public company based in the Midwest• Branded on "wholesomeness"The Situation • Company launches brand new skin care product—a face cream—marketing the product as

"organic" and "100% natural." • The product is manufactured and packaged in a foreign country though that is not publicly

acknowledged. • Shortly after its very expensive and splashy celebrity-endorsed launch, it is discovered that

the product is entirely artificially manufactured and contains possible carcinogens. • The discovery is linked to employees engaging in social media chat, who leak internal

memoranda acknowledging the presence of potentially toxic substances in the cream. • The celebrity spokespersons publicly resign and encourage boycotting. • Legal action and governmental investigations are threatened.

4

sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

3

Crisis Management

5

Question for Company's Board Members • What is the GC's office immediate response?







6

sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

4

Crisis Management

7

Questions for Company's General Counsel• What are the first ten things you do?







8

sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

5

Crisis Management

9

Protocol - What needs to be addressed?a. Risk assessment - level of risk, short-term, long-term, risk to persons, risk to company

and other product lines b. Communication - internal, external (are there cultural or geographic challenges) and

how is social media managed c. Logistics and operations - impact on the supply chain d. Cooperation with a federal or state investigation, if any e. Assessment of regulatory implications and recallsf. Role of outside counsel - when do you "lawyer up"? g. Your bank and your financial covenants h. Insurance i. Your relationship with the CEO during the crisis j. The role of the board during the crisis k. Who are your other constituents? l. Employee relations

Crisis Management

10

The Company • Large global public company based in the Midwest• Branded on "wholesomeness"The Situation • Company launches brand new skin care product—a face

cream—marketing the product as "organic" and "100% natural."

• The product is manufactured and packaged in a foreign country though that is not publicly acknowledged.

• Shortly after its very expensive and splashy celebrity-endorsed launch, it is discovered that the product is entirely artificially manufactured and contains possible carcinogens.

• The discovery is linked to employees engaging in social media chat, who leak internal memoranda acknowledging the presence of potentially toxic substances in the cream.

• The celebrity spokespersons publicly resign and encourage boycotting.

• Legal action and governmental investigations are threatened.

Protocol - What needs to be addressed?a. Risk assessment - level of risk, short-term, long-term, risk to persons, risk to company and other product lines

b. Communication - internal, external (are there cultural or geographic challenges) and how is social media managed

c. Logistics and operations - impact on the supply chain

d. Cooperation with a federal or state investigation, if any

e. Assessment of regulatory implications and recalls

f. Role of outside counsel - when do you "lawyer up"?

g. Your bank and your financial covenants

h. Insurance

i. Your relationship with the CEO during the crisis

j. The role of the board during the crisis

k. Who are your other constituents?

l. Employee relations **VARIABLE! There is a fire at the packaging facility. Employees are killed and many more injured. There are no immediate allegations of violations of laws.

sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

6

Crisis Management

11


cream—marketing the product as "organic" and "100% natural." • The product is manufactured and packaged in a foreign country

though that is not publicly acknowledged. • Shortly after its very expensive and splashy celebrity-endorsed

launch, it is discovered that the product is entirely artificially manufactured and contains possible carcinogens.




**VARIABLE! There is a fire at the packaging facility. Employees are killed and many more injured. The facility was not properly constructed and it is alleged that local officials were bribed to secure various permits.








h. Insurance




l. Employee relations

Crisis Management

12








**VARIABLE! There is a fire at the packaging facility. Employees are killed and many more injured. The facility was not properly constructed and it is alleged that local officials were bribed to secure various permits. There is some indication that a member of the company's senior management team was aware of and perhaps directly involved in the illegal or corrupt activity.








h. Insurance





sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

7

Crisis Management

13








**VARIABLE! Labor and human rights violations are alleged to occur at the packaging facility. An undercover investigation by a global television network records various abuses, requests the company comment prior to airing and allows the company 24 hours to respond.








h. Insurance





Crisis Management

14








**VARIABLE! Employees at the manufacturing facility are taken hostage and ransom is demanded.








h. Insurance





sdeleva

Rectangle

sdeleva

Rectangle

7/24/2014

8

Crisis Management

15








**VARIABLE! The CEO is on vacation in Tahiti when all of this happens.








h. Insurance





Crisis Management

16

Board Expectation• What does the board want when the company is in crisis?

• How do you assess a GC's performance in crisis?

• What are the attributes you most admire in the GC's office when "under fire"?

sdeleva

Rectangle

sdeleva

Rectangle

Privacy and Data Security Issues: Privacy Impact Assessments and Incident Response

Moderator - Andy Roth, Dentons’ Partner

Panel:

Rachel Gervin, Senior Vice President and General Counsel, Sage North America

Randi Pollack, Senior Director, Legal & Business Affairs, Digital Media and International Distribution Counsel, A+E Networks

Pauline Wen, Senior Vice President, Chief Privacy Counsel, Business and Legal Affairs, Viacom Media Networks

I. Privacy Impact Assessments

Privacy impact assessments (PIAs) provide a tool for organizations to evaluate their collection, use and sharing of personal information and to assess the privacy impact of their practices. They are especially helpful when evaluating Big Data projects or other cutting edge data-driven opportunities that are not well-established industry practice. By working through the privacy implications of data-driven initiatives, potential negative perceptions or feedback can be highlighted and mitigated through design guidelines or proactive communication with consumers.

While not statutorily mandated for most organizations in the US or abroad, US federal agencies provide a helpful model as they must conduct PIAs under the Section 208 of the E-Government Act of 2002 for new or substantially changed technology that collects, maintains or disseminates personally identifiable information.

The FTC posts PIAs on its website, providing transparency to the PIA process. (See http://www.ftc.gov/site-information/privacy-policy/privacy-impact-assessments) By way of example, the FTC recently published a PIA for deploying Google Analytics as part of the General Services Administration’s Digital Analytics Program. (See http://www.ftc.gov/system/files/attachments/privacy-impact-assessments/2014-06-03google_analytics_pia_no_sig.pdf) The PIAs generally follow a structure that discusses the purpose of the system or program, potential impact and specifics on retention and control of data. An example breakdown of a FTC PIA:

1. Specific Purpose of the Collection/Use/Program Participation

2. Is There any PII That is Likely to Become Available Through the Collection/Use/Program Participation?

3. Intended or Expected Use of Data Collected

4. Sharing or Disclosing of Data


Privacy and Data Security Issues: Privacy Impact Assessmentsand Incident Response


5. Maintenance and Retention of Data

6. How the Agency Will Secure Data

7. Identification and Mitigation of Other Privacy Risks

8. Creation or Modification of a System of Records

This structure can be used by any organization to facilitate the identification of potential risks and controls that minimize the privacy impact of a business process or new technology.

PIAs are also promoted by the UK’s Information Commissioner’s Office (ICO) and other Data Protection Authorities as an integral part of a “privacy by design” approach to managing personal information organizations collect. (See, e.g. http://ico.org.uk/for_organisations/data_protection/topic_guides/privacy_by_design) ICO has released a Code of Practice to guide organizations through PIAs. (See http://ico.org.uk/for_organisations/data_protection/topic_guides/~/media/documents/library/Data_Protection/Practical_application/pia-code-of-practice-final-draft.pdf, hereinafter “Code of Practice”)

The Code of Practice describes the PIA process with the following key points:

• The PIA process is a flexible one that can be integrated with an rganization’s existing approach to managing projects. The time and resources dedicated to a PIA should be scaled to fit the nature of the project.

• A PIA should begin early in the life of a project, but can run alongside the project development process

(See Code of Practice, Chapter 2)

The suggested steps in the Code of Practice, which are similar in structure to the FTC’s PIA structure, include:

• Identify the need for a PIA

• Describe the information flows

• Identify the privacy and related risks

• Identify and evaluate the privacy solutions

• Sign off and record the PIA outcomes

• Integrate the outcomes into the project plan

• Consult with internal and external stakeholders as needed throughout the process

(See Code of Practice, Chapter 2)

PIAs should be designed to fit the business processes and needs of the organization, and to the extent the structures used by US federal agencies and promoted by the ICO do not fit the organization they can be modified as necessary. The key issues that should be addressed in any PAI are 1) identify data collection, use and sharing, 2) identify privacy risks, and 3) mitigate identified privacy risks to the extent possible with privacy controls.

II. Incident Response

A. Legal Framework of Incidents and Breaches

1. State Data Breach Notice Laws

Incidents can draw media and regulator scrutiny and cause widespread damage to revenue and reputation. The fact is, every company regularly faces incidents of various severity. Incident response processes are vital to effectively managing incidents and breaches to comply with regulatory obligations and maintain consumer trust.


The primary US legal framework governing data privacy and security incidents are state-level breach notification laws. At least 47 states have passed legislation requiring organizations notify individuals whose personal information was subject to a breach. (See, e.g. Cal. Civ. Code §§ 1798.80, 1798.82, 1798.84; Tex. Bus. & Com. Code Ann. § 521.001 et seq.; S.B. 1610 amended § 521.053 (12 PVLR 1326, 7/29/13); Va. Code Ann. §§ 18.2-186.6, 32.1-127.1:05)) While effectively nationwide, these statutes are not entirely consistent, varying in, for example, definitions of what constitutes personal information, breach notification triggers and content of notifications. The result is a patchwork of obligations that can lead to significant risk exposure for unprepared organizations.

a) California Framework

California passed the first state breach notification law in 2003. (Cal. Civ. Code § 1798.82) The framework established by California has remained largely intact as other states have passed similar laws. Key aspects of the California breach notification law:

• Only computerized data is included within the scope of California’s breach notification act. (Cal. Civ. Code § 1798.82(g))

• Notification is triggered by a “breach of the security of the system,” which is defined as “unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by the person or business.” (Cal. Civ. Code § 1798.82(g))

• Personal information includes a first name or first initial and last name in combination with a social security number, state ID card number, financial account number with access codes, medical information or health insurance information. Personal information in California also includes a username or email address in combination with a password that permits access to an online account. (Cal. Civ. Code § 1798.82(h))

• The timeframe for notification is “the most expedient time possible and without unreasonable delay.” (Cal. Civ. Code § 1798.82(a)) While not a hard deadline, the California Office of Privacy Protection recommends that notice be provided within 10 business days of determining that personal information was, or was reasonably believed to have been, acquired by an unauthorized person. (See http://www.dhcs.ca.gov/formsandpubs/laws/priv/Documents/PrivacyProtection.pdf) The California Attorney General recently sued Kaiser Foundation Health Plan for an incident where a laptop containing personal information was sold to the public and Kaiser did not notify affected California residents until approximately four months after obtaining the hard drive containing the information and six months after learning of the breach. (See complaint at https://oag.ca.gov/sites/all/files/agweb/pdfs/privacy/kaiser_complaint.pdf?) A stipulation was reached shortly thereafter, where Kaiser paid a $150,000 fine and agreed to additional internal privacy controls (See https://oag.ca.gov/sites/all/files/agweb/pdfs/privacy/kaiser_complaint.pdf?)

• The California statute includes an exception for encrypted data, though encryption is not defined in the statute. (Cal. Civ. Code § 1798.82(h)(1))

• If more than 500 California residents must be notified, the organization must also notify the California Attorney General and include a sample copy of the breach notice. (Cal. Civ. Code § 1798.82(f)) California has developed on online reporting portal for companies to report breaches and reports annually on breaches reported to the California AG. (See https://oag.ca.gov/ecrime/databreach/reporting; 2012 Data Breach Report: https://oag.ca.gov/sites/all/files/agweb/pdfs/privacy/2012data_breach_rpt.pdf?)

• Notices must be written in plain language and include: 1) the name and contact information of the reporting person or business, 2) the types of information that were subject of the breach, 3) the date or date range the breach occurred, if known, 4) whether notification was delayed by law enforcement request, 5) a general description of the breach incident, if possible, and 6) the toll-free number and address of major credit reporting agencies if social security numbers or government ID numbers were compromised. (Cal. Civ. Code § 1798.82(d)) Notices may also include measures taken to protect the information and in the case of breaches involving only usernames or email addresses and passwords, notice should not be sent to the compromised account. (id.)

• Notice can be electronic if such notice complies with the federal e-sign standard, which requires consent to receive electronic notices. (Cal. Civ. Code § 1798.82(j)) If more than 500,000 California must be notified or if notification


costs will exceed $250,000, organizations can use substitute notice, which requires email notices where possible, conspicuous posting and notification to major statewide media. (Cal. Civ. Code § 1798.82(j))

b) Other State Variations From California

Individual states vary extensively in the details of their breach notification laws. Examples of differences from the California statute include:

• Other states, such as Alaska (Alaska Stat. § 45.48.010), Hawaii (Haw. Rev. Stat. § 487N-1) and Massachusetts (Mass. Gen. Laws ch. 93H, § 1(a)) include breaches of paper or electronic data.

• The definition of personal information varies by state, including in some cases date of birth (N.D. Cent. Code § 51-30-01), mother’s maiden name (id.), digitized or electronic signature (Md. Code Ann., Com. Law § 14-3501(d)(iv)), biometric information (Neb. Rev. Stat. § 87-802(5)(e)), and DNA (Wis. Stat. § 134.98(1)(b).

• Most states use some form of a “reasonable” time frame, but Florida (Fla. Stat. § 817.5681(1)(a)), Ohio (Ohio Rev. Code Ann. § 1349.19(B)(2)), Vermont (Vt. Stat. Ann. Tit. 9, § 2345(b)(1)) and Wisconsin (Wis. Stat. § 134.98(3)(a)) require notification within forty-five days of discovery of the breach.

• Many states require notification of major consumer reporting agencies in addition to including contact information for those agencies in notices, including Minnesota (48 hour notice requirement, Minn. State. § 325E.61), New Hampshire (N.H. Rev. Stat. Ann. § 359-C:20(VI)(a), and North Carolina (N.C. Gen. Stat. § 75-65(f)). In addition, the Connecticut Insurance Department has issued its own breach reporting obligation for insurance companies they regulate, requiring reporting any breaches to the Department within five days of discovery. (Bulletin IC-25, State of Connecticut Insurance Dep’t (Aug. 18, 2010), available at www.ct.gov/cid/lib/cid/Bulletin_IC_25_Data_Breach_Notification.pdf)

• Not all technical breaches require notification. Many states include a threshold that limits notification to “material” or “significant” breaches or those that cause or are likely to cause harm to individual residents. For example, Alaska limits notification to incidents where, after an appropriate investigation and notice to the Alaska AG, the organization determines that there is no reasonable likelihood of harm to consumers. (Alaska Stat. § 45.48.090, 45.48.101(c)) Other states with threshold limits include Connecticut (Conn. Gen. Stat. § 36a-701b(b)), Florida (Fla. Stat. § 817.5681(4)), Michigan (Mich. Comp. Laws § 445.72), Mississippi (Miss. Code § 75-24-29(3)), New Jersey (N.J. Stat. Ann. § 56:8-163(a)) and Rhode Island (R.I. Gen. Laws § 11-49.2-3).

• Notice content requirements vary, with some states having no requirements. Notably, Massachusetts prohibits information regarding the nature of the breach or the number of Massachusetts residents affected. (Mass. Gen. Laws ch. 93H § 3(b))

• Penalties for violations of the act vary, though no state includes a private right of action, leaving state Attorneys General to enforce the notification provisions. Monetary penalties are usually assessed per violation or person, and are capped per each occurrence or breach. The highest cap is $750,000, in Michigan, and South Carolina does not cap penalties, with a maximum fine of $1,000 per resident. (Mich. Comp. Laws § 445.72(13)-(14), SC Code Ann § 39-1-90(H)).

• One state, Minnesota, requires merchants to reimburse financial institutions for payment card breaches where the merchant retained full track data for more than 48 hours after the transaction. (Minn. Stat. § 325E.64) As storing full track data would likely be a violation of Payment Card Industry (PCI) rules that govern credit card transactions, this requirement has significant overlap with contractual obligations under the PCI regime.

c) Practical Considerations

Most organizations span multiple states, and even local business have customers from other states and across the country. The jurisdictional hook for state breach notice laws is personal information of state residents, so a small local business could be subject to every state breach notice law simply by virtue of having customers from around the country.


When facing a nationwide breach, most organizations will streamline notice to the most stringent standard to avoid drafting dozens of different notices for each state. Certain exceptions, such as the Massachusetts prohibition on descriptions of the breach event, often require special attention, but by notifying all affected individuals as if they lived in a state with the most stringent requirements allows notification efficiencies that many organizations find worthwhile.

Another practical consideration is that breaches often involve situations where it is difficult or impossible to determine exactly which individuals were affected. For example, a retailer may not be able to determine when an attacker inserted malware onto their point of sale devices or whether all of their stores were affected and may choose to notify a sufficiently broad group to ensure that all potentially affected individuals are notified. Many of the decisions regarding breach notification involve strong elements of PR and crisis management and end up being business decisions rather than strictly legal compliance decisions.

2. HIPAA

HIPAA also includes breach notification requirements, which were enacted as part of the HITECH Act and implemented through HHS regulations. (45 C.F.R. § 164.400 et seq.) The regulations require notification of breaches of unsecured Protected Health Information (PHI). (id., § 164.402)

The HIPAA notification regime includes two response categories, incidents and breaches. Under the regulations, incidents must be documented and business associates must report incidents to covered entities. Each of these categories is discussed in more detail below.

a) Incidents

HIPAA regulations define security incident to mean “the attempted or successful unauthorized access, use, disclosure, modification, or destruction of information or interference with system operations in an information system.“ (45 C.F.R. 164.304) Organizations regulated under HIPAA must “identify and respond to suspected or known security incidents; mitigate, to the extent practicable, harmful effects of security incidents that are known to the covered entity or business associate; and document security incidents and their outcomes.” (45 C.F.R. 164.308(a)(6)(ii)) In addition, business associates must “report to the covered entity any security incident of which it becomes aware, including breaches of unsecured protected health information.” (45 C.F.R. 164.314(a)(2)(i)(C))

The challenge in handling incidents stems from the broad definition of a security incident, which includes attempted attacks, as well as attacks that succeed. This would appear to include pings, port scans, vulnerability scans, and other pre-attack activity that is pervasive on the Internet regardless of whether PHI is subject to any real risk. A technical reading of the regulations could thus require an organization to document and, for business associates, report all of this “background noise.” This presents a substantial burden for organizations of any size. Many business associates handle this through constructive notice in the Business Associate Agreements.

b) Breaches

A breach is defined under HIPAA regulations as “the acquisition, access, use, or disclosure of protected health information in a manner not permitted under [the Privacy Rule] which compromises the security or privacy of the protected health information.” (45 C.F.R. § 164.402) Under the Omnibus Rule issued in early 2013, impermissible disclosures are presumed to be a breach unless, after a risk assessment, “demonstrates that there is a low probability that the protected health information has been compromised.” (45 C.F.R. § 164.402(2)) The risk assessment must use at least the following four factors:

• The nature and extent of the protected health information involved, including the types of identifiers and the likelihood of re-identification;

• The unauthorized person who used the protected health information or to whom the disclosure was made;

• Whether the protected health information was actually acquired or viewed; and

• The extent to which the risk to the protected health information has been mitigated.


(45 C.F.R. § 164.402(2))

Where a breach has occurred, HIPAA breach notifications to affected individuals must be provided “without unreasonable delay” but in no case later than sixty days after discovery of the breach. (id., § 164.406) Covered Entities must maintain logs of breaches, and when a breach involves more than 500 individuals it must also be reported within the above time frame to the Department of Health and Human Services and the media. (id., § 164.408) Annual reports of breaches smaller than 500 individuals must be submitted to the Department of Health and Human Services each year.

HIPAA violations can include fines of $100,000-$500,000 per violation, up to $1.5 million per year for all violations of a particular requirement. Violations of multiple requirements can result in fines of more than $1.5 million in a year. Enforcement actions also frequently include “corrective action plans” which require the alleged violator to agree to more stringent controls and additional penalties should they fail to do so.

Below are several high profile examples of enforcement actions taken against HIPAA-regulated entities:

• 2008 Providence Health and Services, $100k fine, 3-year corrective action plan for at least five incidents of backup tapes/disks being lost or stolen. - News Release, U.S. Dep’t of Health & Human Servs, HHS, Providence Health & Services Agree on Corrective Action Plan to Protect Health Information (July 17, 2008), available at www.hhs.gov/news/press/2008pres/07/20080717/a.html.

• 2009 CVS Pharmacy, $2.25M fine, Privacy rule violations - dispose of PHI such as old prescription bottles/prescriptions. Resolution Agreement Between CVS Entities & U.S. Dep’t of Health & Human Servs. (Jan 15, 2009), available at www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/cvsresagrcap.pdf.

• 2012 Mass General $1M settlement after employee left PHI on train commuting to work. News Release, U.S. Dep’t of Health & Human Services, Massachusetts General Hospital Settles Potential HIPAA Violations (Feb. 24, 2011), available at www.hhs.gov/news/press/2011pres/02/20110222a.html.

• 2012 - HITECH BCBS Tennessee for $1.5M. Spent over $17 million responding to breach, notification, protection efforts. Corrective Action plan. News Release, U.S. Dep’t of Health & Human Services, HHS Settles HIPAA Case with BCBST for $1.5 Million: First Enforcement Action Resulting from HITECH Breach Notification Rule (Mar. 13, 2012), available at www.hhs.gov/news/press/2012pres/03/20120313a.html

• 2013 - Hospice of Northern Idaho (HONI) fewer than 500 patients, $50,000. Investigated after report of lost unencrypted laptop. No risk assessment. News Release, U.S. Dep’t of Health & Human Servs., HHS Announces First HIPAA Breach Settlement Involving Less Than 500 Patients (Jan. 13, 2013), available at www.hhs.gov/news/press/2013pres/01/20130102a.html.

3. SEC Guidance

In addition to state notification requirements, public companies may also need to disclose their material cyber security risks or incidents under U.S. securities law. On October 13, 2011, the Division of Corporation Finance (CF) at the Securities and Exchange Commission (SEC) issued guidance to public companies entitled “Disclosure Obligations Relating to Cyber Security Risks and Cyber Incidents” (CF Guidance) (Available at http://www.sec.gov/divisions/corpfin/guidance/cfguidance-topic2.htm).

While the CF Guidance did not alter the materiality threshold for the disclosure of cyber incidents, it notes that securities laws are designed to elicit disclosure of timely, comprehensive and accurate information about risks and events that a reasonable investor would consider important to an investment decision and cyber security risks and events are not exempt from these requirements. In the aftermath of this guidance, many companies have reviewed and in some instances amended the risk factors in their public filings.


B. Preparation

1. Organizational Roles and Responsibilities

Preparation is critical to incident response for organizations of all sizes. If stakeholders are learning how to respond to an incident during the crisis the organization can expose itself to unnecessary legal and regulatory risk as well as reputational harm.

Key aspects of preparation include ownership and appropriately assigning roles and responsibilities in the organization. This ensures that no critical response step is missed and that stakeholders are not duplicating effort during crisis events.

Many organizations use some form of a “RACI” framework to document who is Responsible, Accountable, Consulted and Informed for any given decision or task during the incident response process. For organizations that use this technique elsewhere in their organization, this provides a familiar starting point in building incident response capabilities.

2. Policies, Plans and Procedures

In the case of HIPAA and other regulatory regimes that include incident response components, documentation is a key element of compliance. It is infeasible for regulators to test actual response capabilities so documentation serves as a proxy for an organizations compliance with incident response regulatory requirements. This makes documentation of incident response (and other privacy and security governance) a key part of any compliance program.

Documentation should include high-level policies that are approved by senior management, operational procedures that are specific to business processes, and where necessary standards or guidelines that bridge the gap between high-level policy and tactical operations.

3. Practice Makes Better

An oft-overlooked aspect of incident response, as in most things in life, nothing can replicate practice experience in improving performance. Most organizations would prefer not to gain experience through actual incidents and breaches, which leaves “war games” or other simulation scenarios to ensure that documentation and response processes work when put to the test. It is not uncommon to find communications gaps, capabilities gaps and other problems that require incident response processes to be tweaked, and it is far better to identify and work out these issues in a simulation environment than a crisis situation.

C. Response

1. Phases

The different phases of incident response vary between standards or guidelines, but the below represent a common breakdown of how the operational (IT and technical) response to an incident flows. It is important to note that the steps below should not be viewed as a linear progression but as separate workflows that often occur simultaneously and overlap during the response process.

Depending on the type of incident and circumstances, third party forensics or security experts may be necessary to assist in some or all of these processes.

a) Identify and Detect

This phase involves the detection, internal reporting and detection of incidents. It should include policies requiring employees to report incidents they discover or become aware of and an efficient intake mechanism that ensures that all potential incidents are handled appropriately.

Identification and detection is also about implementing tools that provide the organization with the capability to detect incidents early, such as continuous monitoring of log files and network traffic, integrity verification solutions, and any other technical or administrative control that provides visibility into potential threats to data.


b) Contain and Eradicate

Once an incident is detected and reported, the next step is to contain the incident and prevent it from continuing or getting worse. This can include temporarily disconnecting certain computers or services, or segmenting networks so that malicious software cannot spread. It can also include administrative controls such as revoking security access for certain employees.

c) Notification and Reporting

If the incident constitutes a breach and legal is involved, appropriate notification and reporting must occur. It is extremely valuable to have prepared notification forms and draft breach notice letters so that during crisis time is spent on managing the response and not administrative tasks such as determining which state AGs or regulatory authorities must be notified.

Organizations should also consider their approach to notification before an incident occurs, including whether the organization prefers to over-notify as a customer relations tactic or to limit notification and reporting to the minimum required by law. Understanding how the organization views privacy and the importance of customer or consumer trust can help focus response processes on the critical details of the incident.

d) Recover

An important step in the incident process is recovering from a disruption. After ensuring that systems affected by the incident are secure and stable, systems can be brought back online. This can also involve disaster recovery or contingency operations plans if the incident disrupts or destroys primary services or data centers.

e) Follow Up

After an incident is resolved, organizations should collect and document all information relevant to the incident and response process. Any shortcomings in the incident response process should be identified and updated to improve the process.

2. Escalation, Involving Counsel

The above steps are focused on the operational response to an incident. However, legal and regulatory risk is quickly outpacing operational risk as the primary exposure in incident scenarios. Incidents of low severity happen regularly for most organizations, and these often do not rise to the level of a breach that requires notice or reporting to authorities. However, this is a legal consideration and incidents that may constitute a breach must be carefully considered before any decision is made.

A defined legal escalation process based on the particular risks an organization faces should be implemented as part of the incident response process. For example, when an incident is reported that affects a system containing PHI, the designated Privacy and Security Officers of the organization could be notified immediately as part of the Identification and Reporting phase. For incidents that do not include PHI or other sensitive information, legal may not be notified unless the incident is major.

The right escalation process depends largely on the contours of the organization. There is no one-size-fits-all approach, and to minimize risk organizations should focus on preparation prior to incidents occurring.

3. Investigations, Engaging Experts

Legal escalation should include consideration of whether to engage third party forensics and outside counsel. For privilege reasons, many organizations prefer to have outside counsel engage third party forensics. During a crisis it is imperative that the organization have established counsel and forensics relationships with executed engagement letters to prevent any obstacles or delays in beginning a crisis investigation.

7/25/2014

1

Courageous Counsel Leadership InstituteIssues that keep your compliance officer awake at night

July 22, 2014

Issues that keep your compliance officer awake at night

ModeratorMichelle Shapiro, Dentons Partner

Panel• Alfreda Bradley-Coar, General Counsel, US & Canada, GE Healthcare

• Carrie DiSanto, Managing Director, Global Chief Compliance Officer, CME Group

• Elizabeth Ditomassi, Co-General Counsel and Global Head of Compliance and Regulatory Affairs, Beazley Insurance Group

• Inna Tsimerman, Chief Privacy and International Trade Counsel, Marsh & McLennan Companies, Inc.

sdeleva

Rectangle

sdeleva

Rectangle

7/25/2014

2

Overview

3

Introductions

Organizational Challenges:• Have Traditional Notions Of "LEGAL" And "COMPLIANCE" Gone

Out The Window?• Ensuring Engagement by the Board and Senior Management• Integrating Enterprise Risk Management into Corporate Compliance Program

Enforcement Challenges:• Trade Sanctions• Data Privacy• Global Anti-Corruption

Q&A

Organizational Challenge #1

4

Have Traditional Notions of "LEGAL" and "COMPLIANCE"

Gone Out the Window?

sdeleva

Rectangle

sdeleva

Rectangle

7/25/2014

3


5

Ensuring Engagement by the Board

and Senior Management


6

Integrating Enterprise Risk Management into Corporate Compliance Program

sdeleva

Rectangle

sdeleva

Rectangle

7/25/2014

4

Enforcement Challenge #1

7

Trade Sanctions


8

Data Privacy

sdeleva

Rectangle

sdeleva

Rectangle

7/25/2014

5


9

Global Anti-Corruption

Examples of Anti-Corruption Laws Around the World

Some laws, like the US FCPA, apply to all countries where a company does business.

US: Foreign Corrupt Practices ActUK: Bribery

Act

UAE: Penal Code Law No. 3/1987

PRC: Unfair Competition Law, Commercial Bribery

Regulations

Australia: The Criminal Code Amendment(Bribery of Foreign Public Officials) Act

India: Prevention of Corruption Act, Foreign

Contribution (Regulation) Act

South Africa: Prevention and Combating of Corrupt Activities Act

Colombia: Law 190, Anti-Corruption Statute

Canada: Corruption of Foreign Public Officials Act

Brazil: Penal Code Law No. 10,467

Azerbaijan: Law of the Republic of Azerbaijan on Combating Corruption

Nicaragua: Penal Code, Law no. 581

Germany: The Criminal Code of the Federal Republic of Germany

Russia: Federal Law 273-FZ On

Countermeasures Against Corruption

Ukraine: Law on the Framework for the Prevention of and the Counteraction

to Corruption

Belgium: The Act on the Suppression of Corruption

Italy: Law no. 231

Argentina: Section 258(b) of the Argentine Criminal Code (ACC)

In no country in the world is it legal to bribe government officials.

10

sdeleva

Rectangle

sdeleva

Rectangle

7/25/2014

6

Where the Bribes Are

11

Summary of anti-corruption trends

• Increasing global cooperation and enforcement

• Increasing global resources (prosecutors/investigators)

• Accountability for actions of third parties

• Increasing individual prosecutions

12

sdeleva

Rectangle

sdeleva

Rectangle

dentons.com

SEVEN GLOBAL REGULATORY TRENDS TO WATCH IN 2014

February 2014

Contributors Sandy Walker (Editor; Competition and Foreign Investment: Canada), Robert Joseph (Antitrust: US), Timothy Banks (Privacy and Security: Canada), Todd Liao (China), Agnieszka Stefanowicz-Barańska and Michal Bernat (Competition: EU/Poland), Michelle Shapiro, Randy Bregman and Peter Feldman (Anticorruption: US), and Michael Zolandz (National Security: US)

dentons.com

Dentons team of regulatory experts from key jurisdictions around the world weigh in on regulatory trends to watch in 2014 – from antitrust to foreign investment to anticorruption in the EU, the US, Canada and China.

Aggressive anti-cartel enforcement Competition authorities around the world are vigorously pursuing domestic and international conspiracies and other anticompetitive activities.

Focus on the US Criminal antitrust enforcement remains a top priority of the U.S. Department of Justice (DOJ) Antitrust Division. The US is targeting domestic and international cartels, prosecuting both corporations and individuals, whether foreign or domestic. The Antitrust Division is placing particular emphasis on combating international cartels. Through the end of Fiscal Year (FY) 2012, approximately 67 percent of conspiracy cases were associated with subjects or targets located in foreign countries. Of the approximate $7.8 billion in criminal antitrust fines imposed by the Division between FY 1997 and the end of FY 2012, approximately 97 percent were imposed in connection with the prosecution of international cartel activity. In addition, approximately 65 foreigners have served, or have been sentenced to serve, prison sentences in the US.

During FY 2013 the Antitrust Division filed 50 criminal cases and obtained $1.02 billion in criminal fines. The most notable example was the DOJ's ongoing investigation of cartel activity in the automotive parts industry. On a single day in September, nine Japanese manufacturers agreed to plead guilty to criminal price-fixing charges and were assessed more than $740 million in criminal fines.

The Antitrust Division’s Corporate Leniency Program continues to be a particularly effective investigative tool for detecting large-scale international price-fixing cartels.

Within the cartel area, so-called “reverse payment” settlement cases will be an area to watch in 2014. In Federal Trade Commission v. Actavis (the Activis case), a "reverse payment" settlement occurred after a brand-name pharmaceutical manufacturer sued a generic manufacturer for patent infringement, with the generic firm allegedly accepting a payment to stay out of the marketplace for a certain period of time. The court rejected the argument that, when the anticompetitive effects of reverse payments "fall within the scope of the exclusionary potential of the patent," they do not violate the antitrust laws. At the same time, the court rejected a "quick look" standard of presumptive illegality of such payments and concluded that a rule-or-reason standard applies and will take into account the size of the payment, its relation to expected litigation costs, its independence from other services for which it might represent payment, and the lack of any other convincing justification. The Actavis case is likely to lead to a period of intense rethinking of the extent to which it is possible to structure reverse payment settlements that will pass muster under the rule of reason.

Focus on the European Union In 2013 the European Commission (the Commission) reached four new cartel decisions, imposing total fines of approximately EUR 1.9 billion, which made it an average year in the Commission’s recent cartel enforcement history. The cases concerned covered sectors as diverse as financial markets, North Sea shrimp, and wire harnesses. The bulk of these fines were levied in cases involving financial institutions (in particular, fines totaling EUR1.043 billion were imposed in the Euro interest rate derivatives case, whereas the Yen interest rate derivatives case yielded fines of ca. EUR 669.7 million). This reflects the Commission’s closer scrutiny of financial markets since the 2008 financial crisis.

EU scrutiny in the cartel area in 2014 is expected in the car parts sector (following the wire harness producers cartel decision of 2013) and in oil and biofuels, white sugar and cargo train transport services (following dawn raids conducted by the Commission in 2013).

More generally, the financial services sector can expect to enjoy the continued interest of the European Commission. There may be a resolution of pending cases such as a ruling by the European Court of Justice on

dentons.com

the MasterCard appeal against a decision of the European Commission of 2007 that the member bank delegates of MasterCard had collectively set cross border fall back multilateral interchange fees. In addition, there may be progress this year on a regulation on interchange fees for card-based payment transactions which would impose a cap on the level of interchange fees charged in four-party payment (credit and debit) card schemes.

The Commission is also pushing forward with further cases involving agreements to delay market entry by generic drugs ("pay for delay" cases). For example, the Commission’s June 2013 decision against Lundbeck is being appealed as the company challenges the Commission’s contention that patent settlement agreements restrict competition by object, (i.e., there is no requirement to demonstrate that such agreements have an adverse impact on competition).

In addition to cartels, vertical competition restrictions are also very much within the Commission’s sights. The three main areas to look out for in this regard in 2014 are: restrictions on online sales, resale price maintenance (RPM), and most favored nation clauses.

E-commerce is considered instrumental to achieving the goal of a single internal market in Europe and as a result, EU competition rules specifically target restrictions of online sales in distribution agreements. In the first major enforcement action in this area, in December 2013, the Commission conducted dawn raids at companies active in the manufacture, distribution and retail of consumer electronics products and small domestic appliances, which it suspects of restricting online sales of their products. Resale price maintenance cases are also on the rise, both before the European Commission and before national competition authorities in the EU Member States. At the EU level, the General Court may rule in 2014 on the Ordre national des pharmaciens (ONP) appeal against the Commission's 2011 decision fining ONP for imposing minimum prices.

Finally, most favored nation (MFN) clauses have been the subject of attention in EU jurisprudence over the past two years. In 2013 MFN clauses were again prominent with the Commission accepting binding commitments in the e-books case from Penguin to refrain from including MFN clauses in agreements with retailers. In parallel, MFN cases flourished at the national level (notably in the UK and Germany) and are expected to be on the rise in 2014.

In this environment, it is critical for companies to have an effective antitrust compliance program. This includes focused training sessions with those senior executives who are responsible for major strategic planning, as well as those officers or employees whose conduct potentially carries the most antitrust risk to the company from charges of price fixing, market allocation or bid-rigging. Periodic reviews with key managers of their pricing and other business practices, sources of market information, and potential risk areas such as trade association activities and other competitor contacts will lower the risk of non-compliance.

Focus on China Chinese government agencies are actively pursuing price-fixing and other anti-competitive behaviour.

The National Development and Reform Commission (NDRC) has used the anti-cartel law as a means of keeping prices, especially in key mass consumption sectors, under control. Major cartel cases in the past have involved rice noodles, garlic, beans, and infant milk formula industries. NDRC has announced that its anti-cartel efforts will continue to focus on products and services that are directly purchased by end consumers, such as food, groceries, drugs and internet products. In August 2013, international news outlets reported that NDRC had been working with the China Automobile Dealers Association to collect data on pricing behaviour of foreign auto manufacturers. It is believed that this data will be used by the NDRC to determine whether the automakers have required their distributors and retailers to resell products at a minimum price.

It is noteworthy that compared to fines imposed elsewhere, fines are much lower in China. For example, despite reaching all time highs in 2013, the total amount of fines was still much lower than fines imposed by the European Commission. In 2013, NDRC fined two liquor manufacturers and nine baby formula manufacturers for

dentons.com

price fixing arrangements. The fines imposed on those companies ranged from 1% to 6% of sales revenue in the prior year.

The State Administration of Industry and Commerce (SAIC), which oversees non-price monopoly activities in China, announced in January 2014 that it would focus its efforts on regulating infrastructure industries such as telecom, public transportation, water, power and gas supply.

Close scrutiny of M&A under merger control rules

Antitrust authorities in major jurisdictions can be expected to continue their close scrutiny of M&A deals raising competition concerns, whether or not such deals are reportable. In addition, some jurisdictions are moving to streamline their merger control regimes.

Focus on the US In the US, premerger filings under the Hart-Scott-Rodino (HSR) Act have recovered from recessionary levels—indeed, both FY 2012 and FY 2013 saw about twice as many filings as FY 2009. It is also notable that over a dozen consummated, non-reportable deals have been challenged during the Obama Administration.

The US agencies continue to pursue aggressive merger litigation strategy. In addition to various quantitative economic analyses, internal business documents prepared by the parties are increasingly relied upon by the agencies as evidence on key issues, such as relevant markets and potential anticompetitive effects. In this context, everyone involved in such deals (including investment bankers and other outside advisors) should be cautioned from the beginning to exercise care, to be measured, clear and precise in writing about the transaction and to avoid over-blown rhetoric or speculation about the potential impact on markets, prices or other competitive matters.

Mergers, joint ventures or other cooperative arrangements should be reviewed from an antitrust standpoint early in the planning stages, so that antitrust risks can be appropriately identified, and addressed or managed. In addition, the merging parties’ coordination of filings and strategy on a worldwide basis is necessary given cooperation of authorities around the globe.

Focus on Canada Canada’s highest court will be addressing lower courts’ application of the substantial prevention of competition test for requiring a merger remedy in Tervita Corporation et. al. v. Commissioner of Competition (Tervita). Tervita is notable as the Canadian Commissioner of Competition’s first court challenge of a merger since 2005 and the first case involving a non-notifiable merger.

Focus on the European Union On January 1, 2014, a package of measures to simplify the procedures for notifying mergers under the EU Merger Regulation came into effect. Specifically, the European Commission revised the simplified merger procedure notice to expand the categories of cases to which it will apply. It also reduced the amount of information that needs to be provided in merger notifications and published revised versions of its model texts for commitments and trustee mandates and accompanying Best Practice Guidelines.

Following a Commission consultation on a major revision of EU merger control rules in 2013, the Commission is, among other things, considering modifying the mechanisms for pre- and post-notification referrals of merger cases from national competition authorities to the Commission. The most controversial proposal would extend the scope of the EU Merger Regulation to acquisitions of non-controlling minority shareholdings.

In this regard, the Commission has looked to the US, UK and Germany for examples of regimes which already subject non-controlling minority stake acquisitions to a merger control regime. In the most likely scenario, the Commission would propose a system under which it would have discretion to select cases to investigate. In other

dentons.com

words, the notification of a non-controlling minority stake meeting certain thresholds would be mandatory, but not all cases would be pursued by the Commission.

One of the EU Member States which is also in the process of revising its merger control rules is Poland. The planned amendment to Polish competition law which is likely to be in force in 2014 foresees several measures aimed at relaxing the merger control procedure and making it more transparent, although it remains to be seen how it will be implemented.

The repercussions of the 2007-2008 financial crisis are still being felt in some merger control cases and in particular, the increase in the number of merger cases in which the failing firm defence is raised. For example, the Commission accepted a failing firm argument in the Olympic Air/Aegean and Nynas/Harburg mergers in 2013. The postal sector is also facing upheavals on several fronts: legislative measures forcing its liberalization, the restructuring of the sector following changes in market trends, and the Commission's close scrutiny, including a decision in January 2013 to prohibit the UPS/ TNT Express merger (which decision has been appealed by the parties).

Focus on China China’s merger review authority, the Ministry of Commerce (MOFCOM), has continued to impose conditional approval on global mergers, including the mergers of Glencore-Xstrata, Marubeni-Gavilon, Baxter-Gambro and MediaTek-MStar. Notification of the recent merger of Thermo Fisher-LIFE was submitted in July 2013 and granted conditional approval on January 14, 2014. In the past 5 years since China's Anti-Monopoly Law came into effect, MOFCOM has granted conditional approvals in less than 3% of the total cases submitted and reviewed. However, there is a clear trend towards more conditional approvals based on the 11 conditional clearances in 2012 and 2013. In addition, the review period can be very long and can involve re-filing for cases with significant competition issues. For example, the MediaTek-MStar took 14 months to obtain final clearance. To date, this was the longest review period undertaken by MOFCOM. Multinational companies are advised to budget an appropriate amount of time for China’s merger review when planning for their deals.

Despite this, MOFCOM has taken steps to streamline its review process for mergers that raise no competition issues. In 2013, MOFCOM released a draft regulation setting forth six different scenarios that qualify a case for a simplified review process. Three of the scenarios are based on market share criteria, two on the economic effect of the proposed transaction within China and one on the control between the parties of the proposed transaction. The draft regulation does not specify the procedures of the simplified review. It is expected that MOFCOM will issues new rules relating to the simplified review process.

Foreign investment and national security review in M&A

A significant regulatory trend to watch in 2014 is how governments treat foreign, and particularly state-owned, investors, as well as investments in strategic sectors.

Focus on Canada Over the past year, the Canadian government has established new rules restricting and monitoring investments by foreign state-owned enterprises (SOEs) in Canada, indicating concerns about the prospects of foreign nationalization (following decades of privatization of Canadian state ownership in key sectors of the economy). The acquisition by Chinese SOE, CNOOC, of Canadian oil and gas company, Nexen, in early 2013 was approved by the government but triggered a public debate about the role of SOEs and ultimately resulted in a Canadian government policy that, going forward, prohibits SOEs from acquiring control of oil sands projects save in exceptional circumstances. The government also served notice that it would be monitoring SOE investments in other areas of the economy, and in particular would closely scrutinize SOE acquisitions in sectors where SOE investment was becoming significant. The new and tougher approach to SOEs was bolstered by amendments to the Investment Canada Act which broaden the definition of an SOE beyond foreign state ownership to include

dentons.com

an entity “influenced” by a foreign government and expand the circumstances in which an SOE investment can be reviewed.

Apart from articulating a policy that could limit SOE investment in the Canadian economy, the government has demonstrated its willingness to block private foreign capital in key sectors such as telecommunications for national security reasons. The rejection of Egyptian-controlled Accelero Capital Holding’s purchase of Allstream— the wireline enterprise services division of Manitoba Telecom Services Inc. (MTS) in October 2013 under the little-used and relatively new (2009) national security review law signalled the government’s sensitivity to investments in critical and strategic areas of the economy such as telecommunications infrastructure.

Focus on US Notifications and reviews of inbound foreign investment transactions by the Committee on Foreign Investment in the US (CFIUS) to determine whether they impair “national security” have dramatically increased in the last two years, and 2014 promises to be no different. In the most recent statistics reported by CFIUS (for 2012), 114 deals were reviewed by the Committee, with more than 40 percent of those deals being fully investigated by the Committee. CFIUS has the authority to review transactions involving a wide range of foreign investment into the United States, particularly those that involve foreign government investment (such as State-Owned Enterprises) and any investment in critical infrastructure. CFIUS is comprised of representatives from nine different departments and agencies within the Executive Branch of the U.S. government (including Commerce, Defence, Homeland Security and Justice) and is overseen by the US Treasury Department. “National security” is purposefully left undefined in the law creating CFIUS and in the implementing regulations published by CFIUS, so that “national security” can be interpreted in accordance with political exigencies.

While notifications to CFIUS of foreign investment transactions are not mandatory, once there is a required notification to one US government agency (i.e., an HSR filing) for a proposed transaction, a voluntary filing with the CFIUS agencies may well be advantageous. The benefit of notifying CFIUS of a proposed transaction is that, after CFIUS has cleared the transaction, the acquiring company has assurance that the transaction will not be investigated and possibly challenged after closing. A notification to CFIUS is essentially an insurance policy against post-closing U.S. regulatory review on “national security” grounds. The CFIUS process may require 30 days, or 75 days if CFIUS initiates a 45-day investigation (in addition to the initial 30 day review).

The CFIUS review process has again been the subject of high profile political and legal maneuvering. In 2012, for the first time in more than 20 years, the President blocked a proposed transaction -- the construction and operation of a wind energy facility by a consortium of investors from China -- on grounds of national security. Our experience over the past year suggests that the CFIUS agencies continue to apply a strict standard to investments in the energy sector, as well as those that involve proximity to US Defense installations, and presage an increase in the number of reviews that go through the full 75-day process and require mitigation measures before approvals are issued.

Focus on China The Chinese central government has decided to simplify approval procedures and delegate approval authority for foreign investments. The principle is that unless there is a concern about national security, ecological security, production of material industries, development of strategic resources and material public interests, investments will be exempted from governmental approvals. In the past year, the Chinese government has increasingly relaxed its control over foreign investments. In addition, capital controls are likely to be further eased in the future.

A key development regarding foreign investment is the unveiling of China's first free trade zone, which opened in Shanghai in October 2013. The plan, which will take three years to fully implement, is the latest step in China's national strategy to further open up markets and promote Shanghai as an international trade and financial hub. China released a negative list of the restricted and prohibited sectors for foreign investment, which covers 18 sectors ranging from agriculture to manufacturing to finance to public services. For sectors beyond the negative

dentons.com

list, foreign enterprises registered in the free trade zone may invest as freely as their domestic peers. The negative list will be updated every year and will be shortened as negotiation of bilateral investment treaties with the U.S. and European Union make progress.

China has also announced that it will be amending its three major laws to relax the rules on foreign-investment enterprises. In addition, China's State Administration of Foreign Exchange (SAFE) has simplified the process of settling international service-related payments. The new rules apply to service-related payments, such as service fees, advances and expense reimbursements, with a general principle of looser regulatory restrictions on service-related payments that are based upon genuine and lawful transactions. SAFE's statistics show that the new rules apply to around 80% of the service related payment and has enhanced the efficiency of a substantial amount of foreign exchange payments in the service sector.

Heightened anticorruption enforcement The increasing focus on enforcement of the US Foreign Corrupt Practices Act (FCPA), Canadian Corruption of Foreign Public Officials Act, and UK Bribery Act, as well as similar anti-corruption laws around the globe, has made anti-corruption compliance more essential than ever.

In particular, conducting pre-acquisition anti-corruption due diligence is a critical element of any cross-border merger or acquisition. The failure to conduct pre-acquisition anti-corruption due diligence can result in severe legal and financial consequences, as well as reputational damage, for both buyers and sellers. For buyers, anti-corruption diligence can be especially critical because, under US principles of successor liability, a buyer may be held liable for pre-closing FCPA violations by the target. And if illegal conduct by the acquired company continues post-closing, the buyer can be held directly liable, even if it had no knowledge of or participation in the violation.

For sellers, apart from individual liability (which would survive a transfer of ownership or control), concerns about potential pre-closing violations can strongly influence a deal's value, if not threaten the entire transaction. Moreover, sellers may be asked to provide specific representations -- or even fundamental representations -- and warranties as to anti-corruption compliance that are backed by broad indemnification provisions and hefty escrow amounts.

The two US government agencies responsible for enforcing the FCPA, the US Department of Justice (DOJ) and the US Securities and Exchange Commission (SEC), have endorsed a risk-based approach to conducting pre-acquisition anti-corruption due diligence. Such an approach requires an initial evaluation of the target's risk profile, followed by the creation and subsequent implementation of a work plan that incorporates review procedures specifically tailored to and commensurate with the risks identified. Even if pre-acquisition anti-corruption diligence does not reveal evidence of bribery, conducting such a review can help to identify "red flag" indicators of corruption and potential control weaknesses. The prospective buyer can then address the issues with the seller (including through remediation) and the results of the review can be factored into the deal terms and pricing. If you do not devote sufficient time and resources to try to detect corrupt practices pre-closing, arguments that you were an "innocent purchaser" may fall on deaf ears.

Focus on China The Chinese government is vigorously pursuing endemic and widespread corruption. In 2013, this trend was especially evident in the healthcare industry. In June 2013, a Chinese subsidiary of GlaxoSmithKline (GSK) was accused of paying almost $500 million in bribes to Chinese doctors and hospitals in exchange for purchasing or prescribing GSK’s products. In response, China has issued a series of new measures. The National Health and Family Planning Commission (NHFPC) and its provincial branches will maintain and publish on their websites a blacklist of medical manufacturers and distributors with a history of bribing hospitals or health care professionals. Such companies will be prohibited from participating in or will be downgraded in public hospitals' procurement of medicine and medical devices. NHFPC also issued new rules reiterating the prohibition on hospitals and

dentons.com

healthcare professionals from receiving kickbacks and other forms of bribery. In particular, hospitals and healthcare professionals are not permitted to receive improper sponsorship and donations from outside parties. Sponsorships and donations must not be conditional upon any terms that will "impact fair competition" or be related to the procurement of products or service. In 2014, the medical industry will continue to be closely monitored by the Chinese government. Given rampant commercial bribery in China’s medical system, medical companies will face serious challenges in the future as they balance the realities of business and the crackdown by authorities.

Apart from the healthcare sector, multiple anti-corruption measures have been passed by government agencies at the central and local levels in 2013. These regulations ban the use of luxury cars, eliminate lavish gifts for government officials, and place limits on galas, official dinners, and special privileges that party cadres have long enjoyed. The Chinese government also launched a series of high profile enforcement actions against senior-ranking government officials at both the central government and local levels. As an example, the former Railways Minister Liu Zhijun was convicted of accepting bribes and given a suspended death sentence.

Accelerated privacy and data protection reform and enforcement Whether in the European Union, the United States or Canada, the pace of privacy and data protection reform and enforcement action is expected to accelerate, particularly during the second half of the year.

Focus on Europe The proposal to adopt a Data Protection Regulation (DPR) to replace the current Data Protection Directive and patchwork of national laws will continue to be studied and negotiated. Currently, the draft DPR would provide data protection authorities (DPAs) with the power to levy fines of 2% to 5% of annual worldwide turnover for breaches, expand the scope to govern third party processors outside of the EU who process EU data, and establish a lead authority framework in which an organization would be subject to a primary national data protection authority. Although it is unlikely that the DPR will be finalized in 2014, it is expected that the pace of negotiations will increase following the May 2014 EU Parliamentary elections.

Focus on the US California’s Do-Not-Track legislation is in force requiring companies to indicate in their privacy policies how they respond to Do Not Track signals from web browsers. In addition, the new Children’s Online Privacy Protection Act Rules provide new guidelines for obtaining verifiable parental consent to the collection of personal information. Organizations may see significant enforcement action with respect to both of these developments in 2014.

Beyond enforcement, it is expected that there may be a continued push to address national and international concerns regarding oversight of the collection and use of personal information by US intelligence. The appointment of a Chief Privacy Officer for the National Security Agency is one step in that direction, but it is unlikely to satisfy the EU, which continues to negotiate a framework agreement with the US that, if the EU is successful, could include redress provisions for EU citizens.

Focus on Canada The Supreme Court of Canada struck down the Alberta Personal Information Protection Act late in 2013 but stayed its own decision to give the Alberta Legislature twelve months to revise it. The issue in the Alberta case was a conflict between privacy rights and freedom of expression for unions engaged in a strike. The union had collected photos of individuals crossing a picket line. The British Columbia Personal Information Protection Act is structured the same way as the Alberta legislation and so the decision has implications for that province as well. Legislative revisions may be proposed later this year to recalibrate the balance between data privacy and freedom of expression.

dentons.com

Federally, a new Privacy Commissioner is expected to be appointed. In addition, the Office of the Privacy Commissioner is expected to continue to explore opportunities for joint enforcement action with other oversight bodies, following its joint investigation of WhatsApp, Inc. in 2013 with the Dutch DPA. And, with the Federal Court recently awarding an individual damages of CAD $20,000 (inclusive of $10,000 in exemplary damages) in a case where Bell TV was found to have failed to obtain valid consent for a credit bureau check, we expect to see the pace of individual actions for damages from privacy breaches to increase.

Focus on IP issues by antitrust/competition agencies Competition authorities in key jurisdictions will continue to focus attention on antitrust issues arising from the exercise of intellectual property rights.

Patent Hold-up

Focus on the US In the US, agency interest in "patent hold-up" is keen in relation to the determination of royalties on patents (standard-essential patents or SEPs) tied to standards developed by standard-setting organizations (SSOs). In particular, there is concern that a firm with an SEP can demand royalty payments, and other favorable licensing terms, based not only on the market value of the patented invention before it was included in the standard, but also on the costs and delays of switching away from the standardized technology.

Standard-setting organizations (SSOs) commonly seek to mitigate the threat of patent hold-up by seeking commitments from participants to license SEPs on "fair, reasonable, and non-discriminatory" (FRAND) terms, often as a quid pro quo for the inclusion of the patent(s) in the standard. But the potential for hold-up remains if the FRAND commitment is later disregarded, because the royalty rate often is negotiated after the standard is adopted.

In January 2013, the Antitrust Division and the U.S. Patent & Trademark Office (PTO) issued a policy statement recommending that the U.S. International Trade Commission (ITC), when considering whether an order excluding non-licensed patented products from the U.S. is in the "public interest," should take into account whether the infringer is acting within the scope of the patent holder’s FRAND commitment and is able, and has not refused, to license the patent on FRAND terms.

Focus on the European Union The European Commission is likely to make progress in 2014 in cases relating to the alleged misuse of mobile phone standard essential patents. Joaquin Almunia, the Commissioner responsible for competition, has in the past spoken of the Commission's intention to prevent the abusive use of necessary patents from hindering competition in new, innovative technology markets. As a result, further cases in this area are anticipated.

Patent assertion entity (PAE) activity

Focus on the US PAEs are a type of nonpractising entity (NPE) that owns patents but does not practise them. PAEs acquire patents from existing owners and make money by licensing them to—and litigating against—manufacturers that use the patents. PAEs are playing a larger role in patent litigation. While supporters claim that PAEs are efficient middlemen that increase the return to invention, especially for small inventors, critics argue that PAEs exploit flaws in the patent system and add to a growing tax on innovation.

In 2012 the FTC and Antitrust Division held a workshop to explore the impact of PAE activities on innovation and competition and the implications for antitrust enforcement and policy. More recently, the FTC is aiming to use its statutory authority to collect nonpublic information for the purpose of conducting industry studies to expand the empirical evidence on PAE activity, including examining the PAE business model generally as well as PAE

dentons.com

activity in the wireless sector. The FTC hopes to develop a fuller and more accurate picture of PAE activity, which it can then share with Congress, other government agencies, academics, and industry.

Focus on China In 2013, the State Administration of Industry and Commerce (SAIC), the authority that regulates market activities in violation of the Anti-Monopoly Law (AML), formulated guidelines and rules relating to the prevention of abuse of IP rights to eliminate or restrict competition. While the AML prohibits such abuse, it does not specify what activities are considered abusive. SAIC is developing guidelines and rules that aim to define abusive conduct and the concept of the "relevant market" as well as safe harbours for certain justifiable activities. SAIC announced in 2013 that it will issue a fifth draft of the guidelines and rules, but it is uncertain when they will be formally released.

Private enforcement of antitrust/competition law Class actions based on antitrust/competition claims face new challenges in some jurisdictions and are bolstered in others.

Focus on the US The US Supreme Court addressed standards for class certification in private antitrust actions, underlining the difficulty of demonstrating damages on a class-wide basis in some circumstances. In Comcast Corp. v. Behrend, the Supreme Court held that plaintiffs failed to demonstrate at the class certification stage that damages could be established on a class-wide basis at trial. Absent a method for establishing damages on a class-wide basis, "[q]uestions of individual damage calculations will inevitably overwhelm questions common to the class." The Supreme Court found that the class was improperly certified because the finding that common questions predominated rested on a damages model that did not fit the substantive legal theories remaining in the case. The inability of the damages model "to bridge the differences between supra-competitive prices in general and supra-competitive prices attributable to the deterrence of overbuilding" precluded a finding that common questions predominated.

Focus on Canada The Supreme Court of Canada held in a trilogy of cases in 2013 that indirect purchasers are able to sue for damages in class actions for contraventions of the conspiracy provisions of the Competition Act. While plaintiffs will still have to address the evidentiary burden of proving their damage claims, this decision could embolden plaintiffs and their counsel to pursue more competition class actions in the coming year.

Focus on the EU Under EU law, any person who has suffered harm caused by an antitrust infringement can claim compensation based on national law. Most cases are brought in very few Member States - primarily the United Kingdom, Germany, and the Netherlands.

In June 2013, the European Commission adopted a series of documents aimed at facilitating the development of private antitrust enforcement in the EU Member States, including: a proposal for a directive on certain rules governing actions for damages under national law for infringements of national and EU competition law; a Commission communication on quantifying harm in actions for damages; a communication regarding a series of common, non-binding principles for collective redress mechanisms in Member States; and a recommendation that Member States establish collective redress mechanisms for breaches of EU law (including competition law) within two years. On January 27, 2014, the European Parliament voted on changes to the draft directive and agreed to enter into three-way talks with EU governments and the European Commission (which may start as early as February 2014) to work out the final version of the legislation. This means the bill may be passed by May 2014.

dentons.com

The Parliament rejected a proposal to incorporate in the draft Directive a reference which would prompt EU governments to encourage class litigation in the antitrust area, out of fear it would open the door to US-style litigation. There was no clear consensus on other sensitive issues, which are now bound to lead to heavy discussions during tripartite negotiations. This includes the question of disclosure of evidence from the cartel investigation, protecting leniency applicants from larger damages payouts, and how indirect purchasers are treated.

A major issue that has emerged in the EU is the extent to which potential plaintiffs in antitrust damages actions should have access to documents gathered by the Commission (or national competition authorities) in the course of antitrust investigations. Access to such information highlights a tension between the Commission's drive to develop private antitrust enforcement and the concern that public antitrust enforcement could be jeopardized. This tension may be addressed in 2014 through cases such as: Netherlands v Commission; Commission v EnBW Energie Baden-Wurttemberg; Henkel v Commission; and Pilkington Group v Commission.

Focus on China On August 2, 2013, the Shanghai High Court released the final decision on Beijing Ruibang Yonghe Technology & Trade Co v. Johnson & Johnson Medical (Shanghai) Ltd. and Johnson & Johnson Medical (China) Ltd., the first civil action on vertical monopoly agreement in China. The court's decision provides a framework for several previously unclear legal issues in the AML, including the establishment of the "rule of reason" principle in deciding the legality of a vertical monopoly agreement, the key factors in deciding the impact of the restraint on trade and the economy, and the standard for calculating damages caused by such agreement.

As vertical arrangements such as resale price maintenance between manufacturers and distributors are not uncommon in China, this case may serve as a precedent for more civil actions brought by distributors against manufacturers/licensors. We also note that both the plaintiff and defendant in this case presented data on sales and change of prices of the product, market analysis conducted by professional market research firms and expert witnesses. This case may represent the beginning of a new level of complexity in AML cases.

Companies that engage in vertical price maintenance agreements are advised to seek legal counsel to review local distribution contracts, business policies and internal rules to better understand and make informed decisions regarding potential civil liability.

If you have any questions regarding the above, please do not hesitate to contact one of the contributors.

February 20, 2014

The increasing focus on enforcement of the US Foreign Corrupt Practices Act (FCPA), Canadian

Corruption of Foreign Public Officials Act and UK Bribery Act, as well as similar anti-corruption laws

around the globe, has made conducting pre-acquisition anti-corruption due diligence an essential element

of any cross-border merger or acquisition, especially if the target does business in a jurisdiction where

local officials may expect to be compensated for simply doing their job. Although some may view their

payments to “government officials” (the definition of which is very broad) as merely a cost of doing

business or a necessary evil to expedite the granting of a license or permit, in addition to running afoul

of applicable laws such payments can wreak havoc with an open and accurate economic analysis of the

true costs of doing business, particularly since they tend not to be readily apparent in financial

statements relied upon by buyers and lenders worldwide.

As a result, the failure to conduct pre-acquisition anticorruption due diligence can lead to severe legal and

financial consequences, as well as reputational damage, for both buyers and sellers. For buyers,

anti-corruption diligence can be especially critical because, under US principles of successor liability, a

buyer may be held liable for pre-closing FCPA violations by the target. And if illegal conduct by the

acquired company continues post-closing, the buyer can be held directly liable, even if it had no

knowledge of or participation in the violation. For sellers, putting aside any individual liability (which would

survive a transfer of ownership or control), concerns about potential pre-closing violations can strongly

influence a deal’s value, if not threaten the entire transaction. Moreover, sellers may be asked to provide

specific representations—or even fundamental representations—and warranties as to anti-corruption

compliance that are backed by broad indemnification provisions and hefty escrow amounts.

The two US government agencies responsible for enforcing the FCPA, the Department of Justice (DOJ)

and the Securities and Exchange Commission (SEC), have endorsed a risk-based approach to

conducting preacquisition anti-corruption due diligence. As explained in greater detail below, such an

approach requires an initial evaluation of the target’s risk profile, followed by the creation and subsequent

implementation of a work plan that incorporates review procedures specifically tailored to and

commensurate with the risks identified. Even if pre-acquisition anti-corruption diligence does not reveal

evidence of bribery (after all, the professionals conducting the exercise lack badges and subpoena

power, and must to some extent rely on the target’s personnel to provide accurate and complete

information), conducting such a review can help to identify “red flag” indicators of corruption and

potential control weaknesses. Once armed with that information, a prospective buyer can address the

issues with the seller and, ideally, convince the seller to remediate and voluntarily report any violations

to the relevant authorities before the deal is closed. At a minimum, the results of the review can be

factored into the deal terms and pricing, as well as taken into consideration by the buyer when designing

plans to integrate the target into its operations. The exercise could also prove useful in demonstrating to

law enforcement the buyer’s commitment to anti-corruption compliance, should violations come to the

government’s attention postclosing. Stated another way, if you do not devote sufficient time and

resources to try to detect corrupt practices pre-closing, arguments that you were an “innocent purchaser”

may fall on deaf ears.

The important role of pre-acquisition FCPA duediligenceIn their November 2012 Resource Guide to the FCPA, the DOJ and SEC caution that in the M&A context,

they may pursue FCPA charges utilizing theories of successor liability as well as direct liability.1

Successor liability means that a buyer can be held liable for pre-closing violations committed by the

target company (or its agents), so long as the target was subject to FCPA jurisdiction at the time of the

Randy BregmanPartner, Washington, DCD +1 202 408 9164

[email protected]

Michelle J. ShapiroPartner, New YorkD +1 212 398 4877

[email protected]

Peter G. FeldmanSenior Managing Associate,Washington, DCD +1 202 408 9226

[email protected]

Key contacts

Anti-corruption Due Diligence:A Key Component of Mergers andAcquisitions

1

http://www.dentons.com/en/randy-bregman


http://www.dentons.com/en/global-presence/united-states/washington-dc.aspx

http://www.dentons.com/en/insights/articles/2014/february/20/anti-corruption-due-diligence?IsPdf=true#

http://www.dentons.com/en/michelle-shapiro

http://www.dentons.com/en/michelle-shapiro

http://www.dentons.com/en/global-presence/united-states/new-york.aspx


http://www.dentons.com/en/peter-feldman




http://www.dentons.com/en.aspx

conduct. Notably, if a target was not subject to the FCPA pre-transaction, the mere fact of the

acquisition will not create successor liability. On a direct liability theory, the DOJ and/or the SEC could

pursue FCPA charges against a buyer for any post-closing FCPA violations committed by the acquired

company (or its agents).

In light of this legal framework, the DOJ and SEC “encourage companies to conduct pre-acquisition due

diligence[,]” as well as to enhance compliance programs and internal controls post-acquisition. As

described in the Resource Guide, conducting pre-acquisition FCPA diligence can provide a range of

benefits to both buyers and sellers, including:

Enabling buyers to more accurately value the target company

Laying the foundation for a buyer to rapidly and successfully integrate the target company into its

operations post-closing, including by reducing the risk that the target company, once acquired, will

continue to engage in any conduct that violates the FCPA

Allowing the parties to handle any potential FCPA violations uncovered by the diligence in a more orderly

and efficient manner

Demonstrating a genuine commitment to identifying and preventing FCPA violations

The DOJ and SEC also note that pre-acquisition due diligence can be a crucial mitigating factor in their

decisions on whether to bring an FCPA enforcement action and, should they nonetheless decide to

proceed, it will factor into the calculation of any penalty that may be imposed. According to US

regulators, “[i]n a significant number of instances, DOJ and SEC have declined to take action against

companies that voluntarily disclosed and remediated conduct and cooperated with DOJ and SEC in the

merger and acquisition context.” Moreover, they note that “DOJ and SEC have only taken action against

successor companies in limited circumstances, generally in cases involving egregious and sustained

violations or where the successor company directly participated in the violations or failed to stop the

misconduct from continuing after the acquisition.”

Tips for conducting risk-based anti-corruptiondue diligencePre-acquisition anti-corruption diligence procedures should be aligned with the particular risk profile of the

potential acquisition target. In the Resource Guide, the DOJ and SEC advise that “the degree of

appropriate [FCPA] due diligence may vary based on industry, country, size and nature of the

transaction[,]” and recommend a “thorough risk-based” approach when determining how to allocate

pre-acquisition diligence resources.

A potential buyer (or a potential seller who wishes to conduct a compliance assessment in advance of

marketing the company, particularly to US buyers) should consider the following non-exhaustive list of

risk factors:

Geography: the perceived corruption risk of each jurisdiction in which the target or its subsidiaries or

affiliates operates, either directly or through third parties (e.g., countries with low scores on the

Transparency International Corruption Perceptions Index, which is a widely recognized barometer for

corruption risk based on information from independent institutions that specialize in the analysis of

governance and business climates)

Industry: the perceived corruption risk of the industry or sector in which the target does business,

particularly industries that have been the focus of heavy anticorruption enforcement, such as oil and gas,

medical devices, pharmaceuticals and freight forwarding

Government business: the extent to which the target’s revenues rely on government contracts and/or

government concessions, including licensure, permits or other authorizations

Government interactions: the target’s level of interaction with government officials, including the

importance of licenses and permits to its operations, the degree of government oversight and inspection

and the significance of goods and personnel clearing customs and immigration

Business development and sales strategy: the target’s business development program, including any

travel, gifts or entertainment provided or received

Third-party intermediaries: the target’s reliance on thirdparty agents, particularly in dealing with

government officials (including officers or employees of state-owned enterprises) or for business

development efforts

M&A activity and JV arrangements: the appropriateness of the target’s diligence in connection with

mergers, acquisitions and joint ventures

Compliance program: whether the target has adopted and implemented anti-corruption policies and

procedures, and if so, whether the anti-corruption program is adequate for the risks presented

2

History: the target’s compliance history, including allegations or suspicions of corruption

Informed by an assessment of the target’s risk profile, a pre-acquisition anti-corruption due diligence plan

should be tailored to the transaction and then implemented. Typically, but not always, anti-corruption

diligence can be performed alongside standard commercial due diligence, using many of the same

materials and methods for obtaining information. For example, anti-corruption diligence procedures might

leverage an electronic or physical data room, financial analyses already prepared for other purposes,

opportunities to interview key personnel and certain publicly available information about the target, its

owners and/or key personnel. Throughout the process, anti-corruption diligence should be focused on

identifying “red flags” requiring heightened scrutiny and follow-up procedures, possibly including

expanded requests for information or data.

To enhance the effectiveness and efficiency of anticorruption diligence, it is often helpful to integrate US

counsel experienced in this area with local counsel in the relevant jurisdictions. This allows the review to

incorporate local laws and practices, for example “customary” per diem payments to traveling

government regulators or the provision of hospitality to potential customers. Similarly, integrating US and

local counsel can help ensure that diligence procedures are targeted to higher-risk areas and

nomenclature, such as by focusing on relevant local language search terms (e.g., chaqian [“tea money”]

in Chinese; pod stolom [“under the table”] in Slovak).

ConclusionGiven the regulators’ ongoing focus on compliance with global anti-corruption legislation, conducting

targeted anti-corruption due diligence is increasingly critical for any cross-border corporate transaction,

particularly those involving US companies or US nationals doing business outside the US. Ideally,

implementing the type of riskbased review suggested by the DOJ and SEC will uncover any evidence of

corruption before a deal is inked, but even if it does not, the exercise can provide a range of significant

benefits, not the least of which is identifying “red flags” and other weaknesses that can be addressed in

the deal documents and incorporated into the buyer’s integration plans so that any questionable practices

cease prior to closing.

© 2014 Dentons. Dentons is a global legal practice providing client services worldwide through its member firms and affiliates.Please see dentons.com for Legal Notices. 3

http://www.dentons.com

May 7, 2014

As the events in Ukraine and Russia continue to unfold, the reaction by the US and the EU, including

imposing sanctions, will impact individuals, businesses, and entire sectors.

As a polycentric firm, with no headquarters, no dominant culture and no flag, and with partners

throughout the world, including Russia, Ukraine and Central and Eastern Europe, Dentons is particularly

well positioned to explain the nuances that surround every facet of these complicated developments to

our clients.

This client update contains an analysis of the policy issues arising from the current situation in Ukraine.

We try to present the facts as they are known, and the potential ramifications of what might happen,

without taking a position that could be perceived as political in any way. We believe this is the best way

to serve our clients.

On April 28, 2014, the United States and the EU each imposed an expanded range of sanctions targeting

Russian and Ukrainian individuals and entities in connection with the on-going events in Ukraine. The

sanctions impose asset freezes and visa bans, and prohibit the issuance of certain export licenses.

Key aspects of the evolving sanctions landscapeThe US has established a wide-ranging set of Ukraine-related sanctions. Via three Executive

Orders, the US established a legal framework for sanctions on a broad array of individuals and entities

determined to be contributing to the situation in Ukraine.1 The initial sanctions, which included asset

freezes and US visa bans, targeted officials directly involved in Russia’s annexation of Crimea and

senior officials of the former Yanukovych administration in Ukraine. The recent sanctions announced April

28 widen the list of individuals to include seven senior government officials and 17 companies closely

linked to the previously sanctioned individuals, who are considered members of the inner circles of

Russia’s leadership. The April 28 sanctions also restrict the export of certain US-origin items to 13 of

those 17 companies and rejects all pending applications and existing US licenses for the export or

re-export of technology that could benefit the Russian military.

The US has not imposed broad sanctions on Russia as a country. Thus far, the US sanctions

authorized by the three Executive Orders do not impose a commercial embargo of Russia, nor do they

restrict ordinary trade or investment -- unless a prohibited party is involved.

The European Union imposed targeted sanctions on a total of 48 individuals in connection with

the situation in Ukraine. The Council of the European Union, giving force to its Decision

2014/145/CFSP authorizing travel restrictions and the freezing of funds and economic resources of

certain individuals believed to have been responsible for actions “which undermine or threaten the

territorial integrity, sovereignty and independence of Ukraine“ (“designated individuals”), adopted Council

Regulation (EU) No 269/2014 concerning restrictive measures in respect of actions undermining or

threatening the territorial integrity, sovereignty and independence of Ukraine. While Council Regulation

(EU) No 269/2014 imposed sanctions on 21 individuals, Council Regulation (EU) No 284/2014 expanded

the list of persons by 12, for a total of 33. On April 28, 2014, Council Regulation (EU) No 433/2014 was

issued expanding these restrictive measures, to include 15 additional persons.

The EU list of designated individuals does not include sanctions on legal entities or Russia as a

country. The list of the designated individuals has been annexed to the Council Regulation 269/2014, as

amended by Council Regulation 284/2014. As with other EU sanctions, this list is limited to individuals or

entities that are specifically named, although additional parties can be added as approved by the Council.

Further steps to de-escalate tensions were agreed upon by the United States, the European Union,

Ukraine, and Russia in the April 17, 2014 “Joint Statement on Ukraine." However, what the United States

and EU view as the worsening of the security situation in Eastern Ukraine and absence of “concrete

Michael E. ZolandzPartner, Washington, DCD +1 202 408 9204M +1 202 441 3901

[email protected]


[email protected]

Obie MooreSenior Counsel, Washington, DCD +1 202 408 3957

[email protected]


[email protected]

Key contacts

Ukraine update: Additional US and EUsanctions imposed

1

http://www.dentons.com/en/michael-zolandz



http://www.dentons.com/en/insights/alerts/2014/may/7/ukraine-update-additional-us-and-eu-sanctions-imposed?IsPdf=true&ParentItemID=ktrrmYwQ8YF3a5SKjru8rjQh4mofQ7sXIz2lFCnRwTHpmyWPUqCnxA==&Archive=False#





http://www.dentons.com/en/obie-moore

http://www.dentons.com/en/obie-moore








actions” by Russia in support of the Joint Statement, gave rise to the April 28 Sanctions announcement.

Australia, Canada, Japan and Switzerland have also imposed sanctions.

Given the pace of ongoing political, diplomatic, military and commercial events on the ground, and

continuing negotiations between and among the EU, Russia, Ukraine and the US, active monitoring of

the sanctions landscape is particularly critical. Additional or enhanced sanctions can be imposed by the

US or EU under the authorities currently in use without any further advance notification. These additional

sanctions could incorporate actions against entire sectors of the Russian economy as authorized in

Executive Order 13662.

New sanctions under Ukraine-related ExecutiveOrder (EO 13662) On April 28, 2014, pursuant to Executive Order 13662, the US Department of the Treasury imposed

sanctions on seven Russian government officials, including 2 members of President Putin’s inner circle,

as well as 17 companies linked to Putin’s inner circle. In addition, the US Department of Commerce

imposed restrictions on 13 of those companies by imposing a license requirement (with presumption of

denial) for the export, re-export or other foreign transfer of US-origin items to the companies. The

President of the United States also directed the US Department of Commerce and US State Department

to deny export license applications for any high technology items that could contribute to Russia’s

military capabilities, and to revoke any existing export licenses for high technology items related to such

military use.

The April 28 sanctions designations target seven individuals, including two leaders of Russian oil

company Rosneft: Mr. Igor Sechin, President and Chairman of the Rosneft Management Board, and Mr.

Sergei Chemezov, a member of the Rosneft board of directors and Director General of Rostec, the State

Corporation for Promoting Development and Export of Russian Technologies.2

Other named individuals include: Mr. Oleg Belavantsev (Russia’s appointed envoy to Crimea); Mr.

Dmitry Kozak (Deputy PM of Russia); Mr. Evgeniy Murov (Director, Federal Protective Service of

Russia); Mr. Aleksei Pushkov (Chairman, State Duma Committee of Foreign Affairs); and Mr.

Vyacheslav Volodin (President Putin’s First Deputy Chief of Staff).

The 17 companies designated on April 28 include the Volga Group, an investment firm that manages

assets of Gennady Timchenko, former co-owner of Gunvor Trading (targeted in the previous round of

sanctions on March 20) and several energy-related Volga Group subsidiaries, including Sakatrans, LLC,

which operates coal and iron ore terminals in Muchka Bay; TransOil, which ships oil and petroleum

products by rail; and the Stroygazmontazh holding company (SGM Group), which includes a gas pipeline

construction company.

The expanded sanctions also include three banks: InvestCapitalBank, JSB SobinBank, SMP Bank, and

two financial institutions, Abros Investment Company and CJSC Zest (a leasing company), both of

which are subsidiaries of the already-sanctioned Rossiya Bank. Also included in these sanctions are two

private aviation companies affiliated with Sheremetyevo International Airport, Avia Group and Avia Group

Nord, and Aquanika, a mineral water company also owned by Volga Group.

New sanctions under Ukraine-related CouncilImplementing Regulation (EU) no. 433/2014Pursuant to Decision 2014/145/CFSP authorizing restrictive measures against “persons, entities and

bodies” and in “view of the gravity of the situation” in Ukraine, the Council of Europe adopted on April 28,

2014 Council Regulation (EU) No 433/2014, which named 15 additional persons subject to restrictive

measures. The total number of Russian and Ukrainian persons now subject to visa bans and assets

freezes is 48.

The April 28 EU sanctions against 15 Russian officials did not name any executives or board members

of state-owned Rosneft oil group, as did the US sanctions, issued the same date. EU sanctions have not

included restrictions against corporate entities. So far, only natural persons have been named in the three

rounds of EU sanctions to date.

Persons named in the most recent EU sanctions include high-level officials in Moscow, Russian officials

associated with the integration of annexed Crimea and leaders of pro-Russia militia and protestors who

have been occupying state buildings in Eastern Ukraine.

These include General Valery Gerasimov, chief of the Russian general staff in Moscow, and Dmitry

2

Kozakhe, Deputy Prime Minister, who was put in charge of Crimea’s development. Also named was Igor

Dmitrievich Sergun, Director of GRU (Main Intelligence Directorate) and Deputy Chief of the General

Staff of the Armed Forces of the Russian Federation. He is alleged to be responsible for directing

activity of GRU officers in Eastern Ukraine. From Crimea, several persons were named including Sergei

Ivanovich Menyailo, acting governor of the Ukrainian annexed city of Sevastopol.

Persons named in these new EU sanctions based on their alleged associations and activities in Eastern

Ukraine include (i) Igor Stelkov, identified as Russian military intelligence officer sent to promote unrest

in Eastern Ukraine; (ii) Denys Pushylin, a leader of the “Donetsk People’s Republic”, participant in the

seizure and occupation of the regional administration authority, and regular spokesperson for the

separatists; (iii) Valery Bolotov, leader of the separatist group “Lugansk Guard”, who took part in the

seizure of Lugansk Regional Office of Security Service, and also has close ties to the “Army of

Southeast”.3

ConclusionsThe authorization of US and EU sanctions is one component of an exceptionally complex and fluid legal

and political dynamic. Events on the ground are unfolding at a rapid pace, and Russia has already

responded by imposing sanctions on nine US individuals.4

Given the potential for rapid changes to the legal landscape without advance notice, active monitoring of

the policy landscape is critical to identifying and addressing risk.

Our previous client alert also discusses the imposed US and EU sanctions in the Ukraine.

The underpinnings of this legal framework are three Executive Orders issued by the President of the United States: (1) Executive Order

13660, issued on March 6, 2014; (2) Executive Order 13661, issued on March 17, 2014; and (3) Executive Order 13662, issued on March

20, 2014.

1.

The US Department of the Treasury has issued a letter of clarification that neither Rosneft nor Rostec is designated as a “Specially

Designated National” subject to US sanctions pursuant to Executive Order 13661.

2.

Complete lists of individuals named in the three EU decisions are found at (i) Council Regulation (EU) No 433/2014 of April 28, 2014;

(ii) Council Regulation (EU) No 284/2014 of March 21, 2014; and (iii) Council Regulation (EU) No 284/2014 of March 17, 2014.

3.

See The Ministry of Foreign Affairs of the Russian Federation (English version).4.


http://www.dentons.com/en/insights/alerts/2014/april/2/the-situation-in-ukraine-new-us-and-eu-sanctions

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2014.126.01.0055.01.ENG

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2014:086:0027:0029:EN:PDF

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2014:078:0006:0015:EN:PDF

http://www.mid.ru/bdomp/brp_4.nsf/e78a48070f128a7b43256999005bcbb3/efaf513c3bebf3c144257ca5004d5606!OpenDocument


April 2, 2014

As the events in Ukraine and Russia continue to unfold, the reaction by the US and the EU, including

imposing sanctions, will impact individuals, businesses, and entire sectors. The recent events in Ukraine

lead clients in every corner of the globe to seek our strategic guidance as the situation develops.

As a polycentric firm, with no headquarters, no dominant culture and no flag, and with partners

throughout the world, including Russia, Ukraine and Central and Eastern Europe, Dentons is particularly

well positioned to explain the nuances that surround every facet of these complicated developments to

our clients.

We understand that in diplomatic disputes there is often much posturing, but not every threat leads to

action. We also understand that headlines and news reports rarely capture the complexities that are

vitally important to clients. Most importantly, in situations involving so many nationalities, much can be

lost in translation. Fortunately, Dentons has partners who literally speak the language of every nation

involved and we invite clients to take advantage of our offices in the region.

This client update contains an analysis of the policy issues arising from the current situation in Ukraine

prepared by our Public Policy and Regulation team. We try to present the facts as they are known, and

the potential ramifications of what might happen, without expressing any political view. We believe this is

the best way to serve our clients.

* * *

The US and the EU have each imposed a range of sanctions targeting individuals and one entity which

are associated with the developments in Crimea and with political disruption in Ukraine.

The US has established a wide-ranging set of Ukraine-related sanctions. Via three Executive Orders, the

US established a legal framework for sanctions on a broad array of individuals and entities determined to

be contributing to the situation in Ukraine. To date, the US has imposed sanctions, including asset freezes

and US visa bans, on senior officials of the former Yanukovych administration in Ukraine, several senior

Russian government officials and one Russian bank.

The US has not imposed broad sanctions on Russia as a country. The US sanctions authorized by the

three Executive Orders do not establish or authorize a commercial embargo of Russia, nor do they restrict

ordinary trade or investment - unless a prohibited party is involved.

The European Union imposed targeted sanctions on 33 individuals in connection with the situation in

Ukraine. The Council of the European Union, giving force to its Decision 2014/145/CFSP authorizing

travel restrictions and the freezing of funds and economic resources of certain individuals believed to

have been responsible for actions “which undermine or threaten the territorial integrity, sovereignty and

independence of Ukraine“ (“designated individuals”), adopted Council Regulation (EU) No 269/2014

concerning restrictive measures in respect of actions undermining or threatening the territorial integrity,

sovereignty and independence of Ukraine. While Council Regulation (EU) No 269/2014 imposed sanctions

on 21 individuals, Council Regulation (EU) No 284/2014 expanded the list of persons by 12, for a total of

33.

The EU list of designated individuals does not include sanctions on legal entities or Russia as a country.

The list of the designated individuals has been annexed to the Council Regulation 269/2014, as amended

by Council Regulation 284/2014. This list is an open list, which means that it can be expanded in the

future.

Given the pace of ongoing political, diplomatic, military and commercial events on the ground, and

continuing negotiations between and among the EU, Russia, Ukraine, and the US, active monitoring of

the sanctions landscape is particularly critical. Additional or enhanced sanctions can be imposed by the

US or EU, without any further advance notification under the authorities currently in use.

Michael E. ZolandzPartner, Washington, DCD +1 202 408 9204M +1 202 441 3901

[email protected]


[email protected]

Edward BorovikovPartner, BrusselsD +32 2 552 29 00

[email protected]

Nadiya NychayCounsel, BrusselsD +32 2 552 29 00

[email protected]


[email protected]

Key contacts

The situation in Ukraine: New US and EUsanctions

1




http://www.dentons.com/en/insights/alerts/2014/april/2/the-situation-in-ukraine-new-us-and-eu-sanctions?IsPdf=true#





http://www.dentons.com/en/edward-borovikov

http://www.dentons.com/en/edward-borovikov

http://www.dentons.com/en/global-presence/europe/belgium/brussels.aspx


http://www.dentons.com/en/nadiya-nychay

http://www.dentons.com/en/nadiya-nychay

http://www.dentons.com/en/global-presence/europe/belgium/brussels.aspx







US SanctionsThe US has established a new legal framework for the imposition of economic sanctions, including asset

freezes and US visa restrictions. The underpinnings of this legal framework are three executive orders1

issued by the President of the United States: (1) Executive Order 136602, issued on March 6, 2014; (2)

Executive Order 136613, issued on March 17, 2014; (3) and Executive Order 136624, issued on March 20,

2014.

On March 17, 2014, the US announced its first sanctions under two executive orders then in existence

(13660 and 13661).5 These initial sanctions targeted 11 individuals. On March 20, 2014, the US

announced a second, larger round of sanctions, targeting 20 individuals and one entity — Bank

Rossiya.6

None of the Ukraine-related executive orders, as a legal matter, require any new law or act of Congress

to become effective. Rather, the President issued these executive orders under general authority

already granted to him by three long-standing US federal statutes, which form the basis for nearly all of

the current US economic sanctions programs: the International Emergency Economic Powers Act (50

USC 1701 et seq.), the National Emergencies Act (50 USC 1601 et seq.), and the Immigration and

Nationality Act of 1952 (USC 1182(f)). Absent specific new authority from the US Congress, the

authorization of sanctions related to the situation in Ukraine is more limited than other US sanctions

programs that have specific statutory bases, such as the sanctions with respect to Cuba, Iran, North

Korea, Sudan and Syria.

Key Provisions of the First Ukraine-Related Executive Order(EO 13660)Under the terms of EO 13660, the President authorizes the Secretary of the Treasury, in consultation

with the Secretary of State, to freeze the assets (within US jurisdiction) of, and prohibit the issuance of

US visas to, any person -- regardless of nationality -- determined to have been "responsible for or

complicit in":

"actions or policies that undermine democratic processes or institutions in Ukraine";

"actions or policies that threaten the peace, security, stability, sovereignty or territorial integrity of

Ukraine"; or

"misappropriation of state of assets of Ukraine or of an economically significant entity in Ukraine".

EO 13660 also authorizes the designation of any person who has asserted governmental authority over

any part or region of Ukraine without the authorization of the Government of Ukraine.

Notably, EO 13660, by its terms, can also reach a wider array of persons who facilitate these types of

sanctionable-activities. For example, EO 13660 authorizes the designation of leaders of entities that

have, or whose members have, engaged in the sanctionable activities noted above -- or leaders of

entities that have, or whose members have, themselves been designated under EO 13660. This means

that the US could impose sanctions on the leaders of a group whose members have engaged in EO

13660-sanctionable conduct, even if that leader himself did not participate in the conduct directly.

Moreover, EO 13660 also authorizes the designation of any person who provides material support, or

goods or services to or in support of, any activity sanctionable under EO 13660 or any person

sanctioned under the authority of EO 13660. This language could provide a basis for the imposition of

sanctions upon individuals and entities who facilitate EO 13660-sanctionable conduct, regardless of

whether the individuals or entities themselves are directly involved in the conduct.

As is customary in US sanctions programs, EO 13660 further authorizes the designation of any person

owned or controlled by, or who has acted or purported to act for or on behalf of, any person already

designated under EO 13660.

Key Provisions of the Second Ukraine-Related Executive Order(EO 13661)Executive Order 13661 utilizes the same structure as EO 13660, but expands the scope of sanctionable

conduct or status, and imposes sanctions on specific individuals.

Under the March 17 Executive Order, the President authorizes the Secretary of the Treasury to freeze

the assets (within US jurisdiction) of, and prohibit the issuance of US visas to any:

"official of the Government of the Russian Federation";

any person that "operate[s] in the arms or related material sector in the Russian Federation";

2

or any person owned or controlled by, or acting or purporting to act on behalf of, a senior official of the

Government of the Russian Federation or a person whose property is blocked by this Executive Order.

Similar to EO 13660, the EO 13661 also authorizes the imposition of sanctions against any person who

provides material assistance to, or goods or services to or in support of, a senior official of the

Government of the Russian Federation or a person who is blocked by the EO 13661.

Key Provisions of Third Ukraine-related Executive Order (EO 13662)Executive Order 13662 also utilizes the same structure as EO 13660. However, Executive Order 13662

significantly expands the scope of sanctionable conduct or status under both of the previous executive

orders to include a far wider range of potential targets -- most notably by taking a sectoral approach.

Under EO 13662, the President authorizes the Secretary of the Treasury to designate sectors of the

Russian economy, and then freeze the assets (within US jurisdiction) of, and prohibit the issuance of US

visas to, any person operating within such a sector. EO 13662 lists several possible sectors for future

designation, including:

financial services,

energy,

metals and mining,

engineering, and

defense and related material.

However, EO 13662, by its terms, does not actually issue any such sectoral designation. Rather, EO

13662 simply establishes the legal framework for potential use in the future.

As with the other Ukraine-related executive orders, and consistent with standard US sanctions practice,

EO 13662 also authorizes the designation of any person who provides material assistance to, or goods or

services to or in support of, any person who is blocked under EO 13622.

On March 20th, the same day that the White House issued EO 13662, the US Treasury Department

extended sanctions to a Russian company for the first time, St. Petersburg-based Bank Rossiya.

Congressional LegislationLast night, the US Congress passed a bill that seeks to enact sanctions against officials involved in

human rights abuses in Ukraine or in undermining the Ukrainian territorial integrity or sovereignty. The bill

also authorizes the President to apply sanctions against persons involved in corruption in the Russian

Federation. In addition to the sanctions provisions, the bill also provides substantial financial aid to

Ukraine.

With the US House’s vote last night to accept Senate amendments, the bill now goes to the President,

who is expected to sign the bill into law. The resulting sanctions appear largely consistent with those

already imposed by the President: based on a determination by the President that a person is involved in

the proscribed conduct, the US assets of the person are to be frozen and the person barred from entry

to the US.

The most significant difference between the sanctions set forth in the bill and those of the executive

orders discussed above is the bill’s express provision of sanctions against persons involved in corruption

in the Russian Federation.

Implications and Next StepsThe three Ukraine-related executive orders, and two rounds of sanctions to date, may well provide the

basis for additional designations of Russian officials -- possibly even without a linkage to the situation in

Ukraine. EO 13661 does not define "official of the Government of the Russian Federation" or "senior

official of the Government of the Russian Federation." Nor does it require such an official to be linked to

the situation in Ukraine to be subject to sanctions. Similarly, EO 13662, by its terms, does not require

any linkage between a designated sector of the Russian economy and the situation in Ukraine.

While it remains to be seen how these new authorities will be exercised (beyond the initial two rounds of

sanctions designations), there is the prospect of a wider and evolving series of measures -- and

countermeasures -- between the United States and Russia in the trade and economic arenas.

EU Sanctions — Three-Step ApproachAt an emergency session of the European Council on March 6, 2014, the EU Heads of State committed

3

to implementing a three–step approach to sanctions against Russia, as the EU deems appropriate based

upon facts on the ground in Ukraine and ongoing diplomatic negotiations.

Under the EU's agreed-upon approach:

First, the EU would suspend discussions with Russia about the potential for visa-free travel between

Russia and the EU;

Second, the EU would suspend its attendance of the June 2014 G8 Summit in Sochi; and

Third, as a next step, the EU would impose targeted restrictive measures such as travel bans, freeze of

certain Russian assets and the cancellation of the EU-Russia summit, depending on Russia’s stance on

Ukraine.

By adopting Council Regulation (EU) No 269/2014 on March 17, 2014, Council Regulation (EU) No

284/2014 on March 21, 2014, and Decision 2014/145/CFSP, the EU has entered into the third stage of

this approach. It is noteworthy in this context that in the EU Law a regulation is a legal act of the

European Union that becomes immediately enforceable as law in all EU member states simultaneously.

Therefore, the EU sanctions on Russia imposed by Council Regulation (EU) No 269/2014 and No

284/2914 have become binding on all EU member states with an immediate effect.

Key Aspects of the EU ApproachThe EU currently imposes sanctions against a range of countries and designated individuals and entities.

While the specific regimes vary by jurisdiction, they generally involve political steps as well as

restrictive measures, which can take several forms, such as:

diplomatic sanctions (for instance, severing of diplomatic ties, suspension of official visits, etc.);

suspension of diplomatic or organizational cooperation (e.g. the announced suspension of attendance of

the G8 summit in Sochi);

boycotts of sport or cultural events; (this has happened with Winter Paralympic Games in Sochi);

trade sanctions (general or specific trade sanctions, arms embargoes);

financial sanctions (freezing of funds or economic resources, prohibition on financial transactions,

restrictions on export credits or investment);

flight bans; and

restrictions on admission into the EU (entry bans, suspension of issuance of Schengen visas, and visas

for the UK as the case may be).

EU sanctions may target governments, as well as individuals or non-state entities, including business

companies. For example, on March 5, 2014, the EU imposed restrictive measures, including an asset

freeze, on 18 former senior Ukrainian government officials that it determined to be responsible for the

misappropriation of Ukrainian state resources. Similarly, restrictive measures adopted by the EU on

March 17,2014 in connection with the situation in Ukraine authorized travel restrictions and the freezing of

funds and economic resources of 21 individuals believed to have been responsible for actions which

undermine or threaten the territorial integrity, sovereignty and independence of Ukraine.7 On March 21,

2014, following Russia's decision to annex Crimea, the EU has imposed those sanctions, i.e. visa bans

and asset freezes, on another 12 individuals,8 thereby expanding the EU list of designated individuals to

33 persons.

Implications and Next StepsEU economic and financial sanctions apply to all persons and entities doing business in the EU, including

nationals of non-EU countries, and EU nationals and entities incorporated or constituted under the law of

an EU Member State when doing business outside of the EU. The entities most directly and evidently

concerned by any asset freezes are financial and credit institutions, because the assets in question will

in all likelihood be in their custody. This obligation covers not only financial and credit institutions that

operate within the European Union or are established or incorporated under the laws of a Member State. It

also covers such institutions that have any business dealings in the EU, or any such institutions that

have a " nexus" to the EU as may be specified by respective sanctions instruments. As a general

matter, financial and credit institutions dealing in the Euro currency are also covered. Very often

economic sanctions adopted by the EU are also followed by the European Free Trade Association states,

including Norway, Iceland, Switzerland and Liechtenstein.

The EU frequently resorts to economic and financial sanctions, which could consist of export and/or

import bans (on specific products, payments, transfers or services), travel and entry bans, prohibitions

on investment and other measures. The adoption of EU autonomous sanctions should conform to the

provisions and general principles of EU Law, including the EU Charter for Fundamental Rights, and the

international obligations of the European Union and its Member States, in particular the GATT and GATS

4

exceptions provided in the WTO Agreements. Therefore, whatever the scope of the further sanctions, a

scrutiny of their consistency with EU law and the international law provisions and, specifically, their

consistency with the EU’s multilateral, bilateral or other obligations may be warranted.

ConclusionsThe authorization of US and EU sanctions is one component of an exceptionally complex and fluid legal

and political dynamic. Events on the ground are unfolding at a rapid pace, and Russia has already

responded by imposing sanctions on nine US individuals.9

Given the potential for rapid changes to the legal landscape without advance notice, active monitoring of

the policy landscape is critical to identifying and addressing risk.

1 An Executive Order is a directive issued by the President of the United States which carries the

force of law.

2 See Executive Order 13660.



5 View the list of persons sanctioned under the Ukraine-related sanctions as of March 17th.

6 View the expanded list of persons announced on March 20th.

7 Council Regulation (EU) No 269/2014 of 17 March 2014 concerning restrictive measures in respect

of actions undermining or threatening the territorial integrity, sovereignty and independence of

Ukraine, OJ L 78, 17/03/2014, p. 6-15 and Council Decision 2014/145/CFSP of 17 March 2014

concerning restrictive measures in respect of actions undermining or threatening the territorial

integrity, sovereignty and independence of Ukraine, OJ L 78, 17/03/2014, p. 16-21.

8 Council Implementing Regulation (EU) No 284/2014 of 21 March 2014 implementing Regulation (EU)

No 269/2014 concerning restrictive measures in respect of actions undermining or threatening the

territorial integrity, sovereignty and independence of Ukraine, OJ L 86, 21/03/2014, p. 27-29 and

Council Implementing Decision 2014/151/CFSP of 21 March 2014 implementing Decision

2014/145/CVSP concerning restrictive measures in respect of actions undermining or threatening the

territorial integrity, sovereignty and independence of Ukraine, OJ L 86, 21/03/2014, p. 30-32.

9 See List of officials and members of the US Congress, who are banned from entering the

Russian Federation on a reciprocal basis due to US sanctions against Ukraine and Crimea

(English version).


http://www.treasury.gov/resource-center/sanctions/Programs/Documents/ukraine_eo.pdf

http://www.treasury.gov/resource-center/sanctions/Programs/Documents/ukraine_eo2.pdf

http://www.treasury.gov/resource-center/sanctions/Programs/Documents/ukraine_eo3.pdf

http://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/pages/20140317.aspx

http://www.treasury.gov/press-center/press-releases/Pages/jl23331.aspx

http://www.mid.ru/bdomp/brp_4.nsf/e78a48070f128a7b43256999005bcbb3/efaf513c3bebf3c144257ca5004d5606!OpenDocument


Portfolio Media. Inc. | 860 Broadway, 6th Floor | New York, NY 10003 | www.law360.comPhone: +1 646 783 7100 | Fax: +1 646 783 7161 | [email protected]

11th Circ. Leaves Room For Debate Over FCPA 'Instrumentality' Law360, New York (May 20, 2014, 6:57 PM ET) -- For the first time in the history of the Foreign Corrupt Practices Act (15 U.S.C. §§ 78dd-1, et seq.), a federal appellate court has interpreted the scope of who is a “foreign official” under the statute. In a landmark ruling, the U.S. Court of Appeals for the Eleventh Circuit held in United States v. Joel Esquenazi and Carlos Rodriguez, No. 11-15331 (11th Cir. May 16, 2014), that for purposes of the FCPA’s definition of “foreign official,” the statute’s reference to an “instrumentality” of a foreign government means “an entity controlled by the government of a foreign country that performs a function the controlling government treats as its own.” This definition limits the scope of “instrumentality” by establishing that government control or ownership on its own is not sufficient. While the court required that the entity perform a government function, the court declined to adopt the defendants’ proposed limitation to only entities that perform traditional, core government functions. The court’s decision is unlikely to be the final word in the ongoing debate about the terms “foreign official” and “instrumentality.” While it does provide some guidance for businesses and practitioners seeking to understand the circumstances in which employees of state-controlled entities might be deemed “foreign officials” under the FCPA, given that “what constitutes control and what constitutes a function the government treats as its own are fact-bound questions,” the safest bet is to assume that the U.S. Department of Justice and the U.S. Securities and Exchange Commission, as well as future courts, will continue to take a broad view of when the FCPA applies. Facts Giving Rise to Convictions in U.S. v. Esquenazi and Rodriguez The Eleventh Circuit’s decision arises from an appeal by two former executives of Miami-based Terra Telecommunications Company, each of whom were convicted in 2011 on seven counts of violating the FCPA, as well as additional conspiracy and money laundering counts. Esquenazi was sentenced to 15 years in prison and Rodriguez was sentenced to seven years. The defendants were each sentenced to an additional three years of supervised release, and were held jointly and severally liable for $2.2 million in restitution payments and ordered to forfeit over $3 million. The convictions were based on evidence that the defendants bribed two employees of Haiti’s state-owned telecommunications company, Haiti Teleco. Specifically, the indictment

sdeleva

Rectangle

alleged that the defendants paid a total of approximately $900,000 in bribes between 2001 and 2005 to Haiti Teleco employees, Robert Antoine and Jean Rene Duperval, in order to secure benefits for Terra, including preferred rates and reductions in amounts that Terra owed Teleco pursuant to contracts that allowed Terra’s customers to place calls to Haiti. In order to conceal the true nature of the payments, the bribes were allegedly paid via shell companies with which Terra had sham consulting agreements. During the time of the events giving rise to the convictions, Haiti Teleco was 97 percent owned by Haiti’s central bank. The company was controlled by its board of directors and general director, who were appointed by executive order issued by the president of Haiti. However, Haiti Teleco was initially founded as a private company and after its shares were purchased by the central bank it never underwent the required procedure under Haitian law to change its corporate form from “SA” (indicating a privately held limited company) to “SAM” (indicating a limited mixed company). Defendants’ Challenge to Haiti Teleco’s Status as a Government Instrumentality Before trial, Esquenazi moved to dismiss the indictment on the ground that no FCPA offense was alleged because the alleged bribe recipients were not “foreign officials” within the meaning of the FCPA’s anti-bribery provision. The FCPA defines foreign official as “any officer or employee of a foreign government or any department, agency, or instrumentality thereof.” Esquenazi argued that employees of Haiti Teleco do not fall within this definition because Haiti Teleco is not a department, agency or instrumentality of Haiti’s government. The district court denied the motion to dismiss and held, without any substantive analysis, that “[t]he plain language of this statute and the plain meaning of this term show that as the facts are alleged in the indictment Haiti Teleco could be an instrumentality of the Haitian government.” The defendants again contested the scope of the term “instrumentality” at the jury instruction stage. The district court instructed the jury that an “instrumentality” is a “means or agency through which a function of the foreign government is accomplished” and that state-owned enterprises “may meet this definition.” The district court’s instructions went on to provide the jury a nonexclusive list of five factors that they could consider in determining whether Haiti Teleco was an “instrumentality” of the government, including: (1) “whether it provides services to the citizens and inhabitants of Haiti”; (2) “whether its key officers and directors are government officials or are appointed by government officials”; (3) “the extent of Haiti’s ownership of Teleco”; (4) “Teleco’s obligations and privileges under Haitian law”; and (5) “whether Teleco is widely perceived and understood to be performing official or governmental functions.” Applying the district court’s jury instructions, the jury found Esquenazi and Rodriguez guilty on all counts. In a strange twist, less than a week after the jury reached its decision, a declaration from Haitian Prime Minister Jean Max Bellerive surfaced, in which Bellerive stated that “Teleco has never been and until now is not a State enterprise.” The date of the declaration fell in the middle of the trial. After the defendants moved for acquittal or a new trial on the basis of the declaration, the Department of Justice filed a second declaration from Bellerive in which he backpedaled from his earlier statements and sought “to explain how they might lead to confusion.” Bellerive’s second declaration detailed several facts suggesting that Haiti Teleco was public in nature, including that “after the initial creation of Teleco and prior to its modernization, it was fully funded and controlled by [Haiti’s central bank], which is a public entity of the Haitian state.” In Esquenazi’s brief on appeal to the Eleventh Circuit, he argued that “instrumentality” should be construed to exclude state-owned enterprises that do not perform governmental functions. Rodriguez argued that instrumentality means “a part of [the foreign] government that performs a public function traditionally carried out by that government.”

Page 2 of 511th Circ. Leaves Room For Debate Over FCPA 'Instrumentality' - Law360

7/7/2014http://www.law360.com/articles/539653/print?section=appellate

sdeleva

Rectangle

sdeleva

Rectangle

The defendants reasoned that “instrumentality” must be construed in light of the neighboring words in the statute, “department” and “agency,” both of which suggest that Congress was focused on traditional governmental entities. In addition, defendants pointed out that if state ownership were sufficient, this would lead to absurd results including that employees of companies similar to American International Group Inc. and General Motors Co. could be considered government officials. Citing a declaration from leading FCPA scholar Michael J. Koehler that discussed the legislative history of the statute, Esquenazi also emphasized that competing draft bills specifically included state-owned entities, but the final version of the FCPA did not. In response, the government argued in its brief that the defendants’ interpretation of “instrumentality” was too narrow and would make the inclusion of the word in the statute superfluous, since an entity falling within defendants’ proposed definition would almost always fall within the scope of the other terms, “department” and “agency.” The government further argued that traditional governmental functions could not be the benchmark because that concept varies from county to country. In addition, the government noted that the FCPA’s facilitating payments exception specifically includes providing phone service in its list of routine governmental actions. Eleventh Circuit’s Holding and Definition of “Instrumentality” After considering the parties’ respective arguments, the Eleventh Circuit held that “instrumentality” of a foreign government means “an entity controlled by the government of a foreign country that performs a function the controlling government treats as its own.” The court went on to state that factors which may be relevant to determining the first element — whether an entity is controlled by the government — include:

the foreign government’s formal designation of that entity; whether the government has a majority interest in the entity; the government’s ability to hire and fire the entity’s principals; the extent to which the entity’s profits, if any, go directly into the governmental fisc, and, by the same token, the extent to which the government funds the entity if it fails to break even; and the length of time these indicia have existed.

To determine the second element — whether an entity performs a function the government treats as its own — the court stated that the following factors may be relevant:

whether the entity has a monopoly over the function it exists to carry out; whether the government subsidizes the costs associated with the entity providing services; whether the entity provides services to the public at large in the foreign country; and whether the public and the government of that foreign country generally perceive the entity to be performing a governmental function.

The court cautioned that “what constitutes control and what constitutes a function the government treats as its own are fact-bound questions” and “we do not purport to list all of the factors that might prove relevant.” The court explained that the factors it set forth were informed by commentary to the Organization for Economic Cooperation and Development’s Convention on Combating Bribery of Foreign Public Officials in International Business Transactions, which the U.S.



sdeleva

Rectangle

sdeleva

Rectangle

ratified. The Eleventh Circuit also looked to U.S. Supreme Court decisions regarding government control and governmental functions in other contexts, including cases involving Amtrak and the Reconstruction Finance Corporation. Applying the court’s definition of “instrumentality” to the appeal by Esquenazi and Rodriguez, the court held that the evidence was sufficient to support the jury’s finding that Haiti Teleco was an instrumentality of the Haitian government. The court also rejected the defendants’ challenge to the jury instructions, noting that “the list of factors we identified, although a bit more detailed, is not so different from what the district court laid out in its instructions to the jury.” After discussing the defendants’ other bases for appeal, the court affirmed the convictions. Implications of The Decision The Eleventh Circuit’s holding provides important guidance on the scope of “instrumentality” and in turn “foreign official” under the FCPA. Some aspects of the ruling appropriately limit the types of entities that constitute government instrumentalities. For example, under the court’s definition, an entity is not automatically an instrumentality merely because it has some government ownership; it must also perform a function the government treats as its own. This second element is somewhat subjective in nature, particularly insofar as it requires consideration of “whether the public and the government of [the] foreign country generally perceive the entity to be performing a governmental function.” The competing declarations of Haiti’s prime minister in connection with this case demonstrate that determining the perception of even one individual regarding an entity’s public or private nature can be difficult, let alone the perceptions of the entire “public” and “government.” Although the Eleventh Circuit’s opinion states that the court was “mindful of the needs of both corporations and the government for ex ante direction about what an instrumentality is,” its flexible factor definition leaves substantial room for ongoing debate about the meaning of “instrumentality” and “foreign official.” The Eleventh Circuit's rejection of the type of bright-line rule for which the defendants advocated means that businesses and practitioners will continue to struggle to understand precisely when the FCPA does and does not apply to dealings with employees and directors of state-owned entities. Even as to the specific circumstances of Haiti Teleco, the opinion does not go into a detailed discussion of how the factors apply and does not indicate whether certain factors are more significant than others in the analysis. Thus, from a risk management perspective, while the illustrative factors listed in this decision should be considered (along with the factors enunciated by the U.S. District Court for the Central District of California in U.S. v. Carson and Lindsey Manufacturing),[1] the safest course will be to assume that the DOJ and SEC (as well as future courts) will take the position that employees of any entity that is majority-owned or controlled by a foreign government will be deemed “foreign officials” for purposes of the FCPA. Taking a cautious approach to this issue is prudent not only from the standpoint of minimizing FCPA risk, but also in light of the fact that global businesses subject to the FCPA must also ensure compliance with a range of other potentially applicable laws that prohibit commercial bribery, such as the Travel Act (18 U.S.C. § 1952), the U.K. Bribery Act, and local anti-corruption laws. For purposes of such statutes, it does not matter whether the bribe recipient is or is not a "government official." The Eleventh Circuit’s decision in Esquenazi should serve as a reminder for businesses subject to the jurisdiction of the FCPA to review their current anti-corruption compliance policies and training programs to ensure that they are taking a sufficiently broad view of which entities may be considered government instrumentalities. This measure is important



sdeleva

Rectangle

sdeleva

Rectangle

not only for a company’s internal operations, but also in the context of vetting potential business partners and conducting diligence on proposed acquisition targets. While other circuits may apply an interpretation that differs from the one adopted by the Eleventh Circuit, the limited case law analyzing the FCPA makes the opinion in Esquenazi particularly significant. As these the types of cases continue to be litigated, expect to see other courts weigh in on the definition of "foreign official." —By Michelle J. Shapiro and Kiran Patel, Dentons Michelle Shapiro is a partner and Kiran Patel is a managing associate in Dentons' New York office. The opinions expressed are those of the author(s) and do not necessarily reflect the views of the firm, its clients, or Portfolio Media Inc., or any of its or their respective affiliates. This article is for general information purposes and is not intended to be and should not be taken as legal advice. [1] United States v. Carson, 09-cr-00077, 2011 WL 5101701 (C.D. Cal. May 18, 2011); United States v. Noriega, 10-cr-01031, ECF No. 474 (C.D. Cal. April 20, 2011). All Content © 2003-2014, Portfolio Media, Inc.



sdeleva

Rectangle

sdeleva

Rectangle

The good, bad and ugly of being a GC of a Private Equity portfolio company.

Moderator - Linda Harris, Dentons’ Partner

Panel:

Juliette Pryor, Executive Vice President, General Counsel and Chief Compliance Officer, US Foods

Jan Stern Reed, Corporate Vice President and Deputy General Counsel, Walgreen Co.

Janet Wright, Vice President - Corporate, Securities & Finance Counsel, Dell, Inc.

Session Outline:

1. Some PE firms can’t be beat for:

• Value/frequency of home runs. Equity participation is very attractive.

• Intellect, talent of board members and strategic assistance.

• Difficult questions that allow management to more strategically and critically analyze business - adding new perspective …. Industry know how (including competitive landscape) from a 10,000 foot, as well a granular, level.

• Ability to grow quickly and gain market position advantage through acquisitions.

• Ability to access capital quickly and without diverting management attention to fund raising.

• Great Networking to help develop/fill in management talent and teams.

2. What the PE firms are looking for:

• Lots of data and reports by management to PE firm.

• Quick responses and straightforward answers (rather than extensive analysis).

• Proactive status reports showing task, what’s been done and what’s left to do/timeframe.

• Suggestions to reduce costs and increase revenue.

• Exit must be in 4-7 years and provide at least IRR of 18% (compared to 30% years ago when less competition among PE firms existed).

• Business may be worth more broken apart than whole.


The good, bad and ugly of being a GC of a private equity company


3. Distinctions to consider when PE firm (rather than strategic buyer) is buying a business:

• Often a shell corporation is the purchaser. PE firm usually has no personal liability as seller.

• PE firm may be less likely to make as generous a commitment to employees as a strategic buyer.

• PE firm is likely to have greater and more costly leverage on post acquisition company.

• Earn outs may be more complicated given that PE firm may roll up/sell acquired business.

• Future of business is subject to major cost cutting/roll up with competitor/culture transformation.

• Any rollover of management equity will be subject to meaningful dilution.

• Rollover equity may be “trapped” if former owner leaves before sale - choice of waiting to sell or selling cheap.

• Owners wishing to continue in management should be realistic about their future with portfolio company. Often prior owner’s vision is incompatible with PE firm vision.

• PE decisions geared to “whether this will contribute to increased purchase price when business is sold”.

• Difference between owner focused on operations and owner focused on financial ratios, statistics and story to increase sales price.

• More likely to want damages based on multiple of earnings; MAC clauses may be tighter given little room to absorb industry risk. (True?)

• Management must be skilled at integration (which is not necessarily the skill that caused the manager to be successful in the first place).

• Know your position in fund - first investment or last investment - position will affect exit time.

4. Distinctions to consider when PE firm (rather than strategic buyer) is selling business:

• No post closing liability for breaches of reps or covenants; buyer needs escrow as sole recourse.

• Less likelihood that employees will be protected post closing.

5. Legal Concerns that GC must address when PE firm becomes owner of private company:

• Strict compliance codes of some PE firms, especially re: Foreign Corrupt Practices Act and similar foreign laws. GC needs to implement program/rules to assure compliance.

• Privilege issues - Reporting to PE fund managers vs. portfolio company board. Careful navigation of what is reported to PE fund is critical to preserve attorney/client privilege.

• Divided loyalty - How to manage conflicts of interest. See Item 7 below.

6. Legal Concerns that GC must address when PE firm takes public company private:

• Concern between period of IPO and exit of PE firm. Management has distinct loyalties that may not be consistent (PE fund vs. public shareholders). Cost of being public, managing business for organic growth and investment, etc. are not necessarily compatible with PE firm’s management style.

• Integration of Board - Composition of PE firm’s board designees and independent board members.

7. Is there a conflict in vision for business between what the PE firm wants to accomplish vs. Management:

• Engage in roll up and have management focus on integration vs. organic growth. Risks to both. Is there a view that organic growth is off the table once PE firm acquires business?

• Invest in acquiring patents and technology (that can quickly add to return on sale of business) vs. long term investment in people and culture.

• When Portfolio Company is to be sold, who does GC owe loyalty to? Is GC staying or leaving when sale occurs?


• Negotiating follow on acquisitions - who runs the deal?

• Who chooses outside counsel and who is counsel loyal to?

• Interaction with new audit firm.

• What is role of consultants and to whom are they loyal?

• Time to exit - Different view of management vs. PE fund. (For example, PE firm may need to sell to support marketing of new fund.

• Banks may not be as easy to work with because PE owners are more likely to toss them the keys.

8. Operational Challenges for GC of Portfolio Company - the “real” truth:

• Challenge re compensation and incentivizing management and lower levels. Money matters to PE guys. Must get them to understand that it also matters to company employees.

• PE guys probe folks below c suite. Be careful. They are looking for info to justify eliminating your job.

• Frustration with PE effort to retain “optionality” in whether to sell, go public, or other exit.

• Perspective of PE firm in deciding to go public.

• Constant effort by PE firm to squeeze out expenses and people vs. long term investment.

• Does PE firm try to cozy to CFO and create schism between CFO and GC or CEO?

• Is there a risk that a PE firm loses interest/commitment to one of its portfolio companies; is it possible to lose the “sizzle”?

• Organization in anticipation of a sale/exit: Contracts and other legal matters should be well organized so that a sale can be accomplished quickly (also, minimize change of control provisions; most favored nations clauses, etc. so that third party consents are not needed to sell).

• Concern that PE firm won’t support development of internal systems and controls, internal investigations, etc. because of a risk/award analysis that leans in favor of selling business before problems arise. Risk of problems decreased because PE firm won’t have liability for problems post sale.

June 9, 2014

In yet another unanimous patent decision, the US Supreme Court criticized the Federal Circuit and limited

the scope of infringement for method claims in Limelight Networks, Inc. v. Akamai Technologies, Inc.1 In

doing so, the Supreme Court has clarified that all steps of a method claim must be performed by a

single actor in order for the claim to be infringed. The Court acknowledged that steps performed pursuant

to an agency relationship or by a party contractually obligated to perform steps can still lead to liability

for infringement of a method claim. However, the Court expressly rejected the Federal Circuit's holding

that third party acts can "count" towards infringement of a method claim under an inducement theory.

The Supreme Court's opinion is particularly harsh towards the Federal Circuit, declaring that the "Federal

Circuit's analysis fundamentally misunderstands what it means to infringe a method claim."2

In the Federal Circuit's en banc decision that was overruled by the Supreme Court, the Federal Circuit

had concluded that Limelight infringed a method claim where its customers performed one of the claimed

steps. While Limelight does provide instructions to its customers and offers assistance regarding how to

perform the claimed step, Limelight does not perform all of the steps of the claimed method, nor do its

customers. In finding infringement of the method claim, the Federal Circuit focused on a theory of

induced infringement.

The Supreme Court opined that application of the Federal Circuit's approach would yield two parallel

bodies of infringement law ‒ one for liability for direct infringement and one for liability for inducement ‒which would "deprive §271(b) of ascertainable standards."3 The Supreme Court found that §271(f)

reinforced its interpretation of §271(b). Given that §271(f) only allows for infringement when the

combination of components occurred within the United States, it is clear that Congress knows precisely

how to impose liability for inducing activities, and chose not to do so with §271(b).

Akamai presented a number of arguments in favor of holding that method claims could be infringed by

multiple actors. One argument was based on a theory of tort liability, another was based on an analogy

with a federal aiding and abetting statute, and the final argument was based on patent law principles that

were established before the enactment of the Patent Act of 1952.

The Supreme Court rejected the tort law based principles that, finding that no tort case had been

identified where liability was imposed on an innocent third party who had taken action that did not violate

rights. Here, the problem was not that there was no third party liable for direct infringement, but rather

that no direct infringement had been committed by anyone. The Supreme Court also rejected the

comparison to the federal aiding and abetting statute, finding that infringement of a method claim is not

akin to two parties who divide all of the elements of a crime. While dividing the elements of a crime

means that both parties are guilty under the aiding and abetting statute, the same does not apply for

infringement of a method claim. Using the backdrop of the Patent Act of 1952, the Court focused on

the limits of a patentee being only to the elements claimed in their patents. This limitation was deemed

non-analogous with the background of aiding and abetting principles. Finally, the Court concluded that

the rights conveyed by the Patent Act of 1952 do not support a finding of liability for induced

infringement when multiple parties perform steps of a method claim.

While the Supreme Court acknowledged that liability could be avoided by dividing the performance of

method steps among various parties, such an occurrence does not justify changing the law regarding

inducement liability. The decision thus possibly paves the way for design arounds for method claims and

weakens method claims in patents. Parties seeking to avoid liability for infringement can do so by

eliminating a single step that third parties, such as suppliers or customers, may have to perform. This

decision also provides motivation to patentees to reduce the number of steps in method claims and

focus on key steps that will have to be performed by single entities in order to enhance the chance of

finding liability of infringement in the future.

No. 12-786 (June 2, 2014).1.

Slip Op. at 5.2.

Slip Op. at 6.3.

Michael SamardzijaPartner, HoustonD +1 713 658 4624

[email protected]

Heather KhassianCounsel, HoustonD +1 713 658 4626

[email protected]

Karthika PerumalAssociate, HoustonD +1 713 658 4627

[email protected]

Key contacts

Method claims in the limelight

1© 2014 Dentons. Dentons is a global legal practice providing client services worldwide through its member firms and affiliates.Please see dentons.com for Legal Notices.

http://www.dentons.com/en/michael-samardzija


http://www.dentons.com/en/global-presence/united-states/houston.aspx

http://www.dentons.com/en/insights/alerts/2014/june/9/method-claims-in-the-limelight?IsPdf=true&ParentItemID=ktrrmYwQ8YF3a5SKjru8rjQh4mofQ7sXIz2lFCnRwTHpmyWPUqCnxA==&Archive=False#

http://www.dentons.com/en/heather-khassian




http://www.dentons.com/en/karthika-perumal





June 11, 2014

In yet another unanimous opinion—Nautilus, Inc. v. Biosig Instruments, Inc.—the US Supreme Court

rejected the Federal Circuit’s standard and laid out a new standard for patent claims to meet the

definiteness requirement of the Patent Act.1 This section of the Patent Act requires that claims

particularly point out and distinctly claim the subject matter of the invention.2 Patents confer property

rights; therefore, claims must be sufficiently definite to provide notice to the public of the bounds of the

patent-protected invention.

The asserted claim in Nautilus was directed to a heart-rate monitor used with exercise equipment and

containing two electrodes “in spaced relationship with each other.” The district court held that the claim

term “spaced relationship” was indefinite because the patent offered no guidelines regarding the

positioning of the two electrodes with respect to each other. The Federal Circuit’s long-standing

formulation3 was that a claim is indefinite only when it is “not amenable to construction” or is “insolubly

ambiguous.”4 Using this standard, the Federal Circuit found the claim language, specification and the

figures illustrating the “spaced relationship” provided sufficient guidance to one skilled in the art as to the

bounds of the claim term, and reversed the district court decision.

Although the Supreme Court has not reviewed the definiteness doctrine in detail in over seventy years,5

it continued its recent trend of unanimous rejections of the Federal Circuit standards in patent law cases,

thus forcing the Federal Circuit to adhere more strictly to Supreme Court precedent. The Court focused

on possible confusion resulting from imprecise words such as “amenable to construction” and “insolubly

ambiguous,” while claiming that it did not intend to “micromanage the Federal Circuit’s particular word

choice in applying patent-law doctrines.”6 The Supreme Court voiced interests in ensuring that the tests

formulated by the Federal Circuit are at least “probative of the essential inquiry.”7

The Court recognized the competing concerns between the limitations of the written language and the

public notice required for enjoying the monopoly granted by a patent. Relying on its own precedent

requiring "reasonable certainty,"8 the Supreme Court articulated a more precise standard: "A patent is

invalid for indefiniteness if its claims, read in light of the patent’s specification and prosecution history,

fail to inform, with reasonable certainty, those skilled in the art about the scope of the invention."

Therefore, the burden is back on the Federal Circuit to examine the definiteness of the claims under the

new standard.

Whether the standard articulated in Nautilus will apply for both pre-issuance and post-issuance challenges

remains to be seen. Recently in a controversial opinion—In re Thomas G. Packard, the Federal Circuit

claimed to address an issue distinct from the issues raised in Nautilus. The Federal Circuit distinguished

between indefiniteness challenges that arise pre-issuance at the USPTO and post-issuance at the District

Court, and clearly indicated that the USPTO and district courts may use different standards for

indefiniteness.9 Interestingly, in a footnote in the Nautilus decision, the Supreme Court points to the

examination standard in the USPTO’s Manual of Patent Examining Procedure as an example of

permeation of Federal Circuit’s imprecise expressions.10 Given that the Supreme Court has not

addressed the different standards issue, new questions arise regarding the applicable standards for

definiteness challenges during post-grant proceedings at the Patent Trial and Appeal Board. The tensions

between the Federal Circuit and the Supreme Court are far from being over.

Are you interested in learning more about the implications of this decision? Contact your Dentons

attorneys to discuss how this decision affects your existing portfolio or how to raise indefiniteness

challenges to patents asserted against you.

Nautilus, Inc. v. Biosig Instruments, Inc., No. 13-369, June 2, 2014.1.

35 U.S.C. §112(b) (pre-AIA 35 U.S.C. §112, second paragraph).2.

The Federal Circuit created the "insolubly ambiguous" standard to determine definiteness of patent claims in Exxon Research and

Engineering v. United States, 265 F.3d 1371, 1375 (Fed. Cir. 2001)(holding that "[i]f a claim is insolubly ambiguous, and no narrowing

construction can properly be adopted, we have held the claim indefinite.")

3.

Nautilus, Inc. v. Biosig Instruments, Inc., 715 F. 3d 891, 898 (2013) (quoting Datamize, LLC v. Plumtree Software, Inc., 417 F. 3d 1342 ,4.


[email protected]


[email protected]

Karthika PerumalAssociate, HoustonD +1 713 658 4627

[email protected]

Key contacts

Supreme Court heartless about the FederalCircuit’s indefiniteness standard

1




http://www.dentons.com/en/insights/alerts/2014/june/11/supreme-court-heartless-about-the-federal-circuits-indefiniteness-standard?IsPdf=true&ParentItemID=ktrrmYwQ8YF3a5SKjru8rjQh4mofQ7sXIz2lFCnRwTHpmyWPUqCnxA==&Archive=False#










1347 (CA Fed. 2005)).

Although the current opinion relies on several more recent decisions including Festo Corp. v. Shoketsu Kinzoku Kogyo Kabushiki Co.,

535 U.S. 722 , 730 (2002) and Markman v. Westview Instruments, Inc., 517 U.S. 370, 373 (1996), the last decision squarely addressing

indefiniteness of patent claims was United Carbon Co. v. Binney & Smith Co., 317 U.S. 228 (1942).

5.

Nautilus Slip op. at 11-13.6.

Id.7.

Minerals Separation, Ltd. v. Hyde, 242 U. S. 261, 270 (1916) (holding that "[t]he particularity and certainty of disclosure which the law

requires in patents is not greater than is reasonable, having regard to their subject matter") and United Carbon Co., 317 U. S. 228, 236

(1942) (finding that the claims in question lacked "the reasonable certainty of dimension" and were not "reasonably clear-cut to enable

courts to determine whether novelty and invention are genuine.")

8.

In Re Thomas G. Packard, No. 2013-1204, (Fed. Cir. May 6, 2014).9.

Nautilus Slip op. at 12-13, fn. 9.10.



June 20, 2014

The US Supreme Court has maintained its solidarity with yet another 9-0 patent decision in Alice

Corporation v. CLS Bank1, holding that Alice's patent claims directed towards mitigation of settlement risk

were patent-ineligible subject matter. The Court criticized the claims, finding that they merely required

generic computer implementation of an abstract idea.

The representative claim was directed towards a method of mitigating risk and required four discrete

steps: 1) creation of shadow credit and debit records; 2) obtaining a balance for the shadow records; 3)

adjustment of shadow records when transactions requiring an exchange obligation occurred; and 4)

instructing exchanges of credits or debits based on the adjustments. Additional claims were directed

toward computer systems to carry out the described method and a computer readable medium containing

program code to perform the described method. All claims were deemed patent-ineligible subject matter.

The Court made clear that "an invention is not rendered ineligible for patent simply because it involves

an abstract concept."2 Rather, it is the failure to transform an abstract idea that renders an invention

patent-ineligible. The Court likened abstract ideas to building blocks; claims directed towards the building

blocks are not patentable, but inventions that integrate the building blocks into something more are

patent-eligible.

Applying a test from Mayo Collaborative Services v. Prometheus Laboratories, Inc., 566 U. S. ___ (2012),

the Supreme Court laid out a framework for patent-eligibility in a two-part test: Are the claims at issue

directed towards a patent-ineligible concept? And, if so, is there an element or combination of elements

that is "sufficient to ensure that the patent in practice amounts to significantly more than a patent upon

the [ineligible concept] itself [?]"3 Here, the Court found that the claims on their face were drawn to the

concept of intermediated settlement, i.e., the use of a third party to mitigate settlement risk and that the

concept of intermediated settlement fell "squarely within the realm of 'abstract ideas.'"4 The Court then

walked through its prior patent eligibility cases - Mayo, Benson, Flook, Diehr, and Bilski - describing how

each of those cases was decided on the second prong of the inquiry. A summary of the analysis of this

case law in shown here:

Is claim directed

to a patent-

ineligible

concept?

Does the claim contain an

inventive concept sufficient

to transform the claim to a

patent-eligible concept?

KEY

Mayo Yes No Simply appending conventional steps,

specified at a high level of generality was not

enough to supply an inventive concept.

Benson Yes No Simply implementing a mathematical principle

on a physical machine, namely a computer, is

not a patentable application of that

principle.

Flook Yes No Patenting abstract ideas cannot be

circumvented by attempting to limit the use

of the idea to a particular technological

environment.

Diehr Yes Yes Using a patent-ineligible formula in a process

designed to solve a technological problem (i.e.

improving an existing process) transformed it

into a patent-eligible concept.

Bilski5 Yes No Claims directed towards abstract ideas such

as hedging risks, just like the algorithms in

Benson and Flook are patent ineligible subject


[email protected]


[email protected]

Eric L. SophirPartner, Washington, DCD +1 202 408 6470

[email protected]

Robert F. KramerPartner, Silicon ValleyD +1 650 798 0356

[email protected]

Key contacts

Supreme Court sends computer-implementedbusiness method claims down the rabbit hole

1




http://www.dentons.com/en/insights/alerts/2014/june/20/supreme-court-sends-method-claims-down-the-rabbit-hole?IsPdf=true&ParentItemID=ktrrmYwQ8YF3a5SKjru8rjQh4mofQ7sXIz2lFCnRwTHpmyWPUqCnxA==&Archive=False#





http://www.dentons.com/en/eric-sophir

http://www.dentons.com/en/eric-sophir



http://www.dentons.com/en/robert-kramer

http://www.dentons.com/en/robert-kramer

http://www.dentons.com/en/global-presence/united-states/silicon-valley.aspx



matter.

Alice Yes No The claim elements do nothing more than

simply instruct the practitioner to implement

the abstract idea on a generic computer using

known technology in conventional manner.

Diehr was the only cited precedent having patent-eligible subject matter because the claims applied an

abstract idea to improve an existing technological process. The Court relied on the remaining cases to

show that the use of a computer cannot turn an otherwise patent-ineligible abstract idea into patent

eligible subject matter. The Court concluded that the claims at issue did nothing more than instruct a

computer to apply an abstract idea of intermediated settlement using a generic computer. Each of the

claim steps simply required a generic computer to perform well known, generic functions, which did not

transform the abstract idea into something patent-eligible.

This decision provides litigants additional ammunition to attack computer implemented claims. Those

asserting computer-implemented or method claims need to be prepared for the attack by identifying why

the computer is integral to the purpose of the invention and explaining how an abstract idea is being used

to build something more in the claims. However, while the decision seems fairly far reaching, there still

may be patentable space in this arena. There still may be hope for claims directed to computer

implemented inventions, where the claims are drafted in a manner that recites how the computer is

integral to achieving the purpose of the invention rather than just implementing an abstract idea.

Slip Op., June 19, 2014.1.

Slip Op. at 6. The Court did not explain why the recitations of various steps did not render the claims a non-abstract specific

implementation of intermediated settlement, other than dismiss it as similar to the Bilski decision.

2.

Slip Op. at 7 (internal citations omitted).3.

Slip Op. at 10.4.

The claim in Bilski were also directed to mitigation of risk.5.



July 9, 2014

Many jurisdictions around the globe face complex questions resulting from the use of new technologies

for internet redistribution of over-the-air linear broadcast signals in a manner that could threaten

traditional television.

On 25 June 2014, the United States Supreme Court released its opinion in American Broadcasting

Companies v. Aereo, preserving the pre-Aereo status quo for linear television retransmissions, while at

the same time striking a blow to Aereo's business and leaving significant uncertainty regarding how the

law may apply in the future to other innovations and technologies. Similarly, in recent years TV Catchup

(TVC) has caused a comparable debate in the UK and Europe.

The Aereo and TVC cases illustrate a trend across both jurisdictions for the courts to look beyond

technical differences between innovative and traditional broadcasters and distribution platforms, and

instead focus on the service offered to viewers. Effectively such decisions may be summed up by the

old cliché "if it looks like a duck, quacks like a duck, and walks like a duck, then it must be a duck" (i.e.,

if it looks like television and works like television, then it must be treated as television).

The Aereo decisionAereo attempted carefully to navigate around US copyright law by designing a technological system for

redistributing linear terrestrial broadcast signals to its subscribers in a manner calculated not to infringe

the rights of the broadcasters. This technology was based on a plausible reading of earlier Supreme

Court decisions interpreting the US Copyright Act, even though Aereo did not have authorisation from

the broadcasters and did not pay any retransmission fees. Specifically, Aereo's system included

thousands of miniature antennas housed at its facility, which would individually be activated when one of

Aereo's subscribers selected programming to watch via the internet. Once an antenna was activated, the

programming would be streamed individually to that specific subscriber, providing the subscriber with a

near-live stream of free-to-air television broadcasts. If multiple subscribers wanted to watch the same

programme, then each would receive a separate individualised stream, generated from a separate

personal copy of the programme created on Aereo's system, from a uniquely dedicated antenna during

the viewing period.

In determining whether or not Aereo performed the copyrighted work publicly and therefore infringed the

US Copyright Act, the Supreme Court acknowledged that the text of the applicable sections of the US

Copyright Act does not clearly distinguish between when a person "performs" and when it merely supplies

equipment that allows others to "perform" copyrighted works. As a result, the Supreme Court focused on

legislative history, and prior amendments to the US Copyright Act that were designed to overturn earlier

Supreme Court decisions, to conclude that "when read in light of its purpose, the Act is unmistakable: An

entity that engages in activities like Aereo's performs". Furthermore, the Supreme Court concluded that

the technical structure of Aereo's transmission of each signal of programming to separate individual

subscribers makes no difference to its conclusion that Aereo is transmitting to the public, asking "Why

would a subscriber who wishes to watch a television show care much whether images and sounds are

delivered to his screen via a large multisubscriber antenna or one small dedicated antenna…" .

This approach by the Supreme Court disregards a portion of a notable prior judgment of the Second

Circuit Court of Appeals (i.e. not the Supreme Court) used when evaluating market-disrupting technology

− Cartoon Network v. CSC Holdings, Inc. (Cablevision), 536 F.3d 121. Unlike Aereo, which provides its

subscribers with near-live streams of free-to-air television broadcasts, Cablevision provided a remote

digital video recorder system that allowed its subscribers to record linear cable programming on central

hard drives which Cablevision maintained at locations outside each customer's home (in essence

offering catch-up services to its subscribers). Broadcasters claimed that Cablevision's system

reproduced and publicly performed their content without their consent. But, in the Cablevision case, the

David BloodPartner, Los AngelesD +1 213 892 5032

[email protected]

Igor OstrowskiPartner, WarsawD +48 22 242 56 73

[email protected]

Ingrid SilverPartner, LondonD +44 20 7246 7483M +44 7717 361053

[email protected]

Sara KuehnleAssociate, Washington, DCD +1 202 408 6358

[email protected]

Karol LaskowskiAssociate, WarsawD +48 22 242 51 27

[email protected]

Samuel OustayiannisLawyer, LondonD +44 20 7246 7489

[email protected]

Key contacts

Duck, duck, goose? No, says the court −Aereo remains yet another duck

1

http://www.dentons.com/en/david-blood

http://www.dentons.com/en/david-blood

http://www.dentons.com/en/global-presence/united-states/los-angeles.aspx

http://www.dentons.com/en/insights/alerts/2014/july/9/duck-duck-goose-no-says-the-court-aereo-remains-yet-another-duck?IsPdf=true&Archive=False&ParentItemID=Ctp5t4ftryvMzaBnvoPi8qgnCg45uOIoE9Kf3hkUrwEoDWm/qj6V9Q==#

http://www.dentons.com/en/igor-ostrowski

http://www.dentons.com/en/igor-ostrowski

http://www.dentons.com/en/global-presence/central-and-eastern-europe/poland/warsaw.aspx


http://www.dentons.com/en/ingrid-silver

http://www.dentons.com/en/ingrid-silver

http://www.dentons.com/en/global-presence/united-kingdom/london.aspx


http://www.dentons.com/en/sara-kuehnle

http://www.dentons.com/en/sara-kuehnle



http://www.dentons.com/en/karol-laskowski

http://www.dentons.com/en/karol-laskowski

http://www.dentons.com/en/global-presence/central-and-eastern-europe/poland/warsaw.aspx


http://www.dentons.com/en/samuel-oustayiannis

http://www.dentons.com/en/samuel-oustayiannis

http://www.dentons.com/en/global-presence/united-kingdom/london.aspx



Court determined (1) that the copies were "made" by Cablevision's customers, not Cablevision itself, and

(2) that the playback transmissions of those copies were made on a "one-to-one" level, rather than to the

public, therefore amounting to a permissible private, rather than public, performance. Since the Supreme

Court in the Aereo case does not cite the Second Circuit Cablevision decision, one may only speculate

as to the distinction − perhaps, when looking at a system that otherwise looks like a traditional multichannel distribution platform (like Aereo's system), "one-to-one" transmission is not relevant, but, in other

cases such as network digital video recorders (like Cablevision's system), "one-to-one" transmission is

relevant to the copyright analysis.

Prior to the Aereo decision, many businesses and commentators suggested that if the decision went

against Aereo it would have an adverse effect on other innovations, such as the use of cloud storage

technologies as a means of delivering content to viewers. In the Aereo case, the Supreme Court

expressly notes that it has not considered whether there is a copyright infringement when the user of a

cloud service pays mainly for something other than the transmission of copyrighted works, such as

remote storage of the content. Furthermore the Supreme Court states that it would not answer how the

US Copyright Act applies to technologies which were not the subject of its decision in the Aereo case.

Specifically, the Supreme Court in the Aereo case indicated that questions involving such other

technologies (e.g., cloud computing and remote storage DVRs), as to which "Congress has not plainly

marked [the] course", should await a case in which they are squarely presented. Further, the Supreme

Court invites parties interested in clarifying the application of the US Copyright Act to such other

technologies to "seek action from Congress".

The TVC decisionSimilar to Aereo, the UK service TVC provided its subscribers (in the UK) with the ability to view

near-live streams of free-to-air television content over the internet and mobile networks. As in the USA,

the practice was not unchallenged by broadcasters, and between 2010 and 2013 TVC found itself at the

centre of a legal battle against three of the UK's largest public service broadcasters (PSB), who claimed

that TVC was committing copyright infringement for, among other things, a communication of their

broadcasts to the public.

The Court of Justice of the European Union (ECJ) was asked by the High Court of England and Wales

(the High Court) to decide whether the concept of a "communication to the public" covered a terrestrial

television broadcaster's works when they were transmitted by another organisation, even though they

were within the reception area of the original broadcast and could have lawfully been received on

television.

The ECJ found resoundingly in the claimants' favour citing that, where there are copyright works included

in a terrestrial TV broadcast, and those works are retransmitted:

by an organisation other than the original broadcaster and without the original broadcaster's consent; and

via different technical means (i.e., via the internet rather than as a terrestrial broadcast),

then the retransmission amounts to an unauthorised "communication to the public" of those works. This

remains the case even where the subscribers to the service could lawfully receive the broadcast on their

televisions and whether or not the service competes with the original broadcaster or is making a profit

(unlike Aereo, TVC is an ad-funded free service for its subscribers).

As in the Aereo case, the ECJ rejected the defendant's argument that because the transmissions work

through a series of "one-to-one" connections this should not be regarded as a communication to the

public. The ECJ noted that such "one-to-one" connections did not prevent users accessing the same

content at the same time.

The TVC case returned to the UK and the High Court ruled that TVC should stop streaming all of the

claimants' channels on its service on mobile networks and all of the non-PSB channels (such as ITV3 and

5USA) on the internet. Despite this, TVC continues to stream the main PSB channels on the internet, due

to a historic provision in UK law (section 73 of the Copyright, Designs and Patents Act 1988) that was

originally enacted to allow cable operators to transmit the PSB channels without obtaining broadcasters'

consent. However, for how long TVC will continue to operate remains to be seen as the company entered

into administration in June 2014.

How do the European and US approaches matchup and what does this mean going forward?Interestingly, in the Aereo and TVC cases the courts were faced with similar questions as to whether a

2

technical "one-to-one" transmission should be regarded as a communication to the public (in the TVC

case) or performance to the public (in the Aereo case) and both the US Supreme Court and the ECJ

determined that such transmission could be.

While the courts in both the Aereo and TVC cases had strong arguments for applying a different ruling in

light of the one-to-one transmission, in the end the courts determined that the similarity of both forms of

technology to traditional linear television distribution was an overriding factor.

The ruling of the Aereo and TVC cases strengthens the broadcasters’ position towards unauthorised

service providers who provide near-live streams of free-to-air television content in their respective

jurisdictions. It may also have far-reaching implications for the way similar services are perceived by

the courts in other jurisdictions. For example, in Europe a service known as Bhaalu that offers

collaborative video recorder technology (i.e. catch-up / on-demand like services) to its subscribers is

currently being challenged by Belgian broadcasters. If following the current trend the European courts

determine that these services infringe copyright laws, then Bhaalu-like services will also come under

extreme pressure. Other challenges to similar services are occurring in Europe as the ECJ continues to

analyse them as services based on the concept of a "communication to the public” (crucial from the

perspective of the TVC case), e.g. in BestWater International GmbH v. Michael Mebes, Stefan Potsch

(Case C-348/13) and C More Entertainment (C-279/13).

Currently, there are clearly similarities across Europe and the USA with regard to how services that

provide near-live streams of free-to-air television are considered by the courts. However, there remains

a question mark over catch-up and on-demand services on both sides of the pond. In the US, the law

established by the Cablevision case in the Second Circuit of the Court of Appeals has yet to be

challenged or considered by the Supreme Court and Congress has not taken any action in response,

while in Europe the Bhaalu case is still working its way through the courts. Meanwhile, the resulting

uncertainty may dissuade creation and implementation of innovative technologies and services as

emerging companies and their investors, who are already challenged with high start-up costs, may find

the costs associated with such a potential (or even likely) lawsuit to be an insurmountable hurdle.

For now at least, broadcasters in Europe and the USA can briefly sigh in relief, as retransmission

consent negotiations in the USA will continue forward as they have done in the past, and traditional linear

broadcaster rights will be preserved in the USA and Europe − at least until the next innovation, whichperhaps does not so closely resemble traditional linear distribution, comes along. Until then, the safest

course of action for distributors of content is to secure the applicable licences from the owners of such

programming prior to transmitting it to the public − in the wake of the Aereo and TVC cases, if you looklike a duck, walk like a duck, and quack like a duck, you should be prepared to pay the farmer or be

ready to challenge the role of Old McDonald in court.



Courageous Counsel Leadership Institute

IP and Social Media ‐ The Latest Trends and Tips

July 22, 2014

Recent Related Supreme Court decisions

HIGHMARK INC. v. ALLCARE HEALTH MANAGEMENT SYSTEM, INC. No. 12–1163. Argued February 26, 2014 —Decided April 29, 2014 PETRELLA v. METRO‐GOLDWYN‐MAYER, INC., ET AL. No. 12–1315. Argued January 21, 2014—Decided May 19, 2014 LIMELIGHT NETWORKS, INC. v. AKAMAI TECHNOLOGIES, INC., ET AL. No. 12–786. Argued April 30, 2014—Decided June 2, 2014 NAUTILUS, INC. v. BIOSIG INSTRUMENTS, INC. No. 13–369. Argued April 28, 2014—Decided June 2, 2014 ALICE CORPORATION PTY. LTD. v. CLS BANK INTERNATIONAL ET AL. No. 13–298. Argued March 31, 2014—Decided June 19, 2014 AMERICAN BROADCASTING COS., INC., ET AL. v. AEREO, INC., FKA BAMBOOM LABS, INC. No. 13–461. Argued April 22, 2014—Decided June 25, 2014 For more information, visit www.supremecourt.gov/opinions

7/18/2014

1

Courageous Counsel Leadership InstituteNegotiating Your Compensation

July 22, 2014

Introductions

2

Presenters

• Catherine Nathan, Partner, Former Co-Head, Legal Search Practice, Spencer Stuart

• Pam Baker, Dentons Partner

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

2

Negotiating Your Compensation

July 22, 2014

Agenda

• Introductions

• Preparing for Negotiation

• Negotiating the Deal

• Follow-Up

Focus will be on negotiating for GC positions

3

Before you get the offer

July 22, 2014 4

• Departure from current employer could trigger a Form 8-K filing, so coordinate your departure/signing a new agreement between both old and new employers

• How does this position fit your career goals?• Stepping stone or your dream job?• Challenges and opportunities in this position• How long do you plan to stay in this position?• Internal opportunities for advancement?

• Is it a style fit?

• Are you subject to restrictive covenants (e.g., confidentiality, non-competes) that may come into play?

sdeleva

Rectangle

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

3

Preparing for the Negotiation - How much should you expect?

July 22, 2014 5

• Do your research• Understand the company and its business• Prior employment agreements? What do they say?• Terms of incumbent's compensation, if available

• Salary, bonus, equity, severance• Pay levels at peer companies, if available• Compensation philosophy - do they negotiate or not?• Does the company have internal pay equity concerns?

• Rule of thumb: GC pay as a function of CFO pay

Preparing for the Negotiation

July 22, 2014 6

• Put together your team - roles of each• Recruiter• Financial manager/advisor• T&E advisor• Executive compensation attorney

• Know the players and their roles at the potential employer• Compensation committee• Senior business-level negotiator (e.g., CEO, COO)• Head of HR

The key negotiator is YOU

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

4

Preparing for the Negotiation: Orientation

July 22, 2014 7

• Does the company use an "Offer letter" or an agreement?

• Company will provide term sheet or initial agreement draft

• Isolate your one or two "must haves"

• Identify and quantify what's left on the table from prior employer (pension? Unvested equity? Performance awards?)

• When to introduce the lawyers

July 22, 2014 8

Employment Terms - Duties and Position

• Duties and position

• Title and responsibilities• Reporting responsibility• Board seat?• Relationship with other senior executives?

• Term of Agreement

• Evergreen vs. renewable term• Purpose of having a term on the agreement

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

5

Employment Terms - Key initial and ongoing compensation

• Base salary

• Bonus compensation• Sign-on bonuses• Relocation bonuses• Guarantee/ pro-ration of first year bonus• Ongoing bonus plan participation

• Long-term Incentives• Equity (options, RSUs, other forms of equity awards)• Performance conditions - first year guarantee?• "Make-whole" equity grants or sign-on bonus

July 22, 2014 9

Employment Terms - Lesser items

• Benefit Plan Participation (health coverage, 401(k), etc.) • Typically commensurate with position

• Perks• Whatever is normal for the company (maybe none)• Attorney fees for negotiating the agreement• Don't expect any gross-ups

• OK to serve on not-for profit boards?• Other issues

• Start date• Health or family issues• Geographic concerns

• Moving allowance/ relocation package• Restrictive covenants (non-compete, non-solicit)

July 22, 2014 10

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

6

July 22, 2014 11

Negotiating the Deal - Treatment on Termination

• Termination• Severance benefits• Lump sum vs salary continuation/installments• Current year bonus treatment• Treatment of equity

• Accelerated vesting, extended exercisability• Different approach for performance-based equity

• Continued benefit plan participation• Treatment of perks• "good leaver" and "bad leaver"

• Death, disability, retirement

Employment Terms - Change in Control (CIC)

• Not all companies have provisions for CIC• Those with programs usually do not engage in individual

negotiations• Typically

• Accelerated vesting of equity either on the CIC or on a subsequent involuntary termination without cause within 1 year (or 2 years)

• Enhanced severance on an involuntary termination without cause within 1 or 2 years after the CIC

• Good leaver/bad leaver definitions may vary from non-CIC terminations

July 22, 2014 12

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

7

Employment Terms - The Boilerplate

July 22, 2014 13

• Releases• Non-competition provisions• Non-solicitation of employees and customers• Confidentiality obligations• Claw backs• Litigation cooperation and support• Ongoing transition requirements/ consulting obligations• Arbitration• Choice of law• Attorney fees

Follow-Up

July 22, 2014 14

• Press release

• SEC filings -• Your "signature" may trigger an 8-K filing, so coordinate signing with

press release timing • Do not sign the release until you are leaving the company

• Notify friends, family, contacts

• Revise your elevator speech

• What else?

sdeleva

Rectangle

sdeleva

Rectangle

7/18/2014

8

Thank you

© 2014 Pamela Baker

Dentons is an international legal practice providing client services worldwide through its member firms and affiliates. This publication is not designed to provide legal or other advice and you should not take, or refrain from taking, action based on its content. Please see dentons.com for Legal Notices.

sdeleva

Rectangle

sdeleva

Rectangle

Date post:	24-Jun-2020
Category:	Documents
Upload:	others
View:	2 times
Download:	0 times