regulatory Forecast 2016 what corporate counsel need to know for the coming year When Law and PR Collide Water wars: Regulation and the Drought The age of Compliance the REGULATORY LEGACY of 9/11: 15 YEARS LATER Against the Tide The regulatory impact of president Obama’s final year . regulatory Forecast 2016 FOCUS AREAS 28 Environment From recent EPA regulations to new chemical scrutiny, the “take” of protected wildlife, and rising vapor concerns, the coming year promises to be especially active. 30 Privacy and Cybersecurity Faced with growing threats, agencies are rethinking regulations to strengthen networks in both the government and private sectors. 10 FEATURES 4 State of Play 2016: Against the Tide While previous administrations have slowed down in their final year, the Obama administration is poised to push through its agenda. 8 Fifteen Years That Changed the World The regulatory legacy of 9/11. 10 Roundtable: How to Manage a Crisis A panel of public relations professionals and Crowell & Moring attorneys discusses the unwritten rules of dealing with corporate crises. 16 Compliance and Crisis Management Building a compliance and ethics program means creating a program as dynamic as the business. 18 Compliance Takes Root Worldwide Though traditionally focused on U.S. regulations, compliance is now a global issue. 22 Supreme Court Is a judicial check on administrative authority coming? 24 Water Wars The drought has exposed cracks in the allimportant protocols for how water is shared in the West. But even if it ends in 2016, the longterm forecast is for more conflict. 2 regulatory Forecast 2016 32 Consumer Products and Advertising Cosmetics and personal care products move under the regulatory microscope while a new FTC office looks into the IoT and publishers worry about controls on native ads. 34 Government Contracts Federal agencies are increasingly interested in the sourcing of contractors’ goods— and contractors are seeing scrutiny of their supply chains under existing regulations. 36 Intellectual Property The key questions: how to craft anti-troll provisions without harming those with a legitimate interest in protecting their patent rights. 38 Trade The Obama adminstration is working to cement its legacy by pushing through two of the largest trade agreements in history. 40 Antitrust Faced with pressure to reduce cost, increase efficiency, enhance quality, and expand access and choice, the health care industry has found itself in the antitrust spotlight. 42 Tax Zombie notices, a “Cadillac tax,” and other bugaboos. Plus a look at health care M&A and the question of staying tax-exempt. 44 White Collar Federal agencies have been creeping into more and more roles, from investigation to adjudication to enforcement. And the trend appears unlikely to subside. .

getting ready for CHANGE—AND OPPORTUNITY As we sat down to sort through the issues that we’d focus on in this, our second annual Regulatory Forecast, some of last year’s themes still rang true. With the Obama administration entering its final year, the effort to use regulatory measures to push the president’s agenda is not likely to abate. Technological change continues to outpace regulations. Fifteen years after 9/11, security—and cybersecurity—is increasingly being addressed through regulation. And new issues are emerging. Fueled by social media, public activists are more influential, a key consideration for companies in crisis.

California’s drought has heightened questions about dealing with scarce natural resources. Compliance programs, not only domestically but worldwide, have come under increased pressure. All of which reminds us, as we move into an election year—which, regardless of the outcome, INDUSTRY FOCUS LABOR AND EMPLOYMENT FINANCIAL SERVICES 46 Food & Beverage Legal scrutiny is on the menu as sweepTRADE ing new FDA safety rules take effect SECRETS PATENTS and battles over food labeling continue. 47 Financial Services As regulators bear down on cybersecurity requirements, they’ll also watch electronic trading platforms—including bitcoin. ENERGY ANTITRUST 48 Energy As technological change accelerates and opportunities develop, new regulatory challenges are emerging. TAX WHITE COLLAR TRANSPORTATION 50 Health Care ADVERTISING Despite INSURANCE the Supreme Court decision, it won’t be smooth sailing for the ACA, especially for the insurance marketplaces. 51 Transportation As science fiction turns to fact, regulators try GOVERNMENT Plus a look at ACTIONS to keep up. CONTRACTS CLASS new moves in air and rail safety. will have implications for regulated industry—that engaging with regulators early, often, and knowledgeably is as critical as ever. With that in mind, we share key insights our regulatory lawyers and consultants have gleaned from both their years of government service and their daily interactions with government officials around the world, across a range of regulated industries. In concert with our companion Litigation Forecast, this book is designed to help you navigate both change and opportunity, with an eye toward being prepared not only in 2016 but in the years beyond. Please let us know whether you find this Forecast useful, and how we can improve it in the future. —Scott Winkelman Partner; Member, Management Board and Executive Committee; and Chair, Regulatory Department, Crowell & Moring regulatory Forecast 2016 Crowell & Moring LLP ENVIRONMENTAL Co-Editor Christine Clements Co-Editor Thomas C. “Tim” Means managing editor Nicole Quigley executive Editor Maura Fisher project/content manager Ami Naik Leverage Media LLC HEALTH CARE Editorial director Michael Winkleman Art Director Carole Erger-Fass WriterS Marc Barnes, Peter Haapaniemi, Gary James, Richard Sine, Jennifer Pilla Taylor Chartist Alex Reardon PROJECT MANAGER Maureen Neary PHOTOGRAPHERS Joe Shymanski, Mark Savage, Jason Doiy, Jürgen Doom Copyeditor Sue Khodarahmi, CJ Prince E-DISCOVERY Production Manager Rosemary P.

Sullivan COVER ILLUSTRATION John Tomac JURISTICTIONAL Copyright © 2016 by Crowell & Moring LLP. All rights reserved. This material is for general informaTRENDS tional purposes only and does not represent our legal advice as to any particular set of facts, nor does it represent any undertaking to keep recipients advised of all relevant legal developments. regulatory Forecast 2016 3 .

The State of Play in 2016 against the tide While previous administrations have slowed down in their final year, the Obama administration is poised to push through its agenda. I n last year’s Regulatory Forecast, we predicted—accurately— a continued expansion of the unilateral exercise of power by the executive branch. This year looks to be more of the same—and then some. “The year 2015 saw an overwhelming tide of executive action,” says Angela Styles, chair of Crowell & Moring and former administrator for Federal Procurement Policy within the Office of Management and Budget (OMB) at the White House. “Whether you agree with the president or not, it’s impressive in the way he has marshaled his resources to get things done. Now we’re entering the last year of an eight-year presidency.

There is a lot of unfinished business and an appetite in the executive branch to make hay while the sun shines. The regulated community should prepare for a continued intensification of agency action both on the policymaking front and in enforcement.” There will be little to stand in the administration’s way. In Congress, gridlock will likely foil most Republican attempts to roll back the administration’s initiatives. Nor do the courts seem likely to pose much of a challenge.

Many of the federal appeals courts—most importantly, the U.S. Court of Appeals for the District of Columbia—are now dominated by judges appointed by Democrats. And established legal precedents require courts to defer to agency interpretations of their authority, even new interpretations that reverse longstanding prior interpretations, when they are challenged (though there are signals that the Supreme Court may be rethinking deference—see p.

22). Way back in his first presidential campaign, Barack Obama identified three domestic priorities for action: financial services, climate change, and health care reform. A fourth prior- 4 regulatory Forecast 2016 ity—reducing income inequality, primarily through executive orders and labor and employment regulations—came to the fore in 2015. On balance, the administration has shown little concern for the viewpoints of industry or its political opponents as it pursues its agenda.

But its approach to pursuing each of these priorities has differed sharply depending on whether it has won legislative backing. “Where they have had the statutory foundation for action—like the Affordable Care Act in health and DoddFrank in financial reform—the administration has proceeded in a more deliberative and less confrontational fashion,” says Thomas C. “Tim” Means, senior counsel at Crowell & Moring. “This was the way the system was supposed to work. But in areas like climate change and labor and employment, the administration has received no legislative imprimatur. It’s pushing the envelope, and it’s paying less attention to the other side’s concerns.

These actions will be challenged at every juncture, and in the meantime there will be a lot of uncertainty for business.” Here’s a brief progress report for each of the president’s priorities. Labor and Employment: RADICAL READJUSTMENTS Spurred by concerns about increasing income inequality and declining economic mobility, the Obama administration launched an aggressive campaign last summer aimed at bolstering the middle class. In July, the U.S. Department of Labor (DOL) proposed a rule that could make more than 5 million more workers eligible for overtime pay.

The minimum . Elliott Laws, Angela Styles, Thomas “Tim” Means, and Kris Meade pay for an employee to be considered salaried would rise to $50,440 from $23,660, a level based on a 1975 threshold. “It’s a big deal in retail and hospitality, because a lot of assistant store managers, branch managers, and the like will now be eligible,” says Kris Meade, chair of Crowell & Moring’s Labor & Employment Group. A final rule is expected in late 2016, near the time of the presidential election. Also in July, the DOL issued new guidance suggesting that many employers are misclassifying workers as contractors and thereby depriving them of workplace protections. The guidelines could affect the growth of the “gig economy” pioneered by companies like Uber. In August, the National Labor Relations Board ruled that unions representing a franchisee or subcontractor may often be entitled to bargain with the parent company or prime contractor as well as their direct employer.

The ruling could make it easier for workers to unionize or to hold large franchisors liable for alleged violations of workers’ rights, and critics say it threatens the viability of franchising itself. While these developments have won headlines, another initiative may have an equally large impact on large employers. As required by a July 2014 executive order, the DOL has proposed that companies must identify “various labor law violations” at the time of bidding for government contracts. “The rule could impact most large employers, because very few large companies aren’t contractors these days,” says Styles. “Companies will be evaluated based on alleged violations even if they haven’t had any hearings on the merits. Because the agency will consider whether the company tried to ‘mitigate’ the violation—which usually means a settlement—the company may be forced to relinquish its appellate rights to continue as a contractor.

Finally, the rule would also require companies to develop huge new databases to keep track of these alleged violations. Litigation is sure to follow issuance of the final rule by the DOL and the Federal Acquisition Regulatory Council.” Meanwhile, on December 17, 2015, Congress passed the FY 2016 Omnibus Appropriations bill, which included a denial of the administration’s request for $2.62 million and 15 full-time staff to establish the Office of Labor Compliance to implement the executive order. This leaves the implementation of the executive order in a state of limbo as 2016 begins. Climate: “Unprecedented” Action As in labor and employment, climate regulation is another area where the Obama administration is going it alone after failing to convince Congress to pass legislation.

In 2015, the U.S. Environmental Protection Agency (EPA): • Proposed the first standards to limit greenhouse gas emis sions from medium- and heavy-duty vehicles (in June). • Proposed a rule restricting the emissions of existing  power plants (in June). • Finalized rules limiting the carbon emissions of new  power plants (in August). • Proposed new rules requiring the oil and gas industry to  cut methane emissions by 20 to 30 percent (in August). “They clearly are going to push through as many proposals as they can before the end of the administration,” says Elliott Laws, chair of Crowell & Moring’s Environment & Natural Resources Group and former assistant administrator for Solid Waste and Emergency Response at EPA. “For political reasons they were unwilling or unable to move forward with these regulatory Forecast 2016 5 .

final rule annualized costs (in $billions) 35 30 25 20 15 10 5 0 2008 2009 2010 2011 2012 2013 2014 Source: American Action Forum Aggressive regulations impose costs of billions of dollars each year, according to the American Action Forum. Where to Give, After Citizens United? The Supreme Court’s Citizens’ United decision of 2010 presented “a tremendous opportunity for companies to carry a bigger megaphone when engaging in political speech,” says Crowell & Moring’s Scott Douglas. But by vastly increasing the funding options—candidates, party organizations, PACs, SuperPACs, “dark money” organizations— the ruling also complicated donor decision making. Traditionally, companies have formed PACs that allow their executives and employees to give to candidates’ campaign committees. “That’s still a good first priority for companies, because there’s no transparency issue,” Douglas says. Citizens United allowed the formation of “SuperPACs,” which cannot be controlled by candidates but can spend an unlimited amount to support them. “Companies may want to consider SuperPACs affiliated with their trade association,” Douglas says.

“Many SuperPACs have also been formed by former staffers or close associates of the candidates. Carefully review these individuals, their track record, and their messaging before supporting them.” Then there are “dark money” organizations, typically 501(c)(4) nonprofits, which often focus on a single issue or ideological viewpoint. “You shouldn’t dismiss these out of hand,” Douglas says.

“But it can be hard to control the message. And because they are not required to disclose their donors, your company could be accused of a lack of transparency. The key to furthering your agenda is to be credible, to be consistent, and to be transparent about it.” 6 regulatory Forecast 2016 earlier in the president’s term, but now they don’t seem to be constrained by criticism from the left or right. And with continued congressional gridlock, we are seeing a level of activism in the regulatory arena that is unprecedented.” The administration will spend much of 2016 finalizing rules and fighting legal challenges to its 2015 initiatives.

The most bitter fights will likely occur over the Clean Power Plan, which proposes to reduce carbon dioxide emissions by 32 percent over 2005 levels by targeting existing plants. State attorneys general challenged the plan in court even before the final rules were published, and industry is also challenging the EPA’s authority to issue the regulation. Senate Majority Leader Mitch McConnell (R-KY) has encouraged states not to obey a federal request to submit compliance plans. “The Clean Power Plan will put some utilities and energy companies in a difficult situation in terms of making plans,” Laws says.

“Energy is a capital-intensive business with a long planning cycle. They are making very expensive multiyear decisions to replace the power from coal with natural gas or with technology such as wind and solar, which are less proven or reliable. But even as the rules are being challenged, some states will press forward with implementation, while others may have a federal plan forced upon them.

Some industries will fight the regulations harder than others. But ultimately, I think many utilities will move forward with their states in implementing a rule they can accept, instead of fighting to the bitter end with the risk of getting something they can’t live with.” Financial Reform: Seeking “Balance” While the fight over climate rules is just beginning, the administration has largely had its way with financial reform, having adopted final rules for the vast majority of mandatory rulemaking provisions of the Dodd-Frank Act. “In 2016, we’ll see fewer rules implemented and more negotiations about how to implement the ones that remain with a little more balance,” says Mike Gill, Crowell & Moring counsel and an associate member of the Commodity Futures Trading Commission’s (CFTC) Energy and Environment Markets Advisory Committee.

While Dodd-Frank has imposed much higher compliance burdens on U.S. financial firms, the administration may yet relent on some highly controversial rulemakings, such as the proposed requirement that entities clear all intra-affiliate swaps, he says. One outstanding question is the degree to which DoddFrank rules apply to transactions involving foreign banks. For example, proposed rules declare that a transaction between two foreign banks would be considered a U.S.

transaction— and therefore subject to registration and reporting rules— simply if one of the banks uses a U.S. back office. “These rules threaten a lot of good-paying U.S.

jobs because banks seeking to avoid the strict regulations of Dodd-Frank might pull their back-office operations out of the U.S.,” Gill says. Similarly, Dodd-Frank requirements involving reporting and registration of derivative transactions—while aimed at preventing another financial crisis—run afoul of European . Mike Gill, Jim Flood, and Scott Douglas data privacy and protection laws. Recognizing the issues, last August the CFTC decided to postpone for one year a requirement that non-U.S.-based swap dealers register certain transactions. “The Obama administration assumed that foreign entities would just submit to our laws,” Gill says. “Instead, the rules threaten the international competitiveness of U.S. financial firms, clearinghouses, and repositories.

I think a lot of 2016 will be spent trying to harmonize U.S. and international law.” otherwise tie payment to outcomes, he says. The administration will also advocate for reducing regulatory obstacles to reimbursement of pharmacists, nurse practitioners, and other professionals who can provide quality care at a lower cost than physicians, Flood says. And they may attempt to control the cost of expensive new specialty drugs that are now coming on the market.

“The ACA is a huge legacy for Obama, and he wants to take on any issue that threatens its economic model,” Flood adds. Health: Focused on Costs More Rules, Tougher Enforcement Like Dodd-Frank, the Affordable Care Act (ACA) has been mostly implemented and upheld in the courts—and despite fierce Republican opposition, won’t be overturned in 2016. “The focus now is on controlling costs,” says Scott Douglas, a senior policy director in Crowell & Moring’s Government Affairs Group and former finance director for Sen. McConnell. While millions of Americans have gained coverage from the ACA, insurance premiums continue to increase. “The Feds are starting to get results on managed care pilot programs,” says Jim Flood, chair of the Government Affairs Group at Crowell & Moring, and a former federal prosecutor and former counsel to Sen. Charles Schumer (D-NY).

“I think they will take those practices and policies that improve quality and reduce cost in the marketplace and focus on expanding them.” Expect to see regulations that reduce feefor-service medicine, increase the use of bundled payments and the formation of accountable-care organizations, and As the rest of this Regulatory Forecast will make clear, the Obama administration’s bold agenda extends beyond policy to enforcement, as it goes beyond traditional remedies like fines and injunctions to force culture changes and dictate compliance mechanisms within companies. The Department of Justice (DOJ) has even appointed its first “compliance counsel,” who will be charged with defining compliance—and prosecuting those that fall short. Just how aggressive will the executive branch be in 2016? Consider this: “Traditionally, the Office of Management and Budget (OMB) has halted the proposal of new rules at some point during an election year in order to avoid disrupting the political dynamics then in play,” Means says. “But there are reasons to expect that the administration will break that mold and continue its aggressive policy and enforcement actions. “For the business community, there will be some very bitter pills—actually a medicine cabinet full of pills—to swallow.” regulatory Forecast 2016 7 .

THE REGULATORY WORLD: Security 2.0 POST 9/11 Fifteen Years That Changed the World Locking Things Down Focusing on the Data formed Department of Homeland Security, along with the an extensive regulatory framework designed to strengthen security. REGULATORY EFFORTS CENTERED PRIMARILY ON THE 16 “CRITICAL INFRASTRUCTURE” SECTORS VITAL TO THE U.S., SUCH AS ENERGY, CHEMICALS, COMMUNICATIONS, FINANCIAL SERVICES, AND THE DEFENSE INDUSTRIAL BASE. REGULATORS HAVE ZEROED IN ON HOW DATA IS CREATED, MOVED, AND STORED IN CRITICAL-INFRASTRUCTURE ORGANIZATIONS, government’s role in ensuring cybersecurity the public and private sectors has become key, given that vital govern- Internet—is not owned by the government. Overall, the 3.0 era has seen officials striving ports airports border crossings To a great extent, REGULATORS EMPHASIZED THE SECURITY OF PHYSICAL SPACES, systems and to create technical architectures and a regulatory framework that build security into all WHO’S TARGETING DATA? USA PATRIOT Act of 2001 allowed the use of unregulated. ITS THREATS TYPICALLY CAME FROM HACKERS BENT ON MISCHIEF, RATHER THAN CRIMINALS OR NATION STATES. Terrorism was not unknown during this era, but its reach was DEMANDS OF TERRORISTS WERE TYPICALLY TARGETED AND TACTICAL—a hijacker demanding a ransom or release of prisoners, for example. From a U.S. demands—WERE PRIMARILY ISSUES TO BE DEALT WITH OVERSEAS. 8 regulatory Forecast 2016 PROLIFERATING EXECUTIVE ORDERS.

Presidents tools, stronger pre-9/11—and progressing to Security 4.0, which is now emerging. The Internet grew during the 1990s, forcing industry to focus on Executive Order: Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities (2015) empowers the individuals and groups that threaten ture through 2013 2014 2015 - response has proven to be a challenge, as federal agencies jockey for enforcement power and states seek to preserve their and the Law. as we protect freedom and pursue security.” The Age of Innocence data. - corporate systems, and that the says Harvey Rishikof, senior counsel in Crowell & Moring's Privacy & Cybersecurity Group and a senior advisor to the Security 1.0 DOD Defense Federal Acquisition Regulation Supplement Safeguarding Rule (2013) requires defense contractors to implement specific IT security controls for unclassified but important DATA HAS BECOME THE CENTER OF GRAVITY, the “new oil” that The events of 9/11 quickly led to the passage of security-related This year marks the 15th anniversary of September 11, a U.S. government, for business, and for the world. Since 9/11, approaches to security have evolved, as the world has had to adjust to changing threats and emerging technologies.

“Security has become a driving force for government, but this force has run into the rise of the Security 3.0 orders created a voluntary cybersecurity framework Bush and Obama each issued a significant number of intra-governmental Department of Homeland Security (2001) created to consolidate 22 into one cabinet-level agency. 2001 2002 2004 Intelligence Reform and Terrorism Prevention Act of 2004 created the to integrate security efforts. Federal Information Security Management Act of 2002 created a cybersecurity framework for federal government and the private sector. A GROWING INSIDER THREAT. Humans remain are the result of social engineering that takes advantage of insiders’ naiveté and lack of vigilance in trade secrets, and patents. BATTLEGROUND. The Security 3.0 era has seen growing and fundamental tensions between the Valley vs.

Washington, D.C.” CHANGING REGULATORY STRATEGIES. Early in this era, regulators were largely focused on ments and helping them improve compliance. Over National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity (2014) outlines the elements of a comprehensive cybersecurity program for a diverse array of broad, emerging standard. Cyber Security Act of 2015 was designed to sharing between the government and the private sector about threats while increasing congressional oversight of the Security 4.0 Finding a Balance 2016... IN THE NEAR FUTURE, DATA AND INFORMATION TECHNOLOGY WILL LIKELY BE WOVEN MORE DEEPLY INTO DAILY LIFE. Data, and the “Internet of Things,” regulators will need to grapple with the evolving concept of privacy as well as the individual’s government will need to manage security for increasingly large, with distributed technologies, from bitcoins and other virtual currencies to automated vehicles, drones, and wearable computers. events and more on PROACTIVE PREVENTION. Ideally, various evolve into a concise set of agreed-upon standards and approaches that will strengthen security while reducing costs and compliance risks for business. A key challenge will be REGULATING GLOBAL BUSINESS, as regulatory regimes has proven to be extraordinarily difficult, and stressing enforcement and stronger oversight. needed to build worldwide security. regulatory Forecast 2016 9 .

roundtable 2016 when crisis strikes Ready or not, crises—large or small—can hit a company at any time. A panel of public relations professionals and Crowell & Moring attorneys discusses the unwritten rules of dealing with corporate crises. Scott Winkelman: Let’s kick this off with a call I received from a client who wanted to engage us on a class action of some magnitude dollar-wise and reputationally. While many would see this as garden-variety litigation, what the general counsel said was, “This may not seem like a crisis to you, but it’s the only one I’ve got.” I’ve always remembered those words because it’s the orientation an in-house lawyer or crisis expert often has to have. How do you decide when you have a crisis and when to activate the machinery? Amanda Deaver: You have to engage clients where they are and be responsive, and if it’s not a crisis, you can help them step back.

But sometimes the opposite happens. I’ve had clients come with a situation where they are a little myopic and we’re saying, “This is bigger than what we’re talking about.” Dave Freudenthal: Any issue can become a crisis if you mismanage it. People should take what may seem like routine things and think them through before they turn into problems.

Companies need to think about what can go wrong. If they don’t, they’re not going to be far enough down the road, and then it’s too late. People need to have created some response mechanism.

You can’t build the machinery at the same time you’re trying to activate it. 10 regulatory Forecast 2016 Gov. Dave Freudenthal, Scott Winkelman, Philip Inglima, Amanda Deaver, Robert Cusumano, and Jennifer Loven. Bob Cusumano: I think it’s a spectrum. It isn’t always an instant trigger point.

In many companies, everything’s a crisis, so if a true crisis emerges, there needs to be a ready-built apparatus with tools customized for the job. Corporations are sometimes myopic and not sensitive to the feelings of others. Sometimes they need to get knocked around a bit by someone who’s saying you are living in a non-rational world where audiences have emotional reactions and want real people to react the right way. That is countercultural for corporations.

It’s a learning experience that has to happen on the fly. Nancy Saracino: Any company could be tossed into crises at any moment. Larger organizations need to be prepared, and part of that includes an effective pre-response assessment process, meaning you have a crisis assessment group that can be assembled quickly, evaluate the circumstances, have a conversation about the right response, and report out to the decision makers. Some people may have a tin ear to certain things, and that’s where tabletop exercises are really important.

You can design them to trigger exactly the kind of reaction you’re trying to avoid in a real-time crisis. You can simulate something like an incidence of violence in the workplace where you have to evacuate the building, to see how your executives react. Do they think of the families? .

How are they going to be coming across to the press and to the people who are huddling in the parking lot? ROUNDTABLE PARTICIPANTS Cusumano: It’s empathy training in the end, and it’s hard to get them to sit for that, but it can be very useful. Moderator: Scott Winkelman, Crowell & Moring Regulatory Department chair WHO SHOULD BE IN THE ROOM? Robert Cusumano, Crowell & Moring Insurance/ Reinsurance Group partner and former general counsel of ACE Ltd. Jennifer Loven: One of the mistakes often made is not including people like communicators or lawyers at the front end. We get called a lot at the back end when something starts to go wrong. If you have experienced people whose jobs are to think three, four, five, six steps down the line, in a way that people who have day jobs just can’t or don’t, we can play that out and say, “This is where this is going to go if you go with this decision.” It may be a business function where the leadership feels like the communicator shouldn’t be in the room. They should be in the room.

The lawyers should be in the room—to help manage risk, predict risk, and help plan for risk. Phil Inglima: Most companies have crisis plans and believe that if they have a general counsel or her or his designee ready to implement that plan with the right internal cadre of participants, that’s all they need. But two factors should be Amanda Deaver, president of Upstream Strategic Communications Former Governor Dave Freudenthal (WY), Crowell & Moring Environment & Natural Resources Group senior counsel Philip Inglima, Crowell & Moring White Collar & Regulatory Enforcement partner Jennifer Loven, Glover Park Group managing director, former Associated Press chief White House correspondent Nancy Saracino, Crowell & Moring Energy Group partner and former vice president, general counsel, and chief administrative officer for the California Independent System Operator Corp. (CAISO) regulatory Forecast 2016 11 .

analyze, but you just have to strike the right balance. I’ve seen so many companies miss deadlines because they couldn’t make a decision that was right in front of them. They had all the information they needed. At some point you have to say, “I have enough information; I’ve got to get going.” Loven: The group can’t be a giant committee.

You need to know who is going to be responsible for signing off. If you know where you want your organization to go, that becomes your guidepost to decide what is the right thing to say. Do you say a little bit more than the lawyers tell you that you should, or a little bit less than the communicators think you should? Or do you use a tone of humility when everybody tells you that that’s going to get you into trouble? Or do you stay super argumentative and defensive even though your PR people might tell you that that’s going to come off wrong? Gov.

Dave Freudenthal considered: first, are they really in the best position to make sure they’ve got all the right people in the room? Sometimes proximity can blind you, and having somebody from outside look at it can help. The second thing is, they have to consider how others will view it later, much later. Because very few crises for a regulated company are not going to be scrutinized by at least their primary regulatory agency, if not the Department of Justice.

And the DOJ increasingly looks at whether the executives are protecting themselves and each other rather than the true stakeholders. It’s going to play out slowly. Freudenthal: I would argue that there is the assumption that you have time to think about this, but most of the time you don’t have time to sit around and say, “You know, I think I ought to call the lawyer.” You can’t anticipate exactly how the crisis is going to unfold. The key is to have a relationship at the outset so you begin to think about the crisis with both the lawyers and the PR people, recognizing that at some point you’re probably going to have to make a decision that is not as thoughtful as you might have preferred it to be.

And then you better have a crew around who can clean up the mess afterwards and guide you through it. Saracino: When you do respond, you need to remember it’s not about you. It’s not about your company. It’s about whatever the incident was and the people who are out there. Cusumano: I had a little motto when I was a general counsel: “It’s about the thing itself.” And that is such a hard message to get through because everybody wants to do a good job.

They don’t want to look bad. Deaver: And somebody needs to be in the group who is an outsider who can say, “This is not a witch hunt, there’ll be a time and a place to put the pieces back together.” Should management be insulated? Winkelman: Let’s talk about senior management in the heat of a crisis. The head of the company may deeply wish for and feel DECISIONS: “It’s not about you” Deaver: The decision-making authority has to be clear before someone is asked to make a decision. If you’re figuring it out while you’re contemplating the dimensions of the decision, you’re toast.

It’s not necessarily by title. Sometimes the 22-yearold who answers the phone in customer service has better instincts because she is hearing unvarnished information. Or the kid managing the Twitter account.

You don’t bring them all into the discussion, but you don’t just bring the management team and insulate yourselves from everyone else. You can over- 12 regulatory Forecast 2016 Amanda Deaver . they’re part of the community and more likely to convey something that is empathetic, and smart enough to say what they don’t know. If you elevate that above the plant manager and all of a sudden here comes somebody flying in from Houston, and they jump off the plane and make some big announcement, you have elevated the crisis in everybody’s perception. Cusumano: You need sincerity, you need integrity, and you need authority. And that can be different people depending on different parts of the situation. We had a phrase about being involved: are they “in the facts”? People who are in the facts are not going to be that credible.

At the same time, you have to have some authority, because if you’re just a talker, then you’re not going to get your message through because people are not going to want to hear it. Winkelman: Can the spokesperson role be outsourced effectively? Nancy Saracino a need to be engaged as a responsible person. The lawyer may well say that poses significant risks and it’s better to insulate that person. How do we strike the balance? Inglima: Well, the balance will start with the dimension of the problem.

When it is one that’s been of great human loss or great impact to a community, you have to have somebody at a high level making statements that express the company’s empathy and feeling of responsibility. But there’s a big difference between making isolated statements that go to the sense of remorse versus starting to explain what happened and why. At an early point in a crisis, to have some officer making all the public statements can be enormously dangerous and create an expectation that you can’t back away from without seeming to isolate that person in the bull’s eye. Deaver: It can, but usually it shouldn’t be.

There are lots of things a consultant can do behind the scenes. They can brief reporters. They can get the spokesperson well positioned to be successful.

But ultimately you need someone from within the organization. I’ve been in the situation where I’m introduced as the crisis PR person. Woo, woo, woo, the reverberations that go through the company—we’ve hired someone, it must be really bad.

That’s not helpful. Loven: There needs to be care that’s communicated in terms of how professionals are brought on to help, because if they’re brought in to be the person who goes on TV and communicates about this very serious event, that connotes there isn’t anyone there who is capable. Sometimes that’s not true when it comes to lawyers. Counsel can be very effective as spokes- Saracino: There’s a great model used by public agencies and agencies responsible for emergency response that’s called the incident command structure.

This is one instance where preplanning really is important if you’re in a position to have data that might get leaked, confidential information inadvertently released, or a hack, where you may need to be on a call with regulators or legislators and on message. And you may also need to have social media managed and somebody out in front of the cameras. You need to make sure the designated spokesperson understands that you’re going to be calling on him or her, and it’s also important to have several people lined up and trained in case the designated person is unavailable. Freudenthal: I would second distinguishing between who is in charge and who is out front.

I would make sure, for example, that you don’t hire a plant manager who can’t handle an interview, because a death at a plant or mine is probably better discussed by the manager or the plant superintendent because Scott Winkelman regulatory Forecast 2016 13 . Congressional Investigations Phil Inglima: Some of the rules we’ve talked about apply with a congressional investigation. While Congress usually wants to target the highest official it can find, you almost never want to provide that individual. You want to limit that individual’s accountability on the witness stand. You need to slow the pace until you have reliable information. Managing the flow of information to investigators is critically important. Jennifer Loven: Trying to shape the story so there’s some balance can be dangerous when it comes to trying to get ahead of a congressional investigation because then you’ve inflamed them by trying to go around them. Ultimately you’re going to take your lumps with committees because they have the control, and you have to prepare for it.

You need to understand the political and PR angles, because they don’t hold a hearing unless they want attention for it. Amanda Deaver: Understanding how you manage the audiences that were important the week before and will be important the week after needs to be part of your plan. Don’t leave it to the politicians or the media to describe what happened. Everything you would do for a 20/20 interview, you have to do for a congressional hearing. Jennifer Loven people for a lot of reasons, such as having knowledge and authority and a presence that gives the implicit message that we’re taking this seriously. Freudenthal: In all of this, people often forget simple things like the earnings call.

It’s not just messaging; it’s a messaging discipline that has some rigor and sequencing that lawyers need to look at, but they also need to think about the many faces the company has. People get in trouble on earnings calls because you’ve got somebody who may not know the particular set of facts and may not have the good sense to say, “I don’t know.” EMPLOYEES: “WE HAVE YOUR BACK” Inglima: In Enron, theories of prosecution were centered specifically on earnings calls, so that’s a very real example of the hazards that people overlook. Who cannot hear this first from the media? Who cannot hear it first when the government says something about it? Your employees have to be hearing what you’re telling external stakeholders in real time or perhaps just in advance of what you’re going to say externally.

Many of them are likely witnesses, and you don’t want them to feel like there are different versions of reality being percolated for different audiences. Cusumano: Often you want a separate and somewhat different message for employees because you want that message to be more familial and more supportive even as you’re saying, “Look, we have a problem. We have to cooperate with regulators and all of you have to stand up and do the right thing here, but understand we have your back.” Bob Cusumano 14 regulatory Forecast 2016 Deaver: I think that if you had a good relationship with your employees before the crisis, then you want to preserve that. . If you didn’t, you can’t build it in the crisis. But if you did, it was probably predicated on a level of trust and disclosure and respect and there was a good flow of information, and you’ve got to manage that so carefully. Employees need to know that somebody is on top of it. In my experience, the times when employees become a problem, it’s often because no one has reassured them and then they start chatting on blogs.

They ask questions because they aren’t being given answers, and then you have a brush fire that you didn’t expect. Saracino: Your company needs a policy about providing legal counsel for individual employees in the event of an internal investigation where there may be disciplinary consequences or an investigation from a regulatory entity where fines or penalties are at stake. You need a process that protects both the company and the employees that the employees can trust. Getting information from those involved is critical, and keeping their confidence that the process is being run in a fair manner is key. THE IMPACT OF SOCIAL MEDIA Winkelman: Let’s take that to the world of social media where everybody’s a journalist, where the proverbial 24/7 news cycle truly is.

Has that changed the craft of crisis management? Deaver: One of the things we do is help clients distinguish between social media platforms and social media personas that have credibility, that have a wide platform, that have the potential to be helpful or harmful. People can get worked up about social media as if all content is equal, and it’s not. The flip side is that social media is so targeted, it gives us great opportunities as communicators to respond.

You have to know to work the social media outlets, but people shouldn’t be as afraid of it as I think some are. Loven: Social media poses some challenges because of the way a piece of information can go viral and reach audiences that people couldn’t reach before in quite the same way. But it’s a tool. Very often the best use of Twitter in a crisis is as a canary in a coal mine for where the conversation is going.

Then you can get ahead of it and participate if you are savvy about the tone and the tactics that you use. The other thing is the explosion of platforms to communicate on. You don’t have to just go through The New York Times, you can go through thousands of entities, many of them owned and controlled by you.

Today it only matters if you publish somewhere, because then you can republish yourself and target specific audiences that do matter. Inglima: That gives rise to the point that you should remember who your friends are and reach out to them and engage with your natural allies, because you might find that a university or a nonprofit or think tank has a lot to say about the issue that is plaguing you. Loven: Companies often fail to cultivate friends before they need them. If you’ve not laid the groundwork in terms of finding like-minded thinkers, cultivating relationships within the regulator and the policy-maker community and in the opinion-elite community, you can’t get it done in the middle of a firestorm. THE DYNAMIC CRISIS Cusumano: These situations are dynamic. Crises are not a moment in time, and they branch in different directions.

The attention span of the media can be very long or very, very short. What you think you’re going to be doing two weeks from now may not resemble what you end up doing because people have lost interest. You have to be unbelievably adaptive and understand that the right answer on day one is not the right answer on day 21. Deaver: One of the places where you can really get in trouble is you have clearly established goals on day one and by the time you get to day 30, you’ve forgotten them, they’ve changed, they’re no longer clear.

It’s really important that somebody regularly reconvenes and asks, ‘Have our goals changed? Are we still meeting them? Do we really have them in mind?’ You can go off course pretty fast. Goals should change along the way, and people need to recalibrate when they do. Phil Inglima Freudenthal: The rule ought to be, just stick with the truth, and if you’re not sure what it is, say I don’t know, because it doesn’t involve complicated posturing. It doesn’t mean that you don’t choose your words carefully to make sure that what you’re really conveying is the whole truth and nothing but the truth.

You can get trapped in your own web if you lose sight of the fact that the truth is just easier. And, OK, the media may take you apart on it, but the average reader says that may be the only adult comment anybody ever made because you know the day after you don’t usually know why it did happen. regulatory Forecast 2016 15 . compliance and Crisis management danger and opportunity Building a compliance and ethics program for today means creating a program that is as dynamic as the business. T he test for whether a company’s compliance and ethics program works well is not only measured by the problems avoided, but also by whether the program can stand the test of public and government scrutiny once a crisis has already hit. A compliance program can become a significant asset or a tremendous liability in the event of a crisis, and the companies that benefit from them are committed to meeting both the written and unwritten expectations for their organizations. The standards have changed. Effective compliance requires a new level of transparency and authenticity that mirrors many of the ways the public’s everyday experience has changed—reduced concern for privacy and confidentiality, instant gratification with real-time reporting, personal accountability, and an expectation of high-tech capabilities. Programs must move beyond checking the boxes and embrace a Peter Eyre, Cari Stinebower, Jeff Poston, and Ryan Tisch 16 regulatory Forecast 2016 more robust and dynamic approach. With many of its easy targets gone, government has become more aggressive in picking companies to investigate.

The need for strong compliance programs is crossing borders, industries, and practice areas. That means executives can glean best practices from businesses in very different business sectors since compliance practices apply to cross-functional areas such as international trade, government contracting, antitrust law, privacy, and cybersecurity. Open the Lens Companies building robust compliance programs must empower compliance specialists to have a greater view into business operations and potential problems even beyond their immediate purview. And the training they undergo must .

be documented and captured. Companies need to be ready, always, for that knock at the door, with the expectation that they’ll need to show investigators just what they were doing on any day in question. “For example, in banking, it’s long been known that you need to know your customer, and now it’s increasingly clear that regulators are expecting that you know your customer’s customer as well. As banks go, so goes the rest of the business community, with companies up and down the supply chain facing increased scrutiny,” says Cari Stinebower, a partner with Crowell & Moring’s International Trade Group and a former counsel for the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC). Along those lines, compliance specialists reviewing accounts for evidence of, say, money laundering need to keep their eyes open for evidence of fraud and cybersecurity issues as well.

“The key is to open up the lens so they can see other areas,” says Stinebower. “When you are building a crisis handbook, cross-issue spotting needs to be taken into account.” This broader view can be essential in identifying cross-disciplinary issues—and may run counter to the increased specialization many compliance officers have faced. Companies with foreign operations face some of the largest compliance challenges, says Stinebower. They must grapple with laws that often conflict, and regulators have enlisted them as partners in their quest to stem corruption, terrorism, drug dealing, and other ills (see Global Compliance, p.18).

“It’s part of the burden of being a U.S. corporation: you are going to have to enforce U.S. policy or pay the price,” says Stinebower. Regardless of industry, your compliance program must have strong documentation, says Peter Eyre, a partner in Crowell & Moring’s Government Contracts Group.

“Some companies used to be reluctant to write down their practices and processes, but that won’t cut it anymore,” he says. “When the time comes to demonstrate the effectiveness of your compliance program, the documentation itself is critical. It must cover the key elements of compliance, and that requires a focused and intentional understanding of the business, what the risks are, and which risks have the highest and lowest impacts.” moving with the business But as the business changes, so will that risk assessment, says Ryan Tisch, a partner with Crowell & Moring’s Antitrust Group. “At many companies, the underlying existence of risk—and its degree—has long been assumed,” he says.

“But as new people join the organization, a new product is introduced, or a new geography is entered, they inherit the previous definition of risk without examining it. The level of risk can change.” The need to stay dynamic is especially powerful in fast-moving areas like data privacy and cybersecurity, says Jeffrey Poston, co-chair of Crowell & Moring’s Privacy & Cybersecurity Group. “These policies and procedures need to be living, breathing documents that evolve as circumstances change,” he says. “If they are simply documents locked in a computer file or a file cabinet and no one is paying attention to them, then they are Choose Your CCO Carefully For companies with a significant compliance burden, a keystone to successful compliance and crisis management is a strong chief compliance officer.

“Their job description goes far beyond drafting policies,” says Crowell & Moring’s Peter Eyre. “They’ll often be sitting in the hot seat when regulators, prosecutors, or plaintiffs’ attorneys are asking questions in the event of a crisis. And regulators expect the compliance officer to have the authority to bring up concerns to top executives and even the board as they arise. “The compliance officer also needs to understand the distinction between compliance and ethics,” adds Eyre.

“Your compliance program can’t contemplate every dilemma that your employees might face. By the same token, responsible companies don’t take advantage of loopholes if it would be unethical to do so. The Justice Department has been pushing hard for companies to have programs that discuss ethics and doing the right thing.” going to be worthless in terms of ensuring your compliance.” Companies should have an Incident Response Plan in place as well as a protocol to train their workforce on how to protect and secure data and how to respond when there is evidence of a breach, Poston notes.

“Ideally, the training should be tailored to the business, the business unit, and even the trainee’s individual role, because each role’s risk profile is different. Document that the training took place and engage in ‘tabletop’ exercises to rehearse how the company would react to an actual incident. “If there’s an investigation,” he adds, “there may be things that you can never prove or disprove. But if you can show you’ve trained people on the rules of the road, regardless of the nature of the event, you have a better chance of showing the company was not acting recklessly or negligently.” As part of the training, make clear who speaks for the company in a crisis, says Eyre.

“Break down the silos, use a consistent story and message, and make certain you communicate effectively both internally and externally. Be prepared to call in outside expertise because in some regulatory crises a failure to communicate effectively can lead to a bigger crisis.” Moreover, notes Poston, “As you plan your response, make sure the key decision makers have all the information in hand and that the company is speaking with one voice. Companies that plan, document, and implement an Incident Response Plan effectively have a better chance of withstanding government scrutiny and of minimizing liability.” regulatory Forecast 2016 17 .

global compliance compliance takes root worldwide Traditionally, corporate compliance efforts have focused primarily on U.S. regulations. But compliance is rapidly becoming a global issue—one that is complex and evolving, and requires constant attention. T he historic emphasis on U.S. compliance has stemmed from several factors.

For example, the U.S. has long had high civil and criminal penalties for noncompliance. It also has numerous well-funded nongovernmental organizations that can bring citizen enforcement actions under a number of statutes.

And when regulators take enforcement action against U.S. companies, there is the very real potential for follow-on tort litigation that compounds the risk of noncompliance. In all, such factors have created a strong, deeply engrained compliance culture in the U.S. But now, more and more of those elements are being adopted outside the U.S., and a stronger compliance culture is taking root in a number of countries.

The globalization of business, efforts to harmonize regulations, and a growing interest in protecting consumers are all contributing to this changing compliance landscape. Thus, while the importance of U.S. compliance has not diminished, companies now need to take the regulatory regimes of many other countries into account and bring a more global perspective to their compliance efforts. The Spread of Compliance Culture A growing compliance culture can be found in a number of countries.

The European Union (EU) has certainly seen an increased emphasis on regulation and compliance in recent years. But so too have other countries, from Japan to Brazil to South Korea and beyond. And developing countries around the world are rapidly becoming more sophisticated in terms of business and regulatory regimes. 18 regulatory Forecast 2016 Charles De Jager and Grégoire Ryelandt In China, for example, officials are now working on enforcing intellectual property (IP) law—a significant change for a country long known for problematic IP protection.

In the past, it was not unusual for Chinese manufacturers that produced goods for European partner companies to sell the same goods under their own brand names. “However, many Chinese companies are moving up the value chain and developing more of their own IP, and they don’t want other companies taking it,” says Grégoire Ryelandt, counsel in Crowell & Moring’s Brussels office. “So China is now implementing and enforcing more IP laws—and global companies doing business there need to take that into account.” Meanwhile, the EU is strengthening regulation in a range of areas, including product standards, labeling, and food safety.

What’s more, EU regulations are increasingly likely to be backed up by strong penalties. “European countries are getting very serious about infringements to the regulatory framework, and they’re now levying fines and in some cases even pursuing criminal charges,” says Ryelandt. While potential penalties are still not as severe as those in the United States, this represents a significant departure from the EU’s past leniency. .

Shaping Compliance Requirements The Key Global Challenges Globally, compliance requirements are changing in virtually every field. But three evolving areas present particular challenges: data privacy, antitrust, and environmental compliance. Data Privacy Compliance In October 2015, the Court of Justice of the EU in the Schrems case determined that the U.S.-EU Safe Harbor framework did not provide a valid legal basis for transfers of personal data from the EU to the U.S. “The framework was in place since 2000 to facilitate transfers of personal data from the EU to eligible U.S. companies that certify to and comply with the Safe Harbor principles,” explains Charles De Jager, counsel in Crowell & Moring’s Brussels office.

“The elimination of the Safe Harbor leaves a large number of companies to find other, potentially more onerous mechanisms to transfer data lawfully from the EU to the U.S.” Under the current EU data protection directive, EU member states’ national data protection authorities have retained a significant degree of independence to enforce the rules as strictly as they see fit. “Over the years, the data protection authorities of France, Germany, Spain, and other EU member states have imposed fines as a result of enforcement actions,” says De Jager. “This trend is likely to continue under the forthcoming update of the EU data protection regime.” By the spring of 2018, the EU should be working under a new, single set of data privacy rules—the European General Data Protection Regulation (GDPR).

Agreed in late 2015, the GDPR means that companies will need to comply with just one unified framework, rather than the patchwork of varying national laws that had been in place. While the GDPR streamlines compliance significantly, it also brings increased risk because it allows the EU to levy fines for noncompliance of up to 4 percent of a company’s annual worldwide revenue. Beyond the EU, says De Jager, “global companies’ attention must also turn to a number of other countries, such as Argentina, Mexico, Israel, Japan, Korea, and Singapore, which are implementing and increasingly enforcing data privacy rules resembling those of the EU.” Data privacy compliance is changing in Russia as well. New laws recently took effect that require companies to process personal data of Russian nationals on servers located in Russia. Questions remain about the way the Companies typically react to regulation, but some work proactively to shape their regulatory environment.

For example, says Patty Wu, senior director at Crowell & Moring affiliate C&M International, “the Asia Pacific Economic Cooperation (APEC) forum brings together 21 governments and a number of industry stakeholders to promote industry self-regulation in certain sectors, better align regulatory procedures, and work toward regulations that create an enabling environment for business.” APEC initiatives cover areas such as data privacy standards, global data standards for track and trace, and food safety. An action agenda for advertising standards and practice was adopted by APEC leaders last year, and a set of principles for governments’ role in promoting self-regulation was recently developed in APEC for consideration. In addition, APEC successfully expanded high standard codes of conduct in the medical device and biopharmaceutical sectors to 10 APEC member economies, including China, where they previously did not exist.

“This not only improves the operating environment and reduces risk for companies, it helps governments to combat corruption,” says Wu. Overall, she says, “this kind of government-industry cooperation helps companies to avoid waiting for the traditional heavy hand of a top-down government approach, and instead work cooperatively with regulators to address compliance strategically—at the front end of the process.” implementation of this new framework will be scrutinized by Russian authorities. “Will companies be allowed to hold a copy of personal data outside Russia? And how strongly will they enforce the law?” asks Ryelandt. “So there is a big question mark there.” Antitrust Compliance Worldwide, antitrust enforcement has been growing stronger—so much so that the total amount of antitrust-related fines levied in the EU has been exceeding the total levied in the U.S.

In a related development, the EU adopted a new directive in 2014 aimed at helping citizens and companies claim damages from companies that engage in antitrust behavior—something that has long been in place in the U.S. regulatory Forecast 2016 19 . Patty Wu and Larry Boggs A Renewed Focus on Climate Change With governments and business increasingly concerned about the risks of climate change to the global economy, the signatories to the UN Framework Convention on Climate Change concluded a new multilateral agreement in late 2015 (the “Paris Agreement”). The new “bottoms-up” framework allows each country to set its own approach to addressing climate change while establishing common rules for transparency and accountability. The agreement promotes carbon market mechanisms, greater action to define and measure climate risk, and public and private investment in low carbon technologies. By the time the agreement was concluded, nearly 190 countries—accounting for the majority of global greenhouse gas emissions—had announced their individual reduction goals. China, for example, is targeting a 60 percent to 65 percent reduction by 2030. The EU plans 40 percent and the U.S.

26 percent to 28 percent by 2025. Overall, governments sent a clear policy signal; a concerted effort to decarbonize the economy has formally begun. “Climate change regulation is an area that companies should follow closely over the next year and beyond,” says Crowell & Moring’s Larry Boggs. 20 regulatory Forecast 2016 but less so in Europe.

In 2016, EU member countries will be implementing that directive in their respective laws and regulations. This will further strengthen the compliance culture in the region. Antitrust compliance is also becoming increasingly important in South America and Asia. For example, Brazil’s competition authority, known as CADE, has been actively enforcing that country’s 2011 Competition Act.

And in South Korea, the head of the Korean Fair Trade Commission (KFTC) has called for enforcement that protects consumers “by actively responding to international cartels and global M&As, which have significant impact on the market in Korea.” Over the past year, the KFTC has imposed multimillion-dollar penalties on Japanese and German auto parts companies for anticompetitive behavior. Environmental Compliance Many countries are moving ahead with stronger environmental regulations, often surpassing the U.S. approach in terms of rigorous oversight. In addition, after years of high-profile environmental incidents, China has started to seriously address environmental protection.

“China is moving faster on the environmental front than the U.S. and Europe did when they began implementing environmental regulations,” says Ryelandt. In Europe, the implementation of the Registration, Evaluation, Authorization, and Restriction of Chemicals (REACH) regulation continues. Companies have already had to register the chemicals that they use in large volumes with the European Chemicals Agency.

Now, the implementation is focusing on smaller volumes of chemicals, requiring companies to register those by 2018. As a result, a wider range of businesses will need to comply with REACH. “This now involves companies that are not primarily active in the chemicals industry,” says Ryelandt.

“Many of them are not aware that they have this obligation and are not up to speed on this fairly complex regulation, which of course increases their risk of noncompliance.” The CONTINING EVOLUTION Looking ahead, ongoing geopolitical uncertainty is, in turn, creating uncertainty for global compliance. This is especially evident in the imposition of economic sanctions imposed by the U.S., the EU, and other countries on Iran and Russia, as well as the sanctions maintained until recently by the U.S. against Cuba. “In addition, enforcement efforts are being ramped up,” says De Jager.

“For example, the United Kingdom is establishing as of April 2016 the new Office of Financial . Chemical Shipments: Evolving Global Rules Sanctions Implementation to increase awareness of sanctions and to ensure they are properly enforced.” With respect to Iran, the agreement reached on the Joint Comprehensive Plan of Action (JCPOA) in July 2015 will have important compliance implications for global companies, especially since the U.S. and EU are likely to proceed differently in implementing the JCPOA. “While the EU is expected to lift most of its primary sanctions against Iran in the first half of 2016, the U.S. will maintain its primary sanctions, with its authorities continuing to enforce the facilitation rules,” says De Jager.

“As a result, the economic opportunities presented will be, with a few narrow exceptions, for non-U.S. companies.” Under sanctions imposed on Russia because of its intervention in Ukraine, U.S. and EU companies are prohibited from trading certain goods with Russia, transacting with certain persons in Russia, or conducting any transactions in certain areas. If they want to do business in Russia, they must follow a complicated administrative process to gain approval.

“Companies in Europe or in the U.S. have to be very careful when they export to Russia—and the same is true for multinationals established in Russia,” says Ryelandt. “This is a situation that can evolve quickly, so you have to monitor the developments there very closely.” The interplay between economic sanctions and data protection also highlights the difficulty in ensuring compliance across substantive areas.

“For example, while companies must screen transactions against the lists of sanctioned parties established by the U.S., certain EU member states’ strict data protection measures may seek to restrict or prevent the transfer of personal data for purposes of such screening,” says De Jager. “Companies thus occasionally face the dilemma of complying simultaneously with U.S. sanctions rules and EU member states’ data protection rules, and must reconcile these requirements in their compliance programs.” In today’s environment, companies working across international borders will need to proactively monitor and plan for a broad and changing compliance landscape.

At the same time, they can define practical standards for products and operations that can apply across multiple jurisdictions, which can streamline internal compliance activities and reduce compliance costs and risk. Companies should also be sure that they have the processes and systems, including auditing, that will allow them to discover, correct, and report noncompliance in the countries in which they operate. And, says Larry Boggs, senior counsel at Crowell & Moring, “clear standards can help make compliance less of a burden, and ISO and other standard-setting organizations Chemicals shipped across international boundaries can be subject to a number of different labeling and management regimes, including the Globally Harmonized System of Classification and Labeling of Chemicals (GHS).

The GHS guidelines have been adopted at least in part by 67 countries and regions, including the U.S., China, and the European Union. In the U.S., the Occupational Safety and Health Administration (OSHA) is incorporating GHS into its labeling and safety data sheet requirements and phasing those changes in through June 2016. Companies need to understand these new OSHA requirements. More broadly, says Crowell & Moring’s Larry Boggs, “companies seeking to move chemicals internationally must determine whether and to what extent the exporting and importing countries have adopted the GHS.” If those chemicals are wastes shipped for disposal or recycling, they may also be subject to hazardous-waste restrictions under the Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and Their Disposal, which allows the shipping of waste only if environmentally sound management practices are employed.

Although the U.S. is not a party to the Basel Convention, many other countries and regions are, including China, the European Union, and India—and U.S. companies planning to ship chemical wastes overseas should understand this potential compliance risk. are increasingly important.

Companies would be wise to participate in these organizations.” At the same time, companies will need to make some practical trade-offs. Global compliance is becoming so complex that it is simply not possible to do it all. “While a company may be committed to total compliance, the hard reality is that it is virtually impossible to ensure 100 percent compliance with all laws and rules governing a company’s operations and products in every country,” says Boggs.

“That is simply beyond the constrained budgets of in-house legal teams.” Instead, companies will need to understand the different risks involved in different areas and prioritize their compliance efforts accordingly—while being prepared to adapt to a changing compliance landscape. regulatory Forecast 2016 21 . Supreme Court Is a judicial check on administrative authority coming? L ast year was a year of blockbuster Supreme Court decisions, with the justices resolving high-profile, hotly contested disputes on the issues of same-sex marriage, health care, environmental law, and more. But Court watchers say some of these decisions might have also set the stage for a 2016 showdown on a question with profound implications for every industry subject to federal regulation: how much power should federal agencies have absent clear congressional direction? For several decades, the courts have given considerable leeway to federal agencies when they interpret statutes passed by Congress as well as when they interpret their own regulations. In its 1984 ruling in Chevron U.S.A. v. Natural Resources Defense Council, the Supreme Court set the standard: if an agency’s Dan Wolff, Tom Lorenzen, and Cliff Elgarten 22 regulatory Forecast 2016 interpretation of an ambiguous statute is reasonable, then it is to be given “controlling weight.” The 1997 case Auer v.

Robbins recognized that even more deference is to be given to agencies’ interpretation of their own regulations. But in recent Court opinions, the Court’s four conservative justices have signaled increasing discomfort with the latitude currently afforded to the executive branch. “Eventually, this issue will come to a head,” says Cliff Elgarten, a Crowell & Moring Litigation Group partner and a former Supreme Court clerk. “This may be the term when that happens.” In the 2015 case Michigan v.

EPA, the 5-4 majority found the Environmental Protection Agency’s (EPA) interpretation of section 112 of the Clean Air Act to be unreasonable because EPA did not consider the cost of compliance before . Number of Pages Published Annually in the Federal Register (1987-2014) 100,000 75,000 requirements on broadband access providers—could also present administrative deference issues. But Elgarten points out that Chevron and Auer issues arise in a wide variety of regulatory contexts. “It is difficult to predict where and when the Court will choose next to grapple with these issues,” he says. 50,000 25,000 0 1987 1994 2001 2008 2014 Source: Office of the Federal Register There has been a steady increase in the number of pages published each year in the Federal Register, which includes public notices, proposed rules, and final rules issued by federal administrative agencies. Some conservative Supreme Court justices have been questioning the broad latitude given to federal administrators in creating and applying these rules. deciding whether to regulate hazardous air pollutants from power plants.

In doing so, it applied Chevron deference, but signaled a narrower view of what is considered “reasonable.” As Dan Wolff, chair of Crowell & Moring’s Administrative Law and Regulatory Practice and a member of the firm’s Litigation and Environment & Natural Resources Groups, explains, “If the language is ambiguous, then there are at least two potential interpretations. On the one hand, it has been true since our founding that the courts decide what the law means. On the other hand, there is the notion that agencies charged by Congress with administering regulatory programs should be given discretion to fill in the gaps left open by Congress.” Writing the majority opinion in the Affordable Care Act (ACA) challenge King v. Burwell, Chief Justice John Roberts suggested that Chevron might not apply in cases of profound “economic and political significance,” appearing, in essence, to carve out a new exception to the deference doctrine. A challenge to the EPA’s Clean Power Plan could provide the next test of administrative deference standards, says Tom Lorenzen, a member of Crowell & Moring’s Environment & Natural Resources, Appellate, and Government Affairs Groups.

Relying on the authority the EPA says it has under the federal Clean Air Act (CAA), the agency in August 2015 unveiled sweeping state-by-state limits on CO2 emissions from existing power plants. “This rule affects vast segments of the American economy, so it fits in the King v. Burwell mold when it comes to deference,” says Lorenzen, who was an assistant chief of the Justice Department’s Environment and Natural Resources Division from 2004 to 2013.

“It seems this is the one to watch.” Some observers believe challenges to the FCC’s controversial net neutrality order—which imposes open Internet No Trickle Down—So Far Elgarten adds that, so far, conservative Supreme Court skepticism of deference toward administrative agency interpretation has not trickled down to lower federal courts. Even in the wake of the King v. Burwell decision, Wolff notes, in most cases the lower courts are probably not going to veer from the traditional Chevron and Auer tests absent further guidance from the Court.

“That said,” Wolff adds, “a rulemaking such as the Clean Power Plan is of such significance that it could well embolden the D.C. Circuit to say, ‘This is an issue of such national importance that we’re going to decide what’s the proper interpretation.’ But that would be the outlier, at least for now.” Lorenzen adds that he doesn’t see executive branch agencies becoming any less assertive about applying their own interpretations of statutes or regulations. “With Congress unwilling or unable to act on many big issues, that leaves the law somewhat frozen, and the administration is attempting to grapple with new problems based on old laws,” he says.

And in fact, in Perez v. Mortgage Bankers Association, decided this past term, the unanimous Court clarified that when an administration interprets an existing regulation in a new way, it need not do so through notice-and-comment rulemaking. Be that as it may, Wolff notes, a trio of concurring opinions in Perez cautions agencies not to run too wild with new interpretations, lest they push the conservatives to reconsider deference under Auer. Lorenzen agrees, noting that if the Obama administration uses its final year to continue cementing its legacy through administrative action, as expected, the agencies may be more deliberate in the way they present interpretations in light of the recent Supreme Court skepticism, in anticipation of additional court challenges.

Lorenzen points out that the Supreme Court’s liberal wing has expressed no reservations about the broad application of administrative deference, seeing the concept as “viable and robust.” Because the next court vacancy is expected to come from the liberal side of the court, he notes that the 2016 presidential election could be a deciding factor in the future of administrative deference. “The next appointment to the Supreme Court is going to be very significant,” he says. “Whether that appointment is made by a Democratic president or by a Republican president will make a very big difference on this and many other issues.” regulatory Forecast 2016 23 . water wars The drought has exposed cracks in the all-important protocols for how water is shared in the West. But even if it ends in 2016, the long-term forecast is for more conflict. Nancy Saracino F rom almond farms to server farms, backyard wells to gas wells, and office parks to public parks, water is vital to industry, economic growth, and environmental health. Water wars involve end users as well as federal, state, and local agencies battling over laws and agreements that were typically written in a less resource-stressed time. These wars have intensified thanks to California’s historic drought. As this Regulatory Forecast went to press, the El Niño weather formation was expected to provide some drought relief, depending on where the rain falls.

But the extreme variability in precipitation that many scientists say climate change will spur in the coming years appears likely to shift policymakers’ focus from water scarcity to water management, which is still far from a resolved issue. Even if the drought recedes from the headlines, 2016 is certain to bring continued conflict—and, in the long term, resource planning will become more challenging for virtually all major water users. “The states have been trying to manage between the needs of the environment, industry, and other water users,” says Nancy Saracino, a partner at Crowell & Moring, a member of the firm’s Energy Group, and former general counsel for the California Independent System Operator Corp. (CAISO). “Scarcity creates a difficult situation for regulators and people who rely on an assured water supply for their commercial needs, whether agricultural or industrial. Climate change and unpredictable supplies will also complicate decision making, as systems need to be engineered to handle big flows as well as scarcity.” Sue or Be Sued As the American West has struggled to survive on dwindling water supplies during the ongoing drought, the land wasn’t 24 regulatory Forecast 2016 the only thing that showed cracks.

So did long-established systems of water distribution and reliance on groundwater supplies. And it’s unclear how these systems—including the legal framework for water rights, transfers, and groundwater use—will be altered as the West contends with the long-term instability that climate change brings to traditional water supply infrastructure. Water flowing from the Colorado River has long been allocated by a series of compacts between states known as the Law of the River. “These compacts among states are really in contention,” says Dave Freudenthal, a former governor of Wyoming and now senior counsel with Crowell & Moring.

“The original compact, the Colorado River Compact, established its original allocations based on wet years, so they were probably too high, and that’s built up expectations for how much downstream users will receive from upstream states. The fight gets worse in drought years, and the mechanisms to deal with scarcity are pretty untested.” Further downstream in California, the drought has forced the state to make drastic cuts in water allocations. Some Central Valley irrigation districts sued within days of receiving state orders to stop drawing water from rivers and streams. Many farmers have come to depend on permanent, water-intensive crops, despite being “junior” in the priority system based on when flows were first diverted and used.

“These suits add to the web of complexity and uncertainty that water users, policymakers, and regulators face,” Saracino says. With the California State Water Project and federal Central Valley Project having largely ceased allocations due to drought, California’s agricultural users are depending on a combination of fallowing land in hopes of more supply when it rains, groundwater pumping, and water transfers—including long-term transfers that have . Is That a Stream or a Ditch? David Chung and Patrick Lynch been challenged in federal district court. Californians have traditionally relied on groundwater to sustain them through periods of surface water shortage. As reliance on groundwater increases, however, so have problems with seawater intrusion, water quality, and subsidence—the technical term for sinking land. A recent report by NASA’s Jet Propulsion Laboratory shows land sinking two inches per month in parts of the San Joaquin Valley, the state’s agricultural heartland. “Traditionally, California property owners had largely unrestricted rights to their own groundwater,” says Saracino.

“With severe limitations on surface water supplies and serious consequences for overreliance on groundwater, there’s going to have to be a culture change in the state. The state passed its first law addressing sustainable groundwater management in 2014, but it will take almost a decade to implement. Meanwhile, with the ongoing drought the state faces a groundwater crisis. Given shifts in technology and cost, there are now serious discussions about local investment in desalination to help clean up groundwater supplies, but that only solves one of the complex issues posed by groundwater pumping.” To complicate matters, as water management agencies try to address limitations on supply by implementing water transfer programs that allow rights to water to be bought and sold, environmental activists have sued, claiming that the programs did not properly evaluate environmental impacts.

A federal court is scheduled to decide that litigation this September. New Solutions, New Uses The drought is also forcing urban users to strive for greater conservation and greater diversity in their water supply options. They’ve invested heavily in storage, water use efficiency programs and technologies, recycling and reuse, While the drought has focused attention on the West, a new federal water rule may have an impact nationwide. Last May, the U.S.

Environmental Protection Agency (EPA) finalized the Clean Water Rule, which clarifies which types of water fall under federal jurisdiction under the Clean Water Act. The Act covers “navigable waters,” defined by statute as the “waters of the United States,” but Congress did not further define what “waters of the United States” includes, and recent Supreme Court rulings have only complicated the matter. The new rule says these include tributaries that show “physical features of flowing water” as well as certain adjacent waters and isolated water features like prairie potholes— thousands of small wetland depressions found in the Midwest. The rule is inspired by evidence that pollution created upstream can affect water quality in the downstream rivers and lakes that Americans rely on for drinking water and other uses.

But many states and industry groups representing manufacturers, farmers, miners, builders, water utilities, and others have condemned the rule as a dangerous overreach. “The rule purports to clarify the EPA’s jurisdiction, but it uses terms that are still vague and sometimes difficult to apply, like ‘ordinary high water mark’ or ‘100-year floodplain,’” says David Chung, counsel with Crowell & Moring. “Ultimately, property owners may have little clarity on whether they must apply for a permit to build on their land or conduct a costly analysis before they can even move a ditch on their property. It is not surprising that dozens of states have also challenged the rule because it could create massive implementation headaches and leave many exposed to citizen suits.” regulatory Forecast 2016 25 .

The Clean Water Rule’s Broad Reach No Data 0% to 25% 25% to 50% 50% to 75% 75% to 100% Percent of streams that are intermittent, ephemeral, or headwaters, by county Source: U.S. Fish and Wildlife Service, 2015 Almost 60 percent of the nation’s streams are expected to be newly covered by the new Clean Water Rule because they count as “intermittent, ephemeral, or headwaters,” according to the Brookings Institution. That will have major economic implications for developers, farmers, and utilities, among others. and even desalination—an enticing option for a state like California with an 800-mile coastline. Last fall the nation’s largest desalination plant began operation in the city of Carlsbad, north of San Diego, showcasing new technologies that make the desalination process both more environmentally friendly and cheaper than before.

“Still, this water is, for now, more expensive than alternative sources,” says Patrick Lynch, a Crowell & Moring partner who helped shepherd the novel $1 billion financial deal behind the project. “No one can predict where water prices will go, so the question becomes how much will you pay for a droughtproof supply of water. The San Diego County Water Authority is willing to pay for such a supply, and that may prove prescient over the next seven or eight years.” Yet the pace of desalination projects has been slow, even in Southern California—only one other major plant is nearing the construction phase—not least because of the challenges of getting approvals for development along 26 regulatory Forecast 2016 the California coast, notes Lynch.

“When you look at the disarray that we’re seeing over water use planning and the challenges in tapping additional new sources of water, I think desalination projects may have a profound impact on additional development in the state,” Saracino adds. The drought has also shined a spotlight on the waterintensive oil and gas drilling method of hydraulic fracturing. Beyond the large amount of water used in “fracking,” watch for growing concern for the impact of the seismic shifts it can produce, says Freudenthal, who as governor was credited with ushering in the first meaningful state regulation of hydraulic fracturing while overseeing a rapid expansion of natural gas capacity in Wyoming. These shifts can alter underground formations and affect the flow of groundwater accessed by homes, farms, or industry.

“The EPA may very well move to assert jurisdiction over fracking on non-public lands, regardless of its 2015 study that found no widespread impact on drinking water,” Freudenthal says. . Gov. Dave Freudenthal “That’s just the nature of the agency—it can’t keep its nose out of anything.” If El Niño eases the drought, tensions over water will ease as well, Freudenthal says. But when you consider the politics of climate change, the growth imperative, environmental activism, and outdated water distribution laws and customs, the long-term forecast still calls for conflict. “Anyone engaged in any economic activity that is waterdependent should be prepared for an extended period of stress, on both the water quality and quantity sides,” Freudenthal says. Nutrients: Nailing Down Numbers Excessive amounts of nutrients in the water can cause algae blooms that damage marine wildlife, reduce fish catches, and threaten drinking water supplies. The sources of nutrient pollution include runoff of fertilizer, animal manure, and sewage treatment plant discharges.

With 2016 as its last year in office, the Obama administration may seize the chance to take further action on nutrient pollution, with a significant impact on states and businesses, especially farmers and utilities. In the past, the EPA has relied on states to take the lead on water quality, with the federal government acting as a backstop and overseer. But environmentalists have been pressuring the EPA to take a more aggressive approach. In 2008, environmental groups sued the EPA to force Florida—one of the states hardest-hit by nutrient pollution—to replace qualitative (or “narrative”) with quantitative (or “numeric”) nutrient pollution standards. In a bruising, seven-year legal battle, the EPA imposed numeric standards, then ultimately relented when the state proposed its own. Meanwhile, a suit that aims to force the EPA to impose numeric standards on the 31 states in the Mississippi River Basin is still ongoing.

Nutrient pollution within the watershed is alleged to be the source of a massive “dead zone” found in the Gulf of Mexico. The Clean Water Act permits EPA to impose its own water quality standards if it finds that the states have failed to act or if it determines that such standards are “necessary,” says David Chung, counsel at Crowell & Moring. In 2011, a memo by then-EPA official Nancy Stoner recommended that states develop some numeric nutrient standards by 2016. “EPA is tracking states’ progress in developing numeric standards, but they’re all over the map,” Chung notes.

“Meanwhile, the Mississippi River lawsuit illustrates that many continue to push for imposing hard numbers that can’t be exceeded. And it’s not out of the question that EPA could make an 11th hour pronouncement that federal criteria are ‘necessary’ in certain states. It would take a lot for a subsequent administration to undo that.” States have argued that they are best suited for developing standards, in part because suitable nutrient levels for any given water body depend on local factors such as its size, depth, and color.

“A one-size-fits-all number hardly seems like the best answer,” Chung says. On yet another front in the war over nutrients, Des Moines’s water utility is suing three counties in a federal court in Iowa, claiming that nitrate pollution from farms—some of them more than 100 river miles upstream—is sullying Des Moines’s drinking water, and seeking federal oversight of the counties’ drainage districts under the Clean Water Act, among other relief. If the utility wins, it could disrupt the decadeslong use of tile drainage that is pervasive in the Corn Belt, says Chung. Tile drains draw excess water out of the root zone. The Clean Water Act declares that agricultural stormwater discharge and return flows from irrigated agriculture are not “point sources” subject to permitting.

But the utility claims that tile drainage qualifies as “point sources of nitrate pollution” because the discharges “are almost entirely groundwater.” A federal court in 2013 rejected a similar claim, but “litigants continue to try to narrow the scope of the agricultural exemptions in the statute,” notes Chung. The case is scheduled for trial in August 2016. regulatory Forecast 2016 27 . environment Air, Water, Chemicals, Wildlife, and Vapor Are Key Issues The coming year promises to be especially active for environmental regulation and related litigation. For starters, in 2015 the Environmental Protection Agency (EPA) issued two regulations, under separate environmental statutes, that could profoundly affect business if they are upheld by the courts: the Clean Power Plan, issued under the Clean Air Act, and the Waters of the United States Rule, issued under the Clean Water Act. Published in the Federal Register in October 2015, the Clean Power Plan sets the ambitious goal of achieving a 32 percent cut in carbon dioxide emissions from existing U.S. power plants by 2030, compared to 2005 levels. To reach this goal, EPA has adopted an aggressive regulation that tests the boundaries of its statutory authority, prompting numerous judicial challenges. These challenges, to be heard initially by the U.S. Court of Appeals for the D.C.

Circuit, are expected to consume much of 2016. If the Supreme Court takes the case up later, it could consume much of 2017 as well. The judicial challenges by themselves do not affect the rule’s ambitious compliance deadlines, the first of which falls in September 2016, when initial submissions from the states regarding their implementation plans are due. “Absent a judicial stay, states will be obligated to begin preparing their plans for implementing the plan,” says Tom Lorenzen, a partner at Crowell & Moring and former assistant chief of the Department of Justice’s Environment & Natural Resources Division. “Utilities cannot sit idly by and assume that this rule will simply go away.

They need to be engaged with the states in which they operate to consider how they will comply if the rule is upheld in whole or in part.” A similar court fight is ensuing over the Clean Water Rule issued by the EPA and the U.S. Army Corps of Engineers last May. This new rule expands the definition of “waters of the United States” governed by the Clean Water Act, and thereby substantially expands the environmental regulatory jurisdiction of the federal government. New Scrutiny for Chemicals Warren Lehrenbaum, Jennifer Giblin, and Tom Lorenzen 28 regulatory Forecast 2016 As 2015 came to a close, Congress was also poised to pass new legislation that would overhaul the manner in which chemicals, and products made from chemicals, are regulated in the U.S.

The legislation would update the Toxic Substances Control Act (TSCA) for the first time since 1976, requiring the EPA to review all chemicals that are currently in commerce in the U.S. to assess their safety and, if appropriate, impose restrictions or bans on their use. In addition, manufacturers and processors of chemical products will be subject to new reporting requirements, and, if the EPA determines that available data are insufficient for evaluating the safety of a chemical, the .

law will give the EPA expanded power to require that manufacturers and processors conduct studies to generate that data.  “The law would be much more of a ‘sea change’ for existing chemicals than for new chemicals, which already undergo rigorous testing,” says Warren Lehrenbaum, a Crowell & Moring partner. “With the proposed changes to TSCA, chemicals that have been in use for decades will undergo a much higher level of scrutiny.” Meanwhile, the EPA continues to push the boundaries of its existing authorities under TSCA. For example, in 2016, the EPA will be engaged in rulemaking to impose new reporting requirements on manufacturers and processors of nanoscale materials, and it is expected to issue administrative orders to require endocrine disruptor testing on dozens of new chemicals. Expanding Wildlife Protection Federal authorization for “take” of protected wildlife—generally defined as disturbing or killing an animal—is another issue of growing significance. As 2016 unfolds, two statutes in particular may play an increasingly large role in land development projects. First, the likelihood of increased listings under the Endangered Species Act (ESA) will impose new requirements, including permitting and consultation obligations, on areas of the country that have had few if any listed species. “The expectation is that there will be several hundred new listing decisions over the next few years, some involving species with ranges throughout the country. No region will be immune from the effects of these new listings,” says Lehrenbaum. Second, the U.S. Fish and Wildlife Service (FWS) has issued a notice of preliminary analysis that may precede the promulgation of a new permitting scheme under the Migratory Bird Treaty Act (MBTA) for “incidental take.” Currently, there is no method to obtain a permit for incidental take—un- Endangered and Threatened Animal Species Listed for U.S.

Protection 1672 1316 1357 1437 1006 629 300 129 1970 413 148 ’75 ’80 ’85 ’90 ’95 2000 ’05 ’10 ’15 Source: U.S. Fish and Wildlife Service, 2015 The number of animal species protected under the Endangered Species Act continues to rise. As part of a multidistrict litigation settlement in 2011 with WildEarth Guardians, the U.S.

Fish and Wildlife Service is required to review some 250 candidate species between 2013 and 2018 to determine if they should be added to the federal protection list. intentional take caused by otherwise legal activity—under the MBTA, even though the agency asserts it has the authority to pursue criminal sanctions against private parties that incidentally take migratory birds.  “This puts private parties whose projects might incidentally take migratory birds in a position of legal uncertainty,” says Lehrenbaum. “The new permitting scheme, if issued, could resolve some of that concern, albeit by imposing an additional regulatory burden.” The Supreme Court also may resolve some of the uncertainty, as a split in the federal circuits over whether even unintentional bird deaths trigger criminal liability seems headed for decision there in 2016, he adds. Rising Vapor Concerns AN EMERGING CONCERN An emerging, high-profile, and potentially costly area of concern is the focus on potential manipulation of regulatory compliance testing and other confirmatory procedures. These procedures may be computerized, but the procedures are more likely a combination of testing equipment, software, and human interaction. Given recent developments, regulatory agencies are likely to view this as a new, “target-rich” environment, causing them to increase inspections of facilities and, more particularly, compliance monitoring and reporting mechanisms and procedures. With the potential of significant civil and criminal penalties, inhouse counsel need to be prepared to respond to questions and challenges in this area. In June 2015, the EPA issued two new sets of guidelines regarding vapor intrusion, the migration of hazardous vapors from contaminated soil or groundwater through the subsurface and into indoor air in nearby buildings. One set of guidelines is for vapor intrusion risks attributable to all classes of volatile chemicals; the other is specific to petroleum vapors associated with leaking underground storage tanks.

The broader guidance will have the biggest impact. “The EPA has not traditionally regulated indoor air, but vapor intrusion provides a way for the agency to address this based on existing regulations for soil and groundwater contamination,” says Jennifer Giblin, senior counsel with Crowell & Moring. “It becomes another issue to consider in the cleanup of any site where hazardous chemicals have been used.” One major concern for industry as these new guidelines are interpreted and applied is that site remediations already deemed completed by regulators may need to be reopened to ensure compliance with the new guidelines, Giblin adds. regulatory Forecast 2016 29 . privacy and cybersecurity Extending the Cybersecurity Defense Faced with growing cybersecurity threats, federal agencies are rethinking regulations to strengthen networks in both the government and private sectors. Federal Agency Legislation and Other Cybersecurity Guidelines The Counterfeit Access Device and Computer Fraud and Abuse Act of 1984 All federal agencies The Electronic Communications Privacy Act of 1986 All federal agencies The Computer Security Act of 1987 NIST The Cyber Security Research and Development Act (November 2002) NIST, NSF The Federal Information Security Management Act of 2002 and Federal Information Security Modernization Act of 2014 NIST, OMB, DHS The Clinger-Cohen Act of 1996 Commerce The Homeland Security Act of 2002 DHS DFARS Parts 202, 204, 212, 239, and 252 (August 2015) DOD Cybersecurity Guidance Update (April 2015) SEC FTC Act Section 5—Data Security Enforcement Actions FTC Cybersecurity Unit Best Practices (April 2015) DOJ NIST Cybersecurity Framework (February 2014) All federal agencies Gramm-Leach-Bliley Act (November 2009) Multiple federal agencies Glossary: NIST (National Institute of Standards & Technology), NSF, (National Science Foundation), OMB (Office of Management and Budget), DHS (Department of Homeland Security), DOD (Department of Defense), SEC (Securities and Exchange Commission), FTC (Federal Trade Commission), DOJ (Department of Justice) 30 regulatory Forecast 2016 A key effort on this front is the Department of Defense’s (DOD) Defense Federal Acquisition Regulation Supplement (DFARS) Safeguarding Rule, which applies to defense contractors. The rule requires contractors to implement dozens of specific security controls in information systems that contain unclassified controlled technical information (UCTI), generally defined as scientific or technical data related to space or military uses. It also requires contractors to notify the DOD if those systems are compromised to the extent that the UCTI could be affected. The Safeguarding Rule’s mandates are to be included in all department solicitations and contracts, including those covering commercial items. But that has not been the case.

The rule has been in effect since late 2013, but implementation in DOD contracts has been inconsistent. However, in February 2015, “the DOD criticized its component organizations for not adequately incorporating the rule into their contracts. That was a clear reminder that this is mandatory,” says Evan Wolff, co-chair of Crowell and Moring’s Privacy & Cybersecurity Group and a former advisor at the Department of Homeland Security (DHS). Those mandatory requirements became more complex in August 2015, when the DOD released a revised version of the Safeguarding Rule. The new version requires contractors to implement an expanded set of security controls.

And those controls are now mandatory on information systems containing not just UCTI but also other forms of “covered defense information,” such as information critical to operational security. This—combined with the DOD’s February statements— suggests that the defense industry will be keeping a close eye on contractor compliance. Companies are likely to see an increased number of federal contract modifications to include the rule after the fact, as well as tighter enforcement of the rule by the DOD. Contractors working with non-defense agencies will soon be facing similar requirements. Many federal agencies are considering cyber regulations related to procurement.

For its part, the Office of Management and Budget (OMB) recently proposed cybersecurity guidelines—similar to the DOD rule— that would apply to all federal contractors. The OMB would like these guidelines to be incorporated into the Federal Acquisition Regulation and adopted by the General Services Administration and other agencies. The impact of evolving cybersecurity regulations is also beginning to reach corporations well beyond the government contracting sphere. “We’re seeing a wide variety of agencies across the federal government, including DOJ, FTC, FCC, SEC, and DHS, using their current regulatory authority or .

seeking additional authority to regulate cybersecurity activities in the private sector at large,” says Wolff. The growing focus on cybersecurity creates challenges for companies, but some regulations are making it easier to secure private sector systems. The DHS Support Anti-Terrorism by Fostering Effective Technologies (SAFETY) Act program, for example, limits tort liability arising out of acts of terrorism when companies have implemented DHS-approved security technology. Enacted as part of the Homeland Security Act of 2002, the SAFETY Act has been applied to physical securityrelated technologies, such as scanners and metal detectors. But in 2015, DHS began including cybersecurity technologies in the program, with the approval in April 2015 of cyber-threat detection technologies from the Fire Eye company. “That approval is likely to encourage other technology companies to seek approval for their cybersecurity tools as well,” says Harvey Rishikof, senior counsel in Crowell & Moring’s Privacy & Cybersecurity Group.

“And because the liability protections flow up and down the chain, it may motivate companies to purchase and use the approved technologies.” Overall, the federal government’s broadening view of cybersecurity is based on the fundamental recognition that “national security information isn’t just held in places like the CIA or the military,” says Wolff. “Today, it’s also at agencies like the Patent Office or the FDA. And it’s in the private sector— companies are on the front line here.

So federal agencies are realizing that not only are their systems at risk, they also need to focus on their supply chain.” “With this growing scrutiny on the private sector, the general counsel now needs to be a critical advisor to the CEO about how to approach the cybersecurity issue and in taking up the issue with the board to allow for proper oversight,” says Rishikof. “The general counsel needs to make sure the company is seeing this not just as an IT risk but as an enterprise risk that needs to be managed through an appropriate governance structure.” Harvey Rishikof and Evan Wolff Frederik Van Remoortel working toward EU-wide Standards The European Union (EU) is negotiating a Network and Information Security Directive, commonly known as the “Cybersecurity Directive.” The negotiators of the European Parliament, Council, and Commission reached a political agreement on the text on Dec. 8, 2015, and the Directive is expected to be officially adopted by early 2016, at which point it should be implemented in the laws of EU member states over the following 21 months, after which the Members States will have another six months to identify operators of critical infrastructure. “This will be the first time that there are general Europe-wide information security standards in place,” says Frederik Van Remoortel, senior counsel at Crowell & Moring. The Directive will primarily affect governments, spelling out security provisions that they need to implement.

“It will have an impact on private sector companies as well,” notes Van Remoortel, “placing mandatory security breach and incident-notification requirements on critical infrastructure operators. The Directive will also impose security measures and notification requirements on important digital businesses, which include online marketplaces, cloud computing services, and search engines. Their obligations are said to be less stringent than those imposed on the essential services operators. The exact details will also depend on how EU member states implement the Directive in their laws.” The new Directive, he adds, “should be viewed alongside the new General Data Protection Regulation that is expected to be ratified by early 2016, which also holds general data-breach notification duties.” regulatory Forecast 2016 31 .

consumer products and advertising New Wrinkles: Increasing Focus on Health Claims for Cosmetics and Personal Care Products The aging U.S. population creates an attractive and lucrative marketing opportunity. The Federal Trade Commission (FTC) and the Food and Drug Administration (FDA), as well as state regulators and private litigants, will increasingly scrutinize products claiming to slow or ease the effects of aging or to address specific agerelated conditions. Peter Miller and David Ervin 32 regulatory Forecast 2016 “The FTC and FDA have successfully challenged health claims for pharmaceuticals, devices and apps, food, and dietary supplements, and now it seems likely that cosmetics and personal care products are next,” says David Ervin, a partner in Crowell & Moring’s Advertising & Product Risk Management Group. As Ervin points out, “Any products that claim to reduce wrinkles, help you appear younger, or feel better— especially any that tout a scientific or clinical basis for their effectiveness—are likely to be of great interest to regulators.” Products claiming to provide scientific solutions for agerelated conditions will be in the crosshairs, agrees Peter Miller, senior counsel at Crowell & Moring, who served as an FTC attorney for more than a decade.

In 2014, the FTC settled an enforcement action arising from claims by cosmetics company L’Oréal that two of its skincare products provided anti-aging benefits by targeting users’ genes. In 2015, the FTC brought enforcement actions against three marketers that claimed that the catalase enzyme in their products—“Get Away Gray,” “Go Away Gray” and “Grey Defence” dietary supplements and “Go Away Gray” daily anti-gray shampoo and conditioner—prevented or reversed the formation of gray hair. A landmark federal appellate ruling in early 2015 affirmed both the breadth of the FTC’s advertising enforcement juris- . diction and its interpretation of health and disease claims. The U.S. Court of Appeals for the D.C. Circuit, agreeing almost completely with the FTC, affirmed that POM Wonderful made unwarranted health and disease-prevention claims when advertising its pomegranate juice products. The 2015 POM Wonderful decision also provided a victory for marketers regarding the substantiation required for health and disease claims.

Rejecting the FTC’s assertion that two randomized human clinical trials (RCTs) were required to substantiate disease claims—a requirement common to many FTC orders—the D.C. Circuit ruled that one RCT would generally be sufficient. With RCTs costing $100,000 to $150,000 and more, that was especially good news for marketers making health and disease-related claims, Ervin says. Miller notes that marketers of cosmetics and personal care products don’t just have to fear federal regulators; they are increasingly being taken to task by competitors, watchdog groups, class action litigants, and state attorneys general as well.

“It really has become a multi-risk environment,” he says. “Knowing how to safely thread your way through it is extremely important.” One way marketers can protect themselves is through effective vendor management. “You’re responsible for what ends up in the package and what you say about it,” Miller says.

“You need to know the sources, the ingredients, the manufacturer, and the amount and type of substantiation that has been done.” Building Privacy and Security into the IoT The FTC kicked off 2015 with a report providing privacy and security guidance regarding the growing variety of Internetconnected devices and sensors known as the Internet of Things (IoT). The FTC followed up by creating the new Office of Technology Research and Investigation (OTECH), which will tackle technology issues such as “privacy, data security, connected cars, smart homes, algorithmic transparency, emerging payment methods, big data, and the Internet of Things.” In November, the FTC conducted a Cross-Device Tracking Workshop, and in January 2016, it will hold its first-ever PrivacyCon, a conference at which industry leaders will discuss the latest research and trends in consumer privacy and data security. Miller says that non-tech companies new to IoT are at the greatest risk for running afoul of regulators, including the FTC, in 2016. For example, alcoholic beverage marketers have discussed using “smart bottles” to increase interactions with and to collect information about consumers.

“These are companies that have never collected large amounts of data directly from their customers,” says Ervin. “And there are a host of regulatory and compliance issues that have to be considered.” The FTC’s IoT report includes specific privacy and security recommendations, including, for example, that companies consider data minimization—or voluntarily limiting the amount of data collected—and take steps to de-identify the data they do collect. “The point is that privacy and security can’t just be afterthoughts,” says Ervin.

“They have to be built into the plan from day one.” Native Advertising Revenue (U.S.) Desktop and Mobile (in $ billions) 21* 17.3* 13.9* 10.7* 7.9* 4.7 2013 2014 2015 2016 2017 2018 Despite concerns about possible regulations, native advertising has been a boon for publishers, accounting for billions in revenue, with BI Intelligence and the Interactive Advertising Bureau estimating a nearly fivefold increase in as many years. Advertising: Unblurring the Lines On December 22, 2015, the Federal Trade Commission (FTC) issued its highly anticipated Enforcement Policy Statement on Deceptively Formatted Advertisements, which addresses native advertising, a popular form of advertiser-sponsored content that merges marketing with non-commercial content. The FTC also released Native Advertising: A Guide for Businesses to identify practices that prevent deceptive use of native advertising. According to Crowell & Moring’s David Ervin, some of the FTC’s guidance—such as placing disclosures on sponsored images and graphics, requiring disclosures to survive republication, and declaring company logos and names alone to be insufficient disclosures—sets up a potential battle with publishers, which see native advertising as a way to make up for lost revenue resulting from flagging print publications, nonperforming online banner ads, and declines in traditional forms of digital advertising. Publishers have cited the First Amendment and rejected restrictions on native advertising. The guide makes clear that potential FTC liability extends to “everyone who participates directly or indirectly in creating or presenting native ads.” In 2016, look for the FTC to bring enforcement actions that highlight specific issues in the policy statement and guide, says Ervin. “For years, the FTC has been expressing concern that native advertising is misleading.

They’re not going to go to the trouble of issuing guidance and then not do anything with it.” regulatory Forecast 2016 33 . government contracts Holding Contractors Accountable for the Supply Chain Federal agencies are increasingly interested in the sourcing of contractors’ goods. As a result, contractors are seeing scrutiny of their supply chains under existing regulations—and they can expect more in the coming year as new rules take hold. Executive Orders Drive Regulation Government contractors have had to contend with more and more regulations in recent years, and a number of those regulations stem from presidential executive orders. In 2015, for example, the White House issued the “fair pay and safe workplace” order in May and an order expanding paid sick leave in September. “Since taking office, the president has issued 13 executive orders that pertain specifically to government contractors, and these have resulted in at least 16 new regulations,” says Crowell & Moring’s Lorraine Campos. In August 2015, a group of trade associations sent a letter to the White House citing the burden that these executive orders are putting on contractors.

The letter noted that “the net effect has been to significantly increase the costs of doing business with the government…. Some estimate that nearly 30 cents of every contract dollar goes toward compliance with unique government regulations.” There may well be more of these orders on the horizon, says Campos: “As the president goes through his last year in office, it is likely that the executive branch will continue to take action to implement its policies through these kinds of executive orders.” 34 regulatory Forecast 2016 In general, federal regulations put the burden of compliance on prime contractors, making them responsible for the actions of their suppliers and subcontractors. That can create problems under, among other things, the Trade Agreements Act of 1979 (TAA).

The TAA requires that products sold to the U.S. government be manufactured in the U.S. or a country that has favored trade status with the U.S.

And that can lead to complications in an era of global business. “Many companies have moved manufacturing offshore, often to countries that are not designated countries under the TAA,” says Lorraine Campos, a partner in Crowell & Moring’s Government Contracts Group. In the pharmaceutical industry, for example, key ingredients are often made in India and China. “The Food and Drug Administration (FDA) certifies manufacturing operations in those countries, but there is confusion on the part of manufacturers when those FDA-approved drugs cannot be sold to the U.S.

government because of the country where they were manufactured.” Today, contractors are coming under increased scrutiny for TAA compliance—in part because whistleblowers have a strong financial incentive to report violations and initiate qui tam lawsuits under the False Claims Act (FCA). Government agencies have been investigating potential violations with more frequency, and the Department of Justice (DOJ) is increasing its use of the FCA as a TAA enforcement tool. In April 2015, for example, medical device company Medtronic agreed to pay the federal government $4.41 million to resolve allegations that it violated the FCA by making false statements about the country of origin for products it sold to government agencies.

The devices were actually made in China and Malaysia, which are prohibited countries under the TAA. “We’re seeing the government really taking an interest in where the products it buys are coming from,” says Campos. Agencies are showing an increased interest in the quality of goods as well. For example, contractors now need to comply with the Department of Defense’s (DOD) counterfeit electronic parts rule. The rule was released in 2014, and the Defense Contract Management Agency, which oversees implementation, provided guidance in July 2015.

Under the rule, contractors need to implement systems to detect counterfeit electronic parts, and these systems will be reviewed in government audits of contractor purchasing systems. If a contractor does not have an acceptable system, its purchasing system may be disapproved and payments may be withheld by the DOD. If counterfeit parts make their way to the DOD, they may be rejected, with the cost of any repair or corrective action to be picked up by the contractor. Similarly, contractors need to keep an eye on proposed . Lorraine Campos, Dan Forman, and Peter Eyre changes to the Federal Acquisition Regulation that would require more extensive reporting of suspected counterfeit or defective parts. Under these changes, contractors would have to report such parts to a central database—the GovernmentIndustry Data Exchange Program—and check that database before purchasing parts from suppliers. The rule, which is expected to be finalized in 2016, would go further than the DOD’s rule and include all parts, not just electronic components. Complying with this growing range of regulations will require changes to contractors’ practices and capabilities. “In a very real sense, you’re only as compliant as your supply chain,” says Peter Eyre, a partner in Crowell & Moring’s Government Contracts Group.

“But in order to comply, you have to have visibility far down the supply chain to some very small, minor subassemblies and components. So it’s imperative to understand where your products are coming from if you are planning on selling to the government.” What’s more, some agencies have started to push for action beyond the written regulations. “They’re taking an aggressive position, with the expectation that contractors will actively monitor their subcontractors for compliance, not just have them certify that they are in compliance,” says Dan Forman, a partner at Crowell & Moring and co-chair of the firm’s Government Contracts Group.

“That is raising new questions about the role that prime contractors will play in overseeing their suppliers.” These trends will present challenges and create risks ranging from fines to suspension and debarment—and unwanted publicity. The changing landscape offers opportunity as well. “Like contractors, federal agencies often struggle to keep track of changing regulations and requirements. They see value in companies that keep up to speed on these things,” Eyre says. “The companies that understand these regulations—and not only know the rules but also know how to best demonstrate compliance—will have a competitive advantage in working with the federal government.” State Contracting: A Growing Challenge With federal agency budgets flat and somewhat uncertain over the past few years, a number of large federal contractors have turned to the stategovernment market to find more business.

And there, many are encountering new challenges on the regulatory front. State contractor regulation is typically not as formalized or comprehensive as federal regulation—and often, not as clear. “The rules are different from state to state, and sometimes there aren’t many rules,” says Crowell & Moring’s Dan Forman. “In general, the states are afforded a greater degree of discretion than federal agencies when it comes to dealing with contractors.” Recently, Forman adds, some state governments have been exercising that discretion in more aggressive ways.

“We’ve seen states using termination for cause as a lever to achieve what they can’t achieve through bilateral contractual negotiations,” he explains. “We are also seeing states becoming less patient with delays in contract performance, even where the state itself bears some culpability and is more likely to terminate for default. We’ve also seen states threatening contractors with debarment to get them to accept the terminations for default.” That is especially troubling, he adds, because “state debarment will trigger the need for a federal responsibility certification, impacting the contractor’s federal business—and even its commercial business.” regulatory Forecast 2016 35 .

Intellectual Property Still in Search of Reform When Congress passed the America Invents Act (AIA) in 2011, there were high hopes that the first significant patent reform legislation in more than half a century would be just what was needed to discourage abuse and modernize the system, all the while striking the right balance between protecting inventors and promoting innovation well into the 21st century. But 2015 brought an unprecedented wave of new calls for reform, and half a dozen new legislative proposals began circulating through Congress, largely focused on one of the most important issues of all—patent trolls. On one side, a coalition of businesses known as United for Patent Reform launched a major government relations campaign to encourage lawmakers to deter patent trolls by making it harder to bring patent infringement suits. On the other, major corporations, including pharmaceutical companies for which strong patent protection is their life’s blood, are fighting to ensure strong patent protection. As the year drew to a close, none of the bills had emerged as a consensus frontrunner, setting the stage for a potential 2016 clash between some of the most powerful forces in Washington. The debate over patent reform—and reform of our system of intellectual property in general—isn’t going away, says Crowell & Moring Intellectual Property Group partner Teresa Rea, former acting and deputy director at the U.S.

Patent & Trademark Office. “The IP discussion is going on among parties that never had to think about it before,” she says. “There is no industry, no business—big or small—that has not been affected.” The key questions at play: how to craft anti-troll provisions such as limiting discovery, and shifting attorney’s fees without harming those with a legitimate interest in protecting their patent rights. Patents comparison of 1st half of 2015 patent litigation Non-NPE NPE 4000 3000 2000 1000 0 2014H1 2014H2 2015H1 Source: Unified Patents Of the 3,050 patent lawsuits filed in the first half of last year, 2,075, or 68 percent, were filed by non-practicing entities (NPEs). 36 regulatory Forecast 2016 Rea points out that the Founding Fathers actually identified patents in the U.S.

Constitution because they wanted Americans to create and innovate with confidence. But in recent years, she says, patents have gotten a bad rap. “They might not be able to tell you exactly why, but there is a growing public skepticism about the patent system, and the average person sometimes feels negatively about patents,” says Rea. “Unfortunately, much of the public discourse surrounding reforms fails to recognize that we wouldn’t be the country we are today without those protections for inventors.” Some people may believe that patents are to blame for the high cost of prescription drugs.

Or they’ve heard about patent “trolls,” which hold patents not to make and sell a product, but to use them primarily as legal weapons against those who do, from tech giants to mom-and-pop restaurants, grocers, bookstores, and other retailers. Broad concerns over trolls have recently led legislators in more than a dozen states to pass consumer protection laws that ban “bad faith patent assertions,” Rea says, adding that . On the Docket At least six major patent reform bills were introduced in Congress in 2015—and may move forward in 2016. Innovation Act A bipartisan bill with 19 co-sponsors, the Innovation Act calls for a wide variety of reforms including raising pleading requirements, limiting discovery, and fee shifting. PATENT ACT The Protecting American Talent and Entrepreneurship Act is basically the Senate version of the Innovation Act, with some minor differences. Terry Rea while state-level legislation could help slow the pace of patent troll demand letters to small businesses, it has raised concerns that it could turn the patent system, generally considered federal domain, into an unwieldy patchwork of laws. But pushing reform on the federal level is extremely complex, she notes, given the conflicting interests of some of the most powerful industry voices. Pharmaceutical interests that pour billions into research and development need strong patent protection for as long as possible, as they make most of their investment back in the later years of the patent term. In the technology sector, where new inventions regularly become obsolete in a few years, many firms only see a need for shorter patent terms. “Every proposal is seen as benefiting one side or the other,” says Rea.

“That makes consensus-building very difficult.” And Congress has to be extremely careful about the unintended consequences of any reform provision. For example, while a system in which the loser pays court costs could discourage frivolous patent lawsuits, it also could hurt universities and other nonprofit entities that, like trolls, develop and hold patents not for the purpose of making and selling products but to license them to others. “In our system, we want you to be able to assert your rights if you truly feel you have a legal right that is being compromised and not be reluctant to bring that claim because you might have to pay the other side’s legal costs,” Rea says. Reforms passed in 2011 have already resulted in at least one unintended consequence: while the Patent Trial and Appeal Board (PTAB) was created under the AIA to make it quicker and cheaper to challenge weak patents, its popularity as a new forum has raised concerns that it may be being used for purposes beyond challenging patent validity, such as to raise issues about the strength of a company’s patent portfolio or to mire patent holders in endless litigation. “Sorting out the bad actors from the good actors is very difficult,” says Rea. STRONG Act The Support Technology and Research for Our Nation’s Growth Act was filed by opponents of the Innovation Act.

Seen as pro-patent owner, it would primarily make changes to the USPTO patent review process. TROL Act The Targeting Rogue and Opaque Letters Act is similar to some state legislation that punishes those that send bad-faith enforcement letters. Demand Letter Transparency Act Sets minimum content requirements for demand letters and requires those sending more than 20 to file them in a national public database. Innovation Protection Act Blocks Congress from diverting excess USPTO fees toward other purposes. Beyond Patents Rea says the pace of change worldwide also poses challenges for our entire system of intellectual property. For example, while the Digital Millennium Copyright Act, passed in 1998, was supposed to protect copyright holders from online pirates well into the new century, less than two decades in, Congress is already considering significant changes to the copyright system. And while trade secret law has traditionally been the domain of the states, concerns about international trade secret theft have prompted congressional proposals for a new federal trade secret law. In an effort to focus on this important issue and protect American innovation, Congress created the Office of Intellectual Property Enforcement Coordinator in 2008.

Its new IP czar, Daniel Marti, promised in 2015 to develop a set of legislative recommendations and executive actions aimed at beefing up protection for trade secrets. “The debate is more robust than ever,” says Rea. “But it’s also more complex. With IP, it always needs to be about where the balance should be so that we never lose the incentive to innovate in this country.” regulatory Forecast 2016 37 .

trade Building Bridges—in Two Directions Obama administration officials are working to cement the president’s legacy during his final year in office by pushing through two of the largest trade agreements in history— one that could open previously untapped AsiaPacific markets, and one that would make it easier for U.S. companies to do business in Europe. Pivoting Toward Asia Sealing the 12-country Trans-Pacific Partnership (TPP) Agreement would be the capstone of the administration’s pivottoward-Asia policy, which calls for increased engagement in the region. Negotiations, which began during the George W. Bush administration, were concluded on Oct. 5, but the deal still faces an uphill battle in Congress, where it must be signed and ratified. As a group, the TPP countries—including Australia, Brunei, Canada, Chile, Japan, Malaysia, Mexico, New Zealand, Peru, Singapore, and Vietnam—represent the United States’ third-largest goods export market and its fourth-largest services export market.

“Japan, Malaysia, and Vietnam in particular have had high barriers to trade in the past and could present great new opportunities for U.S. companies once the TPP is adopted,” says James Smith, the former U.S. ambassador to the Kingdom of Saudi Arabia and current president of C&M International, an affiliate of Crowell & Moring. Japan’s agricultural, chemical, and insurance sectors could become more viable markets in which U.S.

companies could compete, Smith notes. The deal would also create a more level playing field for U.S. companies vying for government contracts in the Asia-Pacific region.

In addition, opportunities for logistics and delivery companies could open up in many TPP countries where foreign firms were once effectively blocked. The deal, says Paul Davies, director at C&M International, could enhance legal protections for U.S. companies doing business in TPP markets by strengthening enforcement on patents, trademarks, and copyrights as well as requiring nondiscriminatory treatment under local laws. Shoring Up European Ties Jim Smith, Cari Stinebower, and Paul Davies 38 regulatory Forecast 2016 Although the current migrant crisis is expected to demand European Union (EU) officials’ attention in the near term, the EU and the Obama administration have set an ambitious goal of having the Transatlantic Trade and Investment Partnership (TTIP) negotiated by the end of 2016. With the U.S.

and EU accounting for nearly half of global economic output, the TTIP would be the largest trade agreement ever. Although U.S. trade with Europe is already significantly more open than with many of the TPP countries, the TTIP would eliminate customs duties on goods and services between the U.S. and the EU—a $2.7 billion-a-day trading corridor, according to the Office of the U.S.

Trade Representative. It also aims to reduce the high cost of complying with duplicative U.S. and European regulations.

For example, U.S. automakers . Source: Office of the Federal Register Trans-Pacific Partnership Countries Trans-Pacific Partnership Countries Source: Office of the Federal Register Canada Japan Vietnam Malaysia Vietnam Brunei Malaysia Singapore Brunei Singapore Canada Japan Mexico Mexico Australia Australia New Zealand Positive Trade Balance New Zealand Negative Trade Balance Positive Trade from the Source: Trade dataBalance U.S. International Trade Commission (ITC) Negative Trade Balance Peru Despite Eased Restrictions, Caution is Required Peru Chile Chile Source: Trade data from the U.S. International Trade Commission (ITC) TPP countries imports and exports U.S. Imports U.S. TPP countries imports and exports Exports 346.1 346.1 294.2 294.2 Australia 10.7 26.7 U.S.

Imports U.S. Exports Brunei 0 .6 Australia 10.7 26.7 Canada Brunei 0 .6 Chile 9.5 16.6 Canada Japan 133.9 67 Chile 9.5 16.6 Malaysia 30.4 13.1 Japan 133.9 67 Mexico Malaysia 30.4 13.1 4 New Zealand 4.3 Mexico Peru 6.1 10.1 4 New Zealand 4.3 Singapore 16.5 30.5 Peru 6.1 10.1 Vietnam 30.6 5.7 Singapore 16.5 30.5 312.1 312.1 240.3 240.3 Source: Analysis by CRS. Population and GDP data from IMF, World Economic Outlook, Vietnam 30.6 5.7 April 2014.

Trade data from the U.S. International Trade Commission (ITC). Total trade includes both imports and exports, but does not include services trade. Source: Analysis by CRS.

Population and GDP data from IMF, World Economic Outlook, April 2014. Trade data from the U.S. International Trade Commission (ITC).

Total trade includes both imports and exports, but does not include services trade. Supporters believe the TPP could ease trade imbalances with some countries, such as Vietnam, Malaysia, and Japan, that have been relatively closed to U.S. exports. that have already run crash tests to meet U.S. standards may not have to repeat the test in order comply with EU regulations.

The deal would also open government contract bidding in the EU to U.S. firms, and vice-versa. According to the London-based Centre for Economic Policy Research, the TTIP would add $125 billion to the U.S. GDP each year by boosting U.S.

exports to the EU by $300 billion. Developing ways of ensuring “regulatory coherence”— where each jurisdiction implements its own regulatory processes, but with increased input and cooperation from the other—has been a key sticking point among negotiators. Particularly in Europe, there’s a sentiment that more closely aligning EU regulation with that of the United States would represent “downward harmonization.” “There is the view among some in Europe that their food is safer, their environment cleaner, and their products of a higher standard, and that that justifies burdensome and duplicative regulation,” says Davies. “But there’s not a great deal of evidence to support that.” The recent easing of trade restrictions against formerly ostracized countries such as Cuba and Burma (Myanmar) presents potential opportunity for U.S. businesses—but also significant risk. That’s because those jurisdictions remain fairly closed economies, run largely by government entities or former government officials.

Although the sanctions specter may be diminishing, the risk exposure for corruption and money laundering remains, says Crowell & Moring partner Cari Stinebower, a former counsel for the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC). The Foreign Corrupt Practices Act (FCPA) prohibits U.S. companies from paying an official of a foreign government to corruptly obtain a business benefit.

In countries that have been isolated from modernized economies for decades, such payments may be considered acceptable business practices. “Until these countries have a chance to catch up to global standards, you really have to tread carefully,” says Stinebower. The U.S. Department of Justice in particular signaled its ongoing concern about FCPA compliance in July 2015, when it confirmed it had hired an attorney to serve in a newly created position of FCPA compliance expert.

The U.S. Securities and Exchange Commission, which also enforces the FCPA, created a specialized FCPA unit in 2010. Federal banking regulators and even local prosecutors in the Manhattan district attorney’s office have also been honing in on anti-corruption issues. The evolution of the compliance function within a U.S. business continues, says Stinebower.

The expectation is that an entity will have a culture of compliance, driven from the top, but evident throughout the enterprise. “The role of the compliance division within an entity is to ensure the compliance program is designed to mitigate risk and is nimble enough to evolve and adapt to new scenarios,” she says. “The role of the compliance officer is to carry out the program—but also to know the business well enough so as to address evolving risks.” regulatory Forecast 2016 39 . antitrust health care industry in the spotlight Over the past five years, the American health care industry has faced unprecedented pressure to reduce cost and increase efficiency while enhancing quality and expanding patient access and choice. Billion-Dollar Health Care Deals 2010-2015* $129.2 Total dollars (in billions) $154.9 $87 $118.2 $325.3 $493.3 100 80 60 40 % share of total health care M&A activity 20 0 Number of $ billion deals 2010 2011 2012 2013 2014 2015 * Through Dec. 2, 2015 Source: Health Care M&A News, Dec. 2, 2015 Not only have the number of billion-dollar health care deals increased dramatically since 2010, but so have the dollar values of these deals and the share of total deals the big deals represent. 40 regulatory Forecast 2016 That reality, and the incentives the country’s new regulations have created, has increasingly placed the health care industry in the antitrust spotlight. The Affordable Care Act (ACA) is the primary driver of the ongoing restructuring of the health care industry. The regulatory mandates and financial incentives associated with the ACA have intensified the focus on reduced costs and improved coordination and quality of care. That has spurred new alliances and combinations across the industry, some of which are drawing the attention of antitrust regulators, from the Federal Trade Commission (FTC) and the Department of Justice (DOJ) to state attorneys general. The agencies are reviewing these transactions closely and have recently challenged a series of proposed hospital tieups. As Assistant Attorney General Bill Baer recently noted, “While the ACA promotes collaboration and integration, it does not and was not meant to give anyone a free pass from the antitrust laws.” But health care mergers are different from mergers involving, say, chemical or software companies.

“The delivery of health care is typically a local business—people don’t usually travel far to get care,” says Mary Anne Mason, a partner in Crowell & Moring’s Antitrust Group. “So the merger review process often focuses not on the overall size of the merging parties but on whether those companies, regardless of their size, compete in a particular geographic area and with a particular product.” In addition, the ACA has brought many new competitors to the field—including accountable care organizations and other new entrants—and spurred the creation of insurance exchanges, both of which have increased competition in many local markets, further complicating the analysis. The ACA has also triggered an increase in deals involving vertical integration—for example, combining hospitals and physician groups. Here, regulators are trying to reconcile the evolving approaches that are emerging in health care with the traditional theories of antitrust liability, says Mason. “There is a tendency in antitrust law to recognize that vertical integration is good because it usually leads to greater efficiency.” In the health care context, courts have viewed it as a more subtle issue.

“The question becomes how the combination will result in the provision of better health care and how it will impact consumers and other hospitals,” says Mason. “That kind of issue becomes specific to the local area and requires a nuanced analysis.” . Mary Anne Mason and Shawn Johnson New Scrutiny for Non-Reportable Deals As part of their reaction to the changing health care arena, regulators are also looking closely at transactions that are not subject to Hart–Scott–Rodino (HSR) notification. The HSR Act requires pre-merger notification of mergers that exceed a certain value—currently, $76.3 million—to the DOJ and FTC, and gives those agencies 30 days to review the transaction. However, many health care mergers and joint ventures involve smaller entities that fall below that threshold and are thus not reportable under the Act. But given the local nature of competition in this space, some of these transactions can still raise antitrust concerns. “We are now seeing a significant increase in investigations of non-reportable transactions,” says Shawn Johnson, a partner in Crowell & Moring’s Antitrust Group. “That can raise serious risk for smaller transactions, including acquisitions of hospitals and physician practice groups.

Because no notification is required, the deal may close, thus potentially subjecting the buyer to a post hoc legal challenge. There have been several enforcement actions brought in this context, and that is a pretty painful experience for a business to go through.” Regulators also appear to be closely questioning the justifications parties give for their combinations. For example, health care organizations often point to improved efficiencies as a benefit of the transaction.

“The agencies believe that gains in efficiency have to be merger-specific to be credited, which can mean that the benefit could not have resulted from other, less anticompetitive methods,” says Johnson. “Recently, the agencies have aggressively challenged the merger specificity of these benefits in certain cases and questioned whether the parties could generate the same efficiencies through a joint venture or an arm’s-length agreement.” In one prominent case, the St. Luke’s Health System purchased a nearby physician practice in Idaho in 2012.

While the deal was not reportable, the FTC quickly raised questions. The parties argued that the transaction would enable them to coordinate care more closely and increase efficiency. But the FTC challenged the transaction, alleging that a merger wasn’t necessary to coordinate care or achieve the other benefits—and the federal district court agreed.

“While the judge recognized the parties’ laudable goals, it found that the proposed transaction was not the only way to achieve them,” says Johnson. In early 2015, the Ninth Circuit court denied St. Luke’s appeal, requiring the hospital to unwind the merger. “The tensions between an evolving health care industry and antitrust regulation are expected to continue over the coming year—and probably beyond,” says Johnson.

“And the FTC and the DOJ have made it clear that they will continue to look closely at competition issues throughout the industry.” EHR: The next frontier In health care, the ongoing implementation of electronic health records (EHR) systems holds a great deal of promise in terms of addressing some of the industry’s fundamental challenges. “The idea is that these systems can provide patients with more transparency in terms of the cost and outcomes associated with their care, which can lead to better informed decisions that may also improve their care and potentially reduce health care costs,” says Crowell & Moring’s Mary Anne Mason. But not everyone sees it that way. “The trend toward EHR is generating not only privacy issues but also competitive issues,” says Mason.

And regulators are on alert. “The Department of Justice (DOJ) and the Federal Trade Commission (FTC) have said that while they recognize the value of sharing information through EHR, as well as the ACA’s insurance exchanges, they are also going to keep a close eye on these trends to make sure they do not mean reduced competition,” she says. regulatory Forecast 2016 41 . tax Zombie Notices, the “Cadillac Tax,” and Other Bugaboos Tax attorneys call them “zombie notices.” As issued by the Internal Revenue Service (IRS), they manage to combine the only two certain things in life: death and taxes. And they strike horror—or at least anxiety—into the hearts of companies everywhere. Jennifer Ray and Joel Wood 42 regulatory Forecast 2016 With a zombie notice, the IRS warns a taxpayer to cease a behavior because it violates a regulation that is forthcoming. “Then years go by, and the rules are never formalized through a rulemaking process. Yet the notice refuses to die,” says Jennifer Ray, a partner in Crowell & Moring’s Tax Group. “A rule stated in a notice doesn’t have the same legal authority as a full regulation: it hasn’t gone through Administrative Procedure Act-required public notice-and-comment periods. So the taxpayer is left wondering if these rules really apply and, if so, when they take effect.” Zombie notices have their roots in budget cuts at the IRS, which hampered the agency’s ability to push through rules. “In the past, the IRS would issue temporary regulations but would not get around to finalizing them, leaving businesses in limbo,” Ray says.

“Congress stepped in and put a three-year time limit on temporary regulations. That’s when the IRS began sending out more zombie notices.” But the zombies may have met their match. On July 27, 2015, the Tax Court handed down Altera Corp.

v. Comm’r, which held that the Treasury Department is required to engage in reasoned decision making as interpreted in existing case law. Now, taxpayers can assert that the IRS must demonstrate rea- . announced hospital mergers and acquisitions (1998-2014) 300 Number of deals Number of hospitals 250 200 150 soned decision making by, among other things, considering comments from the public, before handing down a rule that purports to have the force of law. “I think there are additional opportunities to think about whether rules announced in notices can be challenged, where the IRS has not acted to issue a formal regulation,” says Ray. “You can ask, ‘How does this apply?’ or ‘How is this rule that the IRS is trying to apply in our case even valid?’” Retirement Plan Qualifications Also this year, companies that sponsor tax-qualified retirement plans governed by the Employee Retirement Income Security Act of 1974 (ERISA) face changes in the IRS rules governing their plans. “The IRS eliminated in 2015 its program by which plan sponsors could periodically request a ‘determination letter,’ which verifies the tax-qualified nature of their plans,” says Joel Wood, counsel in Crowell & Moring’s ERISA & Employment Benefits practice. “Plans may now request a determination letter only when first formed or when they are terminating. This will increase audit risks for plans and plan sponsors because tax-qualification issues may not be identified until audit.

It will also complicate mergers and acquisitions, in Health Care M&A: Staying Tax-Exempt Reimbursement in the health care system is increasingly based on patient outcomes rather than service provision. To accommodate this transformation, many tax-exempt hospital systems have been merging with, acquiring, or working closely with taxable companies to establish new care models such as accountable care organizations and integrated delivery networks. But tax-exempt entities have received little guidance from the IRS on the extent to which they can participate in these ventures without risking their tax status. “It appears that accountable care organizations under the Medicare Shared Savings Program are tax-exempt, but beyond that, the picture is murky,” says Crowell & Moring’s Jennifer Ray.

“This is on the cutting edge of health care tax law, and it’s where a lot of people would like to see more guidance. The demand will only increase as more deals are considered.” 100 50 0 ’98 ’99 ’00 ’01 ’02 ’03 ’04 ’05 ’06 ’07 ’08 ’09 ’10 ’11 ’12 ’13 ’14 Source: Irving Levin Associates Inc. (2014).

The Health Care Services Acquisition Report, Twenty-First Edition. Mergers within health care are on the rise as organizations react to demand-for-care models based on patient outcomes. But IRS guidance for the effect these mergers will have on taxexempt status is minimal at best. which companies often rely on determination letters to show that retirement plans of acquired companies are tax-qualified. They’ll need that verification before they will allow rollover of retirement accounts into their plans, among other reasons. “This year, businesses involved in M&A will be pressed to show that they’ve made a detailed inquiry to justify saying, ‘Yes, our plan is tax-qualified,’” adds Wood. “But even that is unlikely to win the day, because acquirers are still likely going to want indemnities built into the agreement.” Since plans and companies can no longer rely on periodic opinions from the IRS, prudent businesses will work harder—and earlier—to ensure that their retirement plans are correct and up to date. The Cadillac Cometh Upcoming changes in another employee benefit—health care—will also be in the spotlight in 2016. The Affordable Care Act (ACA)’s excise tax on high-value health plans— known as the “Cadillac tax”—is now scheduled to take effect in 2020.

But rulemaking is expected to begin this year. “The IRS has promised an extensive process of rulemaking, and we can expect to see it unfold rapidly this year to provide employers with sufficient lead time to prepare systems for the calculation, assessment, and payment of the tax,” says Wood. Ambiguity in the ACA has left employers wondering what health coverage will be subject to the tax. The answer: more than they might have thought. “Initial guidance suggests the IRS will take an expansive, aggressive view of the health care covered, resulting in far more group health plans being taxable than initially anticipated after the ACA was passed,” Wood says. The IRS will likely require a review of the value of each plan and how each person is individually covered, Wood says. But it’s still unclear how employers will calculate the cost of the plans and what will happen if, for example, a business calculates the cost and the health insurance company disagrees with it.

It’s also unclear exactly how the tax will apply to selffunded plans. regulatory Forecast 2016 43 . white collar Investigator, Judge, and Enforcer Addressing the broadening role of administrative proceedings at the U.S. Securities and Exchange Commission (SEC), U.S. District Court Judge Jed Rakoff last year criticized what he called “administrative creep.” Change in Anti-Money Laundering Compliance Spending 1% Over Past Three Years 12% Decrease No change in real terms Less than 10% 21% 15% 10% to 25% 11% 25% to 50% 50% to 100% Over 100% 16% 24% Source: KPMG Seventy-eight percent of respondents to a KPMG survey said they had increased spending on anti-money laundering compliance over the past three years. Seventy-four percent predicted further increases over the next three years. 44 regulatory Forecast 2016 Indeed, in 2015, agencies across the federal government crept into more and more roles, investigating cases, issuing rulings, imposing civil penalties, adjudicating appeals, and enforcing a variety of sanctions. That trend appears unlikely to subside this year. Agencies are aggressively pushing to bring enforcement cases before their own in-house administrative tribunals, seeking to avoid the more level playing field of the federal courts. The practice has prompted complaints not only from defendants but also from judges and members of Congress. At least in one case, that backlash may have made an impact. Unless the system is overhauled, companies should expect to find themselves increasingly in administrative proceedings, notes Jeff Rutherford, a partner with Crowell & Moring.

“These hearings—the rules they use, the strategies that are effective, the budget that is required, and possibly the outcome—are all very different from a federal court,” says Rutherford, who has represented clients in many such hearings. “You need attorneys on your side who are very familiar with the proceedings of the specific agency to mount the most effective defense.” In 2014, SEC officials declared they would expand the use of their in-house tribunal using new authority from the DoddFrank financial reform law. Administrators and their congressional allies say that in-house proceedings are more efficient than federal district court and that agency in-house judges have greater expertise than their district court counterparts.

But with the agency acting as both prosecutor and judge, defendants are feeling embattled. “The agency controls the entire in-house proceeding—the timing, the judges, the process, and the rules,” says Janet Levine, a partner with Crowell & Moring and chair of its Trial Practice. “Even the appeals are heard by the Commission, which authorized the case to begin with.” The agency appears to have a considerable home-court advantage: in an analysis of cases between October 2010 and March 2015, The Wall Street Journal found that the agency ruled against 90 percent of respondents in cases before its judges, while federal district judges ruled against 69 percent of defendants in federal court over the same period. But in mid-2015, two federal judges in separate cases found that the SEC had not appointed its five administrative law judges in a constitutional manner.

(The federal judges found that the administrative judges qualified as “officers” under the Constitution’s Appointments Clause and therefore should have been appointed by the president, the judiciary, or the agency’s commissioners rather than its personnel office.) The findings against the SEC have prompted legal challenges against other agencies that appoint their judges in a similar manner. For example, the Federal Trade Commis- . Amy Lee, Jeff Rutherford, Janet Levine, and Alan Gourley sion (FTC) has aggressively used the administrative litigation process in cases accusing companies of lax data security. In mid-2015, LabMD moved to dismiss the FTC’s administrative case against it, arguing that the FTC’s in-house judges’ appointment also violated the Appointments Clause. (The federal Office of Personnel Management (OPM) appoints FTC judges.) Another challenge that targeted companies face is that “often an administrative proceeding gets a deferential review in federal court,” notes Amy Lee, counsel with Crowell & Moring. The review process came under the spotlight after an administrative law judge levied a record-setting penalty in a case alleging market manipulation by a bank. “The respondent has only limited rights of appeal,” Lee says. “It can go back to FERC and challenge the penalty before a FERC administrative law judge or bring its case to the federal court.

The bank has chosen to challenge the penalty in federal court, where it’s arguing that the court should hear the case de novo and give no deference to FERC’s finding in fact or legal conclusions, while FERC argues that the court should simply affirm the agency’s findings and focus on the size of the civil penalty.” Frustration over FERC’s enforcement of energy market rules has boiled over. The process has been the subject of a Senate Energy Committee hearing and an investigation by the Department of Energy’s (DOE) inspector general, though the process had not been reformed as the Regulatory Forecast went to press. Meanwhile, other agencies—most notably the Consumer Financial Protection Bureau (CFPB)—appear likely to push harder for their own administrative proceedings, notes Levine. “The legitimacy of these hearings is destined to be further contested, likely all the way to the Supreme Court,” she adds. Crackdown on Money Laundering In 2016, increasingly far-reaching global anti-money laundering (AML) regulations will be demanding more thorough compliance efforts, not just of banks but also of any business that accepts large cash sums.

Especially hard hit have been the major global financial institutions. “AML was once aimed at the clients of the banks, not the banks themselves,” says Crowell & Moring partner Jeff Rutherford, who represents entities and individuals in AML investigations. “Now the banks are being investigated.

Specifically, the Treasury’s FinCEN has become much more aggressive on enforcing the requirements of the Bank Secrecy Act.” Another sign of the increasing aggressiveness has been a Justice Department initiative to seize the proceeds of foreign official corruption and, where appropriate, return them to benefit the people harmed by the abuse of power. The Kleptocracy Asset Recovery Initiative has targeted current and former officials in South Korea, the Philippines, Nigeria, Equatorial Guinea, and elsewhere. “The initiative’s aims are honorable, and the global focus on AML is making it easier to trace the proceeds to the source,” says Crowell & Moring partner Alan Gourley. “While home country cooperation is obviously difficult when the officials are still in power, many of the funds are invested in real estate and other assets in the United States or other countries willing to cooperate with U.S.

investigations.” regulatory Forecast 2016 45 . industry focus: Food & Beverage The Belt Gets Tighter John Fuson and Andrew Kaplan Food and beverage companies face heightened legal scrutiny in 2016, as the first in a series of sweeping new Food and Drug Administration (FDA) safety rules begin to take effect and battles over food labeling requirements continue. Last fall, the FDA began issuing new rules developed under the landmark Food Safety Modernization Act of 2011, and the rollout is expected to continue into the spring. The first compliance deadlines, which apply only to the largest food companies, come up this August. The rules usher in a new era in food safety regulation in which the FDA doesn’t have to wait for a food-borne illness outbreak to detain food it believes is adulterated. The FDA is now empowered to do so if a manufacturer simply doesn’t have a required food safety plan.

“Food manufacturers now have the burden of showing they have adequate controls in place,” says John Fuson, a Crowell & Moring partner who served as associate chief counsel at the FDA from 2007 to 2012. As the compliance deadline passes, Fuson expects to see immediate enforcement action in the form of warning letters from the FDA. Food manufacturers can look to the seafood and juice industries—which have long been required to have food safety plans—to see what type of scrutiny to expect. Crowell & Moring partner Andrew Kaplan says the flood of new regulation comes at a time when food companies face growing civil and criminal penalties for mishandling foodborne illness outbreaks. In one extreme case last year, a peanut company executive was prosecuted by the Department of Justice (DOJ) and sentenced to 28 years in prison for his role in a salmonella outbreak in 2008 and 2009 in which nine people died.

“Food manufacturers are in a tough enforcement environment where they are getting hit from all sides,” says Kaplan, who served as an attorney for the DOJ from 2003 to 2008. Fuson says there may be some industry pushback against the new regulations on protectionism and restraint-of-trade grounds, particularly those regulations requiring food importers to verify the safety practices of their foreign suppliers. Adoption of genetically engineered crops in the U.S (percentage of planted acres) Labeling Battles 100 80 60 HT soybeans 40 HT cotton Bt cotton 20 Bt corn HT corn 0 1996 1998 2000 2002 2004 2006 2008 2010 2012 2014 Data for each crop category include varieties with both HT and Bt (stacked) traits. Sources: USDA, Economic Research Service using data from Fernandez-Cornejo and McBride (2002) for the years 1996-99 and USDA, National Agricultural Statistics Service, June Agricultural Survey for the years 2000-15. The percentage of U.S. farmland planted with genetically engineered crops has surged in the past 20 years, and battles over how to label foods containing GMOs are being waged in both Congress and state legislatures across the country. 46 regulatory Forecast 2016 Last year, after a handful of states passed genetically modified organism (GMO) labeling laws, the battle over whether food manufacturers should have to disclose that their products include GMOs moved to Congress. The House of Representatives swiftly passed a bill that would bar states from enacting mandatory GMO labeling, but it was unclear if the measure had the necessary support in the Senate.

Meanwhile, the FDA seems finally ready to wade into debates over the meaning of words like “natural.” Nonetheless, while the pace of class action litigation over GMO labeling seems to be slowing, as manufacturers have gotten savvier about using label wording, Kaplan sees new threats emerging. For example, four beverage makers that adopted label language touting their manufacturing process were hit with potential class action lawsuits in 2015 by plaintiffs claiming they were misled by buzzwords. . industry focus: financial services Cybersecurity and New technologies Take Center Stage LABOR AND EMPLOYMENT PATENTS In 2016, financial regulators will bear down on cybersecurity requirements and continue to watch electronic trading platforms—including bitcoin—as they evolve. “In cybersecurity, regulatory examiners are going to be asking, ‘What processes and procedures do you have in place, doFINANCIAL your identified risks, and have you implethey address SERVICES ENERGY mented them,’” says Linda Lerner, a partner and co-leader in Crowell & Moring’s Financial Services Group. “Broker-dealers and investment advisors should be on notice that regulators expect them to identify cybersecurity risks and maintain up-to-date policies and tailored procedures to manage those threats.” The basic elements of a cybersecurity plan, Lerner adds, “should include threat assessment, intrusion prevention, data protection, access control, review of vendor cybersecurity procedures, and an effective incident response plan and TAX INSURANCE WHITE COLLAR GOVERNMENT CONTRACTS Jenny Cieplak and Mike Gill TRADE SECRETS Eden Rohrer and Linda Lerner ENVIRONMENTAL team. Cybersecurity insurance should be considered.” Guidance from the Securities and Exchange Commission (SEC), the Financial Industry Regulatory Authority (FINRA), and the National Futures Association (NFA) should be reviewed, along with reference material in their guidance footnotes. Meanwhile, financiers’ interest continues to build in electronic trading platforms, particularly in investment banking, fixed income, and foreign currency markets. These platforms ANTITRUST HEALTH CARE offer greater access to products traditionally restricted to certain dealers and banks, notes Eden Rohrer, a partner in Crowell & Moring’s Corporate, Financial Services, and White Collar & Regulatory Enforcement groups. “Both the SEC and FINRA will be working to maintain the integrity of the markets by surveillance of trading activity and by pursuing and prosecuting violative conduct made possible by advances in technology,” says Rohrer.

“Algorithms can run amok because of a lack of proper controls, and intentionally abusive algorithms are square in their sights.” The technology that tracks bitcoin ownership, known as the blockchain or the distributed ledger, has become a subject of ADVERTISING E-DISCOVERY interest on Wall Street. Banks, securities firms, and others are interested in the technology, rather than the currency, says Jenny Cieplak, counsel in Crowell & Moring’s Corporate Group. The blockchain enables the direct exchange of money and assets without having to rely on middlemen. Every time a bitcoin transaction is made, it is broadcast to everyone and verified by separate people,” says Cieplak.

The transactions are virtually instant, entirely transparent, and nearly cost-free. Mike Gill, counsel with Crowell & Moring’s Government Affairs Group, says the technology facilitates tracking title to assets, which will help businesses comply with regulations. JURISTICTIONAL “High-end pieces of art have been used in money laundering,” CLASS ACTIONS TRENDS says Gill. “It’s tough to understand who the original owner is as investment property moves through various LLCs, and it may be used by terrorists and criminals to launder money.” Bitcoin technology may prove useful to regulators, Cieplak adds. “They will look at it from a number of perspectives, including as a way to streamline reporting of transactions and its transparency from the anti-money laundering perspective.” regulatory Forecast 2016 47 .

Industry Focus: energy Rapid tech changes creating winners and losers The pace of technological change is accelerating rapidly in the energy sector, particularly when it comes to the production and delivery of clean, reliable, secure, and affordable electricity. estimated levelized cost of new electric generating technologies in 2020 Conventional Coal Advanced Coal with CCS Conventional Combined Cycle Fixed O&M Levelized Capital Cost Variable O&M Transmission Investment Advanced Combined Cycle Advanced CC with CCS Conventional Combustion Turbine Advanced Combustion Turbine Advanced Nuclear Dispatchable technologies Advanced Coal Geothermal Biomass Non-Dispatchable technologies Wind 0 Wind-Offshore Solar PV Solar Thermal Hydroelectric 50 100 150 200 250 (2012 $/megawatt-hour) 300 350 Source: U.S. Energy Information Administration, Annual Energy Outlook 2015, April 2015, DOA/EIA-0383 (2015) Levelized cost of electricity (LCOE) is often cited as a measure of the overall competitiveness of different power-generating technologies. It represents the per-kilowatt hour cost in real dollars of building and operating a generating plant over an assumed financial life and duty cycle. 48 regulatory Forecast 2016 Ongoing technological innovations are transforming how the industry generates and distributes power—from new, larger-scale, and cleaner-burning natural gas turbines used by independent generators and traditional utilities to deliver electricity over the nation’s interconnected transmission grid, to highly efficient distributed energy resource (DER) systems that deliver power on demand to business and residential sites. In communities across the country, renewable energy sources such as wind, solar, and geothermal are poised to play a much bigger role, particularly if the Environmental Protection Agency (EPA) can overcome the many judicial challenges to its Clean Power Plan, under which states are required to achieve dramatic drops in greenhouse gas emissions by 2030. But as these and other new opportunities develop, tough new business pressures and regulatory challenges are rapidly emerging.

Whether the Clean Power Plan’s ambitious goals are upheld or not, federal and state regulators will still be charged with figuring out how best to deploy and price the new technologies set to enter the marketplace. As a result, disputes are already happening in a number of states, not just about bread-and-butter service provisions and pricing mechanisms and market structures that currently exist, but about what changes need to be made to accommodate new technologies and market participants, says Larry Eisenstat, a partner at Crowell & Moring and chair of the firm’s Energy Group. Developing New Models “No matter the outcome, rapid technological change, security concerns, and other considerations will pressure regulators to integrate these new technologies and delivery mechanisms into the grid and to modify or fundamentally change the way in which electricity is priced, delivered, and planned,” says Eisenstat. “Many areas of the country will increasingly be forced to focus on issues of market entry—for example, what new providers, products, and services should be permitted; what role traditional utilities and existing power grids will play in production and delivery; and which products and services should be made available to what types of customers.” Furthermore, “business deals are being cut, driven by technological innovation, customer demand, and bets placed on the changes that will be made to the power market regulatory regime,” says Elliot Hinds, a partner at Crowell & Moring. Under current regulatory models, utilities generally charge just enough to build and maintain the infrastructure needed to deliver safe and reliable power to their customers, and they receive a specified rate of return on those investments based on what they are allowed to charge customers.

If an incumbent . Larry Eisenstat and Elliot Hinds utility wants to expand services or integrate new technologies, it needs to get its investments and rate changes approved by regulators. Gaining that approval is usually a lengthy and costly process, as utilities must overcome challenges from consumer advocates fighting for low rates as well as third-party distributed power producers that may see utility expansions as a threat to their ability to enter or grow a new market. Battles also occur over “stranded costs”—investments made in power-plant capacity that’s no longer needed—and who should foot the bill when such assets are put out of service. The ultimate responsibility to sort out these complex questions rests primarily with federal and state regulators. Generally, federal regulators focus on matters relating to interstate wholesale power and transmission, while state authorities handle retail sales and local distribution issues. But, with power markets and transmission and distribution systems becoming more complex, and new products and services being added to, and affecting, these systems, the jurisdictional divide, while increasingly important, is becoming significantly more murky. New York Revs Up In states such as California, New York, and Texas, regulators are working to create new regulatory and business frameworks that would enable higher amounts of distributed energy resources to be integrated onto the grid.

New York’s initiative, known as Reforming the Energy Vision (REV), calls for the creation of a new entity that would serve as an interface between the bulk power system, utilities, DER providers, and retail customers. While much remains to be decided, the REV plan envisions this new model as a platform for innovation and market-based deployment that would focus on DERs rather than centralized grid assets. To make a more distributed grid work, regulators, utilities, and numerous other kinds of suppliers and customers must come up with new pricing models “so that those parties that provide both traditional and new grid services are appropriately compensated for the increased value they provide,” says Eisenstat, “and the parties that use or benefit from these services end up receiving a sufficient bang for the buck. Current cost-recovery regimes do not always provide an incentive for utilities to take risks and explore new technologies and new products and services, nor always ensure that the parties who benefit from these offerings actually end up paying for them.” Pricing can also be a difficult issue.

Estimated levelized cost is one measure for comparing the pros and cons of various energy sources. But because projected utilization rates, existing resource mixes, and capacity values can vary greatly across regions where new generation capacity is needed, the direct comparison of levelized cost across technologies can be misleading. This is particularly true, says Eisenstat, “if the costs being compared do not include externality costs that can be calculated and that would be pertinent to resource selection. A better assessment might be gained through consideration of avoided costs, which would allow regulators to determine the costs that a proposed new resource would save in comparison to the costs (including certain externality costs such as carbon costs) of the existing resource that would be displaced (i.e., avoided) if the new resource were added.” PROTECTING THE GRID As regulators wrestle with issues relating to this changing competitive environment, awareness and concern about potential vulnerabilities in the electric supply system are continuing to grow.

Power outages from Hurricane Sandy in 2012 affected people in 17 states, and 57,000 utility workers from 30 states and Canada came to New York to help return power to the city. Physical and cybersecurity are also growing concerns. “In many regions, the power grid may be the most critical infrastructure asset because it is the backbone upon which the economy—and our nation’s health and safety—relies,” says Hinds. “The national power grid has become ‘too big to fail,’ so new mechanisms must be developed to make sure it is properly managed and modernized and that critical components are safeguarded against outages and attacks.” To navigate this climate of shifting threats and opportunities, electric power suppliers as well as customers with significant power loads must affirmatively promote—via the regulatory process or through strategic investments—those approaches that would best facilitate their economic, environmental, and security goals, Eisenstat says. “You might become a winner by being a proponent of new technologies, and making money off their deployment, or you might become a winner by trying to block new developments and doing whatever you can to protect your current market position.” Going forward, Hinds adds, both federal and state governments will pick winners and losers “by virtue of their policy decisions and incentive programs. They will favor certain technologies and business models and reject or discourage others. Success will require constant engagement at every stage.” regulatory Forecast 2016 49 .

industry focus: health care In Search of Best Practices The U.S. Supreme Court’s 2015 decision in King v. Burwell was a watershed moment for the Affordable Care Act (ACA). In its third major interpretation of the ACA, the Court didn’t just uphold federal health care subsidies; it also signaled that the Obama administration’s health care reform program “is not going anywhere,” says Crowell & Moring partner Xavier Baker. But that doesn’t mean smooth sailing ahead for the ACA—especially for the insurance marketplaces. Although the Court upheld the availability of premiums subsidies in the federal marketplaces, funding shortfalls in the temporary risk corridor program and higher-than-expected losses for health insurers’ marketplace business means continuing uncertainty for one of the ACA’s signature programs.

“The federal government has affirmed numerous times that it will make good on its risk corridor obligations,” Baker says, “but whether insurers can afford to wait for the payments and whether they’ll decide the marketplaces are too expensive and exit that business remain open questions.” At the same time, federal regulators have a renewed mandate to establish new rules and regulations that they say will make the system run better. The Centers for Medicare and Medicaid Services (CMS) is Kevin Kroeker, Barbara Ryland, Xavier Baker, and Jodi Daniel 50 regulatory Forecast 2016 EHR RULES: MORE CHANGE This year federal regulators will propose rules that will govern the use of electronic health records (EHR) under Medicare and Medicaid programs well into the future, says Crowell & Moring partner Jodi Daniel, who served in the Department of Health and Human Services for 15 years, including 10 years as a director in the Office of the National Coordinator for Health Information Technology. In 2015, she notes, CMS published final rules for Stage 3 of the Medicare and Medicaid EHR Incentive Programs, which sets “meaningful use” objectives and measures for doctors and hospitals beginning in 2018. While this is anticipated to be the last stage of Meaningful Use, CMS asked for comments and published a request for information on the connection between the EHR Incentive Programs and the new Merit Based Incentive Payment System (MIPS) that will go into effect in 2019. CMS will likely propose new rules in 2016 to address Meaningful Use of EHRs and MIPS, identify required EHR technology, and define alternative payment models. The Office of the National Coordinator for Health IT (ONC) will continually update its recommended and required EHR standards, affecting the technology doctors and hospitals use. expected to finalize proposed rules governing state Medicaid managed-care programs.

Crowell & Moring partner Kevin Kroeker says the new rules were overdue, given the shift by the states from fee-for-service Medicaid to managed-care plans. While the new rules would cap insurer profits, Kroeker says many Medicaid managed-care plans are operating on razorthin margins and some states already impose profit limits. And, he points out, new actuarial soundness requirements could actually represent a “silver lining” for those plans because such requirements call for rates that allow plans to recover “all reasonable, appropriate, and attainable” costs. The new rules also call for states to create network adequacy requirements to bolster beneficiaries’ access to care, with time and distance standards for certain types of doctors, which could be a challenge in rural areas and more broadly in states where Medicaid reimbursement levels are particularly low. Insurers will likely struggle with CMS’s new provider directory rules, which require them to provide up-to-date doctor lists for their Medicare Advantage and Healthcare.gov policies, says Crowell & Moring senior counsel Barbara Ryland. “There are major logistical hurdles,” she says. For example, CMS requires that provider directories include information on which languages are spoken at each provider’s office—and continuously update that information in real time.

“It’s a struggle in that it’s a hard-and-fast rule without a lot of give,” she says. “The hope is that over time, we’ll see some best practices emerge, and CMS might take a more realistic approach.” . industry focus: transportation As science fiction turns to fact, regulators try to keep up April Ross, Dan Campbell, and Gerry Murphy Driverless cars, unmanned aircraft— new autonomous vehicle technologies offer many new opportunities, but also new risks, for business. “While the business case for drones has been demonstrated across many industries, the current FAA exemption process remains cumbersome,” says Gerry Murphy, a partner at Crowell & Moring and co-chair of the firm’s Aviation Group. That process stands to change in mid-2016, when the FedTRANSPORTATION eral Aviation Administration (FAA) is expected to issue a final rule on the operation and certification of small unmanned aircraft systems (sUAS). “Among other things, the final rule is expected to contain blanket operating authorization for a wide range of commercial sUAS operations,” Murphy says. “This may eliminate a lot of red tape, but it will also create new business and legal challenges, in part because industry will need to meet performance standards and establish operational safety to leverage this technology beyond the tight confines of the rule.” Until the FAA issues its final rule, Murphy says companies should consider the costs and benefits of applying for their own exemption: “It might cost much less to inspect an industrial facility via a drone than through other means, but there are safety, liability, and timing considerations.” Meanwhile, driverless cars have been getting a lot of media attention. Google hopes to make them commercially available by 2020, and Apple and Uber are reported to be working on driverless technology. Vehicle manufacturers and other researchers have been looking at ways vehicles can communicate with each other to prevent accidents. “So far, the National Highway Traffic Safety Administration (NHTSA) has only issued broad policy directives on fully autonomous vehicles,” says Dan Campbell, a partner in the Product Liability & Torts Group at Crowell & Moring.

“This year the agency will continue to work to determine whether this technology requires new regulations and if there are areas of conflict or overlap with existing regulations. The agency is buying time as it catches up on the science. “Autonomous vehicles are poised to become a routine part of certain industries,” Campbell adds. “But as with many new technologies, they carry considerable regulatory challenges and legal risks.

Companies will have to grapple with those risks regardless of whether federal regulators have spoken.” New moves on air, rail safety In several high-profile incidents, bulk air shipments of lithium batteries appear to have caught fire in flight, prompting airlines to ban them on passenger planes and regulators to recognize that existing rules may be insufficient, says Crowell & Moring partner Gerry Murphy. The FAA is reviewing proposals to enhance its rules, as well as working with the International Civil Aviation Organization (ICAO) to enhance international standards in this area. “In 2016, the FAA will likely increase its focus on prosecuting shippers for improperly attempting to ship lithium batteries by air and violating the agency’s hazardous regulations more generally, resulting in millions of dollars in civil penalties,” says Murphy. On the rail front, April Ross, a partner at Crowell & Moring, says the industry is grappling with new hazardous material safety standards enacted in response to a sharp increase in shipment of U.S. crude oil by rail.

The rules, which became effective last July, cover practices ranging from tank car design to routing requirements and new classification standards to improve the safety of transporting unrefined petroleum products. Industry trade groups, environmentalists, and others have raised challenges. In 2016, key players will work to comply, while some may continue to advocate changing the rules, Ross predicts. regulatory Forecast 2016 51 . For more information, contact: Scott Winkelman swinkelman@crowell.com Phone: 202.624.2972 1001 Pennsylvania Avenue NW Washington, DC 20004-2595 To access an electronic version of this publication and learn about our Forecast webinar series, go to www.crowell.com/RegulatoryForecast Crowell & Moring’s FOURTH Annual Litigation Forecast As a companion piece to the Regulatory Forecast, Crowell & Moring, since Business turned on 2013, has produced the its side Litigation Forecast. This year’s volume includes a look at pressure-testing business decisions and coverage of California’s complex court system, as well as a range of practicespecific, industry, and business-of-law sections. For an electronic version, go to www.crowell.com/LitigationForecast. LITIGATION FORECAST 2016 nFoRMaTIon, well.com .2975 nia avenue nw C. 20004-2595 FOURTH ANNUAL JURISDICTIONAL ANALYSIS CALIFORNIA’S COMPLEX COURT PROGRAM what corporate counsel need to know for the coming year onic version of this publication r Forecast webinar series, go to RegulatoryForecast MoRIng’s seCond gulatory Forecast with the obama administration entering its final year, the effort to use regulatory measures to push the president’s agenda is unlikely to abate. In this year’s volume, ng explores the emerging scape—across practices, ndustries and around the s an electronic version, go .com/RegulatoryForecast. With everything changed, how should lawyers and businesses work together? ORK SAN FRANCISCO LOS ANGELES ORANGE COUNTY Cheyenne ANCHORAGE LONDON BRUSSELS 12/29/15 1:00 PM washington, DC NEW YORK SAN FRANCISCO LOS ANGELES ORANGE COUNTY Cheyenne ANCHORAGE LONDON BRUSSELS .